AJAM is a new technology available in Asterisk® 1.4 which allows web browsers or other HTTP-enabled applications and web pages to directly access the Asterisk Manager Interface (AMI) via HTTP. You can read muppetmaster's complete writeup at voip-info.org. Because of Apache, it was Asterisk's mini-web server that rarely was needed or enabled with PBX in a Flash, Elastix, trixbox, or any other Asterisk aggregation... until recently. Then along came a terrific app called Noojee Click for Firefox from Noojee Telephony Solutions in Australia. What this little gem provides is Asterisk click-to-dial functionality with AJAM for any phone number found on any web page you happen to be browsing with Firefox. See, for example, the U.S. Senate web site (shown below). You'll note that little Noojee icons are displayed beside each senator's telephone number. So give Barack and John a call, and tell them what's on your mind. To call your favorite senator, just click on the desired icon. And, because it's a Firefox Addon, it's operating system agnostic so it works well on almost any desktop computer. We're going to walk you through getting everything set up today with Asterisk, but we have one cautionary note.

WARNING: We strongly urge you NOT to expose AJAM or the Asterisk Manager Interface to public access over the Internet or to untrusted users! Doing so almost certainly will compromise the integrity of your Asterisk system without a significant amount of additional work (not covered in this article) to harden and broaden the number of passwords and to better secure these services. Having said that, Noojee Click is a terrific tool for use on a private intranet where you trust ALL of the users or via VPN access where you trust ALL of the users with VPN access. And that's what we'll cover today in this tutorial.

Prerequisites. In order to follow along in this tutorial, you'll need a properly configured Asterisk 1.4 system as well as the Noojee Click Addon for Firefox which must be installed and properly configured on your client machines. We also are assuming that your Asterisk 1.4 implementation includes a relatively current version of FreePBX that is functioning reliably. We've given up installing every release of every Asterisk aggregation on the planet. So... what follows assumes you're using PBX in a Flash. If the other aggregations are properly configured, the same instructions should work without any changes. But we haven't tested them so proceed at your own risk.


Activating AJAM. Asterisk 1.4 as compiled on PBX in a Flash systems comes with AJAM support built in but not activated. Here are the three steps to activate and test that it's working properly.

1. Copy the sample AJAM config file into the /etc/asterisk directory:

cp /usr/src/asterisk/configs/http.conf.sample /etc/asterisk/http.conf

2. Using your favorite editor, edit http.conf so that it looks like the following. Be sure to change the private IP address 192.168.0.236 to reflect the private IP address of your Asterisk server or, in the alternative, you can use the VPN IP address of your Asterisk server .

;
; Asterisk Builtin mini-HTTP server
;
;
[general]
;
; Whether HTTP interface is enabled or not. Default is no.
;
enabled=yes
;
; Whether Asterisk should serve static content from http-static
; Default is no.
;
;enablestatic=yes
;
; Address to bind to. Default is 0.0.0.0
;
bindaddr=192.168.0.236
;
; Port to bind to (default is 8088)
;
bindport=8088
;
; Prefix allows you to specify a prefix for all requests
; to the server. The default is "asterisk" so that all
; requests must begin with /asterisk
;
prefix=asterisk
;
; The post_mappings section maps URLs to real paths on the filesystem. If a
; POST is done from within an authenticated manager session to one of the
; configured POST mappings, then any files in the POST will be placed in the
; configured directory.
;
;[post_mappings]
;
; In this example, if the prefix option is set to "asterisk", then using the
; POST URL: /asterisk/uploads will put files in /var/lib/asterisk/uploads/.
uploads = /var/lib/asterisk/uploads/
;

3. Now issue the following commands to configure and restart Asterisk and make sure AJAM is functioning properly:

mkdir /var/lib/asterisk/uploads
chown asterisk:asterisk /var/lib/asterisk/uploads
amportal restart
asterisk -rx "http show status"

You should receive a response that looks something like the following:

HTTP Server Status:
Prefix: /asterisk
Server Enabled and Bound to 192.168.0.236:8088
Enabled URI's:
/asterisk/httpstatus => Asterisk HTTP General Status
/asterisk/manager => HTML Manager Event Interface
/asterisk/rawman => Raw HTTP Manager Event Interface
/asterisk/static/... => Asterisk HTTP Static Delivery
/asterisk/mxml => XML Manager Event Interface

