Home » Search results for 'fail2ban'

Search Results for: fail2ban

The Most Versatile VoIP Provider: FREE PORTING



JUST RELEASED: Visit the Incredible PBX Wiki

A New Incredible PBX 2027 Image for the Raspberry Pi

Monday, June 26, 2023 / 1 Comment on A New Incredible PBX 2027 Image for the Raspberry Pi



Are you looking for a powerful and affordable VoIP phone system for your home or small business? Incredible PBX 2027 is the perfect solution especially when tied to an inexpensive platform such as the Raspberry Pi. Earlier this year we introduced a new Incredible PBX 2027 installer for the Raspberry Pi. But we heard from many of you that it was simply too time-consuming to go through both the installation of the Raspberry Pi OS and then the Incredible PBX 2027 setup. This is particularly important to those that use the Raspberry Pi as a teaching platform because of the lengthy install process. So today we are pleased to introduce a Raspberry Pi image for the Raspberry Pi 4 and 400 that installs almost instantaneously after burning the image to a microSD card.

Assembling the Required Raspberry Pi Components

Before you can deploy Incredible PBX 2027, you’ll first need the necessary Raspberry Pi hardware. To support the enhanced Incredible PBX 2027 platform, we strongly recommend either the Raspberry Pi 400 or the Raspberry Pi 4B with at least 2GB RAM. You can choose a reseller below for quicker delivery. Assuming you already own an HDMI-compatible monitor and a USB keyboard (only required if you don’t buy a RasPi 400)…

  • Raspberry Pi 4B or Raspberry Pi 400
  • $10 USB-C RasPi 4 (only) Power Supply
  • $9 32GB microSDHC Class 10 card (strongly recommended!)
  • $5 Official RasPi 4B Case or go here for our favorite

    • Getting Started with Incredible PBX 2027

    Unlike the previous setup process, you cannot use the Raspberry Pi Imager to create your microSD card. Instead, we recommend the free Balena Etcher application which is available for all desktops. So begin by installing the Balena Etcher software here.

    Next, download and unzip the Incredible PBX 2027 image from the Incredible PBX Repo.

    If you don’t already have one, we recommend you purchase the $9.99 SD Card Reader using our referral link. Then insert a 32GB microSD card into the reader and plug the reader into your desktop machine. Using our referral links helps fund our open source projects.


    Now run the Balena Etcher app. Choose Flash from File and select the unzipped Incredible PBX 2027 image from your desktop: incrediblepbx2027-raspi.img. Next, choose Select Target and choose the microSD card you plugged into your PC. Finally, click Flash to transfer the Incredible PBX 2027 image to your microSD card. When the process completes, eject the microSD card and insert it into and boot your Raspberry Pi.


    If flashing fails, try formatting the microSD card on a Linux machine first. Format: mkfs.vfat /dev/sda. Or Reformat: mkfs.vfat /dev/sda1 Then repeat the Etcher flashing.

    After your Raspberry Pi boots, do the following:

    1. Press ENTER to display Login prompt. Login as root with password: password
    2. Agree to license terms by pressing ENTER
    3. When initial setup completes, press ENTER
    4. When raspi-config begins:
    5. What user should use these settings? Press ENTER
    6. System Options -> Wireless LAN: Configure SSID and Password, if desired
    7. Localization Settings: Set Locale, Timezone & WiFi Country
    8. Advanced Options: Resize image to match SD card size
    9. Finish -> Reboot Now: YES
    10. If rc.local fails to start after rebooting, press Ctrl-Alt-Del to reboot again
    11. Wait for Asterisk to finish starting up. Then switch to your Desktop PC
    12. Make note of the Private IP address above RasPi login prompt before you go

    To assure that your desktop computer is whitelisted in the Incredible PBX firewall, we recommend completing the rest of the install using SSH or Putty on your desktop machine. The ip a command above will tell you the local IP address of your RasPi. So login using this command and default password of password: ssh root@ip-address.

    1. Set secure root password with command: passwd
    2. Set secure FreePBX password: /root/admin-pw-change
    3. Set secure Apache password: /root/apache-pw-change
    4. /root/reset-extension-passwords (701 to 705)
    5. /root/reset-conference-pins
    6. /root/reset-reminders-pin
    7. Make note of your PortKnocker codes: cat knock.FAQ
    8. DONE!

    When the install finishes, reboot your Raspberry Pi and log back in as root. Let the Automatic Update Utility bring your system up to current specs after which the pbxstatus display should show something like the following.


    NOTE: To activate an OpenVPN client connection, create and copy a client configuration named incrediblepbx2027.ovpn from your OpenVPN server into the /etc folder & reboot.

    What’s Included? Incredible PBX 2027 serves up a never before available VoIP powerhouse featuring Asterisk 20 and all FreePBX 16 GPL modules, an Apache web server, the latest MariaDB SQL server (formerly MySQL), SendMail mail server, Webmin, and most of the Incredible PBX feature set including SIP, PJSIP, SMS, voice recognition, AsteriDex, gTTS Text-to-Speech VoIP applications, Call-By-Name Dialing, News, Weather, Telephone Reminders, and hundreds of features that typically are found in commercial PBXs: Conferencing, IVRs and Email Delivery of transcribed voicemails, AutoAttendants, Voicemail Blasting, and more. We’ve also incorporated the Zero Trunk Configuration feature from the LITE build which lets you sign up with one of our VoIP providers and start making and receiving calls instantly. Or you can use the new ClearlyIP trunking module included in the GUI for seamless integration of SMS messaging into FreePBX® and its User Control Panel.

    Choosing a SIP Provider. As we mentioned, Incredible PBX 2027 comes preconfigured to support many of the major SIP providers including those that financially support Nerd Vittles and our open source projects: ClearlyIP, Skyetel, and VoIP.ms. As the old saying goes, they may not be the cheapest, but you get what you pay for. With all our providers, you only pay for minutes you use so signing up with more than one provider is a smart idea. For the full list of supported VoIP providers, visit the Incredible PBX Wiki.

    Continuing Your Incredible PBX 2027 Journey

    If you entered WiFi credentials when running raspi-config above and your Raspberry Pi does not have a wired network connection, it should automatically enable the Wi-Fi connection on reboot. Issuing the command ip a will tell you the local IP addresses of wlan0 and eth0. With the Raspberry Pi 3B, 4B and 400, WiFi is built into the hardware. But you still have to provide your SSID name and SSID password to make a connection to your WiFi network. If pbxstatus does not show a network connection, here’s how to enable Wi-Fi:

    If your WiFi network requires a password, insert the following into /etc/wpa_supplicant/wpa_supplicant.conf:

    ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
country=US

network={
 ssid="YourSSID"
 psk="YourSSIDpassword"
 key_mgmt=WPA-PSK
 scan_ssid=1
 priority=7
}

     

    Now restart your server: reboot. When the reboot finishes, you now should have network connectivity.

    You may also need to change the default PortKnocker setting to your wireless LAN connection:

    sed -i 's|eth0|wlan0|' /etc/default/knockd
service knockd restart

     

    Finally, if your PBX is sitting behind a NAT-based router, you’ll need to redirect incoming UDP 5060-5061 and UDP 10000-20000 traffic to the private IP address of your RasPi. This is required for all of the SIP providers included in the Incredible PBX 2027 build. Otherwise, all inbound calls will fail.

    Configuring Skyetel for Incredible PBX 2027

    If you’ve decided to go with Skyetel, here’s the drill. Sign up for Skyetel service and take advantage of the Nerd Vittles Free $10 credit and BOGO special. First, complete the Prequalification Form here. You then will be provided a link to the Skyetel site to complete your registration. Once you have registered on the Skyetel site and your account has been activated, open a support ticket and request the $10 credit for your account by referencing the Nerd Vittles special offer. Once you are happy with the service, open another ticket after funding your account and request that Skyetel match your deposit of up to $250. That gets you up to $500 of helf-price calling. Credit is limited to one per person/company/address/location. If you have numbers to port in, you can do it at no cost after funding your account. Effective 10/1/2023, $25/month minimum spend required.

    Skyetel typically does not require SIP registrations to make connections to your PBX. Instead, Skyetel utilizes Endpoint Groups to identify which servers can communicate with the Skyetel service. An Endpoint Group consists of a Name, an IP address, a UDP or TCP port for the connection, and a numerical Priority for the group. For incoming calls destined to your PBX, DIDs are associated with an Endpoint Group to route the calls to your PBX. For outgoing calls from your PBX, a matching Endpoint Group is required to authorize outbound calls through the Skyetel network. Thus, the first step in configuring the Skyetel side for use with your PBX is to set up an Endpoint Group. Here’s a typical setup for Incredible PBX 2027:

    • Name: MyPBX
    • Priority: 1
    • IP Address: PBX-Public-IP-Address
    • Port: 5061
    • Protocol: UDP
    • Description: 2027.incrediblepbx.com

    To receive incoming PSTN calls, you’ll need at least one DID. On the Skyetel site, you acquire DIDs under the Phone Numbers tab. You have the option of Porting in Existing Numbers (free for the first 60 days after you fund your account) or purchasing new ones under the Buy Phone Numbers menu option.

    Once you have acquired one or more DIDs, navigate to the Local Numbers or Toll Free Numbers tab and specify the desired SIP Format and Endpoint Group for each DID. Add SMS/MMS and E911 support, if desired. Call Forwarding and Failover are also supported. That completes the VoIP setup on the Skyetel side. System Status is always available here.

    Configuring VoIP.ms for Incredible PBX 2027

    To sign up for VoIP.ms service, may we suggest you use our signup link so that Nerd Vittles gets a referral credit for your signup. Once your account is set up, you’ll need to set up a SIP SubAccount and, for Authentication Type, choose Static IP Authentication and enter your Incredible PBX 2027 server’s public IP address. For Transport, choose UDP. For Device Type, choose Asterisk, IP PBX, Gateway or VoIP Switch. Order a DID in their web panel, and then point the DID to the SubAccount you just created. Be sure to specify atlanta1.voip.ms as the POP from which to receive incoming calls. On the Incredible PBX side, simply Enable the VoIPms trunk and save your update.

    Adding a Bootable SSD to Raspberry Pi

    Shown below are the two components that make up the 256GB storage solution for the Raspberry Pi. These include the M.2 SSD SATA drive and the M.2 enclosure which provides a USB connector that’s compatible with your RasPi. Assembly of the components takes less than a minute as shown in the steps below:




    You can order the M.2 SSD SATA drive and the M.2 enclosure using our Amazon referral links which help support Nerd Vittles and the Incredible PBX open source project.

