Taking a Fresh Look at the Asterisk, FreePBX, and Incredible PBX Security Models

About once a year, we try to shine the spotlight on Asterisk® security in hopes of saving lots of organizations and individuals a little bit (or a lot) of money. In light of last week’s major security lapse in the Asterisk® dialplan of those using FreePBX® since the Asterisk@Home days, now seemed like a good time for a review. As we’ve noted before, the problem with open source phone systems is they’re open source phone systems. So the bad guys can figure out how they work just like the good guys. Unfortunately, some of the bad guys are paying particular attention to Asterisk and FreePBX so it behooves all of us to remain vigilant and patch vulnerabilities quickly. The FreePBX Devs have done an admirable job in responding quickly to this issue.

Last week’s vulnerability involves the call transfer methodology that has been incorporated into FreePBX-based Asterisk servers for at least a decade. In a nutshell, it allows an internal or outside caller or called party to transfer a call using touchtones instead of a dedicated transfer button or hook flash. ## performs a blind transfer while *2 sets up an attended transfer where the person transferring the call can actually talk to the transfer recipient before executing the call transfer. Some of our foreign friends used this *2 methodology to initiate calls to Asterisk servers and then to transfer those calls to expensive destinations while the other party to the call listened to music on hold. Worse yet, it could be performed within an answering IVR on some servers so the administrator never knew the call transfer took place other than reviewing the call detail records. As with some previous vulnerabilities, this one had lain dormant since the inception of call transfer technology in Asterisk. The default settings in FreePBX permitted outside calling or called parties to initiate transfers using these feature codes. We’re reminded of a similar vulnerability that used to exist in many Asterisk voicemail systems that allowed callers to dialout to another number from within the voicemail system.

We hope to persuade you today that allowing transfer of calls using touch tones is a very bad idea to begin with. Even when you don’t get a surprise phone bill, it often results in unanticipated consequences such as depicted in this video shared on DSL Reports:



Here’s how you can protect any server that uses all or some of the FreePBX GUI. First, be aware that the FreePBX developers are working on a rewrite of the Core component in versions 13 and 12. The fix would limit use of this technology to those on the internal side of a PBX. In other words, remote callers would be blocked from calling into an Asterisk server and transferring themselves to a phone on a cruise ship sailing in the Indian Ocean. In the meantime, issuing the following commands will patch things up:

mysql -uroot -ppassw0rd asterisk -e "update freepbx_settings set value = 'tr' where keyword = 'DIAL_OPTIONS' limit 1"
mysql -uroot -ppassw0rd asterisk -e "update freepbx_settings set value = '' where keyword = 'TRUNK_OPTIONS' limit 1"
amportal a r

For those using Incredible PBX™, the Automatic Update Utility will patch your server the next time you log in as root.

Olle Johansson has been one of the primary shakers and movers when it comes to educating folks on Asterisk security and inspiring developers to do a better job designing these systems. If you didn’t attend AstriCon 2013 and haven’t watched the Security Master Class, put these videos on your Bucket List. They’re all free and well worth your time.

When we began building out Incredible PBX on other platforms several years ago, we decided it was an opportune time to revisit our Asterisk security model and make it as bullet-proof as possible given the number of people now deploying Asterisk servers in the cloud. As a practical matter, there are no hardware-based firewalls to protect you with many of the cloud-based systems. So you literally live or die based upon the strength of your own software-based security model.

As in the past, security is all about layers of protection. A bundle of sticks is harder to break than a single stick. There now are Incredible PBX builds for CentOS, Scientific Linux, Ubuntu 14, and the latest Raspbian 8 for the Raspberry Pi 2 and 3. All of these releases include the new Incredible PBX security model. Here’s how it works…

The 7 Security Layers include the following, and we will go into the details below:

  1. Preconfigured IPtables Linux Firewall
  2. Preconfigured Travelin’ Man 3 WhiteLists
  3. Randomized Port Knocker for Remote Access
  4. TM4 WhiteListing by Telephone (optional)
  5. Fail2Ban
  6. Randomized Ultra-Secure Passwords
  7. Automatic Security Updates & Bug Fixes

1. IPtables Linux Firewall. Yes, we’ve had IPtables in place with PBX in a Flash for many years. And, yes, it was partially locked down in previous Incredible PBX releases if you chose to deploy Travelin’ Man 3. Now it’s automatically installed AND locked down, period. As installed, the new Incredible PBX limits login access to your server to those on your private LAN (if any) and anyone logging in from the server’s public or private IP address and the public IP address of the desktop machine used to install the Incredible PBX software. If you or your users need access from other computers or phones, those addresses can be added quickly using either the Travelin’ Man 3 tools (add-ip and add-fqdn) or using the Port Knocker application running on your desktop or smartphone. All you need is your randomized 3 codes for the knock. You can also enable a remote IP address by telephone. Keep reading!

2. Travelin’ Man 3 WhiteLists. As in the past, many of the major SIP providers have been whitelisted in the default setup so that you can quickly add new service without worrying about firewall access. These are providers that we’ve used over the years. The preconfigured providers include Vitelity (outbound1.vitelity.net and inbound1.vitelity.net), Google Voice (talk.google.com), VoIP.ms (city.voip.ms), DIDforsale (209.216.2.211), CallCentric (callcentric.com), and also VoIPStreet.com (chi-out.voipstreet.com plus chi-in.voipstreet.com), Les.net (did.voip.les.net), Future-Nine, AxVoice (magnum.axvoice.com), SIP2SIP (proxy.sipthor.net), VoIPMyWay (sip.voipwelcome.com), Obivoice/Vestalink (sms.intelafone.com), Teliax, and IPkall. You are, of course, free to add other providers or users using the whitelist tools being provided. add-ip lets you add an IP address to your whitelist. add-fqdn lets you add a fully-qualified domain name to your whitelist. del-acct lets you remove an entry from your whitelist. Because FQDNs cause problems with IPtables if the FQDN happens to be invalid or non-functional, we’ve provided a customized iptables-restart tool which will filter out bad FQDNs and start up IPtables without the problematic entries.

Be advised that whitelist entries created with PortKnocker are stored in RAM, not in your IPtables file. These RAM entries will get blown out of the water whenever your system is restarted OR if IPtables is restarted. Stated another way, PortKnocker should be used as a stopgap tool to get new IP addresses qualified quickly. If these addresses need access for more than a few hours, then the Travelin’ Man 3 tools should be used to add them to your IPtables whitelist. If your whitelist setup includes dynamic IP addresses, be aware that using ipchecker in a cron job to test for changing dynamic IP addresses will remove PortKnocker whitelist RAM entries whenever an IP address change triggers an iptables-restart.

For more detail on Travelin’ Man 3, review our original tutorial.

3. PortKnocker WhiteListing. We’ve previously written about PortKnocker so we won’t repeat the article here. Simply stated, it lets you knock on three ports on a host machine in the proper order to gain access. If you get the timing and sequence right, the IP address from which you knocked gets whitelisted for access to the server… with appropriate admin or root passwords, of course. The knocking can be accomplished with either a command line tool or an iOS or Android app using your smartphone or tablet. As noted above, it’s a terrific stopgap tool to let you or your users gain quick access to your server. For the reasons we’ve documented, don’t forget that it’s a stopgap tool. Don’t use it as a replacement for Travelin’ Man 3 whitelists unless you don’t plan to deploy dynamic IP address automatic updating. Just to repeat, PortKnocker whitelists get destroyed whenever IPtables is restarted or your server is rebooted. You’ve been warned.

4. TM4 WhiteListing by Telephone. Newer releases of Incredible PBX are preconfigured with ODBC support for telephony applications. One worth mentioning is our new Travelin’ Man 4 utility which lets a remote user dial into a dedicated DID and register an IP address to be whitelisted on the server. Within a couple minutes, the user will be sent an email confirming that the IP address has been whitelisted and remote access is now enabled. For phone systems and administrators supporting hundreds of remote users, this new feature will be a welcome addition. It can be configured in a couple minutes by following the Installation instructions in the Travelin’ Man 4 tutorial. Unlike PortKnocker, whitelisted IP addresses added with TM4 are permanent until modified by the remote user or deleted by the administrator.

5. Fail2Ban. We’ve never been a big fan of Fail2Ban which scans your logs and blacklists IP addresses after several failed attempts to log in or register with SSH or Apache or Asterisk. The reason is because of documented cases where attacks from powerful servers (think: Amazon) completely overpower a machine and delay execution of Fail2Ban log scanning until tens of thousands of registration attempts have been launched. The FreePBX folks are working on a methodology to move failed login attempts to a separate (smaller) log which would go a long way toward eliminating the log scanning bottleneck. In the the meantime, Fail2Ban is included, and it works when it works. But don’t count on it as your only security layer.

6. Randomized Passwords. With the new security model described above, we’ve dispensed with Apache security to protect FreePBX® access. These new Incredible PBX releases rely upon the FreePBX security model which uses encrypted passwords stored in MySQL or MariaDB. As part of the installation process, Incredible PBX randomizes ALL FreePBX passwords including those for the default 701 extension as well as the admin password. When your new Incredible PBX install completes, the most important things to remember are your (randomized) FreePBX admin password AND the (randomized) 3 ports required for Port Knocker access. Put them in a safe place. Sooner or later, you’ll need them. You can review your PortKnocker settings in /root/knock.FAQ. We’ve also included admin-pw-change in the /root folder for those that are too lazy to heed our advice. With the new security model, there is no way to look up your admin password. All you can do is change it… assuming you haven’t also forgotten your root password. 😉

7. Automatic Update Service. All new Incredible PBX builds include an automatic update service to provide security patches and bug fixes whenever you log into your server as root. It saved you just last week! If you don’t want the updates for some reason, you can delete the /root/update* file from your server. If the cost of maintaining this service becomes prohibitive, we may implement a pay-for-service fee, but it presently is supported by voluntary contributions from our users. It has worked extremely well and provided a vehicle for pushing out updates that affect the reliability and security of your server.

