FusionPBX - Stop multiple device registrations to extension number

Status
Not open for further replies.

DGI

New Member
Mar 1, 2021
9
1
3
46
Hi All,
I have FusionPBX version 4.5.21

I want to stop clients from logging into the same extension using multiple devices and softphones.

After doing some research I found that in Advanced > Sip Profiles > there is an option for "multiple-registrations" which is set to True by default. I changed it to to "false" but it did not work.

Instead it caused the switch to freeze and I had to reboot the server. It also caused other problems which took me half a day to resolve!

Does anyone know how to stop 2 devices from registering to the same extension simultaneously?
 

Adrian Fretwell

Well-Known Member
Aug 13, 2017
1,388
364
83
I have not had problems setting multiple-registrations to false, having said that, I did not have any multiple registrations on the system at the time.

You can try setting multiple-registrations to contact

There is also a setting called max-registrations-per-extension, that you may wish to look at. It can, of course, conflict with multiple-registrations.
 

DGI

New Member
Mar 1, 2021
9
1
3
46
HI. I can't see the setting for max-registrations-per-extension,

Please can you confirm where that is ?
 

DGI

New Member
Mar 1, 2021
9
1
3
46
I have not had problems setting multiple-registrations to false, having said that, I did not have any multiple registrations on the system at the time.

You can try setting multiple-registrations to contact

There is also a setting called max-registrations-per-extension, that you may wish to look at. It can, of course, conflict with multiple-registrations.

Hi Adrian, I can't see the setting for max-registrations-per-extension, is. Please can you confirm where that is ?
 

finnsloss

New Member
Oct 17, 2019
5
0
1
44
Could you instead use the provisioning server - auto-provision the handsets and set the password of the extension to something the users do not know?
 

DGI

New Member
Mar 1, 2021
9
1
3
46
Could you instead use the provisioning server - auto-provision the handsets and set the password of the extension to something the users do not know?
Hi. We are providing clients with our own branded softphones which means we have to give them a username and password to log in. The problem is that they download the apps in various mobiles and as they have the username and password they can log into the same extension at the same time. Huge leak of revenue as we charge per extension. But users have discovered that their entire company can log in using the same username and password! Need to find a way to stop multiple devices from registering at the same time. So far no solutions found. If anyone has done this and tested it successfully then please let me know how to do it. So far the suggestions received in the forum do not work.
 

hfoster

Active Member
Jan 28, 2019
674
80
28
34
https://freeswitch.org/confluence/display/FREESWITCH/Sofia+Configuration+Files

multiple-registrations​

Valid values for this parameter are "contact", "true", "false". value="true" is the most common use. Setting this value to "contact" will remove the old registration based on sip_user, sip_host and contact field as opposed to the call_id.

<param name="multiple-registrations" value="contact"/>

max-registrations-per-extension​

Defines the number of maximum registrations per extension. Valid value for this parameter is an integer greater than 0. Please note that setting this to 1 would counteract the usage of multiple-registrations. When an attempt to register an extension is made after the maximum value has been reached sofia will respond with 403. The following example will set maximum registrations to 2

<param name="max-registrations-per-extension" value="2"/>
So you can modify your internal SIP profile to ensure that multiple-registrations is disabled or limit it per extension to 1 or 2.
 

DigitalDaz

Administrator
Staff member
Sep 29, 2016
3,038
556
113
I have never tested this but if using max-registrations-per-extension causes a 403, does this have any implications for fail2ban?
 

DGI

New Member
Mar 1, 2021
9
1
3
46
Keep an eye out for the issue that @DigitalDaz pointed out, too many 403s could result in that customers IP address being banned, then all their phones will not register.
Adrian, Yes that is a good point, however we tell customers that they can only register 1 device to an extension. So if they get themselves blocked it will be their own fault.


The problem we had (which is now resolved) is that a client would purchase 1 extension and then the entire department would log into it and start making and receiving calls from their own devices.. A huge leak in revenue. Now this is resolved we can provide each user with an extension and charge them for it. If they try their luck and try and register multiple devices and get themselves blocked it will be a good lesson learned, as to not to try and manipulate the system! Also we can always white list IP's in a worst case scenario. But thanks guys for the valuable input.
 

hfoster

Active Member
Jan 28, 2019
674
80
28
34
Yeh, we used to state it was a fraud protection process. If it detected multiple phones then it was a sign that 'hackers might have gotten their passwords', that's usually when they would own up to what they were doing....or they would play dumb and we would change all the SIP passwords for them.
 
Status
Not open for further replies.