    Once you have assembled your SSD in the sleeve, log back in as root using SSH or Putty. For best performance, insert the SSD drive into one of the blue USB 3.0 ports and verify that /dev/sda device is shown when you issue the command: fdisk -l

    Now proceed with the following steps to copy the image from your microSD card to the new SSD SATA drive:

    rpi-clone -l -e sda -f sda
# answer prompts with yes and incred2027
# once the image is copied, dismount the drive when prompted
mount /dev/sda2 /mnt/clone
cd /mnt/clone/boot
cp -p -r /boot/* .
sed -i 's|sda2|mmcblk0p2|' /boot/cmdline.txt
cd /
umount /mnt/clone
halt

     
    Now you’re ready to restart your Raspberry Pi from the SSD SATA drive. Remove the microSD card and reboot your server.



    Configuring a Softphone for Incredible PBX 2027



    We’re in the home stretch now. You can connect virtually any kind of telephone to your new PBX. Plain Old Phones require an analog telephone adapter (ATA) which can be a separate board in your computer from a company such as Digium. This really is not an option with a Raspberry Pi. SIP phones can be connected directly so long as they have an IP address. These could be hardware devices or software devices such as the Zoiper5 softphone. We’ll start with a free one today so you can begin making calls. You can find dozens of recommendations for hardware-based SIP phones both on Nerd Vittles and the VoIP-Info.org Forum when you’re ready to get serious about VoIP telephony.

    We recommend the Zoiper5 softphone which has a free option. Download it from here for your desktop of choice. Once installed, run it and ignore the nag screen for the commercial version. There are four screens (shown above) to navigate through to connect your softphone to your PBX. You’ll need the credentials for the 701 extension on Incredible PBX. You can find them by running /root/show-passwords or you can decipher the password in the FreePBX GUI by navigating to Applications -> Extensions -> 701 once you log in with your admin password which you set up above. You’ll also need the IP address of your server which you can decipher by running pbxstatus. In the first screen shown above, fill in your 701 SIP address making sure to add the 5061 port since this is a PJsip extension. Enter your Password and click the Login button. On the second and third screens, leave the defaults and click Next then Skip. On the final screen, Zoiper5 will check for connections SIP TLS, SIP TCP, SIP UDP, and IAX UDP. You should see a green Found indicator for SIP UDP which means your connection was successfully established. Press Next and you’ll have a working softphone.



    Now test things out by dialing 947 for a weather report using the Zoiper5 dialpad. You’ll be prompted to enter a 5-digit zip code. Note that this must be entered using the dialpad in the right window, NOT the original dialpad. You can try a few more calls to test things out:

    DEMO - Apps Demo
123 - Reminders
947 - Weather by ZIP Code
951 - Yahoo News
TODAY - Today in History
LENNY - The Telemarketer's Worst Nightmare

    If you are a Mac user, another great no-frills softphone is Telephone. Just download and install it from the Mac App Store.

    Audio Issues with Incredible PBX 2027

    If you experience one-way or no audio on some calls, add your external IP address and LAN subnet in the GUI by navigating to Settings -> Asterisk SIP Settings. In the NAT Settings section, click Detect Network Settings. Click Submit and Apply Settings to save your changes. Equally important, check your Router settings and verify that SIP ALG is Disabled.

    Configuring Gmail as Smart Relay Host

    Most Raspberry Pi implementations will be on networks managed by companies like Comcast, Spectrum, and AT&T that block downstream mail servers (that’s you) from sending email. The solution is to use Gmail or your local ISP as a smart relay host to send mail from your server. You’ll need this to deliver voicemails via email. Here’s how to set it up using a Gmail account. IMPORTANT: You MUST use a Gmail App Password instead of your Gmail account password. 

    /root/enable-gmail-smarthost-for-sendmail

    Now send yourself a test email message to make sure things are working properly:

    echo "test" | mail -s testmessage yourname@yourmailprovider.com

    Almost-Free SMS Messaging Returns

    As you probably know, new Application To Person, 10 Digit Long Code (A2P 10DLC) SMS rules have gone into effect to lessen the chances of SPAM inundating the cellphone providers. As a result, SMS pricing from many VoIP providers has become prohibitively expensive. One provider that has not changed their pricing structure is VoIP.ms where SMS messages remain $0.0075 per message. While VoIP.ms provides a web interface to send and receive SMS messages, Incredible PBX also includes a command-line interface to their service. The recommended setup is to use the VoIP.ms side to forward incoming SMS messages to either your email account and/or cellphone. Then you can send SMS messages from both the VoIP.ms web portal AND the command line interface of Incredible PBX. To get started…

    On the VoIP.ms portal, do the following:

    1. Sign up for a VoIP.ms account using our referral link1
    2. Purchase a DID
    3. In the Message Service DID section, enable SMS/MMS and…
    4. Also provide email and/or cellphone forwarding numbers
    5. In Main Menu/SOAP/RestAPI, enable API and…
    6. Also create a very secure API password and…
    7. Provide IP address whitelist for receiving API messages

    On your Incredible PBX platform, login using SSH root and do the following:

    1. apt install php-soap -y
    2. cd /root/sms-voip.ms
    3. nano -w class.voipms.php
    4. Insert VoIP.ms username (email address) and API password
    5. Save file: Ctrl-X, Y, then ENTER
    6. nano -w voipms-sms.php
    7. Insert 10-digit DID in $SMSsender
    8. Save file: Ctrl-X, Y, then ENTER

    Now you’re ready to try things out. Simply enter the recipient’s 10-digit phone number and the desired message using the syntax below. The script should confirm transmission of the the message.

    /root/sms-voip.ms/voipms-sms.php smsnumber "sms message"

    Incredible PBX 2027 Administration

    We’ve eased the pain of administering your new PBX with a collection of scripts which you will find in the /root folder after logging in with SSH or Putty. Here’s a quick summary of what each of the scripts does.

    admin-pw-change lets you update the admin password for web browser access to the Incredible PBX GUI.

    apache-pw-change lets you update the admin password for Apache applications such as AsteriDex and Reminders.

    add-fqdn is used to whitelist a fully-qualified domain name in the firewall. Because Incredible PBX 2027 blocks all traffic from IP addresses that are not whitelisted, this is what you use to authorize an external user for your PBX. The advantage of an FQDN is that you can use a dynamic DNS service to automatically update the IP address associated with an FQDN so that you never lose connectivity.

    add-ip is used to whitelist a public IP address in the firewall. See the add-fqdn explanation as to why this matters.

    del-acct is used to remove an IP address or FQDN from the firewall’s whitelist.

    iptables-restart is the ONLY command you should ever use to restart the IPtables firewall and Fail2Ban.

    knock.FAQ contains your PortKnocker credentials for emergency access to your server if the firewall locks you out. Tutorial here.

    reset-conference-pins is a script that automatically and randomly resets the user and admin pins for access to the preconfigured conferencing application. Dial C-O-N-F from any registered SIP phone to connect to the conference.

    reset-extension-passwords is a script that automatically and randomly resets ALL of the SIP passwords for extensions 701-705. Be careful using this one, or you may disable existing registered phones and cause Fail2Ban to blacklist the IP addresses of those users. HINT: You can place a call to the Ring Group associated with all five extensions by dialing 777.

    reset-reminders-pin is a script that automatically and randomly resets the pin required to access the Telephone Reminders application by dialing 123. It’s important to protect this application because a nefarious user could set up a reminder to call a number anywhere in the world assuming your SIP provider’s account was configured to allow such calls.


    rpi-clone is a utility that makes it easy to make a bootable image of the microSD card used to start your Raspberry Pi. You’ll need a USB-to-microSD adapter to begin. Insert a backup microSD card large enough to hold all of the data on the primary microSD card (df -h). Insert the USB stick with the card. Identify the backup microSD card, usually sda (fdisk -l). Format the backup microSD card: mkfs.vfat /dev/sda. Or reformat: mkfs.vfat /dev/sda1. Then issue the following command to clone the main microSD card: rpi-clone -f sda. Tutorial here.

    show-feature-codes is a cheat sheet for all of the feature codes which can be dialed from any registered SIP phone. It documents how powerful a platform Incredible PBX 2027 actually is. A similar listing is available in the GUI at Admin -> Feature Codes.

    show-passwords is a script that displays ALL of the passwords associated with Incredible PBX 2027. This includes SIP extension passwords, voicemail pins, conference pins, telephone reminders pin, and your Anveo Direct outbound calling pin (if configured). Note that voicemail pins are configured by the user of a SIP extension the first time the user accesses the voicemail system by dialing *97.

    timezone-setup lets you reconfigure the correct time zone for your server.

    purge-cdr-cel-records cleans out all existing entries in both the CDR and CEL tables of the Asterisk CDR database.

    sig-fix disables module signature checking in FreePBX. It is automatically disabled upon installation.

    update-IncrediblePBX is the Automatic Update Utility which checks for server updates from incrediblepbx.com every time you log into your server as root using SSH or Putty. Do NOT disable it as it is used to load important fixes and security updates when necessary. We recommend logging into your server at least once a week.

    upgrade-asterisk20 is self-explanatory and can be used to upgrade to the latest release of Asterisk 20.

    pbxstatus (shown above) displays status of all major components of Incredible PBX 2027.

    Forwarding Calls to Your Cellphone. Keep in mind that inbound calls to your DIDs automatically ring all five SIP extensions, 701-705. The easiest way to also ring your cellphone is to set one of these five extensions to forward incoming calls to your cellphone. You must have a working trunk for calls to your cellphone to complete successfully. After logging into your PBX as root, issue the following command to forward calls from extension 705 to your cellphone: asterisk -rx "database put CF 705 6781234567" where 6781234567 is your cellphone number.

