Category: Wi-Fi

I Have A Dream: Free Cellular Service with Integrated Remote SIP Connectivity

As part of our Mobile Internet adventure this year, we’ve been scouring the countryside with two requirements in mind. First, we wanted a smartphone on which we could activate some type of free cellular service for making calls and sending text messages. Second, we wanted to integrate remote SIP connectivity using the same provider and phone number so that we could make and receive calls transparently using any SIP phone or Asterisk® server anywhere in the world. Sounds like a tall order, you say? Well, if you’ve enjoyed your Cloud@Cost Sandbox, you’re gonna love RingPlus! Note to Naysayers…

Yes, you’ll have to buy a compatible cellphone, but there are thousands to choose from. And, yes, you’ll need Sprint service in your neighborhood. Then you’ll have to cough up $10 to activate your cellular account. RingPlus offers dozens of plans.1 We recommend the Michelangelo plan which best meets what we’re trying to accomplish today, but the choice is all yours.2 With the Michelangelo plan, you can make and receive 1,000 minutes of free calls a month to anywhere in the U.S. (calls to Canada are 3¢ a minute), you can send and receive 1,000 free text messages a month, and you can use 500MB of free data service every month. You also can use your same account credentials with any SIP phone, softphone, or Asterisk server anywhere in the world to make and receive phone calls transparently using the same phone number as your smartphone. In other words, you can travel anywhere and make and receive phone calls just as if you were sitting in Atlanta, Georgia dialing from your smartphone. The SIP calls are deducted from your free minutes. No cellular service required at all. Meet RingPlus!


So what’s the catch? How does RingPlus make money? Well, of course, they would prefer that you sign up for a plan with monthly fees. For those on the free plans, the only difference you will notice is an occasional ad which plays instead of a ring tone when you place outbound calls. This only occurs until the other party answers the call, and it can be all but eliminated by choosing a music selection in the RingPlus Radio feature in your RingPlus Dashboard.

Who are the ones most likely to use something like this? Well, for openers, all of your kids unless you like springing for a $500 phone and spending $40+ dollars a month for cellular service for each of them. One of the other real beauties of RingPlus is you can set up a whitelist of numbers that can be called from the phone. Blacklists are supported as well. It’s perfect for kids just getting started with a cellphone. A second potential user group would be those who travel outside the United States and prefer not to pay exorbitant roaming rates for calls. Using a SIP phone connected to your RingPlus account, all of the international calls suddenly are free. And the calls are delivered with the same CallerID number as calls placed from your actual smartphone. In fact, your smartphone doesn’t have to be in service at all. A third and perhaps most important use for us was to serve as a failover trunk on one or more Asterisk servers. When all else fails, you can route outbound calls to your RingPlus SIP trunk for free calling using your RingPlus account. Doesn’t get any better than that.

There are probably numerous ways to put all these pieces in place so that things function just as we’ve described. Today we’ll share with you the solution that actually worked for us. You can take it from there and avoid the thousands of horror stories about incompatible smartphones. Be advised that acquiring used cellphones or even incompatible cellphones is a very dangerous and expensive business. If you buy one that happens to be stolen, or that has a balance due on the account, or that is incompatible with RingPlus, then you’ve bought a tiny boat anchor and not much else. So, our best advice is buy one from the provider. That’s the one and only RingPlus, and the smartphones start at just under $100. If that’s too rich for your blood, you can roll the dice and try what we did (twice) by purchasing a brand new Sprint or Boost Mobile Prepaid LG phone in an unopened box starting at $35. NO GUARANTEES THIS WILL WORK FOR YOU! We’ve had good luck with LG phones at both ends of the price spectrum, and it MAY work with other brands; however, every manufacturer sets up their phones a little differently, and we happen to know that this worked on both a low end and high end LG prepaid phone.

Visit your favorite Sprint/Boost Mobile reseller including Radio Shack (with a Sprint store), Best Buy, and WalMart.3 If store employees will let you, find the Sprint or Boost Mobile Prepaid LG phone that you like and look on the bottom of the box. There you will find the decimal value of the MEID. Log into http://nerd.bz/nvringplus and plug in the MEID to see if it is RingPlus compatible. If it passes, buy it. If it flunks, try another one. Whatever you do, DON’T BUY A PHONE IN AN OPENED BOX, AND DON’T OPEN THE BOX YET! If there is a problem, you still can return it for a full refund at this point.

Funny story. The Radio Shack employees at our local store were very savvy and refused to let me look at the MEID claiming it was a security issue. Fair enough. Of course, they were also curious why I wanted the phone without letting them configure it. Once I told them the deal, they all wanted one, too. They asked for the link to the MEID verification site and said they’d do it for me. Once it worked, excitement broke out in the room with all the staff reading an early copy of this article. While Radio Shack typically charges a $35 restocking fee on cell phones, that fee is waived if you return the phone in an unopened box. So the only thing you’re wasting if they insist that you purchase the phone is a little bit of your time and a lot of Radio Shack employee time if, in fact, the MEID flunks the verification test.

Configuring Your Phone for RingPlus Service

2/9/2016 Update: You may wish to put off signing up until 3:00 PM Eastern time today (Tuesday, Feb. 9) so you can take advantage of the new Giuseppe Farina monthly plan with 1,200 free minutes, 1,200 free text messages, and 1.2GB of free data per month with a $20 deposit. Also provides tethering for an additional $0.49 per day.

Now sign up for a RingPlus free plan using the MEID and ICC ID you previously verified. Michelangelo is probably the best bet if you missed our Twitter tip this past weekend. Deposit $10 in your new account, and activate it. Log into your RingPlus Dashboard, click on your phone in the upper right frame, and choose Manage Device. Write down your MSID, your phone number, and MSL. Once your account is active, then and only then unbox and turn on your phone. Go through the minimal setup steps by choosing your Language and choosing an available WiFi network. During this setup, RingPlus should push a PRL update to your new phone, and it will reboot. Check in Settings -> General -> About Phone -> Status and see if you have a phone number. If so, you’re good to go. If not, open the Phone Dialer application and dial ##72786# which should force another PRL update to your phone with another reboot. When it finishes, check again for a phone number and place an outbound call.

Using a browser on your desktop computer, go back into the RingPlus Dashboard and sign in. Your phone device should show Active in the upper right corner of the screen. Click there and you’ll get a display like this:

While still in the Device Settings Menu, click on the WiFi FluidCall option to decipher your SIP credentials. You’ll need these to set up your SIP phone or a SIP trunk on your Asterisk server. Your username is your 10-digit phone number, the domain name is sip.ringplus.net, and the password is a system-generated entry which you can recreate whenever you like. That’s probably a very good idea whenever you use public WiFi services to make calls with your SIP phone or a softphone.

By the way, this isn’t some kludgy SIP-GSM gateway where the calls actually are routed out through your cellphone device. The RingPlus SIP gateway connects your SIP device directly to the Internet and simply uses your existing RingPlus CallerID to identify the calls. In short, you get the best of both worlds: a dirt cheap or free cellphone service plus a dirt cheap or free SIP trunk for use anywhere in the world.

Configuring a RingPlus SIP Trunk with Asterisk

If you’d like to set up your RingPlus number as a failover trunk on your Asterisk server, here is the setup that worked for us with Incredible PBX using your assigned 10-digit phone number for your username and fromuser settings and your assigned password for your secret. If you include a registration string and configure an inbound route using your RingPlus DID, then inbound calling will work as well. If you skip the registration step, then you can use the same RingPlus trunk on multiple Asterisk servers for emergency outbound calling. No firewall adjustments should be necessary.

