IP Authentication for an extension - ACL's

[DownUnder]

I am having an issue using IP Authentication for an Extension.

I have created an ACL called "customer" with a default type of deny
Then I add the customers IP as 1.1.1.1/32 as a node with type allow

Then on the extension, I set the Auth ACL as "customer"

I have flushed the Memcache and reloaded ACL but the customer still gets 407 Proxy Auth Required

Looking in the fs_cli I see

2018-05-18 13:07:02.392136 [DEBUG] sofia.c:9873 sofia/internal/1234567890@xx.xx.com:5060 receiving invite from 1.1.1.1:5060 version: 1.6.20 - 37-987c9b9 64bit
2018-05-18 13:07:02.392136 [DEBUG] sofia.c:10044 IP 1.1.1.1 Rejected by acl "domains". Falling back to Digest auth.
2018-05-18 13:07:02.392136 [DEBUG] sofia.c:2334 detaching session 95697bad-06fc-44fc-a8cf-45af6f653523
2018-05-18 13:07:02.392136 [WARNING] sofia_reg.c:1792 SIP auth challenge (INVITE) on sofia profile 'internal' for [1234567890@xx.xx.com] from ip 1.1.1.1

I am a bit confused with how the new ACL I have created relates to the SIP profile, the current SIP profile (internal) has apply-inbound-acl & apply-register-acl set as "domains"

Does the customers IP need to be added as allowed in the "domains" ACL too?

 

[DownUnder]

I was using this guide as a reference - http://inside-out.xyz/technology/enabling-ip-authentication-in-fusionpbx.html

 

[smn]

You also need to reload ACL. It's explained here.
http://fusionpbx-docs.readthedocs.io/en/latest/advanced/access_controls.html

 

[DownUnder]

Thanks smn, I did try reloading the ACL's

 

[DownUnder]

If I add the customers IP in the "domains" ACL the call makes it to the server, however, the context is then "public" rather than the domain set in that extension so there is no route for the call