    To remove call forwarding: asterisk -rx "database del CF 705"

    Keeping FreePBX 16 Modules Current

    We strongly recommend that you periodically update all of your FreePBX modules to eliminate bugs and to reduce security vulnerabilities. Make a backup image with rpi-clone first! From the Linux CLI, log into your server as root and issue the following commands:

    rm -f /tmp/*
fwconsole ma upgradeall
fwconsole reload
/root/sig-fix
systemctl restart apache2
/root/sig-fix

    Resolving an Expired Certificate Alert

    1. Navigate to Admin -> Certificate Management in the FreePBX GUI
    2. Click the Trashcan to delete the Self-Signed Certificate
    3. Click New Certificate -> Generate Self-Signed Certificate
    4. In the Description field, type: Default
    5. Click Generate Certificate button

    Introducing Adminer: The Ultimate MySQL Editor

    If you’re as sick of phpMyAdmin as we are, you’ll be happy to know there’s a new kid on the block, Adminer. Better yet, the install procedure is a painless, one-minute exercise. The setup procedure for Incredible PBX 2027 is documented here. Once installed, you can connect to Adminer at http://server-ip-address/adminer. You should be prompted for your Apache admin credentials which were configured when you first installed Incredible PBX. Next, enter your MySQL root credentials and Adminer will display in all its glory. DO NOT OPEN PORT 80 FOR PUBLIC ACCESS, OR YOUR ENTIRE PBX WILL BE AT A HACKER’S MERCY!


    What About Fax Support?

    Incredible PBX 2027 no longer includes fax support out of the box. To add it, follow this tutorial.

    Where Can I Buy a Raspberry Pi?

    Search for Raspberry Pi inventory here or RasPi 400 keyboard here.

    Originally published: Monday, June 26, 2023


    Need help with Asterisk? Visit the VoIP-info Forum.

     

    Special Thanks to Our Generous Sponsors


    FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

    BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

    The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

    VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
     

    Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
     

    1. Many of our purchase links refer users to various sites when we find their prices are competitive for the recommended products. Nerd Vittles receives a small referral fee from the provider to help cover the costs of our blog. We never recommend particular products solely to generate commissions. However, when pricing is comparable or availability is favorable, we support these providers because they support us. []

    Interconnecting Incredible PBX Servers with PJsip

    Tuesday, May 16, 2023


    Much has been made of the lack of multi-tenant functionality with Asterisk® and FreePBX®. Today we’ll show you how to interconnect as many Asterisk servers as you like and make transparent calls between all of them at zero cost. Setup time is under 5 minutes per server. When you couple PBXs with distributed infrastructure and inexpensive cloud servers costing $25 or less a year and on-premise virtual machine platforms including Proxmox, VMware ESXi, VirtualBox, Windows 11 WSL, and Mac UTM, it makes little sense in terms of reliability and redundancy to put all your eggs in one basket with a MultiTenant telephony solution.

    PJsip Interconnection Design

    Our basic design goes like this. Create as many decentralized Incredible PBX platforms as you need to cover the various locations of your business. Whether that’s two cities or eighty-nine, the design is the same. Next, use the same extension design at every site. For example, in each location choose 3-digit extensions in the 100 range for management offices and the receptionist, in the 200 range for human resources, in the 300 range for IT services, and so on. Next, number your locations. For nine or fewer cities, use single digits. For up to 89, use two digits beginning with 10. We actually use the last octet of our server’s OpenVPN IP address for the dialing prefix. For our example, we’ll use 1 for the Atlanta office, 2 for Dallas, and 3 for Boston. When someone in Atlanta wishes to call the main human resources number in Dallas, the user would dial 2200. For Boston, they’d dial 3200. And, when someone in Dallas or Boston wishes to reach the main HR number in Atlanta, they’d dial 1200. Assuming the receptionist in each location has extension 100, callers in Dallas would dial 1100 for Atlanta and 3100 for Boston. Hopefully, you get the idea now. Sketch these out on a piece a paper until it all makes sense to you.

    You’ll need static IP addresses for each of your Incredible PBX servers. But, if one or more of your servers are sitting behind a corporate firewall, that’s not a deal breaker. Simply set up an OpenVPN network and assign a private OpenVPN IP address to each server. Then use these OpenVPN IP addresses in interconnecting your servers rather than static, public IP addresses. OpenVPN addresses are automatically whitelisted in the Incredible PBX firewall. For other IP addresses, you’ll need to whitelist them using the add-ip utility in the /root folder of each of your PBXs. Be sure to also add the IP addresses of the servers to the ignoreip list in /etc/fail2ban/jail.conf. Note in our design that, for security reasons, PJsip trunks must be created on BOTH the sending and receiving PBXs before interconnected calls between the servers will successfully complete. You wouldn’t want strangers making PJsip calls through your servers. In the alternative, if you only want to enable outbound calls from one PBX to another, you can avoid creating a PJsip trunk on the destination server and instead enable Outbound Authentication on the originating server. In this case, you also will need to enter extension credentials from the destination server in the PJsip Username and Secret fields. But let’s continue on assuming you want calls to flow in both directions.

    Using our 3-city example, let’s begin by configuring the Atlanta PBX using the FreePBX GUI. Login to the web interface as admin and navigate to Connectivity -> Trunks. We want to create two PJsip trunks, one to connect to Dallas and another to connect to Boston. Similarly, in Dallas, we’ll create PJsip trunks for Atlanta and Boston. And, in Boston, we’ll create PJsip trunks for Atlanta and Dallas.

    Configuring PJsip Trunks For Each Location

    On the Atlanta PBX, click the Add Trunk button and choose Add SIP (chan_pjsip) Trunk. For the first PJsip trunk, in the General tab, let’s keep it simple and enter Trunk Name as Dallas. Leave the remaining default settings and click the pjSIP Settings tab. Leave all of the default settings as they are in both the Advanced and Codecs tabs. In the General tab, change the Authentication and Registration settings to None. For the SIP Server IP address, enter the IP address (or OpenVPN address) of the Dallas server. For the SIP Server Port, enter 5061. Finally, change the Context entry to from-internal. That’s all the settings you’ll need. So click Submit and Apply Config when prompted. Repeat the drill for Boston.


    Configuring Outbound Routes For Each Location

    Next, we need to create two Outbound Routes for calls to Dallas and Boston. Navigate to Connectivity -> Outbound Routes. For each city, click Add Outbound Route. Name the Outbound Route using the city name, e.g. Dallas. Change the Time Zone, if required. For the Trunk Sequence, choose the Trunk with the matching City name from the pull-down menu. Next, click the Dial Patterns tab. Here you’ll need to decide which calls you want to permit between the Headquarters office and Dallas. For the Dallas extensions, you would enter 2 in the Prefix field and NXX in the Match Pattern field. If there are 4-digit numbers on the Dallas PBX that you want to enable for callers from Atlanta, you add another Dial Pattern with the 2 Prefix and NXXX for the Match Pattern. If you want callers from Atlanta to be able to use Outbound Routes on the Dallas PBX to make PSTN calls, you would add another Dial Pattern with the 2 Prefix and NXXNXXXXXX for the Match Pattern. Similar additions could be made for international calls assuming you allow them on your Dallas PBX. Once you’ve added the desired Match Patterns, click Submit and Apply Config when prompted. Repeat these steps to add an Outbound Route for Boston, and you’re finished on the Atlanta PBX.


    Repeating the Setup Process in Other Cities

    Now simply repeat the steps above on each of your PBXs. For PJsip trunks, you’ll need to create one for every other city in your operation. And, for Outbound Routes, do the same. Once all of your PJsip trunks are activated, you can verify functionality in the Asterisk CLI with this command: pjsip show aors. Once the Status for each city displays as Avail, you can begin making test calls between the servers using a phone connected to each PBX.

    Originally published: Tuesday, May 16, 2023


    Need help with Asterisk? Visit the VoIP-info Forum.

     

    Special Thanks to Our Generous Sponsors


    FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

    BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

    The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

    VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
     

    Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
     

    The 5-Minute PBX in the Cloud Platform for $2 a Month

    Tuesday, April 25, 2023 / 1 Comment on The 5-Minute PBX in the Cloud Platform for $2 a Month

    If $2.10 a month for a state-of-the-art VoIP PBX isn’t too rich for your blood, then today’s your lucky day. What that buys you is a turnkey, cloud-based PBX platform that is fully installed and configured IN LESS THAN 5 MINUTES! Did we mention the feature set? The Incredible PBX 2027-U image at CrownCloud has an unequaled feature set: Ubuntu 22.04 LTS, Asterisk® 20, and FreePBX® 16 with preconfigured extensions and trunks for dozens of VoIP providers plus voicemail with transcription and email delivery, IVRs, DISA, SMS messaging, conferencing, call queues, paging, intercom, and lots of text-to-speech features to whet your developer appetite: news headlines, weather reports by zip code, today in history, and sample ODBC apps for customer and accounting lookups using MySQL/MariaDB databases. The web server offerings include the latest FreePBX GUI with all of its GPL modules plus WebMin, AsteriDex, and Telephone Reminders. It’s taken us more than a decade to develop this free platform. You get to take advantage of it in less than 5 minutes.

    So what’s the difference in today’s $2 a month offering from CrownCloud and the previous offering from RackNerd for $1 a month. The major difference is Incredible PBX 2027-U is an actual image offering at CrownCloud while, at RackNerd, you had to first install the operating system and then go through the entire setup procedure for the Incredible PBX platform of your choice. The CrownCloud scenario takes five minutes while the RackNerd procedure consumes more than an hour assuming all of the repositories upon which Incredible PBX relies are on line and functioning as advertised. What you’ll quickly learn with open source software is this. We rely upon the work product of over 1,000 different individuals and companies, any one of whom can seriously break things either because their software is off-line or because they’ve "improved" something in a way that quickly cascades into a disaster for those of us that relied upon their old way of doing things. If patience and time are your strong suits, then the $1 a month alternative may be a perfect fit. Otherwise, our new CrownCloud image of Incredible PBX 2027-U is a godsend. So let’s get started.

    Getting Started at CrownCloud

    These 5-minute turnkey installs of Incredible PBX 2027-U for Ubuntu 22.04 are offered at the jaw-dropping price of $25 a year. The monthly cost is cheaper than a cup of coffee at Starbucks, and you’ll have a fully-functioning, production-ready KVM platform including a free snapshot with 1GB RAM, 20GB SSD storage, and 1TB of monthly bandwidth in your choice of server locations including Los Angeles, Miami, and Atlanta in the United States as well as Germany and the Netherlands in Europe. And, unlike all of the other Asterisk® aggregations, Incredible PBX still provides a source code-based platform that can be tailored to meet any special requirements your organization may need.

    It’s worth mentioning that we don’t make a nickel on these cloud offerings so consider this our special thanks to all of our loyal fans.