There are all sorts of other magic tricks you can implement using the RingPlus API, but you probably won’t need any of the features in light of the robust SIP connectivity RingPlus provides to an existing Asterisk server where the feature set is virtually unlimited. Be advised that you must make a call at least once every 60 days to keep your account. The simple way to do this is to set up a monthly reminder using your RingPlus trunk. Schedule the reminder to call you once every month using Telephone Reminders in Incredible PBX. Enjoy the Free Ride!

Originally published: Monday, February 8, 2016





Need help with Asterisk? Visit the PBX in a Flash Forum.


 
Awesome Vitelity Special. Vitelity has generously offered a terrific discount for Nerd Vittles readers. You now can get an almost half-price DID from our special Vitelity sign-up link. If you’re seeking the best flexibility in choosing an area code and phone number plus the lowest entry level pricing plus high quality calls, then Vitelity is the hands-down winner. Vitelity provides Tier A DID inbound service in over 3,000 rate centers throughout the US and Canada. When you use our special link to sign up, Nerd Vittles gets a few shekels down the road to support our open source development efforts while you get an incredible signup deal as well. The going rate for Vitelity’s DID service is $7.95 a month which includes up to 4,000 incoming minutes on two simultaneous channels with terminations priced at 1.45¢ per minute. Not any more! For our users, here’s a deal you can’t (and shouldn’t) refuse! Sign up now, and you can purchase a Tier A DID with unlimited incoming calls and four simultaneous channels for just $3.99 a month. To check availability of local numbers and tiers of service from Vitelity, click here. NOTE: You can only use the Nerd Vittles sign-up link to order your DIDs, or you won’t get the special pricing! Vitelity’s rate is just 1.44¢ per minute for outbound calls in the U.S. There is a $35 prepay when you sign up. This covers future usage. Any balance is refundable if you decide to discontinue service with Vitelity.


Some Recent Nerd Vittles Articles of Interest…

  1. Be advised that future availability of these “free” plans may go away after February 15 unless you join the Member+ program, the cost of which has not yet been announced. This will not affect those that already are participating in the program according to RingPlus. []
  2. In case you’re curious, a plan equivalent to the free Michelangelo plan at RingPlus would run you $41.00 per month at Ting. Ouch! []
  3. Problems have been reported with WalMart varieties. It may be that they have prelocked the phones to Sprint since they get a commission on the revenue. []

Mobile Internet: The 2016 Road Warrior’s Guide to Choosing New Wheels


OK. We’re not going to bring Mobile Computing down to the teepee level, but we have decided to dedicate a column regularly to Mobile Internet developments in the marketplace. Of course, our major focus will remain the impact on unified communications and especially Asterisk®, FreeSWITCH™, PBX in a Flash™, and Incredible PBX™. The idea here is to document a design that lets road warriors travel with the same communications dexterity that they have at home or in the home office. In other words, our vision is a mobile computing environment that makes travel status transparent. Things that worked a certain way in the office should work similarly on the road or in the comfort of your Motel 6 suite. :-)

To get 2016 started on the right foot, we want to lay out some of the technology that’s available to the road warrior who spends a significant amount of time in an automobile. Our objective today is to help you choose that next set of wheels, the proverbial perfect vehicle. We began documenting some of what we’re looking for in our December Mobile Internet column. Today we’ll follow up with more details and some real-world feedback. What we’ll be covering in coming months applies equally to those that travel for pleasure as well as those that do it for a living. Unless you prefer hiding in your Man Cave, we hope you’ll find something useful that makes travel away from your home office amenities easier and less intimidating.

Let’s begin by documenting some of our inexpensive must-haves. These can round out your vehicle shopping list without much impact on the cost of a vehicle: cup holders (lots of them), cigarette lighter connections (lots of them), USB ports (lots of them), and compartments especially those with access to power or USB ports. Another must have for us was a fold down table for the back seat. These come standard in Mercedes S Class sedans as well as the Jaguar XJ. For other vehicles, you’ll need to consider aftermarket options which is a little surprising when you consider that every airline seat has had fold down tables FOREVER. In their haste to roll out the latest gee whiz features, many car manufacturers have forgotten the basic essentials that make all of this technology useful. But there’s hope. General Motors is among those that have finally awakened to the 21st century. Our best advice is this. Before you get swept away by the self-parking car, take a quick look inside the cabin and consider whether the vehicle has the road warrior essentials.

Now for the fun stuff. Take a quick look at this AutoBytel article which ticks off some of the more interesting high tech features that are available in the marketplace today: GPS-linked temperature control, a sensor that provides a text alert if someone is hiding in your car, a collection of audio and visual alerts if the car senses that you are distracted or falling asleep at the wheel, self-parking vehicles, night vision with pedestrian detection, adaptive cruise control that adjusts your speed based upon the speed of the vehicle in front of you, blind spot detection that provides visual warnings on your side view mirrors when a vehicle is cruising along beside you at 70+ mph, lane departure warnings which include console alerts, buzzing your seat, or adjusting your steering wheel to guide you back into your lane. And, last but not least, the latest Tesla which can drive itself under certain highway conditions. In case you haven’t guessed, none of this technology comes cheap. Typically, the features first appear in the high end cars and require the purchase of even higher priced, factory-installed options. Then they trickle down to less costly vehicles as the price of the technology drops.

Here’s our two cents worth of advice on some of these features. We happen to live in the southeastern United States so we really don’t need a GPS to tell us to turn on the air conditioner. Almost any road warrior’s dream machine will have automatic temperature control. That’s as much technology as you need to stay cool in the summer and warm in the winter.

A sensor to tell us someone is hiding inside our car is another clever idea, but we much prefer a vehicle that can lock itself when you leave the vehicle or when you place the vehicle in motion. Newer GM vehicles can also sound an alarm if someone sticks a hand into your window while you’re stopped at a traffic light. Works great unless people are passing you things while parked in a carpool line.

If you’re a road warrior that does a lot of night driving, all of the high tech features you can find that help you drive and stay awake at the wheel are terrific additions. Not mentioned in the AutoBytel article is one of our favorites that’s actually been around for decades. The head-up display (HUD) appears on the lower part of the driver’s windshield. It shows information such as your speed and the speed limit without taking your eyes off the road. For the science behind it, see this article.

If you’re a road warrior that spends considerable time commuting in heavy traffic or driving on interstates, adaptive cruise control is the best invention since sliced bread. It doesn’t completely drive the car for you, but it reduces your need to stay 99.9% focused on what’s in front of you every second of the trip. You simply set the separation distance between your vehicle and the vehicle in front of you, and radar in your vehicle does the rest, adjusting your speed to keep you at or below the cruise control speed you set for your vehicle while preserving the spacing you predefined. Newer versions of adaptive cruise control include support for bringing your vehicle to a complete stop at traffic signals. The best testimonial we can provide is this. Once you have a vehicle with adaptive cruise control, you’ll never buy another vehicle without it. It’s that good!

Blind spot detection is another radar-based feature. Visual side view mirror alerts are provided whenever something is hiding in your vehicle’s blind spot. Of course, you can accomplish much the same thing by adding supplemental wide-view (blindspot) mirrors to your existing side view mirrors at considerably less cost. However, the radar-enhanced version typically is bundled with features such as adaptive cruise control and lane departure alerts so there is no additional cost for the convenience. Just be sure to test them for accuracy before dispensing with turning your head to check for vehicles. We’ve actually had a vehicle in which the sensors were incorrectly positioned. Merging into traffic without any visual warning of what’s beside you is a quick ticket to the body shop, both for the car and for you.