A Word About IPv6. Sooner or later Internet Protocol version 6 will be upon us because of the exhaustion of IPv4 IP addresses. Incredible PBX is IPv6-aware and IPtables has been configured to support it as well. As deployed, outbound IPv6 is not restricted. Inbound access is limited to localhost. You, of course, are free to modify it in any way desired. Be advised that disabling IPv6 localhost inbound access will block access to the FreePBX GUI. Don’t ask us how we know. 🙂

Originally published: Monday, April 18, 2016





Need help with Asterisk? Visit the PBX in a Flash Forum.


 
Awesome Vitelity Special. Vitelity has generously offered a terrific discount for Nerd Vittles readers. You now can get an almost half-price DID from our special Vitelity sign-up link. If you’re seeking the best flexibility in choosing an area code and phone number plus the lowest entry level pricing plus high quality calls, then Vitelity is the hands-down winner. Vitelity provides Tier A DID inbound service in over 3,000 rate centers throughout the US and Canada. When you use our special link to sign up, Nerd Vittles gets a few shekels down the road to support our open source development efforts while you get an incredible signup deal as well. The going rate for Vitelity’s DID service is $7.95 a month which includes up to 4,000 incoming minutes on two simultaneous channels with terminations priced at 1.45¢ per minute. Not any more! For our users, here’s a deal you can’t (and shouldn’t) refuse! Sign up now, and you can purchase a Tier A DID with unlimited incoming calls and four simultaneous channels for just $3.99 a month. To check availability of local numbers and tiers of service from Vitelity, click here. NOTE: You can only use the Nerd Vittles sign-up link to order your DIDs, or you won’t get the special pricing! Vitelity’s rate is just 1.44¢ per minute for outbound calls in the U.S. There is a $35 prepay when you sign up. This covers future usage. Any balance is refundable if you decide to discontinue service with Vitelity.


​​3CX is a software PBX that’s easy to install & manage. It includes integrated softphones, WebRTC conferencing and essential add-ons out of the box, at no additional cost. Try the free edition at www.3cx.com.

  • Run on Premise or in the Cloud, on Windows and soon Linux
  • Softphones for iOS, Android, Win & Mac
  • Easy install, backup & restore, version upgrades
  • Automatically configures IP Phones, SIP Trunks & Gateways

  • Some Recent Nerd Vittles Articles of Interest…

    Chasing the Asterisk Rainbow: An Incredible PBX for Everyman… and Woman

    The one thing we’ve learned over the past decade is that everyone’s telecommunications needs are different. We began the Incredible PBX™ project by offering a script for PBX in a Flash™ that enhanced its functionality by adding three dozen applications for Asterisk® plus a rock-solid, preconfigured firewall. We expanded on that initial design by offering installers to support both Elastix® 4.0 and even the FreePBX® Distro and AsteriskNOW. But many asked for something more. Some wanted a turnkey install on inexpensive hardware so we now have a Raspberry Pi® 3 image that configures itself in under a minute. Others wanted and we provided an ISO image that could be loaded onto a USB thumb drive and used to install Incredible PBX on virtually any standalone hardware platform including the $200 Intel NUC. Then there were the enthusiasts that insisted upon virtual machines for virtually everything. So we built Incredible PBX images for Proxmox, and VirtualBox, and VMware. All of these builds could be set up about as quick as you can snap your fingers. Still others believed that all computing should be handled with Cloud-based servers. So we created a $10.50 solution for lifetime Cloud computing with CloudAtCost, a $5/month solution with Digital Ocean, and a $15/month rock-solid reliable PBX with RentPBX. Finally, there were operating system purists. Some preferred RedHat/CentOS/Scientific Linux while others swore by Debian or Ubuntu or Raspbian 8. So we added Incredible PBX builds for every conceivable operating system.

    What remained consistent through all of these Incredible PBX iterations was our absolute commitment to providing a secure computing environment out of the box with a feature set unmatched in both the open source and commercial PBX communities. But, of course, there is always someone that doesn’t want features and prefers a secure platform on which to build their own servers. We’ve even accommodated that request with the Lean, Mean Edition of Incredible PBX.

    So, today while we work on taxes, you can take a leisurely stroll through all of the available Incredible PBX links above and choose a platform that best meets your needs. Our other uncompromising feature is price. Incredible PBX is and always will be free with NoGotchas. If you’re still confused about choosing a favorite build, try our Decision Tree below. It’ll give you suggestions in less than a minute. Come join the party!



    Originally published: Monday, April 11, 2016





    Need help with Asterisk? Visit the PBX in a Flash Forum.


     
    Awesome Vitelity Special. Vitelity has generously offered a terrific discount for Nerd Vittles readers. You now can get an almost half-price DID from our special Vitelity sign-up link. If you’re seeking the best flexibility in choosing an area code and phone number plus the lowest entry level pricing plus high quality calls, then Vitelity is the hands-down winner. Vitelity provides Tier A DID inbound service in over 3,000 rate centers throughout the US and Canada. When you use our special link to sign up, Nerd Vittles gets a few shekels down the road to support our open source development efforts while you get an incredible signup deal as well. The going rate for Vitelity’s DID service is $7.95 a month which includes up to 4,000 incoming minutes on two simultaneous channels with terminations priced at 1.45¢ per minute. Not any more! For our users, here’s a deal you can’t (and shouldn’t) refuse! Sign up now, and you can purchase a Tier A DID with unlimited incoming calls and four simultaneous channels for just $3.99 a month. To check availability of local numbers and tiers of service from Vitelity, click here. NOTE: You can only use the Nerd Vittles sign-up link to order your DIDs, or you won’t get the special pricing! Vitelity’s rate is just 1.44¢ per minute for outbound calls in the U.S. There is a $35 prepay when you sign up. This covers future usage. Any balance is refundable if you decide to discontinue service with Vitelity.


    ​​3CX is a software PBX that’s easy to install & manage. It includes integrated softphones, WebRTC conferencing and essential add-ons out of the box, at no additional cost. Try the free edition at www.3cx.com.

  • Run on Premise or in the Cloud, on Windows and soon Linux
  • Softphones for iOS, Android, Win & Mac
  • Easy install, backup & restore, version upgrades
  • Automatically configures IP Phones, SIP Trunks & Gateways

  • Some Recent Nerd Vittles Articles of Interest…

    TrueCNAM: A Breath of Fresh Air for CNAM Lookups and CallerID Superfecta



    It’s always nice to see your baby grow up. Nearly a decade ago, we introduced an AGI script for Asterisk@Home known as CallerID Trifecta for FreePBX® 2.2.0. As sources of CNAM lookups expanded, a number of other individuals contributed code to support those lookups. When we added a fourth CNAM lookup source, the original application morphed into CallerID Superfecta. Then we gave up. The source lookups became too numerous to mention much less name. But all of the original code still resided in a difficult-to-maintain PHP/AGI script.

    Tony Shiffer picked up the ball and converted the application into a FreePBX module which made it incredibly easy to add new providers and to configure the ones you wished to use. Then Jeremy Jacobs with help from other members of the PBX in a Flash™ Forum community released a real masterpiece, CallerID Superfecta 2.0. Thanks to the efforts of Lorne Gaetz and POSSA, CallerID Superfecta became a truly collaborative, open source project. The number of CNAM sources continued to expand with support for international sources around the world. Then came additional functionality to allow Asterisk® interfaces to XBMC, SqueezeBox, MythTV, and Growl among others. Finally, additions were added to assist in dealing with annoying SPAM calls. Even though CallerID Superfecta has continued to flourish, the number of free and almost free lookup sources particularly in the United States has dwindled as more and more providers cashed in to make their VoIP fortunes.

    Introducing TrueCNAM: The Spammer’s Worst Nightmare

    Today, we’re pleased to introduce a new CNAM service, TrueCNAM, that strikes what we believe is a fair balance between free and incredibly affordable commercial tiers with appeal to a broad cross-section of the VoIP community. In addition, James Finstrom has introduced a CallerID Superfecta module for TrueCNAM making it easy to implement and configure.

    What Do It Do? Let’s start with the basics for those just learning about CallerID. Ma Bell in her infinite wisdom designed a scheme for looking up a Caller Name (CNAM) to match a phone number whenever an incoming call arrived at your home or office. Instead of sending both the phone number and the CNAM down the wire, virtually all providers throw the CNAM portion of the CallerID sent by the calling party in the bit bucket. On the receiving end, the CallerID number is looked up in a proprietary directory to retrieve the matching CallerID name. The problem, of course, is gaining access to these proprietary directories which are maintained by various providers that make a tidy sum charging fees for access. What TrueCNAM does is to access data from carriers and service providers to retrieve a best match for the phone number that is presented. In addition, TrueCNAM has developed its own CNAM repository so that customers can enter names for unpublished numbers such as cellphones.

    In addition to CNAM lookups, TrueCNAM has another awesome feature. TrueCNAM adds a SPAM scoring mechanism called TrueSpam which assigns a numerical score (0-100%) assessing the likelihood that the incoming caller is a spammer. We’re not huge fans of blacklists because typically the bad guys are smarter than those managing the blacklist. But this is a new kind of “revolving blacklist.” TrueSpam scores can increase, decrease, or become “0” again in the future depending on the data-points seen for them over time. The data sources used for calculating TrueSpam scores include:

    • Live traffic flows from carriers, service providers, and end-users utilizing the service.
    • A network of hundreds of thousands of honeypot numbers primarily in North America. Honeypot numbers are telephone numbers that are not connected to an end-user that TrueSpam receives real-time data on. This helps identify many of the most infamous RoboCallers.
    • Feedback from end-users indicating a number is or is not spam.
    • Public and private complaint data feeds from multiple government agencies. Additional sources are actively being negotiated.
    • Other third-party sources found to be highly accurate.

    All of these sources then are aggregated and weighted via an algorithm to produce and update TrueSpam scores in real-time. Most importantly, telemarketing and robocalling numbers frequently are identified and scored within minutes of the first calls.