    Here are the links to sign up for the service and take advantage of the Incredible PBX 2027 deal:

    After you sign up for the service, open the CrownPanel application and choose Incredible PBX 2027-U under Application Images for your base install. Take a 5-minute coffee break while your server image is installed. Once your server comes on line, login as root from a desktop machine using the password that was provided. Be sure to use SSH and NOT the VNC utility included in CrownPanel. This will assure that your desktop machine’s IP address gets whitelisted in the Incredible PBX firewall. Otherwise, you won’t be able to SSH into your server from your desktop. Once you login, the Incredible PBX configurator will prompt you to set passwords for root login, admin login to FreePBX, and admin login credentials for Apache to access AsteriDex and Reminders. Add a trunk provider (Skyetel is preconfigured and enabled by default) and a softphone or Incredible PBX SIP phone, and your PBX is ready to go.

    Planning Ahead for That Rainy Day

    One of our favorite features of Crown Cloud is the free snapshot (a.k.a. backup) that’s provided at no additional charge. We recommend you take snapshots regularly as you make major changes in your server’s configuration. In this way, if something comes unglued, you can easily restore the snapshot and never miss a beat. You’ll find the Remote Snapshot option in your CrownPanel menu.

    Next Steps with Incredible PBX 2027

    Before you can manage your PBX through a web browser, you first will need to set the root password for Ubuntu as well as the admin passwords for FreePBX and Apache web apps such as Reminders and AsteriDex. These all can be set by logging into your server as root and issuing the following commands: passwd, admin-pw-change, and apache-pw-change.

    Outbound mail functionality needs to be working so that you can receive voicemail messages and faxes by email. To prevent SPAM, most ISPs and ITSPs block messages from downstream mail servers. That would be you. The easiest way to resolve this is to configure SendMail using Gmail as an SMTP Smarthost. You obviously need a Gmail account to implement this and you also will need to obtain an App password for your Gmail account, and use that in lieu of your regular Gmail password when configuring SendMail. With your Gmail username and App password in hand, log into your server as root and run: /root/enable-gmail-smarthost-for-sendmail.

    If your Incredible PBX 2027 is hosted with a cloud provider, be advised that many providers do not include a swap file as part of their offering. FreePBX requires a swap file. To see if you have one, issue the command: free -h. To add one, issue this command after logging into your server as root: /root/create-swapfile-DO.

    To correctly set the time on your PBX, run: /root/timezone-setup.

    By default, the voicemail password for each of the configured extensions (701-705) is set to the extension number. This means the user will be prompted to set a voicemail password on the first login to voicemail for each extension. A phone must be registered to the actual extension to access its voicemail account. For example, once a phone is registered to extension 701, the voicemail setup can be accessed by dialing *98701.

    Overview of the Initial Asterisk Setup Process

    For those new to PBXs, here’s a two paragraph summary of how Voice over IP (VoIP) works. Phones connected to your PBX are registered with Extensions so that they can make and receive calls. When a PBX user picks up a phone and dials a number, an Outbound Route tells the PBX which Trunk to use to place the call based upon established dialing rules. Unless the dialed number is a local extension, a Trunk registered with some service provider accepts the call, and the PBX sends the call to that provider. The provider then routes the call to its destination where the recipient’s phone rings to announce the incoming call. When the recipient picks up the phone, the conversation begins.

    Looking at things from the other end, when a caller somewhere in the world wishes to reach you, the caller picks up a telephone and dials a number known as a DID that is assigned to you by a provider with whom you have established service. When the provider receives the call to your DID, it routes the call to your PBX based upon destination information you established with the provider. Your PBX receives the call with information identifying the DID of the call as well as the CallerID name and number of the caller. An Inbound Route on your PBX then determines where to send the call based upon that DID and CallerID information. Typically, a call is routed to an Extension, a group of Extensions known as a Ring Group, or an IVR or AutoAttendant giving the caller choices on routing the call to the desired destination. Once the call is routed to an Extension, the PBX rings the phone registered to that Extension. When you pick up the phone, the conversation begins.

    Configuring Trunks with Incredible PBX GUI

    Perhaps the most difficult component to configure in the PBX is the Trunk. Almost every provider has a different way of doing things. We’ve taken some of the torture out of the exercise by providing a script which will configure settings for dozens of providers in seconds. Once installed, all you need to do is edit the desired Trunk (Connectivity:Trunks), change the Disable Trunk entry to No, and insert your credentials in both the PEER Details and Registration string of the SIP Settings Outgoing and Incoming tabs. Skyetel is enabled by default and needs no setup on the PBX side.

    Configuring Skyetel for Incredible PBX 2027

    If you’ve decided to go with Skyetel, here’s the drill. Sign up for Skyetel service and take advantage of the Nerd Vittles specials. First, complete the Prequalification Form here. You then will be provided a link to the Skyetel site to complete your registration. Once you have registered on the Skyetel site and your account has been activated, open a support ticket and request the $10 credit for your account by referencing the Nerd Vittles special offer. Once you are satisfied with the service, fund your account as desired, and Skyetel will match your deposit of up to $250 simply by opening another ticket. That gets you up to $500 of half-price calling. Credit is limited to one per person/company/address/location. Effective 10/1/2023, $25/month minimum spend required.

    Skyetel does not use SIP registrations to make connections to your PBX. Instead, Skyetel utilizes Endpoint Groups to identify which servers can communicate with the Skyetel service. An Endpoint Group consists of a Name, an IP address, a UDP or TCP port for the connection, and a numerical Priority for the group. For incoming calls destined to your PBX, DIDs are associated with an Endpoint Group to route the calls to your PBX. For outgoing calls from your PBX, a matching Endpoint Group is required to authorize outbound calls through the Skyetel network. Thus, the first step in configuring the Skyetel side for use with your PBX is to set up an Endpoint Group. Here’s a typical setup for Incredible PBX 2027:

    • Name: MyPBX
    • Priority: 1
    • IP Address: PBX-Public-IP-Address
    • Port: 5060
    • Protocol: UDP
    • Description: my.incrediblepbx.com

    To receive incoming PSTN calls, you’ll need at least one DID. On the Skyetel site, you acquire DIDs under the Phone Numbers tab. You have the option of Porting in Existing Numbers (free for the first 60 days after you sign up for service) or purchasing new ones under the Buy Phone Numbers menu option.

    Once you have acquired one or more DIDs, navigate to the Local Numbers or Toll Free Numbers tab and specify the desired SIP Format and Endpoint Group for each DID. Add SMS/MMS and E911 support, if desired. Call Forwarding and Failover are also supported. That completes the VoIP setup on the Skyetel side. System Status is always available here.

    Configuring VoIP.ms for Incredible PBX 2027

    To sign up for VoIP.ms service, may we suggest you use our signup link so that Nerd Vittles gets a referral credit for your signup. Once your account is set up, you’ll need to set up a SIP SubAccount and, for Authentication Type, choose Static IP Authentication and enter your Incredible PBX 2027 server’s public IP address. For Transport, choose UDP. For Device Type, choose Asterisk, IP PBX, Gateway or VoIP Switch. Order a DID in their web panel, and then point the DID to the SubAccount you just created. Be sure to specify atlanta1.voip.ms as the POP from which to receive incoming calls. In the Incredible PBX GUI, be sure to enable the VoIP.ms trunk.

    Configuring V1VoIP for Incredible PBX 2027

    To sign up for V1VoIP service, sign up on their web site. Then login to your account and order a DID under the DIDs tab. Once the DID has been assigned, choose View DIDs and click on the Forwarding button beside your DID. For Option #1, choose Forward to IP Address/PBX. For the Forwarding Address, enter the public IP address of your server. For the T/O (timeout) value, set it to 2o seconds. Then click the Update button. Under the Termination tab, create a new Endpoint with the public IP address of your server so that you can place outbound calls through V1VoIP. In the Incredible PBX GUI, be sure to enable all of the V1VoIP trunks.

    Configuring Anveo Direct for Incredible PBX 2027

    To sign up for Anveo Direct service, sign up on their web site and then login. After adding funds to your account, purchase a DID under Inbound Service -> Order DID. Next, choose Configure Destination SIP Trunk. Give the Trunk a name. For the Primary SIP URI, enter $[E164]$@server-IP-address. For Call Options, select your new DID from the list. You also must whitelist your public IP address under Outbound Service -> Configure. Create a new Call Termination Trunk and name it to match your server. For Dialing Prefix, choose six alphanumeric characters beginning with a zero. In Authorized IP Addresses, enter the public IP address of your server. Set an appropriate rate cap. We like $0.01 per minute to be safe. Set a concurrent calls limit. We like 2. For the Call Routing Method, choose Least Cost unless you’re feeling extravagant. For Routes/Carriers, choose Standard Routes. Write down your Dialing Prefix and then click the Save button.

    Before you can make outbound calls through Anveo Direct from your PBX, you first must configure the Dialing Prefix that you wrote down in the previous step. Log into the GUI as admin using a web browser and edit the Anveo-Out trunk in Connectivity -> Trunks. Enable the Trunk. Then click on the custom-Settings tab and replace anveo-pin with your actual Dialing Prefix. Click Submit and Apply Config to complete the setup. In the Incredible PBX GUI, be sure to enable all of the remaining Anveo trunks.

    By default, incoming Anveo Direct calls will be processed by the Default inbound route on your PBX. If you wish to redirect incoming Anveo Direct calls using DID-specific inbound routes, then you’ve got a bit more work to do. In addition to creating the inbound route using the 11-digit Anveo Direct DID, enter the following commands after logging into your server as root using SSH/Putty:

    cd /etc/asterisk
echo "[from-anveo]" >> extensions_custom.conf
echo "exten => _.,1,Ringing" >> extensions_custom.conf
echo "exten => _.,n,Goto(from-trunk,\\${SIP_HEADER(X-anveo-e164)},1)" >> extensions_custom.conf
asterisk -rx "dialplan reload"

    Configuring Extensions with Incredible PBX GUI

    Extensions are created using the Incredible PBX GUI: Applications:Extensions. Many SIP phones expect extensions to communicate on UDP port 5060. If this is the case with your SIP phone or softphone, then always create Chan_SIP extensions which communicate on UDP 5060. If your SIP phone or softphone provide port flexibility, then you have a choice in the type of SIP extension to create: Chan_SIP or the more versatile PJSIP (UDP 5061). Just remember to always configure SIP extensions with NAT Mode=YES in the Advanced tab. If your VoIP phones or softphones support IAX connectivity, you may wish to consider IAX extensions which avoid NAT problems.

    When you create a new Extension, a new entry is automatically created in the PBX Internal Directory. If you wish to allow individual users to manage their extensions or use the WebRTC softphone, then you will also have to create a (very) secure password for User Control Panel (UCP) access. Choose Admin:User Management and click on the key icon of the desired extension to assign a password for UCP and WebRTC access.