Lane departure alerts and autocorrection are equally important for those that spend endless hours on long stretches of boring highway. The other essential ingredient for every road warrior is the smartphone app, Waze. Between hazard alerts, speed trap notifications, and directions, it’s the single-most important traveling enhancement that’s come along in a very long time. Think of it as you free copilot. It can watch for things up ahead and alert you to problems before you actually encounter them. Because its data is based upon real-time data and feedback from thousands of road warriors, it has no equal in terms of accuracy. See our first article in this series for more details.

Wireless charging is another feature that has been touted by many of the Android device manufacturers. In the case of Samsung, the technology was available in the Galaxy Note 4 except for the back cover which can be replaced easily. Surprisingly, Apple has completely ignored it thus far. There are, of course, aftermarket cases that will bring wireless charging to any smartphone including the iPhones. Beginning with some 2014 models, General Motors, Chrysler, and Toyota began integrating wireless charging stations into the center consoles of some of their vehicles. By 2017, most car manufacturers probably will support it either as an included or add-on accessory.

No review of automotive technology would be complete without mention of Apple CarPlay and Android Auto, the two smartphone integration systems from America’s finest software development companies. One can only hope that the car manufacturers see the light and drop their insistence upon their own proprietary consoles. Both Apple CarPlay and Android Auto provide navigation, messaging, and numerous music platforms including Spotify, Pandora, Google Play Music, and Apple Music. Many newer vehicles offer one or the other, and some offer both. The systems also are available as aftermarket add-ons. For an excellent review of the two competing systems, take a look at this CNET review. Our only complaint with Apple CarPlay at the moment is the inability to add applications other than those that Apple has chosen for you. That means no Google Maps and no Waze, at least for now. For an excellent interview with the man behind both technologies at General Motors, see this article from The Verge.

So which vehicle did we choose for our Mobile Internet Lab? Well, come back next month and we’ll take you for a ride as we review the best WiFi Hotspots to complement that new set of wheels. We’ll consider offerings from Sprint, T-Mobile, Verizon, and AT&T so there will be something for almost everybody with a smartphone.

Originally published: Monday, January 18, 2016





Need help with Asterisk? Visit the PBX in a Flash Forum.


 
Awesome Vitelity Special. Vitelity has generously offered a terrific discount for Nerd Vittles readers. You now can get an almost half-price DID from our special Vitelity sign-up link. If you’re seeking the best flexibility in choosing an area code and phone number plus the lowest entry level pricing plus high quality calls, then Vitelity is the hands-down winner. Vitelity provides Tier A DID inbound service in over 3,000 rate centers throughout the US and Canada. When you use our special link to sign up, Nerd Vittles gets a few shekels down the road to support our open source development efforts while you get an incredible signup deal as well. The going rate for Vitelity’s DID service is $7.95 a month which includes up to 4,000 incoming minutes on two simultaneous channels with terminations priced at 1.45¢ per minute. Not any more! For our users, here’s a deal you can’t (and shouldn’t) refuse! Sign up now, and you can purchase a Tier A DID with unlimited incoming calls and four simultaneous channels for just $3.99 a month. To check availability of local numbers and tiers of service from Vitelity, click here. NOTE: You can only use the Nerd Vittles sign-up link to order your DIDs, or you won’t get the special pricing! Vitelity’s rate is just 1.44¢ per minute for outbound calls in the U.S. There is a $35 prepay when you sign up. This covers future usage. Any balance is refundable if you decide to discontinue service with Vitelity.


Some Recent Nerd Vittles Articles of Interest…

A Firsthand Look at Disaster Recovery: Tethering and IAX with Asterisk

One of the exciting challenges of building a swimming pool is knowing that it’s just a matter of time until your Internet connection dies. As you might imagine, swimming pools are major construction and involve a lot of digging. And digging usually means some oops moments when cables get cut. In our case, we had watched the folks digging the trenches for all of the pool plumbing to be sure they didn’t accidentally whack one of three coax cables coming into our house. And, when it came time to cover up the trenches, we pointed out the orange cables to the Bobcat driver knowing we were finally home free. Not so fast! Two minutes later, Mario had driven the Bobcat right over the primary Internet cable leaving the shredded remains sticking up through the dirt. Oops. Sorry. Shit happens!

Looking on the positive side, we chuckled, “What a perfect opportunity to test our backup Asterisk® system!” Our backup system is pretty clever if we do say so. It relies upon a Verizon WiFi HotSpot running on our Galaxy smartphone and a duplicate of our Asterisk-based PBX in a Flash™ server running as a virtual machine under VirtualBox on an iMac desktop. The entire setup takes less than a minute to activate. Well, that was the plan anyway.

It turns out that Verizon does SIP a little differently with a SIP ALG in the path so Asterisk couldn’t register with all but one of our dozen SIP providers. Congratulations, CallCentric! The workaround is to enable STUN. That is now possible with Asterisk 11. Short of that, you’re left with CallCentric. Unfortunately for us, we don’t do much SIP trunking with CallCentric, and none of our primary DIDs are connected through them. The other option is to add port=5080 to your trunk setup with any SIP trunks you register with VoIP.ms using a username and password. Our attention span was too short to tackle STUN in the middle of this crisis. But there’s good news. Verizon doesn’t mess with IAX network traffic at all. Since a couple of our primary DIDs are registered with VoIP.ms using IAX trunks, restoring these IAX trunks to full functionality took less than a minute. That is step one of a three-step process. You need inbound trunks, phones, and outbound trunks to get your redundant VoIP server back in business.

Getting phones to function on what is now a purely WiFi network (through the Verizon HotSpot) can be problematic unless you’ve done your homework and sprinkled a few WiFi-capable SIP phones around your home or office. In our case, we still have Grandstream’s GXP2200 Android phones scattered everywhere so it was just a matter of plugging in the WiFI adapters and rebooting. The newer GXV3240 would work just as well.1

All that remained was enabling several trunks for outbound calls. Since VoIP.ms IAX trunks support both incoming and outgoing calls, we were home free. And, with Google Voice trunks, it was simply a matter of jumping through Google’s security hoops to reenable the connections on a new IP address.

Lessons Learned. Here’s a quick checklist for those of you that think about disaster recovery for your home or for clients and businesses. Nothing beats some advance planning. If money is no object, then WiFi tethering from a smartphone with one of the major providers whose service works well in your home or office environment is the way to go. 4G is a must!

In our case, money was an object so we had the foresight to acquire a Verizon SIM card from eBay that included an unlimited data plan. With this setup, it costs only $1 a day extra to add WiFi tethering, and you can turn it off and on as often as you like without any additional fees or surcharges. There also are no additional charges for using boatloads of data! We’re actually writing this column with a tethered connection from a hotel in Washington (results above). To give you some idea of why an unlimited data plan is important, our home operation burned through 4 gigs of data in less than 24 hours once we activated WiFi tethering. Of course, there were people doing things other than making phones calls, but tethering enables 5 connections to function just about like the cable modem service you originally had in place. So expect the data usage to be substantial. Everybody likes 24/7 Internet service.

Loss of phone calls through a PBX is more of an annoyance than a crisis these days because almost everyone also has a smartphone. Even so, the SIP gotcha with Verizon Wireless was a surprise because we hadn’t really tested our super-duper emergency system in advance. That wasn’t too smart obviously. The old adage applies. Do as we say, not as we do. Unplug your cable modem or DSL connection and actually test your backup system before D-Day arrives.

