With last week’s release of Incredible PBX 13-13 Lean with Asterisk® 13 and FreePBX® 13 GPL modules, it seemed like an opportune time to revisit the initial setup process of an Asterisk-based PBX. Configuring extensions, trunks, and routes are the fundamental steps in successfully interconnecting your PBX to the telecommunications network. So today we’ll walk through the initial setup process in some detail for those that are just getting started. And we think old-timers may find some hidden nuggets in the exercise as well.

Overview of the Initial Asterisk Setup Process

For those new to PBXs, here’s a two paragraph summary of how Voice over IP (VoIP) works. Phones connected to your PBX are registered with Extensions so that they can make and receive calls. When a PBX user picks up a phone and dials a number, an Outbound Route tells the PBX which Trunk to use to place the call based upon established dialing rules. Unless the dialed number is a local extension, a Trunk registered with some service provider accepts the call, and the PBX sends the call to that provider. The provider then routes the call to its destination where the recipient’s phone rings to announce the incoming call. When the recipient picks up the phone, the conversation begins.

Looking at things from the other end, when a caller somewhere in the world wishes to reach you, the caller picks up a telephone and dials a number known as a DID that is assigned to you by a provider with whom you have established service. When the provider receives the call to your DID, it routes the call to your PBX based upon destination information you established with the provider. Your PBX receives the call with information identifying the DID of the call as well as the CallerID name and number of the caller. An Inbound Route on your PBX then determines where to send the call based upon that DID and CallerID information. Typically, a call is routed to an Extension, a group of Extensions known as a Ring Group, or an IVR or AutoAttendant giving the caller choices on routing the call to the desired destination. Once the call is routed to an Extension, the PBX rings the phone registered to that Extension. When you pick up the phone, the conversation begins.

Configuring Asterisk to Support NAT-Based Routing

With a VoIP server, many PBXs and Extensions are housed behind a NAT-based router that is found in most homes and businesses. These routers assign private IP addresses that are not accessible from the Internet. This causes SIP routing headaches because there are actually two legs to every call, one on the private IP address of your server or extension and another on the public Internet with an entirely different IP address. Routers supposedly handle this handoff of the call using Network Address Translation (NAT) and SIP ALG. With Asterisk-based PBXs, we want the PBX itself to handle the NAT chores so it is critically important to do three things when setting up your PBX. First, turn off SIP ALG on every router used by your PBX and every extension connected to your PBX. Second, tell your PBX about your public and private IP address setup. Step #2 is done in the Incredible PBX GUI with a browser. Login as admin and choose Settings:Asterisk SIP Settings. In the NAT Settings section of the form, click Detect Network Settings. Make sure your public and private IP addresses are correctly listed. Then click Submit and reload your dialplan when prompted. Failure to perform BOTH of these steps typically results in calls with one-way audio, i.e. where either you or the called party can’t hear the other party in the conversation. The third rule to remember is to always configure SIP Extensions on your PBX with NAT Mode=YES. This is rarely harmful and failure to configure SIP extensions in this way typically causes one-way audio in calls as well. IAX extensions avoid NAT issues.

Configuring Extensions with Incredible PBX GUI

Extensions are created using the Incredible PBX GUI: Applications:Extensions. Many SIP phones expect extensions to communicate on UDP port 5060. If this is the case with your SIP phone or softphone, then always create Chan_SIP extensions which communicate on UDP 5060. If your SIP phone or softphone provide port flexibility, then you have a choice in the type of SIP extension to create: Chan_SIP or the more versatile PJSIP. Just remember to always configure SIP extensions with NAT Mode=YES in the Advanced tab. If your VoIP phones or softphones support IAX connectivity, you may wish to consider IAX extensions which avoid NAT problems.

When you create a new Extension, a new entry is automatically created in the PBX Internal Directory. If you wish to allow individual users to manage their extensions or use the WebRTC softphone, then you will also have to create a (very) secure password for User Control Panel (UCP) access. Choose Admin:User Management and click on the key icon of the desired extension to assign a password for UCP and WebRTC access.

Configuring SIP Phones with Incredible PBX GUI

SIP phones and softphones typically require three pieces of information: the IP address of your server, the extension number, and the extension password. If you’re using a PJSIP extension, you also will need to change the port to UDP 5061. If your server is behind a NAT-based router, SIP phones also behind the same router need to use the private LAN address rather than the public IP address. If the SIP phones are outside the router protecting the PBX, then use the public IP address and make certain that you also map ports 5060 and 5061 from your router to the private LAN address of your PBX.