    Configuring a Desktop Softphone for Incredible PBX

    We’re in the home stretch now. You can connect virtually any kind of telephone to your new PBX. Plain Old Phones require an analog telephone adapter (ATA) which can be a separate board in your computer from a company such as Digium. Or it can be a standalone SIP device such as ObiHai’s OBi100 or OBi110 (if you have a phone line from Ma Bell to hook up as well). SIP phones can be connected directly so long as they have an IP address. These could be hardware devices or software devices such as a softphone. We’ll start with a free one today so you can begin making calls. You can find dozens of recommendations for hardware-based SIP phones both on Nerd Vittles and the PIAF Forum when you’re ready to get serious about VoIP telephony.


    The easiest way to get started is to download a free softphone onto your desktop. We recommend Zoiper 5 for personal use. You can download and install it from here. Once installed, you’ll first need to decipher your extension password for an extension you wish to use to connect to Zoiper. Log into your Linux CLI and switch to the root user as documented above. Then run: /root/show-passwords. Specify 701 and 705 as the starting and ending extensions. Make note of the 701 extension password. Run pbxstatus and make note of your LAN IP address, e.g. 179.xx.yy.zz. Next, start up Zoiper from your desktop and choose the free version. For the desired account enter: 701@179.xx.yy.zz:5061 where 179.xx.yy.zz is the local IP address of your virtual machine. For the password, enter the 701 extension password you deciphered above. Press ENTER twice to complete the connection. When the dialer appears, try out some of the free Incredible PBX applications below.

    NOTE: You must use the Keypad option shown in the right window of Zoiper after your call is connected for any app that prompts for keyboard input.

    Here are some numbers to try:

    123 - Reminders
222 - Timeclock for Employees (try 12345)
223 - AsteriDex Lookup & Dialer (try 335 for Delta Airlines)
947 - Weather by ZIP Code (requires keyboard entry of ZIP code)
951 - Yahoo News
TODAY - Today in History
LENNY - The Telemarketer's Worst Nightmare

    If you are a Mac user, another great no-frills softphone is Telephone. Just download and install it from the Mac App Store. For Android users, check out the terrific new VitalPBX Communicator. Works flawlessly with Incredible PBX.

    Configuring a Softphone Extension on a Smartphone

    Adding an Incredible PBX extension to your smartphone gets a little trickier. Whether you’re an iPhone or Android lover, all smartphones use batteries, and you don’t want to drain your battery by running a softphone as a foreground app all the time. Fortunately, you now have some choices in softphones engineered to work without draining your battery. While they all cost money, it’s not much money. We’ve written about all the choices, and you’ll find the links in our Softphone Provider Recommendations on the new Incredible PBX Wiki.

    With PJsip extensions, you’re not limited to a single phone connection at a time, and we’ve preconfigured extension 701 to support ten simultaneous connections. The setup on the softphone side is simple. For the server, enter the actual IP address of your PBX in the following format: 22.33.44.55:5061. Then enter 701 for the username and enter the password assigned to the 701 extension on your PBX. When an incoming call arrives, all the phones registered to extension 701 will ring simultaneously. Simply answer the call on the phone that is most convenient. For extension 702, you can change the number of simultaneous connections by clicking the Advanced tab and setting the number in Max Contacts.

    Configuring Outbound Routes in Incredible PBX GUI

    Outbound Routes serve a couple of purposes. First, they assure that calls placed by users of your PBX are routed out through an appropriate trunk to reach their destination in the least costly manner. Second, they serve as a security mechanism by either blocking or restricting certain calls by requiring a PIN to complete the calls. Never authorize recurring charges on credit cards registered with your VoIP providers and, if possible, place pricing limits on calls with your providers. If a bad guy were to break into your PBX, you don’t want to give the intruder a blank check to make unauthorized calls. And you certainly don’t want to join the $100,000 Phone Bill Club.

    To create outbound routes in the Incredible PBX GUI, navigate to Connectivity:Outbound Routes and click Add Outbound Route. In the Route Settings tab, give the Outbound Route a name and choose one or more trunks to use for the outbound calls. In the Dial Patterns tab, specify the dial strings that must be matched to use this Outbound Route. NXXNXXXXXX would require only 10-digit numbers with the first and fourth digits being a number between 2 and 9. Note that Outbound Routes are searched from the top entry to the bottom until there is a match. Make certain that you order your routes correctly and then place test calls watching the Asterisk CLI to make sure the calls are routed as you intended.

    Configuring Inbound Routes in Incredible PBX GUI

    Inbound Routes, as the name implies, are used to direct incoming calls to a specific destination. That destination could be an extension, a ring group, an IVR or AutoAttendant, or even a conference or DISA extension to place outbound calls (hopefully with a very secure password). Inbound Routes can be identified by DID, CallerID number, or both. To create Inbound Routes, choose Connectivity:Inbound Routes and then click Add Inbound Route. Provide at least a Description for the route, a DID to be matched, and the Destination for the incoming calls that match. If you only want certain callers to be able to reach certain extensions, add a CallerID number to your matching criteria. You can add Call Recording and CallerID CNAM Lookups under the Other tab.

    Audio Issues with Incredible PBX 2027

    While it is always a good idea anyway, if you experience one-way or no audio on some calls, be sure to add your external IP address and LAN subnet in the GUI by navigating to Settings -> Asterisk SIP Settings. In the NAT Settings section, click Detect Network Settings. Click Submit and Apply Settings to save your changes.

    Adding Fax Support to Incredible PBX 2027

    We’ve had to live without faxing on the new Incredible PBX 2027 platforms since the beginning of the year. But those days are over. If you’d like to add fax support to your virtual machine, head over to our new Fax Tutorial to install the components. It only takes a couple minutes.

    Adding Incredible PBX 2027 to an OpenVPN Network

    We previously have documented the procedure for creating an OpenVPN server as well as OpenVPN client templates (.ovpn). If you need a refresher, the tutorial is here. To add your Incredible PBX 2027 server to an existing OpenVPN network, begin by creating an incrediblepbx2027.ovpn template on your OpenVPN server. Be sure to comment out or delete the setenv line in the template. Then copy this template to /etc on your Incredible PBX 2027 server. The following commands are already in place:

    echo "[Unit]
Description=openvpn2027
ConditionPathExists=/etc/openvpn-start
After=rclocal.service
[Service]
Type=forking
ExecStart=/etc/openvpn-start /etc/incrediblepbx2027.ovpn
TimeoutSec=0
StandardOutput=tty
RemainAfterExit=yes
PermissionsStartOnly=true
SysVStartPriority=99
[Install]
WantedBy=multi-user.target" > /etc/systemd/system/openvpn2027.service

    We’ve also enabled this openvpn2027.service which will start when you reboot your server. The OpenVPN IP address should now appear on the LAN line in pbxstatus:

    systemctl enable openvpn2027.service
reboot

    Deploying ODBC Apps with Incredible PBX 2027

    Appreciating that many use a PBX to perform actual tasks for your business, we have included two sample ODBC apps to give you a head start. The code for these ODBC apps is stored in odbc.conf in the /etc/asterisk folder. Dialing 222 from any Asterisk extension calls up the TimeClock application which provides access to an employee database. You can enter 12345 as an employee number to see how it works. Dialing 223 from any Asterisk extension connects to the AsteriDex MySQL database and performs a lookup based upon the 3-digit code corresponding to the first three letters of the company name. For example, entering 335 (D-E-L) will call up the entry for Delta Airlines and connect you to their reservations desk once you have an outbound trunk enabled. You could build something similar to look up real-time inventory information from a MySQL database. These are just examples of the thousands of applications that could be quickly developed using ODBC and the Incredible PBX 2027 platform.

    Incredible PBX 2027 Administration

    We’ve eased the pain of administering your new PBX with a collection of scripts which you will find in the /root folder after logging in with SSH or Putty. Here’s a quick summary of what each of the scripts does.

    add-fqdn is used to whitelist a fully-qualified domain name in the firewall. Because Incredible PBX 2027 blocks all traffic from IP addresses that are not whitelisted, this is what you use to authorize an external user for your PBX. The advantage of an FQDN is that you can use a dynamic DNS service to automatically update the IP address associated with an FQDN so that you never lose connectivity.

    add-ip is used to whitelist a public IP address in the firewall. See the add-fqdn explanation as to why this matters.

    del-acct is used to remove an IP address or FQDN from the firewall’s whitelist.

    admin-pw-change is used to set the admin password for access to the FreePBX/Incredible PBX web GUI using a browser pointed to the local IP address of your server.

    apache-pw-change is used to set the admin password for access to Apache/Incredible PBX apps including AsteriDex and Reminders. This provides a password layer of protection for access to these applications.

    incrediblebackup2021 makes a backup of critical components on your PBX to a tarball saved in /backup. This should be copied to safe location off-site for a rainy day.

    incrediblerestore2021 restores a backup file which has been copied to the /backup folder.

    ipchecker is a script which deciphers the public IP addresses associated with whitelisted FQDNs created with add-fqdn on your server. If any of the addresses have changed, the firewall is restarted after updating the IP addresses. By default, it is executed every 10 minutes by /etc/crontab.

    licenses.sh displays the license associated with each of the FreePBX modules on your server.

    logos-b-gone removes proprietary artwork from your PBX and is no longer necessary with the included IncrediblePBX FreePBX module.

    mime-construct is a command-line utility to send emails with attachments.

    neorouter-login is a script to add your PBX to a NeoRouter VPN. Tutorial here.

    odbc-gen.sh is a script that was run to generate the ODBC settings for Asterisk. Do NOT use it.

    openvpn-start is a script to add your PBX to an existing OpenVPN network using an .ovpn config file. Tutorial here.

    pbxstatus displays status of all major components of Incredible PBX 2027.

    pptp-install is a script to create a PPTP network connection for your PBX. Tutorial here.

    purge-cdr-cel-records removes all CDR and CEL records from the MySQL database.

    reset-conference-pins is a script that automatically and randomly resets the user and admin pins for access to the preconfigured conferencing application. Dial C-O-N-F from any registered SIP phone to connect to the conference.

    reset-extension-passwords is a script that automatically and randomly resets ALL of the SIP passwords for extensions 701-705. Be careful using this one, or you may disable existing registered phones and cause Fail2Ban to blacklist the IP addresses of those users. HINT: You can place a call to the Ring Group associated with all five extensions by dialing 777.

    reset-reminders-pin is a script that automatically and randomly resets the pin required to access the Telephone Reminders application by dialing 123. It’s important to protect this application because a nefarious user could set up a reminder to call a number anywhere in the world assuming your SIP provider’s account was configured to allow such calls.

    show-feature-codes is a cheat sheet for all of the feature codes which can be dialed from any registered SIP phone. It documents how powerful a platform Incredible PBX 2027 actually is. A similar listing is available in the GUI at Admin -> Feature Codes.

    show-passwords is a script that displays most of the passwords associated with Incredible PBX 2027. This includes SIP extension passwords, voicemail pins, conference pins, telephone reminders pin, and your Anveo Direct outbound calling pin (if configured). Note that voicemail pins are configured by the user of a SIP extension the first time the user accesses the voicemail system by dialing *97.

    sig-fix disables Module Signature Checking in the FreePBX GUI. This should not be necessary unless you have added or edited FreePBX Modules with missing module signatures.

    sms-skyetel is a script to send SMS messages using a Skyetel trunk.

    sms-voip.ms is a script to send SMS messages using a VoIP.ms trunk.

    sms-blast, sms-blaster, and sms-dictator are scripts for message blasting. Tutorial here.

    timezone-setup is a script to set the timezone for your PBX.

    update-IncrediblePBX is a script that runs the Automatic Update Utility whenever you login to your server as root. These updates typically resolve bugs and security issues with your PBX. Do NOT remove it.

    wolfram is a script to deploy Wolfram Alpha on your PBX. Tutorial here.