On the VoIP provider end, now is the time to set up an account with a provider that offers both SIP and IAX connectivity. Step 2 is to actually configure an IAX trunk (as a subaccount to use VoIP.ms parlance) and test it. IAX trunks actually have fewer headaches with NAT, but there are only a handful of providers that still provide the service. Find one now and make certain that your primary DIDs will roll over to the IAX trunk in case of an outage. I’m always reminded that we have Mark Spencer to thank for IAX. It was his brainchild. Thank you, Mark! With VoIP.ms, you also can spoof your CallerID so that calls will still appear to originate from your primary Asterisk PBX.

Keep in mind that a VirtualBox-based Asterisk virtual machine and a Desktop computer both need an IP address and will have to be started on WLAN0 rather than ETH0. Remember, your wired connection is now dead.

You’re also going to want to acquire at least a couple of WiFi-capable SIP phones that can be connected with your Asterisk server using your WiFi HotSpot. Also make certain that you have a preconfigured IPtables firewall on your backup system. Remember, your hardware-based firewall connected to your cable modem won’t provide any protection once you switch to HotSpot operation. Lucky for you, Incredible PBX™ servers come preconfigured with a locked-down IPtables firewall and a WhiteList. Just add the new IP addresses of your server and phones, and you’re secure on the public Internet.

Finally, let’s do the HotSpot connection math. You’ll need an IP address for your desktop computer running VirtualBox. You’ll need a second IP address for the Asterisk virtual machine. Then you’ll need an IP address for every WiFi-enabled SIP phone. If the maximum number of connections is five on your HotSpot, that means you’ve got the necessary capacity for at most 3 WiFi SIP phones assuming you don’t enable a WiFi printer and if nobody else wants to use a computer during the outage. The other option is to add an inexpensive travel router with bridge mode to your mix of 5 devices. We always keep one handy for extended trips. A properly configured travel router provides an additional WiFi network with some extra WiFi connections. Good luck!



Security Alerts. Serious SSL and FreePBX security vulnerabilities have been discovered AND patched during the past week. If you have not patched your server and Asterisk, FreePBX, Apache, and/or WebMin are exposed to the public Internet, you have a serious problem on your hands. See this thread for details on the FreePBX vulnerability. And see this thread for the steps necessary to patch SSL in Asterisk, Apache, and Webmin. While Incredible PBX servers were automatically patched for the FreePBX vulnerability, the SSL issues require manual patching and an Asterisk upgrade. A script for upgrading Asterisk 11 servers is included in the message thread linked above. ALWAYS run your VoIP server behind a firewall with no Internet port exposure to Asterisk, FreePBX, SSH, or the Apache and Webmin web servers! And, if you think all of this security stuff is just a silly waste of your time, then read about the latest lucky recipient of a $166,000 phone bill.

Originally published: Monday, October 20, 2014



Need help with Asterisk? Visit the PBX in a Flash Forum.


 
Awesome Vitelity Special. Vitelity has generously offered a terrific discount for Nerd Vittles readers. You now can get an almost half-price DID from our special Vitelity sign-up link. If you’re seeking the best flexibility in choosing an area code and phone number plus the lowest entry level pricing plus high quality calls, then Vitelity is the hands-down winner. Vitelity provides Tier A DID inbound service in over 3,000 rate centers throughout the US and Canada. When you use our special link to sign up, Nerd Vittles gets a few shekels down the road to support our open source development efforts while you get an incredible signup deal as well. The going rate for Vitelity’s DID service is $7.95 a month which includes up to 4,000 incoming minutes on two simultaneous channels with terminations priced at 1.45¢ per minute. Not any more! For our users, here’s a deal you can’t (and shouldn’t) refuse! Sign up now, and you can purchase a Tier A DID with unlimited incoming calls and four simultaneous channels for just $3.99 a month. To check availability of local numbers and tiers of service from Vitelity, click here. NOTE: You can only use the Nerd Vittles sign-up link to order your DIDs, or you won’t get the special pricing! Vitelity’s rate is just 1.44¢ per minute for outbound calls in the U.S. There is a $35 prepay when you sign up. This covers future usage. Any balance is refundable if you decide to discontinue service with Vitelity.


Some Recent Nerd Vittles Articles of Interest…

  1. Some of our links refer users to Amazon or other service providers when we find their prices are competitive for the recommended products. Nerd Vittles receives a small referral fee from these providers to help cover the costs of our blog. We never recommend particular products solely to generate commissions. However, when pricing is comparable or availability is favorable, we support these providers because they support us. []

The Disappointing iPhone 6: Eight Generations of iOS and Bluetooth Still Sucks

Our technology reviews are a little different than the dozens of reviews you’ve probably already seen that read more like Apple press releases. First of all, we typically buy products to actually use. And second, we base our smartphone evaluations on real-world requirements rather than best case scenarios that you’re unlikely to ever experience in the real world.

So we begin our review of the iPhone 6 with the simple question: “Can it make calls?” Funny as this sounds, it’s been a huge problem with previous iPhone models if you planned to use a reasonably priced provider such as StraightTalk instead of one of America’s “Big Four.” To Apple’s credit, they finally got it right in the AT&T model of the iPhone 6. StraightTalk works out of the box, something Android mastered years ago. You still cannot manually configure the cellphone provider specs, but at least it now works.

We’re not going to spend a lot of time on Apple’s continuing push to lock users into the Apple universe. Suffice it to say, the lock in marches on with each new release. To some it’s a good thing. To others, it’s not. If you’re going to fork over $1,0001 for an iPhone 6 in order to use StraightTalk for $45 a month, then you’re probably committed to and comfortable with Apple’s ways of doing things. We’re pretty much an observer of the iPhone cosmos except to assure that our VoIP products still work reliably on the platform. On the other hand, our teenager and all of her teenage friends have iPhones, period. Just the mention of Android conjures up visions of nerds hanging from trees to hear them tell it. In other words, lock in is a good thing in their view. All of their apps work exactly the same on every person’s smartphone. All of their emojis are compatible for texting. And messaging is pure Apple with no worries whether SMS and MMS work or not. By the way, messaging is still a mess if you switch between Apple and Android with your SIM card without first disabling iMessage on the iPhone. It’s almost as if Apple likes it this way. 😉

Did we mention that the iPhone 6 is gorgeous? Hands down, it is the best looking smartphone ever. We won’t get into whether it bends or not. Ours didn’t, and we carry it in our pocket like every other guy on the planet. Not sure I’d do it if I rode on a tractor all day but in typical everyday use, it holds it’s own.

We were especially curious about the camera given the numerous reviews documenting that the iPhone 6 is not the megapixel wonder you’ve come to expect with Android phones. We’ve typically been able to take much better real-world photos using Samsung’s Galaxy S4. So we’re including two marsh photos taken with a Galaxy S4 as well as iPhone 5c and iPhone 6 portrait shots to let you judge the quality for yourself. Keep in mind that all four of the images below are screen captures rather than the actual photographs. We came away from the experiment very impressed that the newer iPhones can hold their own against the Android devices with far better technical specs. While it’s still a bit of a knuckle drill to export a photo from your photo stream to iPhoto to email to a download to your desktop, it’s at least intuitive. Bottom Line: We no longer worry about photo quality when we don’t have an Android phone along for a trip.

With the camera testing behind us, that left us with two burning questions: how’s the WiFI and how’s the Bluetooth connectivity with cars?