The PIAF Forum can provide you with helpful information in choosing high quality SIP phones. Yealink phones are highly recommended with minimal issues. Cisco phones are the most difficult to configure. Insofar as free softphones, we recommend the Zoiper 3 offerings for Windows, Mac, iOS, and Android. Zoiper 5 still is experiencing some growing pains. A key advantage of the Zoiper softphone is it supports IAX extensions which eliminate the NAT issues entirely. On the Mac platform, we also recommend the Telephone app which is available in the App Store. For SRTP communications, use Grandstream Wave.

Configuring Trunks with Incredible PBX GUI

Perhaps the most difficult component to configure in the PBX is the Trunk. Almost every provider has a different way of doing things. We’ve taken some of the torture out of the exercise by providing a script which will configure settings for dozens of providers in seconds. Once installed, all you need to do is edit the desired Trunk (Connectivity:Trunks), change the Disable Trunk entry to No, and insert your credentials in both the PEER Details and Registration string of the SIP Settings Outgoing and Incoming tabs.

To install the Trunk setups on your PBX, log into your server as root and issue the following commands only once:

cd /root
wget http://incrediblepbx.com/create-sample-trunks.tar.gz
tar zxvf create-sample-trunks.tar.gz
rm create-sample-trunks.tar.gz
./create-sample-trunks

Configuring Google Voice with Incredible PBX GUI

The advantage of Google Voice trunks for those of you in the United States is that all of your calls within the U.S. and Canada are free. You can’t beat the price, and it has worked reliably for many, many years. There are three different ways to set up Google Voice trunks with Incredible PBX. For a one-time fee of $4.99 with this coupon, you can use the Simonics GV/SIP gateway to configure a Google Voice account using OAuth 2 authentication. Then just set up the Simonics SIP trunk on your PBX to point to the Simonics gateway. A second option is to choose the (recommended) OAuth 2 authentication method for Google Voice when you initially install Incredible PBX 13-13. Finally, you can choose plain-text passwords for Google Voice when you set up Incredible PBX. The drawback of this last option is Google has hinted that they may discontinue support of plain-text passwords.


Here are the initial setup steps on the Google side:

1. Set up a dedicated Gmail and Google Voice account to use exclusively for this Google Voice setup on your PBX. Head over to the Google Voice site and register. You’ll need to provide a U.S. phone number to verify your account by either text message or phone call.



2. Once you have verified your account by entering your verification code, you’ll get a welcome message from Mr. Google. Click Continue to Google Voice.



3. Provide an existing U.S. phone number for verification. It can be the same one you used to set up your Google account in step #1.



4. Once your phone number has been verified, choose a DID in the area code of your choice.



Special Note: Google continues to tighten up on obtaining more than one Google Voice number from the same computer or the same IP address. If this is a problem for you, here’s a workaround. From your smartphone, install the Google Voice app from iPhone App Store or Google’s Play Store. Then open the app and login to your new Google account. Choose your new Google Voice number when prompted and provide a cell number with SMS as your callback number for verification. Once the number is verified, log out of Google Voice. Do NOT make any calls. Now head back to your PC’s browser and login to https://voice.google.com. You will be presented with the new Google Voice interface which does not include the Google Chat option. But fear not. At least for now there’s still a way to get there. After you have set up your new phone number and opened the Google Voice interface, click on the 3 vertical dots in the left sidebar (it’s labeled More). When it opens, click Legacy Google Voice in the sidebar. That will return you to the old UI. Now click on the Gear icon (upper right) and choose Settings. Make sure the Google Chat option is selected and disable forwarding calls to whatever default phone number you set up.

5. When your DID has been assigned, click the More icon at the bottom of the left column of the Google Voice desktop. Click Legacy Google Voice. Now click the Settings icon on your legacy Google Voice desktop. Make certain that Forward Calls to Google chat is checked and disable calls to your forwarding number. Click on the Calls tab and select Call Screening:OFF, CallerID (Incoming):Display Caller’s Number, and Global Spam Filtering:checked. The remaining entries should be blank.

6. Google Voice configuration is now complete. Sign out of your Google Voice account.


The Simonics GV-SIP Gateway Solution. Here’s the quick thumbnail of the steps to put all the pieces in place. First, we set up a Google Voice account at Google as documented above. Next, we’ll set up an account at the Simonics site to link our Google Voice account to the Simonics SIP Gateway. Then we’ll plug our Simonics SIP credentials into the preconfigured Simonics trunk on Incredible PBX. Finally, we’ll add Incoming and Outgoing Routes to tell Incredible PBX how to process Google Voice calls.

Now you’re ready to set up an account on the Simonics site. With this Nerd Vittles link, there’s a one-time fee of $4.99.

1. Start by registering your new Google account.

2. After paying the $4.99 registration fee via PayPal, proceed through the setup process to link your Google Voice account and 11-digit Google Voice phone number to the Simonics SIP Gateway.

3. You then will be provided your SIP username and password as well as the gateway address, gvgw.simonics.com, to use in building your SIP trunk on your PBX.