    Forwarding Calls to Your Cellphone. Keep in mind that inbound calls to your DIDs automatically ring all five SIP extensions, 701-705. The easiest way to also ring your cellphone is to set one of these five extensions to forward incoming calls to your cellphone. After logging into your PBX as root, issue the following command to forward calls from extension 705 to your cellphone: asterisk -rx "database put CF 705 6781234567"

    To remove call forwarding: asterisk -rx "database del CF 705"

    Implementing Call By Name with 411

    Once you have an Outbound Trunk and Route configured, deploying Call by Name by dialing 411 is simple. The way it works is to pick up any phone connected to your PBX and dial 411. When prompted for the name of the person or company to call, say the name as you entered it in the AsteriDex directory, e.g. Delta Air Lines. The name will then be looked up to decipher the number of the person or company to call. Then the call will be placed using your default outbound route. To deploy Call By Name, simply follow the setup instructions in this Nerd Vittles tutorial.

    Introducing Adminer: The Ultimate MySQL Editor

    If you’re as sick of phpMyAdmin as we are, you’ll be happy to know there’s a new kid on the block, Adminer. Better yet, the install procedure is a painless, one-minute exercise. The setup procedure for Incredible PBX 2027 is documented here. Once installed, you can connect to Adminer at http://server-ip-address/adminer. You should be prompted for your Apache admin credentials which were configured when you first installed Incredible PBX. Next, enter your MySQL root credentials and Adminer will display in all its glory. DO NOT OPEN PORT 80 FOR PUBLIC ACCESS, OR YOUR ENTIRE PBX WILL BE AT A HACKER’S MERCY!


    Keeping FreePBX 16 Modules Current

    We strongly recommend that you periodically update all of your FreePBX modules to eliminate bugs and to reduce security vulnerabilities. From the Linux CLI, log into your server as root and issue the following commands:

    rm -f /tmp/*
fwconsole ma upgradeall
fwconsole reload
/root/sig-fix
systemctl restart apache2
/root/sig-fix

    Help If You Can

    Many of you know Tony Lewis and especially his tireless efforts over the years in support of the open source community. Our heartfelt condolences go out to Tony and his extended family upon the death of his brother, Dan, last week. In the midst of renovating their home, Dan leaves behind his wife and four young children to pick up the pieces. If you’re able, they could use your financial help. A Go Fund Me campaign was launched in Dan’s honor here.

    Originally published: Tuesday, April 25, 2023


    Need help with Asterisk? Visit the VoIP-info Forum.

     

    Special Thanks to Our Generous Sponsors


    FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

    BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

    The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

    VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
     

    Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
     

    Happy New Year: It’s Incredible PBX 2027 for the Raspberry Pi

    Monday, January 23, 2023 / 2 Comments on Happy New Year: It’s Incredible PBX 2027 for the Raspberry Pi



    Ever since Eben and Liz Upton first introduced the Raspberry Pi to our Charleston community over a decade ago, the primary focus of their development team has been to encourage people of the world to learn about computers on an affordable platform. To this day, the Raspberry Pi 4B can still be purchased (if you can find one) for $35. Unfortunately, supply chain issues have taken their toll. If you prefer not to pay a premium for the Raspberry Pi 4B or 400 keyboard, then visit the RPiLocator. If time is of the essence, then eBay is your friend for both the RasPi4 and the RasPi 400 keyboard.

    Many of you may know that Mark Spencer, who founded Digium and initially developed Asterisk®, now has a new avionics company in Huntsville, Avilution. You may be surprised to learn that their unPanel Avionics platform was developed using redundant Raspberry Pi’s.

    UPDATE: Download the latest Incredible PBX 2027 image for RasPi here.

    To celebrate the New Year, we’ve taken an entirely new approach in developing this latest Incredible PBX iteration for the Raspberry Pi. In previous builds, we’ve offered a turnkey image for the Raspberry Pi. This time around we’ve incorporated the same Debian 11 installer that we use on AMD64 and ARM64 platforms. The primary advantage is that this installer will continue to work with future Raspberry Pi hardware that supports the Debian 11 platform. It also allows us to make slipstream enhancements across all hardware platforms in minutes instead of weeks. One final benefit of the new design is that you now can take advantage of the Raspberry Pi Imager which lets you create the base Debian 11 microSD platform for the Raspberry Pi in minutes.

    What’s Included? Incredible PBX 2027 serves up a never before available VoIP powerhouse featuring Asterisk 20 and all FreePBX 16 GPL modules, an Apache web server, the latest MariaDB SQL server (formerly MySQL), SendMail mail server, Webmin, and most of the Incredible PBX feature set including SIP, PJSIP, SMS, voice recognition, AsteriDex, gTTS Text-to-Speech VoIP applications, Call-By-Name Dialing, News, Weather, Telephone Reminders, and hundreds of features that typically are found in commercial PBXs: Conferencing, IVRs and Email Delivery of transcribed voicemails, AutoAttendants, Voicemail Blasting, and more. We’ve also incorporated the Zero Trunk Configuration feature from the LITE build which lets you sign up with one of our VoIP providers and start making and receiving calls instantly. Or you can use the new ClearlyIP trunking module included in the GUI for seamless integration of SMS messaging into FreePBX® and its User Control Panel.

    Choosing a SIP Provider. As we mentioned, Incredible PBX 2027 comes preconfigured to support many of the major SIP providers including those that financially support Nerd Vittles and our open source projects: ClearlyIP, Skyetel, and VoIP.ms. As the old saying goes, they may not be the cheapest, but you get what you pay for. With all our providers, you only pay for minutes you use so signing up with more than one provider is a smart idea. For the full list of supported VoIP providers, visit the Incredible PBX Wiki.

    Assembling the Required Raspberry Pi Components

    Before you can deploy Incredible PBX 2027, you’ll first need the necessary Raspberry Pi hardware. To support the enhanced Incredible PBX 2027 platform, we strongly recommend either the Raspberry Pi 400 or the Raspberry Pi 4B with at least 2GB RAM. You can choose a reseller below for quicker delivery. Assuming you already own an HDMI-compatible monitor and a USB keyboard (only required if you don’t buy a RasPi 400)…

  • Raspberry Pi 4B or Raspberry Pi 400
  • $10 USB-C RasPi 4 (only) Power Supply
  • $9 32GB microSDHC Class 10 card (strongly recommended!)
  • $5 Official RasPi 4B Case or see above for our favorite

    • Getting Started with Incredible PBX 2027

    Begin by downloading Raspberry Pi Imager for PC, MAC, or Ubuntu desktop. Run the Imager from your desktop computer with the following settings after inserting microSD card in your desktop machine:

    OS: Raspberry Pi OS (other) -> Raspberry Pi OS Lite (64-bit)
Storage: Select your microSD card (32GB Type 10 recommended)
Click WRITE

    Remove the microSD card from your desktop computer. Insert it into your Raspberry Pi and power on the device. The initial Raspberry Pi OS setup for the United States follows. For users elsewhere, follow your nose.

    Choose keyboard layout: (Other, English (US) for USA users)
Keyboard Layout: English (US)
username: nerd
password: make it secure, type it twice
login: nerd with new password
sudo passwd root
create new secure root password
logout: exit
login: root with new root password
userdel nerd
nano -w /etc/ssh/sshd_config
  edit and uncomment: PermitRootLogin yes
  uncomment PasswordAuthentication yes
  save: Ctrl-X, Y, then ENTER key
run: raspi-config
  Settings Apply to: pi
  Localization: WLAN Country: US
  System Options: Wireless LAN: Enter your SSID and SSID passphrase
  System Options: Hostname: debian
  System Options: Power LED: YES
  Interface Options: SSH: YES
  Localization: Locale: Disable en_GB.UTF-8 and Enable en_US.UTF-8
  Localization: TimeZone: America, NewYork
  FINISH and Reboot

    Once your Raspberry Pi has restarted, login as root with your root password and issue the following commands:

    wget http://incrediblepbx.com/IncrediblePBX2027-D-RasPi.sh
chmod +x IncrediblePBX2027-D-RasPi.sh
ip a

    To assure that your desktop computer is whitelisted in the Incredible PBX firewall, we recommend completing the rest of the install using SSH or Putty on your desktop machine. The ip a command above will tell you the local IP address of your RasPi. So login using this command: ssh root@ip-address. Then issue the following command:

    ./IncrediblePBX2027-D-RasPi.sh

    When the install finishes, reboot your Raspberry Pi and log back in as root. Let the Automatic Update Utility bring your system up to current specs after which the pbxstatus display should show something like the following.

    NOTE: To activate an OpenVPN client connection, create and copy a client configuration named incrediblepbx2027.ovpn from your OpenVPN server into the /etc folder & reboot.