Adjusting Security Settings to Permit Noojee Click Access. Two of the default security settings on PBX in a Flash systems would prevent Noojee Click running on any PC inside or outside your private network from accessing your Asterisk server to place a call. We want you to be fully aware that we are loosening up security to permit this access so that you'll know how to reverse it if you change your mind. First, the IPtables firewall blocks TCP port 8088 access to your Asterisk server from any external machine. Second, the default Asterisk Manager configuration blocks access to the Asterisk Manager Interface except from the Asterisk server itself. So the next two sections will walk you through adjusting both the IPtables firewall setup and the Asterisk Manager configuration to permit Noojee Click access.

Adjusting IPtables for TCP Port 8088 Access. We always recommend that your Asterisk server be installed behind a hardware-based firewall/router with all web access blocked. IPtables is configured to permit access to port 80 and several other web ports; however, this is intended to allow private intranet access to your server, not public Internet access. We're going to unblock TCP port 8088 with the same cautionary note. Do NOT expose TCP port 8088 to the public Internet! If you cannot live without Internet access to your server, use a VPN tunnel to make the connection so that all of the data is secured and the connection does not expose unencrypted data and passwords to the public Internet.

To open TCP port 8088 on your IPtables firewall, add the following line to the bottom of /etc/sysconfig/iptables just above the COMMIT line:

-A INPUT -p tcp -m tcp --dport 8088 -j ACCEPT

Then restart the IPtables service:

service iptables stop
service iptables start

Adjusting Asterisk Manager for Local Subnet Access. Giving any user Asterisk Manager access is equivalent to handing over the keys to your Asterisk castle. If you have any doubt about the integrity of any user on the subnet on which your Asterisk server is running, don't follow these instructions. Instead, consult an expert and limit access by individual IP addresses with separate account names and passwords for each trusted machine on your network, e.g. permit=192.168.0.31/255.255.255.255. This also could be the VPN address of any remote machine. To enable Noojee Click access to the Asterisk Manager for your entire local subnet, edit /etc/asterisk/manager.conf and add a new context at the bottom of the file that looks like the following using the actual subnet address of your intranet instead of 192.168.0.0. AND be sure to use a very secure password:

[noojee]
secret = YourVerySecurePasswordGoesHere
deny=0.0.0.0/0.0.0.0
permit=192.168.0.0/255.255.255.0
read = system,call,log,verbose,command,agent,user
write = system,call,log,verbose,command,agent,user

In the [general] context of the same file, add the following entry:

webenabled = yes

Save your changes and restart Asterisk: amportal restart.

Testing AJAM on Your Server. The easiest way to be sure you have a correct setup on your system is to try to access AJAM with a browser. First, install the text-based lynx browser. Issue the command: yum install lynx. Once installed, type lynx to start it up. Then choose G and enter the following URL using your actual IP address and password from above, of course:

http://192.168.0.236:8088/asterisk/manager?action=login&username=noojee&secret=YourVerySecurePasswordGoesHere

Installing and Configuring Noojee Click. Now that AJAM is humming along, you're ready to install Noojee Click on each of your desktop machines. On every machine, you'll need to fire up Firefox and go to this link. Click on the provided link to install Noojee Click for Asterisk. Firefox will display the following message just under the tab bar: 'Firefox prevented this site (www.noojee.com.au) from asking you to install software on this computer.' Click the 'Allow' button on the right hand side of your browser to allow Noojee Click to be installed. Then repeat the process again. You'll need to restart Firefox to finish the install. When Firefox reloads, you'll see the Noojee logo in the bottom right hand corner of the Firefox status bar. Click on it and choose Configuration. Enter the following settings using the IP address of your Asterisk server, noojee for the username, and whatever password you chose above for Asterisk Manager access:

ServerType: AJAM (Asterisk 1.4+)
Host: Internal IP Address of Your Asterisk Server
Port: 8088
Username: noojee
Password: YourVerySecurePasswordGoesHere
Phone Extension: the extension number where you will pick up this outbound call (works like AsteriDex!)
Context: from-internal
Enable Autoanswer: your choice
Phone Type: your choice (use Aastra for softphones)
Dial Prefix: only if required by your existing trunk setup
International Prefix: only if required by your setup
Pattern: leave the ones that are there and add the following for calls in the U.S.
XXX-XXX-XXXX
(XXX) XXX-XXXX
Enable Logging: your choice

Press the Escape key to save your settings. Now access a web page with some phone numbers and click on the Noojee icon beside a phone number to place an outbound call. The extension you specified in the Configuration should begin to ring. Answer the call, and the outbound call will be placed. Enjoy!


Hosting Provider Mega Deal. Just an FYI that the Nerd Vittles hosting provider, BlueHost, has raised the bar again on hosting services. For $6.95 a month, you can host unlimited domains with unlimited web hosting disk storage and unlimited monthly bandwidth. Free domain registration is included for as long as you have an account. It really doesn't get any better than that. And their hosting services are flawless! Just use our link. You get a terrific hosting service, and we get a little lunch money.


New Fonica Special. If you want to communicate with the rest of the telephones in the world, then you'll need a way to route outbound calls (terminations) to their destination. For outbound calling, we recommend you establish accounts with several providers. We've included two of the very best! These include Joe Roper's new service for PBX in a Flash as well as our old favorite, Vitelity. To get started with the Fonica service, just visit the web site and register. You can choose penny a minute service in the U.S. Or premium service is available for a bit more. Try both. You've got nothing to lose! In addition, Fonica offers some of the best international calling rates in the world. And Joe Roper has almost a decade of experience configuring and managing these services. So we have little doubt that you'll love the service AND the support. To sign up in the USA and be charged in U.S. Dollars, sign up here. To sign up for the European Service and be charged in Euros, sign up here. See the Fonica image which tells you everything you need to know about this terrific new offering. In addition to being first rate service, Fonica is one of the least expensive and most reliable providers on the planet.
 
 
 


 

Special Thanks to Our Generous Sponsors

FULL DISCLOSURE: RentPBX, Amazon, Vitelity, DigitalOcean, Vultr, Digium, Sangoma, 3CX, TelecomsXchange and others have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and their pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

Awesome Vitelity Special. Vitelity has generously offered a terrific discount for Nerd Vittles readers. You now can get an almost half-price DID from our special Vitelity sign-up link. If you're seeking the best flexibility in choosing an area code and phone number plus the lowest entry level pricing plus high quality calls, then Vitelity is the hands-down winner. Vitelity provides Tier A DID inbound service in over 3,000 rate centers throughout the US and Canada. When you use our special link to sign up, Nerd Vittles gets a few shekels down the road to support our open source development efforts while you get an incredible signup deal as well. The going rate for Vitelity's DID service is $7.95 a month which includes up to 4,000 incoming minutes on two simultaneous channels with terminations priced at 1.45¢ per minute. Not any more! For our users, here's a deal you can't (and shouldn't) refuse! Sign up now, and you can purchase a Tier A DID with unlimited incoming calls and four simultaneous channels for just $3.99 a month. To check availability of local numbers and tiers of service from Vitelity, click here. NOTE: You can only use the Nerd Vittles sign-up link to order your DIDs, or you won't get the special pricing! Vitelity's rate is just 1.44¢ per minute for outbound calls in the U.S. There is a $35 prepay when you sign up. This covers future usage. Any balance is refundable if you decide to discontinue service with Vitelity.


Some Recent Nerd Vittles Articles of Interest...

Be Sociable, Share!

Tags:

This article has 2 comments

  1. Hi, I try to make the plugin work with astmanproxy.
    I tried changing settings anyway I could but had only 2 luck out of 50 test. Please share your experience if you get it to work with astmanproxy successfully.
    p.s. I also tried to modify the original plugin.

    I got stuck on the authenticating stage. and it just hangs there.

  2. You may also should take a look at Laurenson UC Plugin – it has autoconfiguration, very nice for admins on big networks – and opens a php script that makes the call – also nice for admins, as users don’t need access to ami, ajam or whatever