I'd like to install asterisk on a friend's computer but wish to do so without the computer being permanently bombarded with scammers. Locking down all the ports would be the obvious answer but this would mean that the remote client installed on a Android phone would then no longer work.
I do not want to have to use something like OpenVPN I would rather the remote extension reaches the asterisk box without the need for a VPN. Apopse from anything else not having to use a VPN would mean I could continue to benefit from push notification.
Security iptables particularly using something like m string matching - matching on keywords which may include the name of the client I am currently using on my Android and accepting incoming connections on detection of that word maybe one way of doing things blocking all IP addresses outside of the UK maybe another but of course nothing beats a VPN connection...
For an asterisk installation which will only serve one person, what is the ideal way of securing the installation whilst allowing reliable access from a remote extension which will not have a fixed IP but rather a dynamic one issued by the 3G connection it is running from.