    We believe that coupling TrueSpam with CNAM lookups is a terrific addition particularly for business users. And some providers such as CallCentric have integrated TrueSpam reporting directly into their VoIP offerings to block robocalls. Hopefully, others will follow.

    TrueCNAM was kind enough to offer us a Business account so that we could more easily run TrueCNAM through its paces. In a word, it PASSED with flying colors. If you live in the United States, TrueCNAM will become your primary lookup tool based upon both functionality and cost. And Mr. Finstrom’s module for CallerID Superfecta makes TrueCNAM downright irresistible.

    Installing TrueCNAM with CallerID Superfecta

    There are any number of ways to integrate TrueCNAM into a VoIP server. The TrueCNAM web site will walk you through using the TrueCNAM API for those that are interested. For today, we’ll show you the easiest way to deploy it using an existing CallerID Superfecta module on any Incredible PBX™ or FreePBX server platform. Unless you’re using Incredible PBX, you may have to manually install the CallerID Superfecta module using Module Admin or GitHub. Once you’ve gotten that far, the next step is to add the TrueCNAM module to your CallerID Superfecta platform. This can be done from GitHub, or you can log into your server and issue the following commands:

    cd /
    wget http://incrediblepbx.com/TrueCNAM.tar.gz
    tar zxvf TrueCNAM.tar.gz
    rm -f TrueCNAM.tar.gz
    

    Establishing a TrueCNAM Account and Obtaining Credentials

    To get started, sign up for the Free account on the TrueCNAM site. Note that you’ll have to add a phone number to the TrueCNAM directory to take advantage of the free account, a small price to pay. 😉

    Once your account is established, log in with your credentials and choose MyAccount -> Account Settings -> API Keys. Click on the Add API Key button to generate your API credentials. Write them down. You’ll need them below. Now log out.

    Configuring TrueCNAM with CallerID Superfecta

    Once you have the TrueCNAM module installed and after you’ve set up your TrueCNAM account and obtained your credentials, fire up your favorite Incredible PBX or FreePBX GUI and choose Admin -> CID Superfecta -> Default. Now follow these steps to set up TrueCNAM with your credentials.

    (1) Find TrueCNAM in the listing of Superfecta modules and click the Enabled button.

    (2) Use the UP icon beside TrueCNAM to drag it up near the top priority slot for CallerID Superfecta. Personal directories should still take precedence.

    (3) Click on the TrueCNAM label to open the Settings menu for the Module and enter your APIkey and Password from your TrueCNAM registration.

    (4) Unless you know what you’re doing, leave TrueSPAM checked with the Threshold set at 80.

    (5) Click the Submit button to save your credentials.

    (6) Drop down to the end of Superfecta Template and (1) enable SPAM Interception, (2) change the SPAM Send Threshold from 3 to 1, and (3) choose a Destination for SPAM calls:

    (7) Click Agree and Save to store your Default Superfecta setup.

    Activating CallerID Superfecta for Desired Inbound Routes

    Both Incredible PBX and the FreePBX GUI manage CNAM lookups as part of the Inbound Route setup. If you have multiple inbound routes, then you have to enable CallerID Superfecta on each route on which you want it activated. It’s important to note that you do NOT want to activate a CID Lookup Source AND Superfecta CID Lookup on the same route! So the CNAM setup for each inbound route should look something like the following. Enjoy!

    Originally published: Monday, April 4, 2016





    Need help with Asterisk? Visit the PBX in a Flash Forum.


     
    Awesome Vitelity Special. Vitelity has generously offered a terrific discount for Nerd Vittles readers. You now can get an almost half-price DID from our special Vitelity sign-up link. If you’re seeking the best flexibility in choosing an area code and phone number plus the lowest entry level pricing plus high quality calls, then Vitelity is the hands-down winner. Vitelity provides Tier A DID inbound service in over 3,000 rate centers throughout the US and Canada. When you use our special link to sign up, Nerd Vittles gets a few shekels down the road to support our open source development efforts while you get an incredible signup deal as well. The going rate for Vitelity’s DID service is $7.95 a month which includes up to 4,000 incoming minutes on two simultaneous channels with terminations priced at 1.45¢ per minute. Not any more! For our users, here’s a deal you can’t (and shouldn’t) refuse! Sign up now, and you can purchase a Tier A DID with unlimited incoming calls and four simultaneous channels for just $3.99 a month. To check availability of local numbers and tiers of service from Vitelity, click here. NOTE: You can only use the Nerd Vittles sign-up link to order your DIDs, or you won’t get the special pricing! Vitelity’s rate is just 1.44¢ per minute for outbound calls in the U.S. There is a $35 prepay when you sign up. This covers future usage. Any balance is refundable if you decide to discontinue service with Vitelity.


    ​​3CX is a software PBX that’s easy to install & manage. It includes integrated softphones, WebRTC conferencing and essential add-ons out of the box, at no additional cost. Try the free edition at www.3cx.com.

  • Run on Premise or in the Cloud, on Windows and soon Linux
  • Softphones for iOS, Android, Win & Mac
  • Easy install, backup & restore, version upgrades
  • Automatically configures IP Phones, SIP Trunks & Gateways

  • Some Recent Nerd Vittles Articles of Interest…

    Smartphone Trifecta: 2016’s Very Best Cellphones with Two Awesome Surprises


    Every year we try to check out the latest and greatest smartphones with emphasis on finding those that are the best fit with Asterisk®. So this year is really special because our three favorite new phones all come with a couple of surprises. First, monthly cellular service can be FREE on all of them! Second, all of the phone numbers associated with the three phones can be used as free SIP trunks with Incredible PBX™ or your favorite Asterisk server.

    If you’ve been following Nerd Vittles since early February of this year, then you already know that RingPlus, a Sprint MVNO, is the best bargain on the planet. Over the past six weeks of weekly specials from RingPlus, we’ve managed to update all of our free RingPlus accounts to either unlimited calling, texting, and 2GB of monthly data or 3,000 minutes of calling, 3,000 text messages, and 3GB of data. For anybody (except teenagers) that’s sufficient monthly capacity to do almost anything you’d like to do with a smartphone except stream movies all day.

    We initially showed how to take dirt cheap Boost Mobile and Virgin Mobile prepaid phones and repurpose them for use with RingPlus. Sprint apparently read our article as well because that loophole is going away on April 17. However, you still have time to find one and activate it on RingPlus following our previous tutorial. The only catch is that, if you ever deactivate it, you will lose the ability to reactivate it without first using it with Boost or Virgin for a full year. The landfills will be so happy with all these cellphone bricks because of Sprint’s latest attempt to shoot itself in the foot. We think there also are some legal issues that the FCC needs to address. These phones are sold as “contract-free” when, in fact, there is a very specific and undisclosed contractual requirement. If you don’t keep service with the provider for a year, your phone becomes a brick. In antitrust terminology, it’s called tying. And some would argue that it also constitutes false advertising. We plan to file a complaint and would urge all of our readers to do the same. Here’s a link.

    But enough about the Sprint mentality. It really is legendary, and it’s been the same for 20+ years. We doubt it will ever change unless the entire Sprint management team is replaced. So where do we go from here? Well we decided to upgrade most of our phones to the latest and greatest postpaid phones available, and we wanted to try out our 2016 favorites (pictured above). Here’s some really great news. Samsung’s new Galaxy S7 and S7 Edge as well as Apple’s new iPhone SE work swimmingly with RingPlus as long as you purchase the Sprint-branded models at full retail price from either Best Buy or an Apple Store. Sprint and Target will refuse to sell you one unless you activate it with Sprint in the store. You also can’t buy the Sprint-branded iPhones on line from Apple without activating Sprint service, but that restriction doesn’t apply if you visit an Apple Store.

    It took a week to chase down a Galaxy S7 and almost two weeks to find a Galaxy S7 Edge at a Best Buy store. Don’t believe the store inventory on their web site. Neither of the phones we purchased was shown as available at the locations where we bought them. So you’ll need to call or visit a store at least while the new Galaxy phones remain a scarce commodity. As for the iPhone SE, it went on sale at Apple Stores this morning at 10 a.m. At the Charleston store, I was third in line and both of the people in front of me also were buying the Sprint-branded iPhone SE to use with RingPlus. The Apple sales folks said they had never before seen a run on Sprint phones. Guess why?

    Here’s the drill. Purchase your favorite phone after you read our mini-reviews below. Don’t open the box just yet. Instead, look on the bottom of the box and decipher the IMEI/MEID of your phone. Immediately run that number through the RingPlus Device Checker to be sure it will work on the Sprint network using a RingPlus account. There shouldn’t be a problem with any of these three phones, and all of them come with a Sprint SIM card so you won’t have to worry about obtaining one from RingPlus. Some have reported that the Best Buy phones were locked. We can only surmise that the customer delayed activating the phone with RingPlus which gave Sprint time to block the serial number which Best Buy reported. If this happens to you, we are told that Sprint will unlock the phone once you provide proof that it was purchased at full retail price. If all else fails, Best Buy has a 14-day return policy. Remember, anything is possible when dealing with Sprint.

    Once your phone passes the compatibility check, sign up for a new free RingPlus plan. These plans change weekly and sometimes are only offered for a couple of hours so you may want to hold off on signing up until a deal comes along that meets your requirements. Update: There are a number of excellent promotions at the moment which run through April 5. Our previous article explained in detail how these free plans work. Switching plans typically is limited to those that buy into the annual Member+ program. You can read all about the plans and programs on the RingPlus Community Forum. If you already have a RingPlus account with a registered phone, you can swap out the phone with one of these three new ones for a one-time charge of $1.99. All you’ll need is your new MEID and ICC ID numbers. The entire phone swap only takes a minute or two. Once it’s complete, turn on your phone. The rest is automagic!