    First Boot of Incredible PBX 2027

    If you entered WiFi credentials when running raspi-config above and your Raspberry Pi does not have a wired network connection, it should automatically enable the Wi-Fi connection on reboot. Issuing the command ip a will tell you the local IP addresses of wlan0 and eth0. With the Raspberry Pi 3B, 4B and 400, WiFi is built into the hardware. But you still have to provide your SSID name and SSID password to make a connection to your WiFi network. If pbxstatus does not show a network connection, here’s how to enable Wi-Fi:

    If your WiFi network requires a password, insert the following into /etc/wpa_supplicant/wpa_supplicant.conf:

    ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
country=US

network={
 ssid="YourSSID"
 psk="YourSSIDpassword"
 key_mgmt=WPA-PSK
 scan_ssid=1
 priority=7
}

     

    Now restart your server: reboot. When the reboot finishes, you now should have network connectivity.

    You may also need to change the default PortKnocker setting to your wireless LAN connection:

    sed -i 's|eth0|wlan0|' /etc/default/knockd
service knockd restart

     

    Finally, if your PBX is sitting behind a NAT-based router, you’ll need to redirect incoming UDP 5060-5061 and UDP 10000-20000 traffic to the private IP address of your RasPi. This is required for all of the SIP providers included in the Incredible PBX 2027 build. Otherwise, all inbound calls will fail.

    Configuring Skyetel for Incredible PBX 2027

    If you’ve decided to go with Skyetel, here’s the drill. Sign up for Skyetel service and take advantage of the Nerd Vittles Free $10 credit and BOGO special. First, complete the Prequalification Form here. You then will be provided a link to the Skyetel site to complete your registration. Once you have registered on the Skyetel site and your account has been activated, open a support ticket and request the $10 credit for your account by referencing the Nerd Vittles special offer. Once you are happy with the service, open another ticket after funding your account and request that Skyetel match your deposit of up to $250. That gets you up to $500 of helf-price calling. Credit is limited to one per person/company/address/location. If you have numbers to port in, you can do it at no cost after funding your account. Effective 10/1/2023, $25/month minimum spend required.

    Skyetel typically does not require SIP registrations to make connections to your PBX. Instead, Skyetel utilizes Endpoint Groups to identify which servers can communicate with the Skyetel service. An Endpoint Group consists of a Name, an IP address, a UDP or TCP port for the connection, and a numerical Priority for the group. For incoming calls destined to your PBX, DIDs are associated with an Endpoint Group to route the calls to your PBX. For outgoing calls from your PBX, a matching Endpoint Group is required to authorize outbound calls through the Skyetel network. Thus, the first step in configuring the Skyetel side for use with your PBX is to set up an Endpoint Group. Here’s a typical setup for Incredible PBX 2027:

    • Name: MyPBX
    • Priority: 1
    • IP Address: PBX-Public-IP-Address
    • Port: 5061
    • Protocol: UDP
    • Description: 2027.incrediblepbx.com

    To receive incoming PSTN calls, you’ll need at least one DID. On the Skyetel site, you acquire DIDs under the Phone Numbers tab. You have the option of Porting in Existing Numbers (free for the first 60 days after you fund your account) or purchasing new ones under the Buy Phone Numbers menu option.

    Once you have acquired one or more DIDs, navigate to the Local Numbers or Toll Free Numbers tab and specify the desired SIP Format and Endpoint Group for each DID. Add SMS/MMS and E911 support, if desired. Call Forwarding and Failover are also supported. That completes the VoIP setup on the Skyetel side. System Status is always available here.

    Configuring VoIP.ms for Incredible PBX 2027

    To sign up for VoIP.ms service, may we suggest you use our signup link so that Nerd Vittles gets a referral credit for your signup. Once your account is set up, you’ll need to set up a SIP SubAccount and, for Authentication Type, choose Static IP Authentication and enter your Incredible PBX 2027 server’s public IP address. For Transport, choose UDP. For Device Type, choose Asterisk, IP PBX, Gateway or VoIP Switch. Order a DID in their web panel, and then point the DID to the SubAccount you just created. Be sure to specify atlanta1.voip.ms as the POP from which to receive incoming calls. On the Incredible PBX side, simply Enable the VoIPms trunk and save your update.

    Adding a Bootable SSD to Raspberry Pi

    Shown below are the two components that make up the 256GB storage solution for the Raspberry Pi. These include the M.2 SSD SATA drive and the M.2 enclosure which provides a USB connector that’s compatible with your RasPi. Assembly of the components takes less than a minute as shown in the steps below:




    You can order the M.2 SSD SATA drive and the M.2 enclosure using our Amazon referral links which help support Nerd Vittles and the Incredible PBX open source project.

    Once you have assembled your SSD in the sleeve, log back in as root using SSH or Putty. For best performance, insert the SSD drive into one of the blue USB 3.0 ports and verify that /dev/sda device is shown when you issue the command: fdisk -l

    Now proceed with the following steps to copy the image from your microSD card to the new SSD SATA drive:

    rpi-clone -l -e sda -f sda
# answer prompts with yes and incred2027
# once the image is copied, dismount the drive when prompted
mount /dev/sda2 /mnt/clone
cd /mnt/clone/boot
cp -p -r /boot/* .
sed -i 's|sda2|mmcblk0p2|' /boot/cmdline.txt
cd /
umount /mnt/clone
halt

     
    Now you’re ready to restart your Raspberry Pi from the SSD SATA drive. Remove the microSD card and reboot your server.



    Configuring a Softphone for Incredible PBX 2027

    We’re in the home stretch now. You can connect virtually any kind of telephone to your new PBX. Plain Old Phones require an analog telephone adapter (ATA) which can be a separate board in your computer from a company such as Digium. SIP phones can be connected directly so long as they have an IP address. These could be hardware devices or software devices such as the YateClient softphone. We’ll start with a free one today so you can begin making calls. You can find dozens of recommendations for hardware-based SIP phones both on Nerd Vittles and the PIAF Forum when you’re ready to get serious about VoIP telephony.

    We recommend YateClient which is free. Download it from here or the Mac App Store. Run YateClient once you’ve installed it and enter the credentials for the 701 extension on Incredible PBX. You can find them by running /root/show-passwords. You’ll need the IP address of your server plus your extension 701 password. In the YateClient, fill in the blanks using the IP address of your Server, 701 for your Username, and whatever Password was assigned to the extension when you installed Incredible PBX. Click OK to save your entries.

    Once you are registered to extension 701, close the Account window. Then click on YATE’s Telephony Tab and place some test calls to the numerous apps that are preconfigured on Incredible PBX. Dial a few of these to get started:

    DEMO - Apps Demo
123 - Reminders
947 - Weather by ZIP Code
951 - Yahoo News
TODAY - Today in History
LENNY - The Telemarketer's Worst Nightmare

    If you are a Mac user, another great no-frills softphone is Telephone. Just download and install it from the Mac App Store.

    Last but not least, we also like the Zoiper5 free softphone. You can download it for your Windows, Mac, and Linux desktops here.

    Audio Issues with Incredible PBX 2027

    If you experience one-way or no audio on some calls, add your external IP address and LAN subnet in the GUI by navigating to Settings -> Asterisk SIP Settings. In the NAT Settings section, click Detect Network Settings. Click Submit and Apply Settings to save your changes.

    Configuring Gmail as Smart Relay Host

    Most Raspberry Pi implementations will be on networks managed by companies like Comcast, Spectrum, and AT&T that block downstream mail servers (that’s you) from sending email. The solution is to use Gmail or your local ISP as a smart relay host to send mail from your server. You’ll need this to deliver voicemails via email. Here’s how to set it up using a Gmail account. IMPORTANT: You MUST use a Gmail App Password instead of your Gmail account password. 

    /root/enable-gmail-smarthost-for-sendmail

    Now send yourself a test email message to make sure things are working properly:

    echo "test" | mail -s testmessage yourname@yourmailprovider.com

    Incredible PBX 2027 Administration

    We’ve eased the pain of administering your new PBX with a collection of scripts which you will find in the /root folder after logging in with SSH or Putty. Here’s a quick summary of what each of the scripts does.

    admin-pw-change lets you update the admin password for web browser access to the Incredible PBX GUI.

    apache-pw-change lets you update the admin password for Apache applications such as AsteriDex and Reminders.

    add-fqdn is used to whitelist a fully-qualified domain name in the firewall. Because Incredible PBX 2027 blocks all traffic from IP addresses that are not whitelisted, this is what you use to authorize an external user for your PBX. The advantage of an FQDN is that you can use a dynamic DNS service to automatically update the IP address associated with an FQDN so that you never lose connectivity.

    add-ip is used to whitelist a public IP address in the firewall. See the add-fqdn explanation as to why this matters.

    del-acct is used to remove an IP address or FQDN from the firewall’s whitelist.

    iptables-restart is the ONLY command you should ever use to restart the IPtables firewall and Fail2Ban.

    knock.FAQ contains your PortKnocker credentials for emergency access to your server if the firewall locks you out. Tutorial here.

    reset-conference-pins is a script that automatically and randomly resets the user and admin pins for access to the preconfigured conferencing application. Dial C-O-N-F from any registered SIP phone to connect to the conference.

    reset-extension-passwords is a script that automatically and randomly resets ALL of the SIP passwords for extensions 701-705. Be careful using this one, or you may disable existing registered phones and cause Fail2Ban to blacklist the IP addresses of those users. HINT: You can place a call to the Ring Group associated with all five extensions by dialing 777.

    reset-reminders-pin is a script that automatically and randomly resets the pin required to access the Telephone Reminders application by dialing 123. It’s important to protect this application because a nefarious user could set up a reminder to call a number anywhere in the world assuming your SIP provider’s account was configured to allow such calls.


    rpi-clone is a utility that makes it easy to make a bootable image of the microSD card used to start your Raspberry Pi. You’ll need a USB-to-microSD adapter to begin. Insert a backup microSD card large enough to hold all of the data on the primary microSD card (df -h). Insert the USB stick with the card. Identify the backup microSD card, usually sda (fdisk -l). Format the backup microSD card: mkfs.vfat /dev/sda1 && mkfs.ext4 /dev/sda2. Then issue the following command to clone the primary microSD card: rpi-clone -f sda. Tutorial here.

    show-feature-codes is a cheat sheet for all of the feature codes which can be dialed from any registered SIP phone. It documents how powerful a platform Incredible PBX 2027 actually is. A similar listing is available in the GUI at Admin -> Feature Codes.

    show-passwords is a script that displays ALL of the passwords associated with Incredible PBX 2027. This includes SIP extension passwords, voicemail pins, conference pins, telephone reminders pin, and your Anveo Direct outbound calling pin (if configured). Note that voicemail pins are configured by the user of a SIP extension the first time the user accesses the voicemail system by dialing *97.

    timezone-setup lets you reconfigure the correct time zone for your server.

    purge-cdr-cel-records cleans out all existing entries in both the CDR and CEL tables of the Asterisk CDR database.

    sig-fix disables module signature checking in FreePBX. It is automatically disabled upon installation.

    update-IncrediblePBX is the Automatic Update Utility which checks for server updates from incrediblepbx.com every time you log into your server as root using SSH or Putty. Do NOT disable it as it is used to load important fixes and security updates when necessary. We recommend logging into your server at least once a week.

    pbxstatus (shown above) displays status of all major components of Incredible PBX 2027.