4. If your SIP credentials ever get compromised, regenerate your password by logging back into the Simonics GW site.

Now it’s time to configure your Simonics trunk in Incredible PBX. Start by logging into the web interface as admin with your admin password from above. Click Connectivity:Trunks and choose the Simonics trunk in the PBX Configuration menu. The Simonics trunk template will display:

1. Untick the Disable Trunk check box.

2. In Outbound CallerID, insert your 10-digit Google Voice number.

3. In username, insert GV1 followed by your 10-digit Google Voice number.

4. In secret, insert your Simonics SIP password.

5. In the Registration String, insert GV1 followed by your 10-digit Google Voice number followed by a colon (:)

6. In the Registration String after the colon, insert your Simonics SIP password.

7. In the tail of the Registration String after the slash (/), insert your 10-digit Google Voice number.

8. Click Submit Changes and then Reload the Dialplan when prompted.


Configuring GV Trunk with Motif in the GUI. If you elect to configure your Google Voice trunk natively using the Incredible PBX GUI, you first will need to obtain a Refresh_Token if you elected to use OAuth 2 authentication.

1. Be sure you are still logged into your Google Voice account. If not, log back in at https://voice.google.com.

2. In a separate browser tab, go to the Google OAUTH Playground using your browser while still logged into your Google Voice account.

3. Once logged in to Google OAUTH Playground, click on the Gear icon in upper right corner (as shown below).

  3a. Check the box: Use your own OAuth credentials
  3b. Enter Incredible PBX OAuth Client ID:

466295438629-prpknsovs0b8gjfcrs0sn04s9hgn8j3d.apps.googleusercontent.com

  3c. Enter Incredible PBX OAuth Client secret: 4ewzJaCx275clcT4i4Hfxqo2
  3d. Click Close

4. Click Step 1: Select and Authorize APIs (as shown below)

  4a. In OAUTH Scope field, enter: https://www.googleapis.com/auth/googletalk
  4b. Click Authorize APIs (blue) button.

5. Click Step 2: Exchange authorization code for tokens

  5a. Click Exchange authorization code for tokens (blue) button

  5b. When the tokens have been generated, Step 2 will close.

6. Reopen Step 2 and copy your Refresh_Token. This is the "password" you will need to enter (together with your Gmail account name and 10-digit GV phone number) when you add your GV trunk in the Incredible PBX GUI. Store this refresh_token in a safe place. Google doesn’t permanently store it!

7. Authorization tokens NEVER expire! If you ever need to remove your authorization tokens, go here and delete Incredible PBX Google Voice OAUTH entry by clicking on it and choosing DELETE option.

Switch back to your Gmail account and click on the Phone icon at the bottom of the window to place one test call. Once you successfully place a call, you can log out of Google Voice and Gmail.

Yes, this is a convoluted process. Setting up a secure computing environment often is. Just follow the steps and don’t skip any. It’s easy once you get the hang of it. And you’ll sleep better.

Now you’re ready to configure your Google Voice account in Incredible PBX. You do it from within the Incredible PBX GUI by choosing Connectivity:Google Voice. Just plug in your Google Voice Username, enter your refresh_token from Step #6 above as your Google Voice Password, enter your 10-digit Google Voice Phone Number, and check the first two boxes: Add Trunk and Add Outbound Routes. Then click Submit and Apply Settings to save your new entries.

If you elected to use plain-text passwords for Google Voice, simply skip obtaining OAuth 2 credentials and substitute your plain-text password for the refresh_token when you create the Google Voice trunk above. If you have trouble getting Google Voice to work using a plain-text password, try this Google Voice Reset Procedure. It usually fixes connectivity problems. If it still doesn’t work, enable Less Secure Apps using this Google tool.

IMPORTANT: Once you’ve entered your credentials, you MUST restart Asterisk from the Linux command line, or Google Voice calls will fail: amportal restart

Configuring Outbound Routes in Incredible PBX GUI

Outbound Routes serve a couple of purposes. First, they assure that calls placed by users of your PBX are routed out through an appropriate trunk to reach their destination in the least costly manner. Second, they serve as a security mechanism by either blocking or restricting certain calls by requiring a PIN to complete the calls. For example, if you only permit 10-digit calls and route all of those calls out through a Google Voice trunk, there is zero risk of running up an exorbitant phone bill because of unauthorized calls unless you’ve deposited a lot of money in your Google Voice account. This raises another important security tip. Never authorize recurring charges on credit cards registered with your VoIP providers and, if possible, place pricing limits on calls with your providers. If a bad guy were to break into your PBX, you don’t want to give the intruder a blank check to make unauthorized calls. And you certainly don’t want to join the $100,000 Phone Bill Club.