    Comparing the Phones. We don’t often glow about reviews, but the TechRadar review of the Galaxy S7 Edge is a must-read. There has never been a better phone than this one. And, only an inch behind it is the Galaxy S7 which bears an uncanny resemblance to the new iPhone SE except for its 50% larger screen size. We actually are more comfortable carrying the Galaxy S7 with its all-metal construction. For whatever reason, the S7 Edge always feels like its about a millisecond away from slipping out of your hand. You will most definitely want a case for the S7 Edge.

    In terms of performance and camera quality, the new Galaxy phones are in a league of their own. Here’s a photo hurriedly snapped through a restaurant window with our Galaxy S7 earlier this week. If you’ve ever tried to take sunset pictures with an iPhone or cheapo Android device, you’ll appreciate what a challenge these shots can be. We’ll annotate this article with an iPhone SE photo if and when the opportunity presents itself. The other good news with the new Galaxy phones is they are at least waterproof for a few minutes. If you live near the water, that will come as a welcome addition as well. Finally, Samsung has closed the gap with Apple’s iPhones on backing up and restoring everything on your phone. For years, this has been Apple’s best feature in our humble opinion. Now Samsung goes Apple one better. If you happen to have two Samsung devices that you want clone, simply choose Backup and Reset from Settings. Then Open Smart Switch on both devices and hold the two phones back to back. It’s that easy. Or you can opt for the more traditional restore method that works precisely as it does with an iPhone using the Samsung Cloud. For some additional tips and tricks, visit the PCMag.com site and watch the video “Exploring the Galaxy S7” which includes a number of comparisons with Apple iPhone devices including the iPhone SE. Enjoy!

    We previously covered the SIP setup for RingPlus devices using their WiFi Fluidcall feature. It provides a free SIP trunk for Asterisk at a cost of zero dollars. For the complete tutorial, take a look at the original article. Enjoy!

    Originally published: Thursday, March 31, 2016





    Need help with Asterisk? Visit the PBX in a Flash Forum.


     
    Awesome Vitelity Special. Vitelity has generously offered a terrific discount for Nerd Vittles readers. You now can get an almost half-price DID from our special Vitelity sign-up link. If you’re seeking the best flexibility in choosing an area code and phone number plus the lowest entry level pricing plus high quality calls, then Vitelity is the hands-down winner. Vitelity provides Tier A DID inbound service in over 3,000 rate centers throughout the US and Canada. When you use our special link to sign up, Nerd Vittles gets a few shekels down the road to support our open source development efforts while you get an incredible signup deal as well. The going rate for Vitelity’s DID service is $7.95 a month which includes up to 4,000 incoming minutes on two simultaneous channels with terminations priced at 1.45¢ per minute. Not any more! For our users, here’s a deal you can’t (and shouldn’t) refuse! Sign up now, and you can purchase a Tier A DID with unlimited incoming calls and four simultaneous channels for just $3.99 a month. To check availability of local numbers and tiers of service from Vitelity, click here. NOTE: You can only use the Nerd Vittles sign-up link to order your DIDs, or you won’t get the special pricing! Vitelity’s rate is just 1.44¢ per minute for outbound calls in the U.S. There is a $35 prepay when you sign up. This covers future usage. Any balance is refundable if you decide to discontinue service with Vitelity.


    ​​3CX is a software PBX that’s easy to install & manage. It includes integrated softphones, WebRTC conferencing and essential add-ons out of the box, at no additional cost. Try the free edition at www.3cx.com.

  • Run on Premise or in the Cloud, on Windows and soon Linux
  • Softphones for iOS, Android, Win & Mac
  • Easy install, backup & restore, version upgrades
  • Automatically configures IP Phones, SIP Trunks & Gateways

  • Some Recent Nerd Vittles Articles of Interest…

    The Sensational Raspberry Pi 3 Featuring Incredible PBX with Raspbian 8 Jessie

    Hard to believe it’s been four years since the introduction of the original Raspberry Pi®. Over eight million RasPi’s have been shipped. To celebrate its fourth birthday, Eben Upton has done it again. Meet the sensational Raspberry Pi 3 sporting a 1.2GHz 64-bit quad-core ARM Cortex-A53 CPU with ten times the performance of the original Raspberry Pi. Of particular interest to the VoIP community will be the RasPi 3’s integrated 802.11n wireless LAN and Bluetooth 4.1 hardware. And, of course, the RasPi 3 retains its compatibility with the Raspberry Pi 1 and 2. Did we mention it’s still just $35? Because we like to celebrate birthdays, too, we’re pleased to introduce a brand new Incredible PBX™ image for the Raspberry Pi 2 and 3 featuring Raspbian 8 and the latest release of Asterisk® 13. Unlike previous builds, this one installs in under a minute. Yes, it’s still FREE and features pure open source GPL code. No Gotchas!

    Raspberry Pi 3 Performance. Gone are the days of worrying about Raspberry Pi performance. Both the user interface and call quality now match what you’d expect to find on a $300-$500 VoIP server. Even with a Raspberry Pi 2, we have detected no performance degradation thanks to the latest Raspbian 8 OS and a virtually flawless Asterisk 13 platform. For best results, we recommend 32GB Class 10 microSD cards which now are plentiful at the $10 price point.1

    Raspberry Pi 3 Shopping List. Before you can install Incredible PBX, you’ll need a compatible Raspberry Pi 3 platform. Here’s the short list:

  • $35* Raspberry Pi 3 from MCM or Newark or Amazon
  • $10 Power Adapter (2.5 amps minimum!)
  • $9 32GB microSDHC Class 10 card
  • £12.95 Rainbow Pibow case or $9.50 Official RasPi case
  • About That Asterisk. We write about Asterisk® regularly, but the asterisk we’re talking about is the one accompanying the $35* price tag for the Raspberry Pi 3. Yes, that’s the advertised price. And, no, if you want one this year, you’re not going to pay that. There are the marked up shipping prices, the bundled add-on’s that you don’t need or want, and the must-have accessories like a power adapter. We’re assuming you already own a USB keyboard and an HDMI-compatible monitor. If so, just plan on $100 and consider yourself lucky if you get all the pieces for less. Our order from Pimoroni in the U.K. with a case and 3-day shipping was £59.36 or $82.95 U.S. Our order from MCM for just the RasPi 3 with shipping was $46.99.

    Incredible PBX Feature Set. Where to begin? Let’s start with the Alphabet Stew: IAX, SIP, GVSIP, SMS, and SRTP functionality. Voice Recognition and Text-to-Speech VoIP application support using FLITE, GoogleTTS, and PicoTTS. Free calling with Google Voice, Simonics SIP gateway, or RingPlus cellular service. And all of your Nerd Vittles favorites: Fax, AsteriDex, Click-to-Dial, News, Weather, Reminders, and Wakeup Calls. Plus hundreds of features that typically are found in commercial PBXs: Conferencing, IVRs and AutoAttendants, Email Delivery of Voicemail, Voicemail Blasting, and more…

    10-Layer Network Security Model. Most phone calls cost money. Unlike many of the other “free” VoIP solutions, our most important criteria for VoIP is rock-solid security. If your free server ends up costing you thousands of dollars in phone bills due to fraud, it isn’t free at all. Once you plug in that network cable, you’ve painted a bullseye on your checkbook.

    No single network security system can protect you against zero-day vulnerabilities that no one has ever seen. Deploying multiple layers of security is not only smart, it’s essential with today’s Internet topology. It works much like the Bundle of Sticks from Aesop’s Fables. The more sticks there are in your bundle, the more difficult it is to break them apart. If a vulnerability suddenly appears in the Linux kernel, or in Asterisk, or in Apache, or in your favorite web GUI, you can continue to sleep well knowing that other layers of security have your back. No one else in the telecommunications industry has anything close. Ours is all open source GPL code so we would encourage everyone to get on board and do their part to make the Internet a safer place!

    Do your part and do your homework. Comparison shop as if your phone bill matters! 😉 Incredible PBX provides:

    1. Preconfigured IPtables Linux Firewall
    2. Preconfigured Travelin’ Man 3 WhiteLists
    3. Randomized Port Knocker for Remote Access
    4. TM4 WhiteListing by Telephone (optional)
    5. Fail2Ban Log Monitoring for SSH, Apache, Asterisk
    6. Randomized Ultra-Secure Passwords
    7. Automatic Update Utility for Security & Bug Fixes
    8. Asterisk Manager Lockdown to localhost
    9. Apache htaccess Security for Vulnerable Web Apps
    10. Security Alerts via RSS Feeds in Kennonsoft and Incredible PBX GUIs

    Installation Tutorial. Here’s everything need to know about installation and setup. “Automatic” means you just watch.

    1. Download and unzip Incredible PBX image from SourceForge (with or without GV OAuth support)
    2. Transfer Incredible PBX image to microSD card
    3. Boot Raspberry Pi from new microSD card
    4. Login to RasPi console as pi:raspberry to initialize your server (Automatic)
    5. Reboot after writing down your server IP address (Automatic)
    6. Login via SSH as root:password to randomize passwords & configure firewall (Automatic)
    7. Optionally, install Incredible Fax: /root/incrediblefax13_raspi3.sh (Credentials: admin:password)
    8. Enjoy!

    Configuring Trunks with Incredible PBX

    Before you can actually make and receive calls, you’ll need to add one or more VoIP trunks with providers, create extensions for your phones, and add inbound and outbound routes that link your extensions to your trunks. Here’s how a PBX works. Phones connect to extensions. Extensions connect to outbound routes that direct calls to specific trunks, a.k.a. commercial providers that complete your outbound calls to any phone in the world. Coming the other way, incoming calls are directed to your phone number, otherwise known as a DID. DIDs are assigned by providers and you register your trunks using credentials handed out by these providers. Incoming calls are routed to your DIDs which use inbound routes telling the PBX how to direct the calls internally. A call could go to an extension to ring a phone, or it could go to a group of extensions known as a ring group to ring a group of phones. It could also go to a conference that joins multiple people into a single call. Finally, it could be routed to an IVR or AutoAttendant providing a list of options from which callers could choose by pressing various keys on their phone.