Not to beat a dead horse, but WiFi typically hasn’t been Apple’s strong suit unless you happen to be using their access points. That seems to be resolved with iOS 8. 5G WiFi connectivity worked great with download and upload speeds matching the limits of our broadband service. That’s the good news.

The bad news is that Bluetooth is still a mess after years and years of problem reports. If anything, iOS 8 is a step backwards judging from the reports on Apple’s own support forum. Our results with one of the latest General Motors vehicles were terrible. While the iPhone 6 could be paired with the vehicle, nothing worked afterwards. No calls, no Pandora, nothing! When every $100 Android smartphone can pair with almost any vehicle and work, we get back to our initial question: “Can it make calls?” Unfortunately, unless you want to step back in time and hold your shiny, new iPhone 6 next to your ear, the answer is a resounding NO. And, yes, we jumped through all of the Apple hoops attempting to resolve the Bluetooth problems even though nobody should ever have to endure that! For $1,000, one would expect all of the basics on a smartphone to function correctly just as you expect your brakes and windshield wipers to work when you buy a new car. The fact that Apple has dropped the ball on Bluetooth for years is yet another reason we won’t be switching from Android anytime soon. In fact, the Bluetooth problem is a deal breaker for us so we’re returning the phone.

Finally, a word to the Apple fanboys. Don’t post comments. We won’t publish them. We are not Apple haters. Quite the contrary, we have more Apple hardware under our roof than any other brand. What Apple has done in the educational arena and to foster the image of technical support as a good thing is legendary. But you can’t drop the ball on the basics and expect people that depend upon technology to be impressed. Drop everything that deals with the shiny new watch for a few days and fix Bluetooth. It’s that important!

Originally published: Monday, October 13, 2014



Need help with Asterisk? Visit the PBX in a Flash Forum.


 
Awesome Vitelity Special. Vitelity has generously offered a terrific discount for Nerd Vittles readers. You now can get an almost half-price DID from our special Vitelity sign-up link. If you’re seeking the best flexibility in choosing an area code and phone number plus the lowest entry level pricing plus high quality calls, then Vitelity is the hands-down winner. Vitelity provides Tier A DID inbound service in over 3,000 rate centers throughout the US and Canada. When you use our special link to sign up, Nerd Vittles gets a few shekels down the road to support our open source development efforts while you get an incredible signup deal as well. The going rate for Vitelity’s DID service is $7.95 a month which includes up to 4,000 incoming minutes on two simultaneous channels with terminations priced at 1.45¢ per minute. Not any more! For our users, here’s a deal you can’t (and shouldn’t) refuse! Sign up now, and you can purchase a Tier A DID with unlimited incoming calls and four simultaneous channels for just $3.99 a month. To check availability of local numbers and tiers of service from Vitelity, click here. NOTE: You can only use the Nerd Vittles sign-up link to order your DIDs, or you won’t get the special pricing! Vitelity’s rate is just 1.44¢ per minute for outbound calls in the U.S. There is a $35 prepay when you sign up. This covers future usage. Any balance is refundable if you decide to discontinue service with Vitelity.


Some Recent Nerd Vittles Articles of Interest…

  1. Actually, the sales price for the 128GB iPhone 6 with AppleCare+ and sales tax came to a whopping $1,028.59 []

Knock Three Times: Pain-Free Remote Access to Your Asterisk or Linux Server

No. We’re not going to make you relive the 1970’s with us today although now you can listen to this Number 1 Hit and a million others for free with Amazon’s new Prime Music. No, we don’t get a commission if you sign up for Amazon Prime. Yes, we make millions when you buy something from Amazon using our links. Thank you! What we have for you today is a Number 1 Utility, and it works on virtually any Linux platform. If your fraternity or sorority had a secret knock to gain access, then you already know the basic concept. Port Knocker (aka knockd) from Judd Vinet is a terrific utility that runs as a daemon on your server and does just what you’d expect. It listens for knocks. When it detects three knocks on the correct three ports in the proper sequence and from the same IP address, it opens the IPtables Linux Firewall for remote access from that IP address to your server for a predefined period of time. This would allow you to log into your server with SSH or make SIP phone calls using a softphone registered to your remote Asterisk® server. What makes Port Knocker especially useful is the existence of knocking clients for virtually any smartphone, tablet, or desktop computer. For the Travelin’ Man, it’s another must have utility.

We introduced a turnkey implementation of Port Knocker in Incredible PBX for Ubuntu 14 late last week. If you were a pioneer earlier in the week, go back and install it again to take advantage of Port Knocker. Or better yet, follow along and we’ll show you how to install it on your own RedHat/CentOS or Ubuntu/Debian server in just a couple of minutes.

Prerequisites. We’ve built open source installation scripts for both the RedHat/CentOS platform as well as the Ubuntu/Debian operating systems. These knockd installers assume that you have a fully functional and locked down IPtables firewall with an existing WhiteList of authorized users. We’d recommend Travelin’ Man 3 if you need to deploy this technology and haven’t done so already. Last week’s Incredible PBX for Ubuntu 14 already includes Travelin’ Man 3 whitelisting technology. Read the article for full details.

Today’s knockd installers are fairly generic but, if you’re running a version of CentOS earlier than 6.x or Ubuntu earlier than 14 or Debian.anything, be advised that we haven’t tested these installers on those platforms so you’re on your own. Finally, if your server is sitting behind a hardware-based firewall (as we ALWAYS recommend), then you’ll also need to map the service you wish to access (e.g. UDP 5060 for SIP or TCP 22 for SSH) plus the three TCP ports from your hardware-based firewall to your server so that legitimate “knocks” can find their way to your server. The “knock” ports themselves do not need to be opened in your IPtables firewall configuration! We’re just knocking, not entering. :-)

Overview. As configured, today’s installation scripts will install and preconfigure knockd to load automatically when you boot up your server. Three random TCP ports will be assigned for your server, and this port sequence is what remote users will need to have in order to gain access. Yes, you can change almost everything. How secure is it? Well, we’re randomizing the 3-port knock sequence using over 3,900 ports so you can do the math to figure out the odds of a bad guy guessing the correct sequence. HINT: 3900 x 3900 x 3900. Keep in mind that these “knocks” must all be received from the same IP address within a 15-second window. So sleep well but treat the port sequence just as if it were a password. It is! Once a successful knock sequence has been received, the default Port Knocker configuration will open all ports on your server for remote access from the knocking IP address for a period of one hour. During this time, “The Knocker” can log in using SSH or make SIP calls using trunks or extensions on the server. Port Knocker does not alleviate the need to have legitimate credentials to log into your server. It merely opens the door so that you can use them. At the bewitching (end of the) hour, all ports will be closed for this IP address unless “The Knocker” adds a whitelist entry for the IP address to IPtables during the open period. Yes, all of this can be modified to meet your individual requirements. For example, the setup could limit the range of ports available to “The Knocker.” Or the setup could leave the ports open indefinitely until another series of knocks were received telling knockd to close the IPtables connection. Or perhaps you would want to leave the ports open for a full day or a week instead of an hour. We’ll show you how to modify all of the settings.

Server Installation. To get started, log into your server as root and download and run the appropriate installer for your operating system platform.

