In iax.conf you configure the Inter-asterisk ( IAX ) connections.
The configuration of iax.conf is well documented in the Asterisk handbook.

Configuring IAX clients

From the sample IAX.CONF in the distribution:

Examples

• John Todd, Loligo.com: http://www.loligo.com/asterisk/current/iax.conf
• Peering two * servers using IAX - http://astrecipes.net/index.php?n=204

Codecs

The follow codecs are valid for the allow/disallow parameter:

• g723.1
• gsm
• ulaw
• alaw
• g726
• slinear
• lpc10
• adpcm
• g729
• speex
• ilbc
• h261
• h263
• all

Controlling the media path

With notransfer=yes you can prohibit Asterisk from stepping out of the media path and connecting the two endpoints directly to each other. This, of course, effects your call detail records (CDR) and billing information.
Note: This is quite similar to the sip.conf setting canreinvite=no

This has been changed in 1.4 to transfer=yes, options are yes no and mediaonly

TOS

Alternatively you can directly set the bit vlues:

 tos=0x18   ; where the tos bits are set individually and in combination

For example

  tos=0x10 = low delay
  tos=0x08 = high throughput
  tos=0x04 = high reliability
  tos=0x02 = ECT bit set
  tos=0x01 = CE bit set

or set multiple bits, such as

  tos=0x18 

to set both low delay and high throughput.

The qualify option

Please see:

• Asterisk iax qualify

Simplifying dial strings in extensions.conf

Although IAX channel details (username, secret, etc.) can be written explicitly into each dial string in extensions.conf, dial strings can be simplified/clarified by storing all of this information in the iax.conf file and then simply referencing by the channel name:

 Dial(IAX2/<peer name>/<exten>)

For example, to call IAXtel you can create an entry in iax.conf like this:

[iaxtel-outbound]
type=peer
username=<username>
secret=<secret>
peercontext=iaxtel
host=iaxtel.com

Then use a Dial command of:

 exten => _1700XXXXXX,1,Dial(IAX2/iaxtel-outbound/${EXTEN})

Note: The "peercontext" setting is only available in Asterisk CVS as of 2004-06-26.

Table of command or directives you can use and where.

Needs updating: added to wiki Oct14, 2004

Directive	Value	General	Peer	User
allow	<codec>	Y	Y	Y
disallow	<codec>	Y	Y	Y
amaflags		Y
auth
autocreatepeer
bandwidth		Y	Y	Y
bindaddr		Y
bindport		Y
callerid
callgroup
context			Y	Y
defaultexpirey
defaultip
externip			SIP only - N	SIP only - N
fromdomain
fromuser
host
port
incominglimit
jitterbuffer		Y
maxjitterbuffer		Y
maxexcessbuffer		Y
outgoinglimit
inkeys			Y	Y
outkey			Y	Y
insecure
language
localnet
mailbox
maxexpirey
md5secret			Y	Y
notransfer			Y	Y
peercontext
pedantic
permit			Y	Y
deny			Y	Y
pickupgroup
qualify			Y	Y
register		Y
restrictcid
secret			Y	Y
srvlookup
tos			Y	Y
trunkfreq		Y
trunk			Y	Y
trustrpid
type			Y	Y
useragent
username
videosupport

For the most up to date list of directives supported by your version of Asterisk, check the source code for your version. In the file channels/chan_iax2.c, look for the functions named build_user, build_peer, and set_config. They contain directive names supported in the type=user, type=peer, and [general] sections of iax.conf, respectively. You don't have to be able to understand C to find the directive names, either; they're quite obvious. The information you find in the source will be more accurate than any list you're likely to find on a wiki page.

More Example IAX Provider

register => my_user:secret@host


[my_iaxprovider]
type=peer
auth=md5
notransfer=yes
host=IP
disallow=all
allow=gsm
allow=ulaw
allow=alaw
qualify=yes
trunk=yes

[my_user]
type=user
auth=md5
notransfer=yes
disallow=all
allow=gsm
allow=ulaw
trunk=yes
secret=XXXX
context= (context in extensions.conf where i want recive the incoming call)

N.B. Outbound calling in extensions.conf

exten =>_X.,1,Dial(IAX2/my_user:secret@my_iaxprovider/${EXTEN})

Tips

• Register commands to connect to another IAX server has to be in the [general] section of iax.conf.
• To set up IAX in trunk mode, add "trunk=yes" to your definition in iax.conf. IAX Trunking needs support of a hardware timer. See Asterisk timer for more information.
• Do not use both "host=dynamic" and "defaultip=111.222.333.444", make sure it is just one or the other (see bugs 558 and 673).
• If you do not use IP-based access control for all of your type=user entries, and you expect your Asterisk installation to be reasonably secure, your iax.conf file must contain a "guest" entry with no secret specified. When a remote system connects to yours, it can connect without specifying a username (that is, connect anonymously). If you have a type=user section which does not specify a secret, Asterisk will allow them to connect with any secret specified in the file. This means that if you have a large number of type=user entries but no guest entry in iax.conf, someone only has to guess any one of your secrets to connect to your server as that user. In other words, they do not need to know both the username and the secret; the secret alone is enough! Asterisk gives preference to a secretless user for anonymous incoming connections, though, so the inclusion of such a section will solve this problem. For more information on IAX authentication within Asterisk, see Asterisk IAX authentication.
• Add a last entry in iax.conf with no password to force anonymous calls into a specific context.
• If you use realtime, don't have any user without a password and without permit/deny.
• Use the general option mailboxdetail=yes for details and the number of waiting voicemails. Works with most IAX phones like the AT-320 or softphones
• If you have "update_registry: Restricting registration for peer 'xxxxxx' to 60 seconds (requested 1200)", you can add maxregexpire=1300 to the [general] section.

Troubleshouting

Incoming IAX calls

For troubleshooting IAX calls, turning on IAX debugging output can be very useful. In Asterisk 1.4 or later, the CLI command 'iax2 set debug on' turns on debugging output. In Asterisk 1.2, use 'iax2 debug' to enable IAX debugging output, and 'iax2 no debug' to turn it back off again.

Rejected connect attempt from 213.1.2.3, who was trying to reach '987654321@'

See also: Asterisk IAX authentication

• Turn on iax debugging and see as which user the incoming call is trying to connect.
• You will probably need to have a type=user section which does not specify a secret= line.
• Check your context= lines. The first context= line listed in that section will be used if the call doesn't request a specific context.

CAUSE 50: No Authority Found

See also: Asterisk No authority found

• Turn on iax debugging.
• Check if the username of the incoming call exists as section name (the text in square brackets) in iax.conf. Note: it is not sufficient to have this specified only in a username= line; username= is used for outbound (i.e., type=peer) connections only. Note that this section will typically have type=user, though type=friend will also work.

See also

• New adaptive jitterbuffer in Asterisk 1.4
• How to configure RSA authentication for IAX channels
• Asterisk sip md5secret: See bottom for remarks on IAX and md5
• Asterisk IAX channels
• Asterisk IAX authentication
• IAX encryption
• Asterisk voicepulse connect: Tutorial on configuring Asterisk IAX channels for a VOIP Service Provider (Voicepulse Connect)
• Asterisk config files

---

Asterisk | Asterisk Configuration | IAX Channels