    We’ve done most of the prep work for you with Incredible PBX. We’ve set up an Extension to which you can connect a SIP phone or softphone. We’ve set up an Inbound Route that, by default, sends all incoming calls to a Demo IVR. And we’ve built a dozen trunks for some of the best providers in the business. Sign up with the ones you prefer, plug in your credentials, and you’re good to go.

    Unlike traditional telephone service, you need not and probably should not put all your eggs in one basket when it comes to telephone providers. In order to connect to Plain Old Telephones, you still need at least one provider. But there is nothing wrong with having several. And a provider that handles an outbound call (termination) need not be the same one that handles an incoming call (origination) and provides your phone number (DID). We cannot recommend Vitelity highly enough, and it’s not just because they have financially supported our projects for almost a decade. They’re as good as VoIP providers get, and we use lots of them. If you’re lucky enough to live in the U.S., you’d be crazy not to set up a Google Voice account. It’s free as are all phone calls to anywhere in the U.S. and Canada. The remaining preconfigured providers included in Incredible PBX are equally good, and we’ve used and continue to use almost all of them. So pick a few and sign up. You only pay for the calls you make with each provider so you have little to lose by choosing several. The PIAF Forum includes dozens of recommendations on VoIP providers if you want additional information.

    With the preconfigured trunks in Incredible PBX, all you need are your credentials for each provider and the domain name of their server. Log into Incredible PBX GUI Administration as admin using a browser. From the System Status menu, click Connectivity -> Trunks. Click on each provider you have chosen and fill in your credentials including the host entry. Be sure to uncheck the Disable Trunk checkbox! Fill in the appropriate information for the Register String. Save your settings by clicking Submit Changes. Then click the red Apply Config button.

    Configuring a Softphone for Incredible PBX

    We’re in the home stretch now. You can connect virtually any kind of telephone to your new PBX. Plain Old Phones require an analog telephone adapter (ATA) which can be a separate board in your computer from a company such as Digium. Or it can be a standalone SIP device such as ObiHai’s OBi100 or OBi110 (if you have a phone line from Ma Bell to hook up as well). SIP phones can be connected directly so long as they have an IP address. These could be hardware devices or software devices such as the YateClient softphone. We’ll start with a free one today so you can begin making calls. You can find dozens of recommendations for hardware-based SIP phones both on Nerd Vittles and the PIAF Forum when you’re ready to get serious about VoIP telephony.

    We recommend YateClient which is free. Download it from here. Run YateClient once you’ve installed it and enter the credentials for the 701 extension on Incredible PBX. You’ll need the IP address of your server plus your extension 701 password. Choose Applications _> Extensions -> 701 and write down your SIP/IAX Password. You can also find it in /root/passwords.FAQ. Fill in the blanks using the IP address of your Server, 701 for your Username, and whatever Password you assigned to the extension when you installed Incredible PBX. Click OK to save your entries.

    Once you are registered to extension 701, close the Account window. Then click on YATE’s Telephony Tab and place some test calls to the numerous apps that are preconfigured on Incredible PBX. Dial a few of these to get started:

    DEMO - Apps Demo
    123 - Reminders
    947 - Weather by ZIP Code
    951 - Yahoo News
    *61 - Time of Day
    TODAY - Today in History

    If you are a Mac user, another great no-frills softphone is Telephone. Just download and install it from the Mac App Store.

    Configuring Google Voice

    If you want to use Google Voice, you’ll need a dedicated Google Voice account to support Incredible PBX. The more obscure the username (with some embedded numbers), the better off you will be. This will keep folks from bombarding you with unsolicited Gtalk chat messages, and who knows what nefarious scheme will be discovered using Google messaging six months from now. So keep this account a secret!

    IMPORTANT: Do NOT under any circumstances take Google’s bait to switch from Google Chat to Hangouts, or you will forever lose the ability to use Google Chat with Incredible PBX. Also be sure to enable the Google Chat option as one of your phone destinations in Settings, Voice Setting, Phones. That’s the destination we need for The Incredible PBX to work its magic! Otherwise, all inbound and outbound calls will fail. Good News! You’re in luck. Google has apparently had a change of heart on discontinuing Google Chat support so it’s enabled by default in all new Google Voice accounts. Once you’ve created a Gmail and Google Voice account, go to Google Voice Settings and click on the Calls tab. Make sure your settings match these:

    • Call ScreeningOFF
    • Call PresentationOFF
    • Caller ID (In)Display Caller’s Number
    • Caller ID (Out)Don’t Change Anything
    • Do Not DisturbOFF
    • Call Options (Enable Recording)OFF
    • Global Spam FilteringON

    Click Save Changes once you’ve adjusted your settings. Under the Voicemail tab, plug in your email address so you get notified of new voicemails. Down the road, receipt of a Google Voice voicemail will be a big hint that something has come unglued on your PBX.

    One final word of caution is in order regardless of your choice of providers: Do NOT use special characters in any provider passwords, or nothing will work!

    Now you’re ready to configure your Google Voice account in Incredible PBX. You can do it from within the Incredible PBX GUI by choosing Connectivity -> Google Voice. How you enter your credentials depends upon whether you have chosen the Incredible PBX image with OAuth 2 support. For a complete Google Voice OAuth tutorial, follow steps 8-10 in this Nerd Vittles tutorial. Once you’ve entered your credentials, you MUST restart Asterisk from the command line, or Google Voice calls will fail.

    If you have trouble getting Google Voice to work (especially if you have previously used your Google Voice account from a different IP address), try this Google Voice Reset Procedure. It usually fixes connectivity problems. If it still doesn’t work, enable Less Secure Apps using this Google tool.

    If you have difficulty finding the Google Chat option after setting up a new Google Voice account, follow this tutorial.

    Another option is to use an inexpensive SIP Gateway to Google Voice. The Simonics trunk in the Incredible PBX GUI is preconfigured for this purpose. All you’ll need is your Google Voice credentials. Get started with this tutorial.

    Adding Speech Recognition Support to Incredible PBX

    To support many of our applications, Incredible PBX has included Google’s speech recognition service for years. These applications include Weather Reports by City (949), AsteriDex Voice Dialing by Name (411), and Wolfram Alpha for Asterisk (4747), all of which use Lefteris Zafiris’ terrific speech-recog AGI script. Unfortunately (for some), Google now has tightened up the terms of use for their free speech recognition service. Now you can only use it for “personal and development use.” If you meet those criteria, keep reading. Here’s how to activate speech recognition on Incredible PBX. Don’t skip any steps!

    1. Using an existing Google/Gmail account to join the Chrome-Dev Group.

    2. Using the same account, create a new Speech Recognition Project.

    3. Click on your newly created project and choose APIs & auth.

    4. Turn ON Speech API by clicking on its Status button in the far right margin.

    5. Click on Credentials in APIs & auth and choose Create New Key -> Server key. Leave the IP address restriction blank!

    6. Write down your new API key or copy it to the clipboard.

    7. Log into your server as root and edit the speech recognition script:

    nano -w /var/lib/asterisk/agi-bin/speech-recog.agi
    

    8. When the nano editor opens, go to line 70: my $key = "". Insert your API key from Step #6 above between the quotation marks and save the file: Ctrl-X, Y, then Enter.

    9. To use Wolfram Alpha by phone, you first must obtain a free Wolfram Alpha APP-ID. Then issue the following command replacing APP-ID with your actual ID. Do NOT change the yourID portion of the command:

    sed -i "s|yourID|APP-ID|" /var/lib/asterisk/agi-bin/4747
    

    Now you’re ready to try out the speech recognition apps. Dial 949 and say the name of a city and state/province/country to get a current weather forecast from Yahoo. Dial 411 and say “American Airlines” to be connected to American.

    To access Wolfram Alpha by phone, dial 4747 and enter your query, e.g. “What planes are overhead.” Read the Nerd Vittles tutorial for additional examples and tips.

    Enabling WiFi on the Raspberry Pi

    With the Raspberry Pi 3, wi-fi hardware is included. With the Raspberry Pi 2, you’ll need to add an inexpensive wifi dongle. The next step is connecting to your WiFi router. Simply open /etc/wpa_supplicant/wpa_supplicant.conf with your favorite editor and insert the following code using the actual SSID name and password to access your local, password-protected WiFi router or any open WiFi network:

    network={
     ssid="YourSSID"
     psk="YourSSIDpassword"
     key_mgmt=WPA-PSK
     scan_ssid=1
     priority=5
    }
    
    network={
     key_mgmt=NONE
     priority=1
    }
    

    Finally, stop and restart the wlan0 interface, count to 15, and check the status of your server to decipher the new IP address for your WiFi connection:

    ifdown wlan0
    ifup wlan0
    pbxstatus
    

    If you want to run your Raspberry Pi exclusively off the WiFi connection, simply unplug the network cable from your RasPi and reboot your server.

    UPDATE: There still is a quirk with the wireless LAN driver on the Raspberry Pi 3. The problem has to do with the default power management of the wlan0 interface which results in it being powered off after very brief periods of inactivity. Special thanks to Matt Gemmell for this fix. Just cut-and-paste the lines below into a terminal window, and you’ll be good to go.

