AllowedAddresses filter on SIP Trunk

Hello,

I’m trying to increase security for my SIP trunk so I just allow receiving calls coming from a specific IP. My understanding is that I can use the AllowedAddresses field for that.

So I have the following:
$ lk sip inbound list
Using default project [******]
┌─────────────────┬───────┬───────────────────────────────────────────────┬──────────────────┬────────────────┬────────────────┬────────────┬─────────┬──────────┐
│ SipTrunkID │ Name │ Numbers │ AllowedAddresses │ AllowedNumbers │ Authentication │ Encryption │ Headers │ Metadata │
├─────────────────┼───────┼───────────────────────────────────────────────┼──────────────────┼────────────────┼────────────────┼────────────┼─────────┼──────────┤
│ ST_****** │ Tests │ +34*********,*********,+34*********,********* │ 1.2.3.4/32 │ │ │ DISABLE │ │ │
└─────────────────┴───────┴───────────────────────────────────────────────┴──────────────────┴────────────────┴────────────────┴────────────┴─────────┴──────────┘

With this configuration, I would expect a call to be rejected, but I am still receiving it. Am I doing anything wrong?

What is the trunk ID (starts with ST_)? Or better a call–id. It can the the SIP call-id or LiveKit call id that starts with “SCL_”

With that I can take a look at the config and ses what might be happening and why we passed the call that is not allowed in the allow list.

Hello CWilson,

For the example provided, you can check the calls SCL_w3Frck9y7DnB, SCL_iDCKLsZ5X4db, **SCL_jtb8XvhJfRf2
**
This corresponds to a local deployment in my local machine, for testing. I also did an equivalent test in a diferent Livekit project in some machine on the cloud, just in case it had relation, with equivalent results. For this other experiment, you can check calls SCL_vCeWEpnLW7VM, SCL_5bcSjV64uggA

@nestor.morales can you please try now, our eng team report that the issue you were seeing has been resolved.

Hello Darryn, I checked and now it works!

Many thanks for your prompt answer!