For RedHat/Fedora/CentOS/ScientificLinux servers, issue the following commands:

cd /root
wget http://nerdvittles.com/wp-content/knock-R.tar.gz
tar zxvf knock*
rm knock-R.tar.gz
./knock*

For Ubuntu/Debian servers, issue the following commands:

cd /root
wget http://nerdvittles.com/wp-content/knock-U.tar.gz
tar zxvf knock*
rm knock-U.tar.gz
./knock*

For ARM-based servers, issue the following commands:

cd /root
wget http://nerdvittles.com/wp-content/knock-ARM.tar.gz
tar zxvf knock*
rm knock-ARM.tar.gz
./knock*

Server Navigation Guide. On both the RedHat/CentOS/Fedora and Ubuntu/Debian platforms, the knockd configuration is managed in /etc/knockd.conf. Before making changes, always shutdown knockd. Then make your changes. Then restart knockd. On RedHat systems, use service knockd stop and start. On Ubuntu, use /etc/init.d/knockd stop and start. By default, knockd monitors activity on eth0. If your setup is different, on Ubuntu, you’ll need to change the port in /etc/default/knockd: KNOCKD_OPTS="-i wlan0". On RedHat, the config file to modify is /etc/sysconfig/knockd and the syntax: OPTIONS="-i venet0:0".

In /etc/knockd.conf, create an additional context to either start or stop an activity. It can also be used do both as shown in the example code above. More examples here. There’s no reason these activities have to be limited to opening and closing the IPtables firewall ports. You could also use a knock sequence to turn on home lighting or a sprinkler system with the proper software on your server.

To change the knock ports, edit sequence. Both tcp and udp ports are supported. seq_timeout is the number of seconds knockd waits for the complete knock sequence before discarding what it’s already received. We’ve had better luck on more servers setting tcpflags=syn. start_command is the command to be executed when the sequence matches. cmd_timeout and stop_command tell knockd what to do after a certain number of seconds have elapsed since the start_command was initiated. If you’re only starting or stopping some activity (rather than both), use command instead of start_command and stop_command to specify the activity.

IPtables 101. The default setup gives complete server access to anyone that gets the knock right. That doesn’t mean they get in. In the PIAF World, it means they get rights equivalent to what someone else on your LAN would have, i.e. they can attempt to log in or they can use a browser to access FreePBX® provided they know the server’s root or FreePBX credentials.

If you would prefer to limit access to a single port or just a few ports, you can modify command or start_command and stop_command. Here are a few examples to get you started.

To open SSH access (TCP port 22):

/sbin/iptables -A INPUT -s %IP% -p tcp --dport 22 -j ACCEPT

To close SSH access (TCP port 22):

/sbin/iptables -D INPUT -s %IP% -p tcp --dport 22 -j ACCEPT

To open a range of SIP ports (UDP 5060 to 5069):

/sbin/iptables -A INPUT -s %IP% -p udp --dport 5060:5069 -j ACCEPT

To close a range of SIP ports (UDP 5060 to 5069):

/sbin/iptables -D INPUT -s %IP% -p udp --dport 5060:5069 -j ACCEPT

Here’s a gotcha to be aware of. If you’re using the Travelin’ Man 3 WhiteList setup on your server, be especially careful in crafting your IPtables rules so that you don’t accidentally remove an existing Travelin’ Man 3 rule in closing some port with knockd. You will note that the syntax of the knockd commands is intentionally a bit different than what you will find in your Travelin’ Man 3 setup. This avoids clobbering something accidentally.

Monitoring Activity. Here are the two best tools to monitor knockd activity to make certain your setup is performing as expected. The knockd log (/var/log/knockd.log) will tell you when a knocking attempt has occurred and whether it was successful:
[2014-07-06 14:44] starting up, listening on eth0
[2014-07-06 15:29] 79.299.148.11: opencloseSSH: Stage 1
[2014-07-06 15:29] 79.299.148.11: opencloseSSH: Stage 2
[2014-07-06 15:29] 79.299.148.11: opencloseSSH: Stage 3
[2014-07-06 15:29] 79.299.148.11: opencloseSSH: OPEN SESAME
[2014-07-06 15:29] opencloseSSH: running command: /sbin/iptables -A INPUT -s 79.299.148.11 -p tcp --dport 22 -j ACCEPT

Next, verify that the IPtables command did what it was supposed to do. iptables -nL will tell you whether port 22 access was, in fact, enabled for 79.299.148.11. The entry will appear just above the closing Chain entries in the listing:

ACCEPT     tcp  --  79.299.148.11         0.0.0.0/0           tcp dpt:22

Two things typically can go wrong. Either the knock from a client computer or cellphone wasn’t successful (knockd.log will tell you that) or IPtables didn’t open the port(s) requested in your knockd command (the iptables -nL query will show you that). In the latter case, it’s usually a syntax error in your knockd command. Or it could be the timing of the knocks. See /var/log/knockd.log.

Port Knocker Clients. The idea behind Port Knocker is to make remote access easy both for system administrators and end-users. From the end-user perspective, the simplest way to do that is to load an app on the end-user’s smartphone so that even a monkey could push a button to gain remote access to a server. If the end-user’s cellphone has WiFi connectivity sitting behind a firewall in a hotel somewhere, then executing a port knock from the smartphone should open up connectivity for any other devices in the hotel room including any notebook computers and tablets. All the devices typically will have the same public IP address, and this is the IP address that will be enabled with a successful knock from the smartphone.

Gotta love Apple’s search engine. Google, they’re not…

There actually are numerous port knocking clients for both Android and iOS devices. Here are two that we’ve tested that work: PortKnock for the iPhone and iPad is 99¢ and PortKnocker for Android is free. Some clients work better than others, and some don’t work at all or work only once. DroidKnocker always worked great the first time. Then it wouldn’t work again until the smartphone was restarted. KnockOnD for the iPhone, which is free, worked fine with our office-based server but wouldn’t work at all with a cloud-based server at RentPBX. With all the clients, we had better results particularly with cloud-based servers by changing the timing between knocks to 200 or 500 milliseconds. How and when the three knocks are sent seems to matter! Of all the clients on all the platforms, PortKnocker was the least temperamental and offered the most consistent results. And you can’t beat the price. A typical setup is to specify the address of the server and the 3 ports to be knocked. Make sure you have set the correct UDP/TCP option for each of the three knocks (the default setup uses 3 TCP ports), and make sure the IP address or FQDN for your server is correct.

Another alternative is to use nmap to send the knocks from a remote computer. The knock.FAQ file in your server’s /root directory will tell you the proper commands to send to successfully execute a connection with your server’s default Port Knocker setup. Enjoy!

Originally published: Monday, July 7, 2014


Support Issues. With any application as sophisticated as this one, you’re bound to have questions. Blog comments are a terrible place to handle support issues although we welcome general comments about our articles and software. If you have particular support issues, we encourage you to get actively involved in the PBX in a Flash Forums. It’s the best Asterisk tech support site in the business, and it’s all free! Please have a look and post your support questions there. Unlike some forums, ours is extremely friendly and is supported by literally hundreds of Asterisk gurus and thousands of users just like you. You won’t have to wait long for an answer to your question.



Need help with Asterisk? Visit the PBX in a Flash Forum.