    WARNING: Run pbxstatus first. If the top line shows Raspberry Pi 3, the following WiFi patch is already installed.

    echo "options 8192cu rtw_power_mgnt=0 rtw_enusbss=0 rtw_ips_mode=1" > /etc/modprobe.d/8192cu.conf
    sed -i '/exit 0/d' /etc/rc.local
    echo "sleep 10" >> /etc/rc.local
    echo "iwconfig wlan0 power off" >> /etc/rc.local
    echo "exit 0" >> /etc/rc.local
    echo "[Unit]" > /etc/systemd/system/root-resume.service
    echo "Description=Turn off wlan power management" >> /etc/systemd/system/root-resume.service
    echo "After=suspend.target" >> /etc/systemd/system/root-resume.service
    echo "" >> /etc/systemd/system/root-resume.service
    echo "[Service]" >> /etc/systemd/system/root-resume.service
    echo "Type=simple" >> /etc/systemd/system/root-resume.service
    echo "ExecStartPre= /bin/sleep 10" >> /etc/systemd/system/root-resume.service
    echo "ExecStart= /sbin/iwconfig wlan0 power off" >> /etc/systemd/system/root-resume.service
    echo "" >> /etc/systemd/system/root-resume.service
    echo "[Install]" >> /etc/systemd/system/root-resume.service
    echo "WantedBy=suspend.target" >> /etc/systemd/system/root-resume.service
    systemctl enable root-resume
    reboot
    

    After rebooting, if you issue the iwconfig wlan0 command, it should show: Power Management:off.

    Update: Lessons Learned for Raspberry Pi 3 Road Warriors

    As with all new devices, you learn some things as you go along. So we’re providing an update to our original article to offer a couple of additional tips and tricks for those that want to travel with a RasPi…

    Alternative Power Sources. If you’re like us, you have a number of devices around the house or office that all require 5V power adapters of various amperages. The Raspberry Pi has traditionally been one of the most temperamental when it came to power adapters and, with the Raspberry Pi 3, the developers specifically mention a 2.5 amp minimum. If you travel and want to take devices such as the Raspberry Pi with you, the last thing you want to do is approach airport security with a bunch of wires hanging out of your carry-on bag. Well, there’s good news. The Anker device shown in the Amazon ad in the right column of Nerd Vittles can supply power to 6 devices including a Raspberry Pi 3. And we’ve given the RasPi a healthy workout with no adverse effects.

    Deciphering the RasPi IP Address. As we mentioned, we travel a lot so obtaining a DHCP address for your RasPi in WiFi mode is not always the easiest thing to accomplish. If your smartphone supports tethering, that’s the easiest way to get connectivity on the road. A better way is to stick a WiFi HotSpot in your luggage and it, too, can be powered using the Anker device. See our recent article for WiFi HotSpot choices. Regardless of which option you choose, it will require some planning to use your RasPi sans monitor and keyboard. First, you need to preconfigure /etc/wpa_supplicant/wpa_supplicant.conf with the SSID of the device you’ll be using to hand out DHCP addresses. You’ll note from the discussion above that each entry in this file has a priority with higher numbers having higher priority. The way we typically do this is to assign our home network as the highest priority. Below that, we set up credentials for our MiFi Hotspot, then our smartphones, and finally open networks. So it looks like this:

    • Home Network – 6
    • MiFi HotSpot – 5
    • Android phone – 4
    • iPhone (AT&T) – 3
    • Open Network – 1

    Keep in mind that the Incredible PBX firewall probably will block you from accessing the RasPi from a computer on the public network. So you also must connect your computer to the same private WiFi network because private LAN addresses are whitelisted in the firewall by default.

    Once you have connectivity for your RasPi and your laptop, the other wrinkle is figuring out the IP address of the Raspberry Pi. Our recommended approach goes like this. First, configure SendMail on the RasPi to use a Gmail account that you own as an SMTP smarthost to send emails. That should work almost anywhere you go. Second, modify /etc/rc.local to automatically send you an email with the IP address and SSID of your wireless network whenever the RasPi boots. Again, this takes some advance planning because you need to set all of this up and test it before you go on the road.

    Here are the steps to modify SendMail to use an existing Gmail account as a SmartHost. Log into your RasPi as root and issue the following commands:

    cd /etc/mail
    hostname -f > genericsdomain
    touch genericstable
    makemap -r hash genericstable.db < genericstable
    mv sendmail.mc sendmail.mc.original
    wget http://nerdvittles.dreamhosters.com/pbxinaflash/source/sendmail/sendmail.mc.gmail
    cp sendmail.mc.gmail sendmail.mc
    mkdir -p auth
    chmod 700 auth
    cd auth
    echo AuthInfo:smtp.gmail.com "U:smmsp" "I:user_id" "P:password" "M:PLAIN" > client-info
    echo AuthInfo:smtp.gmail.com:587 "U:smmsp" "I:user_id" "P:password" "M:PLAIN" >> client-info
    echo AuthInfo:smtp.gmail.com:465 "U:smmsp" "I:user_id" "P:password" "M:PLAIN" >> client-info
    nano -w client-info
    

    When the nano editor opens the client-info file, change the 3 user_id entries to your Gmail account name without @gmail.com and change the 3 password entries to your actual Gmail password. Save the file: Ctrl-X, Y, then ENTER.

    Now issue the following commands. In the last step, press ENTER to accept all of the default prompts:

    chmod 600 client-info
    makemap -r hash client-info.db < client-info
    cd ..
    make
    sed -i 's|sendmail-cf|sendmail/cf' /etc/mail/sendmail.mc
    sed -i 's|sendmail-cf|sendmail/cf|' /etc/mail/sendmail.mc
    sed -i 's|sendmail-cf|sendmail/cf|' /etc/mail/Makefile
    sed -i 's|sendmail-cf|sendmail/cf|' /etc/mail/sendmail.cf
    sed -i 's|sendmail-cf|sendmail/cf|' /etc/mail/databases
    sed -i 's|sendmail-cf|sendmail/cf|' /etc/mail/sendmail.mc.gmail
    sed -i 's|sendmail-cf|sendmail/cf|' /etc/mail/sendmail.cf.errors
    sendmailconfig
    

    Next, edit /etc/hosts and /etc/hostname. Change the raspberypi3 entries to: raspberrypi3.incrediblepbx.com.

    Finally, stop and restart SendMail and then send yourself a test message. Be sure to check your spam folder!

    /etc/init.d/sendmail stop
    /etc/init.d/sendmail start
    apt-get install mailutils -y
    echo "test" | mail -s testmessage yourname@yourdomain.com
    

    The last step is to add these commands to /etc/rc.local to send you an email with your IP address and SSID whenever the RasPi is rebooted. Insert the following commands just above the exit 0 line at the end of the file. Use an email address to which you have access on the road!

    ESSID=`iwconfig | grep ESSID | tail -1 | cut -f 9 -d " "`
    echo "IP address: $(hostname -I) on $ESSID" | mail -s "RaspberryPi3 IP Address" yourname@yourdomain.com
    

    Enabling Bluetooth on the Raspberry Pi


    Incredible Fax Returns for the Raspberry Pi


    Mastering the Incredible PBX Feature Set

    Now would be a good time to explore the Incredible PBX applications. Continue reading there. If you have questions, join the PBX in a Flash Forums and take advantage of our awesome collection of gurus. There’s an expert available on virtually any topic, and the price is right. As with Incredible PBX, it’s absolutely free. Enjoy!

    Originally published: Monday, March 7, 2016  Updated: Saturday, March 26, 2016


    Support Issues. With any application as sophisticated as this one, you’re bound to have questions. Blog comments are a difficult place to address support issues although we welcome general comments about our articles and software. If you have particular support issues, we encourage you to get actively involved in the PBX in a Flash Forum. It’s the best Asterisk tech support site in the business, and it’s all free! Please have a look and post your support questions there. Unlike some forums, the PIAF Forum is extremely friendly and is supported by literally hundreds of Asterisk gurus and thousands of users just like you. You won’t have to wait long for an answer to your question.



    Need help with Asterisk? Visit the PBX in a Flash Forum.


     
    Awesome Vitelity Special. Vitelity has generously offered a terrific discount for Nerd Vittles readers. You now can get an almost half-price DID from our special Vitelity sign-up link. If you’re seeking the best flexibility in choosing an area code and phone number plus the lowest entry level pricing plus high quality calls, then Vitelity is the hands-down winner. Vitelity provides Tier A DID inbound service in over 3,000 rate centers throughout the US and Canada. When you use our special link to sign up, Nerd Vittles gets a few shekels down the road to support our open source development efforts while you get an incredible signup deal as well. The going rate for Vitelity’s DID service is $7.95 a month which includes up to 4,000 incoming minutes on two simultaneous channels with terminations priced at 1.45¢ per minute. Not any more! For our users, here’s a deal you can’t (and shouldn’t) refuse! Sign up now, and you can purchase a Tier A DID with unlimited incoming calls and four simultaneous channels for just $3.99 a month. To check availability of local numbers and tiers of service from Vitelity, click here. NOTE: You can only use the Nerd Vittles sign-up link to order your DIDs, or you won’t get the special pricing! Vitelity’s rate is just 1.44¢ per minute for outbound calls in the U.S. There is a $35 prepay when you sign up. This covers future usage. Any balance is refundable if you decide to discontinue service with Vitelity.


    ​​3CX is a software PBX that’s easy to install & manage. It includes integrated softphones, WebRTC conferencing and essential add-ons out of the box, at no additional cost. Try the free edition at www.3cx.com.

  • Run on Premise or in the Cloud, on Windows and soon Linux
  • Softphones for iOS, Android, Win & Mac
  • Easy install, backup & restore, version upgrades
  • Automatically configures IP Phones, SIP Trunks & Gateways

  • Some Recent Nerd Vittles Articles of Interest…

    1. Many of our purchase links refer users to Amazon when we find their prices are competitive for the recommended products. Nerd Vittles receives a small referral fee from Amazon to help cover the costs of our blog. We never recommend particular products solely to generate Amazon commissions. However, when pricing is comparable or availability is favorable, we support Amazon because Amazon supports us. []

    Four Months in Paradise: Free International VoIP Calling From Your Cellphone

    Following our article documenting how to set up free cellphone service in the United States using the Sprint reseller, RingPlus, we received a number of questions seeking ways to add free or low cost international calling to the RingPlus offerings. Today we’ll provide a quick tutorial on how to turn any cellphone into a terrific platform to make free international calls, lots of them. As of this writing, for every 10 euros ($11.27) you deposit into your account, you’ll get 300 minutes a week of free calls to 44 countries for 120 days. You can also call anywhere else in the world at very reasonable per minute rates that compare favorably with other SIP providers around the world. In addition to the freebies, for the mathematically challenged, today we’ll also show you how to minimize international calling charges on any U.S. cellphone using Incredible PBX with DISA and your choice of SIP providers. Some provide all-you-can-eat international calling to certain countries for a monthly fee while others charge by the minute depending upon the destination. Do some Googling. The beauty of a PBX and SIP trunks is you can mix and match as many providers as you like to take advantage of favorable calling rates to multiple countries. We’re going to start with the almost-free option because we like to share great deals.