To create outbound routes in the Incredible PBX GUI, navigate to Connectivity:Outbound Routes and click Add Outbound Route. In the Route Settings tab, give the Outbound Route a name and choose one or more trunks to use for the outbound calls. In the Dial Patterns tab, specify the dial strings that must be matched to use this Outbound Route. NXXNXXXXXX would require only 10-digit numbers with the first and fourth digits being a number between 2 and 9. Note that Outbound Routes are searched from the top entry to the bottom until there is a match. Make certain that you order your routes correctly and then place test calls watching the Asterisk CLI to make sure the calls are routed as you intended.

Configuring Inbound Routes in Incredible PBX GUI

Inbound Routes, as the name implies, are used to direct incoming calls to a specific destination. That destination could be an extension, a ring group, an IVR or AutoAttendant, or even a conference or DISA extension to place outbound calls (hopefully with a very secure password). Inbound Routes can be identified by DID, CallerID number, or both. To create Inbound Routes, choose Connectivity:Inbound Routes and then click Add Inbound Route. Provide at least a Description for the route, a DID to be matched, and the Destination for the incoming calls that match. If you only want certain callers to be able to reach certain extensions, add a CallerID number to your matching criteria. You can add Call Recording and CallerID CNAM Lookups under the Other tab.

Bug Fix for Incredible Fax Installer

If you installed Incredible PBX 13-13 during the past week, be advised that removal of a GitHub repo will prevent the Incredible Fax installer in /root from completing successfully. Here’s the fix:

sed -i 's|joshnorth|wardmundy|' /root/incrediblefax11.sh

Also note that, with the Incredible PBX 13-13 Lean install, you must manually create a Custom Destination using the GUI. This is the destination to use for receipt of incoming faxes. The settings for the new Custom Destination should look like this:

target -> custom-fax-iaxmodem,s,1
label  -> Fax (HylaFax)
return -> no

You now have a functioning PBX. Down the road, we’ll tackle some of the more esoteric features of Asterisk so… Stay Tuned!

Published: Monday, October 30, 2017  




Need help with Asterisk? Visit the PBX in a Flash Forum.


 

Special Thanks to Our Generous Sponsors

FULL DISCLOSURE: 3CX, RentPBX, Amazon, Vitelity, DigitalOcean, Vultr and others provide financial support to Nerd Vittles and our open source projects through advertising or referral revenue. We’ve chosen these providers not the other way around. Our decisions were based upon their corporate reputation and the quality of their offerings and their pricing. Our technology recommendations are reached independently of financial considerations except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

Awesome Vitelity Special. Vitelity has generously offered a terrific discount for Nerd Vittles readers. You now can get an almost half-price DID from our special Vitelity sign-up link. If you’re seeking the best flexibility in choosing an area code and phone number plus the lowest entry level pricing plus high quality calls, then Vitelity is the hands-down winner. Vitelity provides Tier A DID inbound service in over 3,000 rate centers throughout the US and Canada. When you use our special link to sign up, Nerd Vittles gets a few shekels down the road to support our open source development efforts while you get an incredible signup deal as well. The going rate for Vitelity’s DID service is $7.95 a month which includes up to 4,000 incoming minutes on two simultaneous channels with terminations priced at 1.45¢ per minute. Not any more! For our users, here’s a deal you can’t (and shouldn’t) refuse! Sign up now, and you can purchase a Tier A DID with unlimited incoming calls and four simultaneous channels for just $3.99 a month. To check availability of local numbers and tiers of service from Vitelity, click here. NOTE: You can only use the Nerd Vittles sign-up link to order your DIDs, or you won’t get the special pricing! Vitelity’s rate is just 1.44¢ per minute for outbound calls in the U.S. There is a $35 prepay when you sign up. This covers future usage. Any balance is refundable if you decide to discontinue service with Vitelity.


​​3CX is a software PBX that’s easy to install & manage. It includes integrated softphones, WebRTC conferencing and essential add-ons out of the box, at no additional cost. Try the free edition at www.3cx.com. Better yet, download the PIAF5 ISO powered by 3CX. Free version includes support for 8 simultaneous calls with a SIP trunk.

  • Run on Premise or in the Cloud, on Windows and now on Linux
  • Softphones for iOS, Android, Win & Mac
  • Easy install, backup & restore, version upgrades
  • Automatically configures IP Phones, SIP Trunks & Gateways

  • RentPBX, a long-time partner and supporter of PIAF project, is offering generous discounts for Nerd Vittles readers. For all of your Incredible PBX hosting needs, sign up at www.RentPBX.com and use code NOGOTCHAS to get the special pricing. The code will lower the price to $14.99/month, originally $24.99/month. It’s less than 50¢/day.


    Some Recent Nerd Vittles Articles of Interest…

    Be Sociable, Share!

    Tags:

    Leave a comment

    Your email address will not be published. Required fields are marked *

    *