 
Awesome Vitelity Special. Vitelity has generously offered a terrific discount for Nerd Vittles readers. You now can get an almost half-price DID from our special Vitelity sign-up link. If you’re seeking the best flexibility in choosing an area code and phone number plus the lowest entry level pricing plus high quality calls, then Vitelity is the hands-down winner. Vitelity provides Tier A DID inbound service in over 3,000 rate centers throughout the US and Canada. When you use our special link to sign up, Nerd Vittles gets a few shekels down the road to support our open source development efforts while you get an incredible signup deal as well. The going rate for Vitelity’s DID service is $7.95 a month which includes up to 4,000 incoming minutes on two simultaneous channels with terminations priced at 1.45¢ per minute. Not any more! For our users, here’s a deal you can’t (and shouldn’t) refuse! Sign up now, and you can purchase a Tier A DID with unlimited incoming calls and four simultaneous channels for just $3.99 a month. To check availability of local numbers and tiers of service from Vitelity, click here. NOTE: You can only use the Nerd Vittles sign-up link to order your DIDs, or you won’t get the special pricing! Vitelity’s rate is just 1.44¢ per minute for outbound calls in the U.S. There is a $35 prepay when you sign up. This covers future usage. Any balance is refundable if you decide to discontinue service with Vitelity.


Some Recent Nerd Vittles Articles of Interest…

FMC: The Future of Telephony with Vitelity’s vMobile and Asterisk in the Cloud




If making phone calls from a web browser is what you’ve always longed for, then you’re in good company with Google and its future direction in the telephony space. Call us old fashioned but this strikes us as a solution in desperate need of a problem. What’s wrong with a Plain Old Telephone or a smartphone for making connections with friends and business associates? The real head scratcher is the fact that the WebRTC and Hangouts push demonstrates that the wizards at Google are seriously out of touch with the next generation. Will our 14-year-old daughter use Skype or Hangouts or FaceTime? Sure. About once a month to chat with Grandma or to interact with cousins scattered around the country, it’s a terrific option. And the same is true in the business community. When you need to collaborate with a half dozen colleagues, conferencing applications are invaluable. But to meet 95% of day in and day out business requirements, a telephone or smartphone is the clear device of choice. So join us today in celebrating the end of Google Voice XMPP service and the beginning of a new and even more exciting VoIP era… sans Google.


Of course, if it were up to the next generation, telephone calls might completely disappear in favor of text messaging, Snapchat, Instagram, and any other platform that includes recorded photos or videos. Note the subtle difference. Kids really are not interested in live video interaction. They find posed images that tell a story much more appealing. Why? Because recorded photos and videos let users present their best face, their movie star pose, and their expression of what they want others to perceive they’re really like. In short, live video is too much like real life. Our conclusion for those targeting the next generation is you’d better come up with something better and quite different than Skype, Hangouts, and FaceTime.

It’s Fixed-Mobile Convergence, Stupid!

Now let’s return to our primary focus for today, the current business community. Suffice it to say, there are a dwindling number of what we used to call “desk jobs” where an employee arrives at his or her desk at 9 a.m. and leaves at 5 p.m. As more and more jobs are headed off shore, the telephone and smartphone have replaced the corporate desk as the most indispensable corporate fixture. Particularly in the American marketplace, what we see with most businesses is a management layer and an (upwardly) mobile force of salespeople, consultants, and implementers that interact primarily through PBXs in an office headquarters or home office together with smartphones for those that generally are on the road. Many of these Road Warriors don’t even have a home phone any longer.


The telephony Holy Grail for this new business model is Fixed-Mobile Convergence (FMC). It’s the ability to transparently move from place to place while retaining your corporate identity. Every employee from the night watchman in Miami to the salesperson making calls from a Starbucks in California to the CEO in New York has an extension on a PBX in the cloud together with the ability to accept and place calls using the company’s CallerID name and number, transfer calls, and participate in conference calls regardless of whether the phone instrument happens to be a desktop phone or a smartphone. Is this even possible? Well, as of last week, the answer is ABSOLUTELY.

Vitelity has been a long-time corporate sponsor of both the Nerd Vittles and PBX in a Flash open source projects so we were thrilled when we were offered a free, Samsung Galaxy S III to try out the new (live) vMobile service that took Best in Show honors at ITEXPO Miami in January. As Vitelity’s Chris Brown would probably tell you, it’s one thing to demonstrate a new technology at a trade show and quite another to bring it into production. But Vitelity did it:



What we want to stress up front is that we’ve received no special treatment in getting this to work. We received the phone, opened a support ticket to register the phone on Vitelity’s vMobile network, and plugged our new credentials into the phone so that it could be integrated into our PBX in a Flash server. Once the smartphone became an extension on our PBX, we could place calls through our PBX with the S3 using both WiFi and Sprint 3G/4G service. Switching between WiFi and cellular is totally transparent. The CallerID for all outbound calls was our standard PBX CallerID. We also could place calls to other extensions on the PBX by dialing a 4-digit extension while connected to WiFi or the Sprint network virtually anywhere. If you have 3-digit extensions, those are a problem over the Sprint network but we’ll show you a little trick to get them working as well.

Keep in mind that every call from the S3 goes out through the PBX just as if you were using a standard desktop phone as a hardwired extension. And it really doesn’t matter whether the S3 has a WiFi connection or a pure cellular connection on Sprint’s network. You receive calls on the S3 in much the same way. It’s just another extension on your PBX. If you want to add it to a ring group to process incoming calls, that works. If other users on your PBX wish to call the S3 directly using the extension number, that works as well. If you want to transfer a call, pressing ## on the S3 initiates the transfer just as if you were using a phone on your desk. When we say transparent convergence, we really do mean transparent. No recipient of a call from the vMobile S3 would have any idea whether you were sitting at a desk in the corporate headquarters in New York or in a seat on a Delta jet after landing in San Francisco. Both the call quality and the corporate CallerID would be identical. And your secretary on maternity leave at Grandma’s house still could reach you using her vMobile S3 by simply dialing your corporate extension.

So that’s the Fortune 500 view of the new VoIP universe. How about the little guy with a $15 a month PBX in a Flash server in the RentPBX cloud1, a couple mobile sales people, and a handful of construction workers that build swimming pools for a living? It works identically. Each has an S3 connected as an extension on the PIAF cloud server. And calls can be managed in exactly the same way they would be handled if everyone were sitting side-by-side at desks in an office headquarters somewhere. The silver lining of cloud computing is that it serves as the Great Equalizer between SOHO businesses and Fortune 500 companies. Asterisk® paired with inexpensive cloud hosting services such as RentPBX lets you mimic the Big Boys for pennies on the dollar. We think Vitelity has hit a bases loaded, home run with vMobile.


vMobile Pricing

We know what you’re thinking. “Since you got yours for free, what does it really cost??” The Galaxy S3 (or S4) is proprietary running Trebuchet 1.0, a (rooted) CyanogenMod version of Android’s KitKat. You can purchase these devices directly from the Vitelity Store. Currently, you can’t bring your own device. The refurbished S3 is $189 including warranty. Works perfectly! That’s what we’re using. Next, you’ll need a vMobile account for each phone. Unless you’re a Nerd Vittles reader, it’s $9.95 per month. That gets you free WiFi calling and data usage anywhere you can find an available WiFi hotspot. And text messaging is free. For calls and data using Sprint’s nationwide network, the calls are 2¢ a minute and the data is 2¢ per megabyte ($20 per gigabyte). For us, a typical day of data usage with an email account and light web use costs about a quarter. YMMV! So long as you configure Android to download application updates when connected to WiFi, data usage should not be a problem unless you’re into photos and streaming video. Android includes excellent tools for monitoring and even curbing your data usage if this is a concern.

vMobile Gotchas

Before we walk you through the setup process, let’s cover the gotchas. The list is short. First, we don’t recommend connecting vMobile devices to a PBX sitting behind a NAT-based firewall, or you may end up with some calls missing audio. The reason is NAT and quirky residential routers. If you think about it, when your S3 is inside the firewall and connected to WiFi, it will have an IP address on your private LAN just like your Asterisk server. When your S3 is outside your firewall on either a cellular connection or someone else’s WiFi network, it will have an IP address that is not on your private LAN. Others may be smarter than we are, but we couldn’t figure a way to have connections work reliably in both scenarios using most residential routers. You can configure your S3’s PBX extension for NAT=No or NAT=yes, but you can’t tell Asterisk how to change it depending upon where you are. One simple solution is to deploy these phones with a VPN connection to your Asterisk server sitting behind a NAT-based firewall. The more reliable solution is to build your PBX in a Flash server in the cloud with no NAT-based firewall. Then use an IPtables WhiteList (aka Travelin’ Man 3) to protect your server. From there, you can either interconnect the cloud-based server with a second PBX behind your firewall, or you can dispense with the local PBX entirely. Either way will eliminate the NAT issues with missing audio. In both cases, use NAT=yes for the vMobile extension.