    There are a few things you need to know about the so-called Betamax VoIP services up front. Most importantly, they change rates and free countries more frequently than college kids change partners. Betamax also has dozens of companies offering similar services with differing rates and freebies. You can keep track of the daily changes on this Facebook page. Here’s a 5-year old spreadsheet that will give you a good idea of what you’re up against. Don’t depend upon it for the current rates. You’ll need to visit the actual site(s) of your choice for their current rate tables or visit the site maintained by Betamax for a country-by-country comparison by provider. That’s another way of saying DON’T BLAME US IF YOUR 3-HOUR CALL TO ANTARCTICA CHANGED FROM 20¢ PER MINUTE TO $1 PER MINUTE OVERNIGHT. IT PROBABLY WON’T, BUT THEN AGAIN IT MIGHT. Before making a lengthy call to a remote destination, spend the two minutes it takes to look up the current rate and make a snapshot of the web page for your records. Here’s another tip. If you make frequent calls to Antarctica, spend a little time doing your homework. Review the latest Betamax spreadsheet to track down the cheapest rates. Then double-check the actual sites for the current rates. There’s a $150 difference in the cost of a 3-hour call at €.20/minute from one Betamax site versus the €.906/minute rate at another Betamax site. THIS CAN AND OFTEN DOES CHANGE! As it happens, two of the lowest cost providers still offer the calls at the same two-year-old €.20/minute rate.

    Today we’ll be focusing on the company we’ve tracked for many years, FreeVoipDeal.com. Except for the domain name, the setup with other Betamax providers is similar but not identical. And, of course, you’ll have to kick in another deposit to make free calls from each site. The length of the Freebie period also may vary so read the terms carefully. FreeVoipDeal actually hasn’t changed much since our last visit about two years ago. In fact, we still had most of our ten euro credit so we could play all we wanted even though the calls were no longer free since our four month window had long since expired.

    Here’s last week’s Freebie list by country compared to two years ago. Don’t depend upon it! Check their actual web site or the Betamax country summary for current freebies and current rates. Here’s another neat little trick to remember. When you visit the FreeVoipDeal Rate Table, just click on the Out of Minutes tab for a quick listing of all the Free Calling Countries as well as the rates once you use up your four months of free calls. With two exceptions for mobile calls to Malaysia and South Korea, all of the “free countries” still had a rate of 1.1¢ per minute. Not bad!

    Here’s How the Free International Calling Procedure Works

    There are really two ways to make international calls from your smartphone. You can either load an app to make the calls if your cellphone supports it. Or you can dial a secondary number using the traditional dialer on your cellphone, enter an access code, and then dial the international number. We’re going to begin with the latter option because it works with any cellphone and it’s safer in numerous ways. At the end of the article, we’ll also show you how to load an app and make the calls that way if you like living dangerously.

    So let’s start with the basics. The way this will work when we’re finished today is you’ll pick up your cellphone and dial a phone number assigned to your own Incredible PBX. The call will be answered and a sweet lady named Allison will ask you for a password. Once you enter it correctly, you’ll get a secondary dial tone. You then can dial any international number that you have preauthorized on your PBX, and the call will be routed out through your FreeVoipDeal trunk to its destination. When the person answers, you will have made your first free international call using your cellphone.

    The key components include the Incredible PBX platform with the DISA application to provide secondary dialtone for processing international calls. A phone number and trunk will receive incoming calls bound for DISA from your cellphone. An inbound route will only forward incoming calls to DISA that match your cellphone number. A secondary trunk from FreeVoipDeal or other providers will be used to process outgoing international calls that are dialed using DISA. We’ll create an outbound route or rule for every country to which you want to authorize international calling. Each of these outbound routes will point to the least expensive (or free) trunk to complete the call. In the VoIP world, you actually could have dozens of outbound trunks that handle international calls based upon the country codes of each international call. This lets you take advantage of the best calling rates for each country. We will block international calls to country codes you have not specifically authorized.

    Just to restate the obvious, a misconfigured DISA application that allows the world to make international calls on your nickel can get expensive quickly. We’ll protect today’s setup with two layers of protection. First, we’ll require that the CallerID of the incoming call match your cellphone number. While this isn’t failsafe since CallerID numbers can be spoofed, it does reduce the risk considerably because the bad guys will have to know BOTH your cellphone number and the incoming phone number managing DISA on your PBX. Without those two phone numbers, nobody gets to the DISA application at all. Second, for incoming Incredible PBX calls from a number matching your cellphone number, the caller will be prompted for a six-digit password, and you can make it longer if you will sleep better. Just remember, compromising DISA on your PBX is just as risky as handing out your credit card to a stranger so follow the setup steps carefully. And then TEST, TEST, TEST to make sure strangers can’t access your DISA setup. We’ll show you how.

    Eight Is Enough: Choosing an Incredible PBX Platform for International Calling

    Before any of this will work, you’ll obviously need an Incredible PBX. The software is free. The cost of the hardware depends upon the Incredible PBX platform you choose. This could be a PBX hosted in the Cloud, or it could be a PBX running as a virtual machine on your desktop computer or VMware corporate server, or it could be a PBX running on dedicated hardware in your home or office. Here are some choices with approximate prices and links to the tutorials to set them up. After downloading the Incredible PBX software from SourceForge, the setup process only takes 30 minutes or less.

    1. Incredible PBX in the Cloud at CloudAtCost ($10.50 one-time fee)
    2. Incredible PBX in the Digital Ocean Cloud ($5 a month after 2 free months)
    3. Incredible PBX in the RentPBX Cloud ($15 a month with Coupon Code: NOGOTCHAS)
    4. Incredible PBX running under VirtualBox on your Desktop PC (free)
    5. Incredible PBX running on your company’s VMware server (free)
    6. Incredible PBX running on standalone Raspberry Pi 3 ($35++)
    7. Incredible PBX running on standalone Intel NUC ($200)
    8. Incredible PBX running on your favorite old clunker (free)

    Configuring Incredible PBX for International Calling with DISA

    Here’s an overview of the setup drill for today once you have Incredible PBX running. We’ll walk through each of the six steps below. Don’t get frustrated. There are a lot of steps, but none of them are difficult. Just don’t skip any.

    1. Set Up Your Trunk to Process Incoming DISA Calls
    2. Set Up Your Trunk(s) to Process Outgoing International Calls
    3. Configure DISA with a Very Secure Password
    4. Configure an Inbound Route to Limit Incoming DISA Calls to Your Cellphone #
    5. Configure an Outbound Route for Each International Country Code
    6. Test, Test, Test

    1. Setting Up a Trunk to Process Incoming DISA Calls

    Before you can make calls to your PBX, it’ll need a phone number (known affectionately as a DID). As installed, Incredible PBX includes preconfigured SIP trunks from about a dozen SIP providers. All you’ll need is credentials from the company you wish to use. Most providers of DID trunks offer a monthly flat rate for unlimited incoming calls. There’s a great deal from our Platinum Sponsor, Vitelity, at the end of this article. And their international calling rates are extremely competitive.

    In addition to SIP trunks, Incredible PBX is preconfigured to support Google Voice trunks for those living in the United States. These trunks are free and provide unlimited incoming and outgoing calls throughout the U.S. and Canada. Because this option is free, you’d be crazy not to use it for today’s application if it’s available where you live. The setup procedure is covered in detail in all of the Incredible PBX installation tutorials referenced above. So start there.

    2. Setting Up a Trunk to Process Outgoing International Calls

    We’re going to walk you through setting up a trunk with FreeVoipDeal to handle free international calls to certain countries documented above. This may not be the best fit for you depending upon the international destinations you wish to call. Figure that out first! Then adjust the trunk settings below to match each SIP provider trunk you wish to create. There’s no limit to the number you can have. And, with most of these providers, you pay by the minute for international calls anyway so there is no harm in configuring multiple trunks to take advantage of the best rates calling the countries of your choice. The same applies to all-you-can-eat and “free” trunks except there are varying fees for using the services so you’re probably not going to want a dozen of them even if some of the calls are free after making a periodic deposit. One other word of warning. Some Betamax sites such as powervoip.com have good calling rates, but they tack on a 3.9¢ connection fee to every call. If you make lengthy calls, it’s not a big deal. If you make numerous short calls, it drives your discount calling rates through the roof. So start with the pink and green entries on the old spreadsheet we referenced for the cheapest historical rates and then visit the actual sites and read the fine print. One of our favorite Betamax sites for many tourist destinations is HotVoIP.com.



    To add new trunks to Incredible PBX, use a browser to access the IP address of your server. Choose Incredible GUI Administration from the Admin menu of the Kennonsoft GUI (shown above) by clicking on User to switch. The default username is admin and the password is what you set when the install completed. Once the Incredible PBX GUI appears, click the Connectivity tab and choose Trunks -> Add SIP (chan_sip) Trunk.

    For Trunk Name, enter FreeVoipDeal. In the Dialed Number Manipulation Rules section, add a rule for each country code you wish to activate. You can decipher the Country Code for any country at this link. For example, for the United Kingdom, you’d enter a rule like this where 44 is the Country Code and each X represents a required digit in the local area code and phone number. The trailing period means the number includes one or more additional digits. NOTE: DISA calls will not have to be prefixed with 011 to place international calls. Just enter the country code and number to be called. And, I am told that only 441, 442, and perhaps 443 calls to the U.K. are free since those are the designated landline prefixes.




    If there are other countries, you wish to support with this trunk provider, you’d click Add More Dial Pattern Fields and insert an additional rule for each country following the example above. If you’ll be using this trunk to make calls in the U.S. and Canada as well, the correct Match Pattern is 1NXXNXXXXXX, and calls will need to be dialed with the 1 to avoid conflicts with international dialing. And, by the way, calls to Alaska and Hawaii are also free!

    Next, we need to enter the Outgoing Settings. For the Trunk Name, enter freevoipdeal. Clear out the entries in Peer Details section and enter the following using your actual FreeVoipDeal credentials for yourusername and yourpassword:

    authuser=yourusername
    username=yourusername
    secret=yourpassword
    type=peer
    qualify=yes
    nat=yes
    insecure=port,invite
    host=sip.freevoipdeal.com
    fromdomain=sip.freevoipdeal.com
    dtmfmode=auto
    disallow=all
    canreinvite=no
    allow=alaw&ulaw
    

    Finally, clear out the default entries in User Details and click the Submit Changes button and then red Apply Config button to save your new trunk.

    Spoofing Your CallerID. When setting up your FreeVoipDeal account, you can set up one or more numbers to use as your CallerID number on FreeVoipDeal calls. You simply verify the number with a code sent by SMS or phone call from their service. Once you’ve gone through the verification procedure, you can spoof the outbound CallerID on FreeVoipDeal calls using your actual cellphone number. Just add the following entries to your Trunk settings replacing 9991234567 with your cellphone number. Special thanks to @hillclimber on the PIAF Forum for the tip.

    fromuser=0019991234567
    sendrpid=yes
    

    3. Configuring DISA to Support International Calling

    In the Incredible PBX GUI, we’ll set up DISA by clicking the Applications tab and choosing DISA. Add your new DISA configuration by following this sample. Use a VERY secure password. It’s your phone bill. Once you’ve finished, click the Submit Changes button and then red Apply Config button to save your new DISA setup.



    4. Configuring an Inbound Route for Your Incoming DISA Calls

    Here’s where we lock down your setup so that Incredible PBX only accepts DISA calls from your cellphone number. If you want to allow additional people to use your DISA setup or if you have multiple cellphones, then simply create multiple inbound routes with the 10-digit numbers of each phone to be supported.

    In the Incredible PBX GUI, we’ll set up a new Inbound Route by clicking the Connectivity tab and choosing Inbound Routes. If you plan to support multiple phones, then create multiple inbound routes and give each of them a unique Description and CallerID Number that matches the phone number of the cellphone to be supported. Be sure to check the CID Priority Route checkbox and set the correct Destination for your incoming calls. Just fill in the blanks appropriately using this template as a guide. Once you’ve finished, click the Submit button and then red Apply Config button to save your new Inbound Route.



    5. Configuring an Outbound Route for Each International Country Code

    The DISA application is going to obtain the phone number to be dialed and will pass that to the Outbound Routes module. The job of the Outbound Routes module is to examine the phone number passed to it from DISA to figure out which trunk to use to make the outbound call. It then will pass the call to the appropriate trunk which sends the outgoing call on its way to the destination.

    For each Dialed Number Manipulation Rule in every Trunk that you set up in Step #2 above, you’ll need a matching Outbound Route if your PBX is used to place calls using multiple trunks. If you’re only using one provider for all of your outbound calls, then we can use a more generic Outbound Route. It’s always a good idea to create the one-to-one match between Outbound Routes and Trunks to make certain that outbound calls are sent to the correct Trunk for processing. So let’s do that using the U.K. trunk we created above.

    In the Incredible PBX GUI, we’ll set up a new Outbound Route by clicking the Connectivity tab and choosing Outbound Routes. When the template appears, notice in the far right column that there’s a listing of all your existing Outbound Routes. Calls are actually processed sequentially using the order that these Outbound Routes appear in the list. If there’s no number match in the top route or if the call via the top route fails, processing drops to the next route in the list until there is a match AND a successful connection. You can adjust the sequence by dragging the Outbound Routes to a different position in the priority list.

    It’s important to use specificity in your Outbound Routes (especially with International calling) to make certain that a call isn’t inadvertently processed by a secondary trunk. For example, if you have a Google Voice trunk in addition to a FreeVoipDeal trunk, we want to make certain that calls to England are processed by the FreeVoipDeal trunk and that 10-digit numbers starting with area code 440 (Cleveland) are routed out through Google Voice. The easiest way to do this is to require the Outbound Route Match Pattern for U.K. calls to be at least 11 digits, e.g. 44XXXXXXXX. (the trailing period is important in that it requires at least one more digit for a match). And we can force a Hangup if the FreeVoipDeal trunk is not available for some reason by adjusting the Destination on Congestion setting. This keeps the call routing from dropping down to the next available Outbound Route in the list if FreeVoipDeal happens to be off-line at some point. So our Outbound Route for U.K. calls should look something like this:



    The final step is to move the new Outbound Route for U.K. calls to the top of the Outbound Routes listing in the right column to assure that it is processed first. Once you’ve done that, click the Submit Changes button and then red Apply Config button to save your new Outbound Route AND the adjusted Outbound Route Priority List.

    Another alternative in creating Outbound Routes is to use a Dial Prefix that never matches a real phone number to direct calls to a particular trunk. For example, you might use 08 as a dial prefix for FreeVoipDeal calls. By placing 08 in the Prefix column of the Dial Pattern, it will get stripped off before the number is actually passed to the FreeVoipDeal trunk for processing. We actually prefer this setup because it adds an additional layer of security for international calls. If someone were to break into your DISA application by knowing your cellphone number AND your DID AND your DISA password, it’s unlikely they’d also know to prefix outgoing international calls with some arbitrary dial prefix. Just don’t use 08 in case they’re a Nerd Vittles reader. 😉

    6. Test, Test, Test!

    The easiest way to test the new setup is to place a couple of calls and to watch the Asterisk CLI (asterisk -rvvvvvvvvvv) and see how the calls are processed and who answers at the other end. Then you can apologize for reaching the wrong number.

    You can make up your own test methodology, but here’s one that works for us. There are several tests you need to make. First, call your Incredible PBX DID from your authorized cellphone and enter a correct DISA password to see if you get dial tone to make an international call. Then repeat the drill with an invalid password and make sure you don’t get a dial tone. Next, call your Incredible PBX DID from a phone other than your authorized cellphone. You should not get a prompt for a DISA password. Finally, we use the first three digits of a U.K. number to identify a matching NANPA area code. Then, we find hotels in the two matching cities. For example, one might attempt to call a hotel in Bath, England (44 1… ……) and a hotel in Bermuda (441-…-….). The U.K. call should go through, and the Bermuda call should fail. If you pass all three tests with flying colors, you’re good to go.

    Using FreeVoipDeal’s MobileVoIP App Instead of Incredible PBX with DISA

    FreeVoIPDeal also offers a MobileVoIP app that can be used directly on your smartphone (Android, iOS, and Windows phone versions available) using any Wi-Fi, UMTS, 4G/LTE, 3G, GPRS or EDGE connection. The drawback is the lack of the three extra layers of security protection that Incredible PBX using DISA offers. MobileVOIP lets you log in with your registered Betamax credentials and offers the option to use your existing VoIP credit from your smartphone. The downside is that anyone with the app and your credentials can call anywhere and talk for as long as they like on your nickel using any of your registered CallerIDs. You’ve been warned. For more information or to download the app for your mobile device, go here. Remember to dial the “+1” country code prefix for U.S./Canada calls. Enjoy!

    Originally published: Monday, March 21, 2016


    Support Issues. With any application as sophisticated as this one, you’re bound to have questions. Blog comments are a terrible place to handle support issues although we welcome general comments about our articles and software. If you have particular support issues, we encourage you to get actively involved in the PBX in a Flash Forums. It’s the best Asterisk tech support site in the business, and it’s all free! Please have a look and post your support questions there. Unlike some forums, ours is extremely friendly and is supported by literally hundreds of Asterisk gurus and thousands of users just like you. You won’t have to wait long for an answer to your question.



    Need help with Asterisk? Visit the PBX in a Flash Forum.


     
    Awesome Vitelity Special. Vitelity has generously offered a terrific discount for Nerd Vittles readers. You now can get an almost half-price DID from our special Vitelity sign-up link. If you’re seeking the best flexibility in choosing an area code and phone number plus the lowest entry level pricing plus high quality calls, then Vitelity is the hands-down winner. Vitelity provides Tier A DID inbound service in over 3,000 rate centers throughout the US and Canada. When you use our special link to sign up, Nerd Vittles gets a few shekels down the road to support our open source development efforts while you get an incredible signup deal as well. The going rate for Vitelity’s DID service is $7.95 a month which includes up to 4,000 incoming minutes on two simultaneous channels with terminations priced at 1.45¢ per minute. Not any more! For our users, here’s a deal you can’t (and shouldn’t) refuse! Sign up now, and you can purchase a Tier A DID with unlimited incoming calls and four simultaneous channels for just $3.99 a month. To check availability of local numbers and tiers of service from Vitelity, click here. NOTE: You can only use the Nerd Vittles sign-up link to order your DIDs, or you won’t get the special pricing! Vitelity’s rate is just 1.44¢ per minute for outbound calls in the U.S. There is a $35 prepay when you sign up. This covers future usage. Any balance is refundable if you decide to discontinue service with Vitelity.


    ​​3CX is a software PBX that’s easy to install & manage. It includes integrated softphones, WebRTC conferencing and essential add-ons out of the box, at no additional cost. Try the free edition at www.3cx.com.

  • Run on Premise or in the Cloud, on Windows and soon Linux
  • Softphones for iOS, Android, Win & Mac
  • Easy install, backup & restore, version upgrades
  • Automatically configures IP Phones, SIP Trunks & Gateways

  • Some Recent Nerd Vittles Articles of Interest…