Another wrinkle involves text messaging. Traditional text messages work fine; however, MMS still is problematic unless you initiate the outbound MMS session with the other recipient. It’s probably worth noting that Google Voice never got MMS working at all despite years of promises. This wasn’t a deal breaker for us, but it’s a bug that still is being worked on.

Finally, there’s Sprint. You either love ’em or hate ’em. We really haven’t used Sprint service in about eight years. In the Charleston area, the barely 3G service still is just as lousy as it was eight years ago. But, if you live in an area with good Sprint coverage and performance, this shouldn’t be an issue for you. And vMobile works fine in Charleston. You just won’t be surfing the web very often unless you have hours to kill… waiting. Additionally, dialing numbers with less than 4 numbers is a non-starter with Sprint, but we’ll show you a simple workaround to reach 3-digit local extensions from your vMobile device below.

With a service as revolutionary as vMobile with Sprint’s new FMC architecture, we can’t help thinking there may be other cellular carriers with an interest in deploying this technology sooner rather than later. But, given the vMobile feature set, Sprint is good enough for now especially when WiFi connectivity is available almost everywhere.




vMobile Configuration at Vitelity

For the Vitelity side of the setup, you first configure your smartphone using the (included) My Phone app. When the application is run, your cellphone number will be shown. Tapping the display about a dozen times will cause the phone’s setup to be reconfigured. Vitelity will provide you the secret key to activate your account. Next, you’ll log into the Vitelity portal and choose vMobile -> My Devices under My Products and Services. The account for your vMobile device will already exist. Clicking on the pull-down menu beside your vMobile device will let you create your SIP account on Vitelity’s server. Enter the IP address or FQDN of your Asterisk server and set up a very secure password. Your username will be the 10-digit phone number assigned to your vMobile phone. Save your settings and then choose the Edit option to view your setup. The portal will display your Username, Password, and FreePBX/Asterisk Connect Host name. Write them down for use when you configure your new extension using FreePBX®.




vMobile Configuration for Asterisk and PBX in a Flash

On the PBX in a Flash server, use a browser to open FreePBX. Choose Applications -> Extensions and add a new generic SIP device. For Display Name and User Extension, enter the 10-digit phone number assigned to your vMobile device. Under Secret, enter the password you assigned in Vitelity’s vMobile portal. Click Submit and reload FreePBX when prompted. Then edit the extension you just created. Set NAT=yes and change the Host entry from dynamic to the FQDN entry that was shown in Vitelity’s vMobile portal, e.g. 7209876542.mobilet103.sipclient.org. Update your configuration and restart FreePBX once again. Finally, from the Linux command prompt, restart Asterisk: amportal restart. If you’re using a WhiteList with IPtables such as Travelin’ Man 3, be sure to add a new WhiteList entry for your vMobile Host entry. Finally, add your vMobile extension to any desired Inbound Routes to make certain your vMobile device rings when desired.

You now should be able to place and receive calls on your vMobile device. If you want to be able to call 3-digit Asterisk extensions on both WiFi and while roaming on the Sprint cellular network, then you’ll need to add a little dialplan code since Sprint reserves 3-digit numbers for emergency services and will reject other calls with numbers of less than 4 digits. Here’s the simple fix. Always dial 3-digit extensions with a leading 0, e.g. 0701 to reach extension 701. We’ll strip off the leading zero before routing the call. The dialplan code below works whether you’re calling a local 3-digit extension or a 3-digit extension on an interconnected remote Asterisk server. Simply edit extensions_custom.conf in /etc/asterisk and insert the following code at the top of the [from-internal-custom] context. Then restart Asterisk: amportal restart. Note that we’ve set this up so that, if you have an extension 701 on both the local server and a remote server, the call will be connected to the local 701 extension. If you have different extension prefixes for different branch offices (e.g. 7XX in Atlanta and 8XX in Dallas), then this dialplan code will route the calls properly assuming you’ve configured an outbound route with the appropriate dial pattern for each branch office.

exten => _0XXX,1,Answer
exten => _0XXX,n,Wait(1)
exten => _0XXX,n,Set(NUM2CALL=${CALLERID(dnid):1})
exten => _0XXX,n,Dial(sip/${NUM2CALL})
exten => _0XXX,n,Dial(local/${NUM2CALL}@from-internal)
exten => _0XXX,n,Hangup

Vitelity vMobile Special for Nerd Vittles Readers

Now for the icing on the cake… We asked Vitelity if they would consider offering special pricing to Nerd Vittles readers and PBX in a Flash users. We’re pleased to report that Vitelity agreed. By using this special link when you sign up, the vMobile monthly fee will be $8.99 instead of $9.95. In addition, your first month is free with no activation fee. We told you last week that there was a very good reason for choosing Vitelity as your SIP provider. Now you know why.

And, if you’re new to Cloud Computing, take advantage of the RentPBX special for Nerd Vittles readers. $15 a month gets you your very own PBX in a Flash server in the Cloud. Just use this coupon code: PIAF2012. Enjoy!

Originally published: Thursday, May 15, 2014





Need help with Asterisk? Visit the PBX in a Flash Forum.


 
Awesome Vitelity Special. Vitelity has generously offered a terrific discount for Nerd Vittles readers. You now can get an almost half-price DID from our special Vitelity sign-up link. If you’re seeking the best flexibility in choosing an area code and phone number plus the lowest entry level pricing plus high quality calls, then Vitelity is the hands-down winner. Vitelity provides Tier A DID inbound service in over 3,000 rate centers throughout the US and Canada. When you use our special link to sign up, Nerd Vittles gets a few shekels down the road to support our open source development efforts while you get an incredible signup deal as well. The going rate for Vitelity’s DID service is $7.95 a month which includes up to 4,000 incoming minutes on two simultaneous channels with terminations priced at 1.45¢ per minute. Not any more! For our users, here’s a deal you can’t (and shouldn’t) refuse! Sign up now, and you can purchase a Tier A DID with unlimited incoming calls and four simultaneous channels for just $3.99 a month. To check availability of local numbers and tiers of service from Vitelity, click here. NOTE: You can only use the Nerd Vittles sign-up link to order your DIDs, or you won’t get the special pricing! Vitelity’s rate is just 1.44¢ per minute for outbound calls in the U.S. There is a $35 prepay when you sign up. This covers future usage. Any balance is refundable if you decide to discontinue service with Vitelity.


Some Recent Nerd Vittles Articles of Interest…

  1. RentPBX also is a corporate sponsor of the Nerd Vittles and PBX in a Flash projects. []