    Forwarding Calls to Your Cellphone. Keep in mind that inbound calls to your DIDs automatically ring all five SIP extensions, 701-705. The easiest way to also ring your cellphone is to set one of these five extensions to forward incoming calls to your cellphone. After logging into your PBX as root, issue the following command to forward calls from extension 705 to your cellphone: asterisk -rx "database put CF 705 6781234567"

    To remove call forwarding: asterisk -rx "database del CF 705"

    Keeping FreePBX 16 Modules Current

    We strongly recommend that you periodically update all of your FreePBX modules to eliminate bugs and to reduce security vulnerabilities. Make a backup image with rpi-clone first! From the Linux CLI, log into your server as root and issue the following commands:

    rm -f /tmp/*
fwconsole ma upgradeall
fwconsole reload
/root/sig-fix
systemctl restart apache2
/root/sig-fix

    Resolving an Expired Certificate Alert

    1. Navigate to Admin -> Certificate Management in the FreePBX GUI
    2. Click the Trashcan to delete the Self-Signed Certificate
    3. Click New Certificate -> Generate Self-Signed Certificate
    4. In the Description field, type: Default
    5. Click Generate Certificate button

    What About Fax Support?

    Come back next week for a pleasant surprise.

    Continue Reading: Icing on the Cake for Incredible PBX but do NOT deploy Exim.

    Originally published: Monday, January 23, 2023


    Need help with Asterisk? Visit the VoIP-info Forum.

     

    Special Thanks to Our Generous Sponsors


    FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

    BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

    The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

    VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
     

    Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
     

    Happy New Year: It’s Incredible PBX 2027 for Debian 11

    Monday, January 16, 2023 / 3 Comments on Happy New Year: It’s Incredible PBX 2027 for Debian 11

    These past two weeks to celebrate the New Year, we’ve introduced Incredible PBX 2027 for Rocky 8 with AMD64-compatible hardware and Incredible PBX 2027 for Ubuntu 22.04 with AMD64 and ARM64 hardware support. Today we’re pleased to introduce Incredible PBX 2027 for Debian 11 featuring Asterisk® 20 LTS support until the fall of 2027. This release comes with full support for FreePBX® 16 as well as all the Incredible PBX goodies to which you’ve become accustomed.

    UPDATE: Proxmox image of Incredible PBX 2027-D now available in the Incredible PBX Repository.

    Again we want to offer our thanks to the many talented individuals on the VoIP-Info.org Forum who have assisted us in working through the growing pains of bringing you these new open source products at zero cost. And our special thanks to @kenn10 for his Herculean efforts refining the Incredible PBX 2027 install scripts. Come celebrate the New Year with us and join the party!

    If you’re using on-premise hardware, download Debian 11, codenamed bullseye, netinst, for 64-bit PC (amd64). If you’d prefer to experiment in the cloud for about a penny an hour, open an account at Vultr or Digital Ocean using our referral links that support the Nerd Vittles project. You’ll also get some free credit to try out the service. Then create a new $5/month Debian 11, 64-bit instance in your favorite city. Want some cheaper KVM cloud alternatives? Visit the Incredible PBX Wiki for tips.

    If your PBX is sitting behind a NAT-based router, you’ll need to redirect incoming UDP 5060-5061 and UDP 10000-20000 traffic to the private IP address of your server. This is required for all of the SIP providers included in the Incredible PBX 2027 builds. Otherwise, all inbound calls will fail.

    Installing Incredible PBX 2027 on Debian 11 Server

    If you’re building the Debian platform from the ISO, boot your server from the ISO, choose your Language, choose your Location, and choose your Keyboard. Wait for the network to be configured. Then leave the Hostname set as debian. Leave the Domain blank. Set your root password. Create a New User and Password. Set the TimeZone for your clock. Accept the defaults to partition disks. Write the changes to disk. Wait for the base system to be installed. Answer NO at the Scan More Media prompt. Select a Mirror for Package Manager that is close to you. Leave the proxy information blank. At the Software Selection prompt, choose only the bottom two options to get the basics and SSH. Load the GRUB boot manager and select your drive. Then reboot. After reboot, login as the new user and issue these commands:

    # set root password
su root
passwd
exit
exit
# log back in as root
# delete temporary user
userdel -r temp-user-name
# decipher server IP address
ip a
# try logging in via SSH: ssh root@ip-address

    If you cannot login via SSH or Putty as root then, from the console while logged in as root, issue these commands:

    apt install nano -y
cd /etc/ssh
nano -w sshd_config
# change the following entries as shown here:
  PermitRootLogin yes
  PasswordAuthentication yes
# save the file and restart SSH
# Ctrl-X, Y, and press ENTER key
systemctl restart ssh

    Once your Debian 11 platform is properly configured, login as root using SSH or Putty. Issue the commands below to kick off the install:

    apt install wget tar nano -y
wget http://incrediblepbx.com/IncrediblePBX2027-D.sh
chmod +x IncrediblePBX2027-D.sh
./IncrediblePBX2027-D.sh

    Setting a Hostname for Incredible PBX 2027

    Once your server is up and running, you’ll need to set a hostname for the machine that is resolvable on the Internet. Failure to do so will make access to the FreePBX GUI a painfully delayed process. If you don’t have an FQDN that can be used, you can use the default: noreply.incrediblepbx.com. To change it, edit /etc/hosts and /etc/hostname. Also enter your new FQDN with the command: hostname myfqdn.com.

    Next Steps with Incredible PBX 2027

    Before you can manage your PBX through a web browser, you first will need to set the root password for Debian as well as the admin passwords for FreePBX and Apache web apps such as Reminders and AsteriDex. These all can be set by logging into your server as root and issuing the following commands: passwd, admin-pw-change, and apache-pw-change.

    Outbound mail functionality needs to be working so that you can receive voicemail messages and faxes by email. To prevent SPAM, most ISPs and ITSPs block messages from downstream mail servers. That would be you. The easiest way to resolve this is to configure SendMail using Gmail as an SMTP Smarthost. You obviously need a Gmail account to implement this and you also will need to obtain an App password for your Gmail account, and use that in lieu of your regular Gmail password when configuring SendMail. With your Gmail username and App password in hand, log into your server as root and run: /root/enable-gmail-smarthost-for-sendmail.

    If your Incredible PBX 2027 is hosted with a cloud provider, be advised that some providers do not include a swap file as part of their offering. To see if a swapfile is enabled, issue the command: free -h. FreePBX requires a swap file. To add one, issue this command after logging into your server as root: /root/create-swapfile-DO.

    To correctly set the time on your PBX, run: /root/timezone-setup.

    By default, the voicemail password for each of the configured extensions (701-705) is set to the extension number. This means the user will be prompted to set a voicemail password on the first login to voicemail for each extension. A phone must be registered to the actual extension to access its voicemail account. For example, once a phone is registered to extension 701, the voicemail setup can be accessed by dialing *98701.

    Overview of the Initial Asterisk Setup Process

    For those new to PBXs, here’s a two paragraph summary of how Voice over IP (VoIP) works. Phones connected to your PBX are registered with Extensions so that they can make and receive calls. When a PBX user picks up a phone and dials a number, an Outbound Route tells the PBX which Trunk to use to place the call based upon established dialing rules. Unless the dialed number is a local extension, a Trunk registered with some service provider accepts the call, and the PBX sends the call to that provider. The provider then routes the call to its destination where the recipient’s phone rings to announce the incoming call. When the recipient picks up the phone, the conversation begins.

    Looking at things from the other end, when a caller somewhere in the world wishes to reach you, the caller picks up a telephone and dials a number known as a DID that is assigned to you by a provider with whom you have established service. When the provider receives the call to your DID, it routes the call to your PBX based upon destination information you established with the provider. Your PBX receives the call with information identifying the DID of the call as well as the CallerID name and number of the caller. An Inbound Route on your PBX then determines where to send the call based upon that DID and CallerID information. Typically, a call is routed to an Extension, a group of Extensions known as a Ring Group, or an IVR or AutoAttendant giving the caller choices on routing the call to the desired destination. Once the call is routed to an Extension, the PBX rings the phone registered to that Extension. When you pick up the phone, the conversation begins.

    Configuring Trunks with Incredible PBX GUI

    Perhaps the most difficult component to configure in the PBX is the Trunk. Almost every provider has a different way of doing things. We’ve taken some of the torture out of the exercise by providing a script which will configure settings for dozens of providers in seconds. Once installed, all you need to do is edit the desired Trunk (Connectivity:Trunks), change the Disable Trunk entry to No, and insert your credentials in both the PEER Details and Registration string of the SIP Settings Outgoing and Incoming tabs. Skyetel is enabled by default and needs no setup on the PBX side.

    Configuring Skyetel for Incredible PBX 2027

    If you’ve decided to go with Skyetel, here’s the drill. Sign up for Skyetel service and take advantage of the Nerd Vittles specials. First, complete the Prequalification Form here. You then will be provided a link to the Skyetel site to complete your registration. Once you have registered on the Skyetel site and your account has been activated, open a support ticket and request the $10 credit for your account by referencing the Nerd Vittles special offer. Once you are satisfied with the service, fund your account as desired, and Skyetel will match your deposit of up to $250 simply by opening another ticket. That gets you up to $500 of half-price calling. Credit is limited to one per person/company/address/location. Effective 10/1/2023, $25/month minimum spend required.

    Skyetel does not use SIP registrations to make connections to your PBX. Instead, Skyetel utilizes Endpoint Groups to identify which servers can communicate with the Skyetel service. An Endpoint Group consists of a Name, an IP address, a UDP or TCP port for the connection, and a numerical Priority for the group. For incoming calls destined to your PBX, DIDs are associated with an Endpoint Group to route the calls to your PBX. For outgoing calls from your PBX, a matching Endpoint Group is required to authorize outbound calls through the Skyetel network. Thus, the first step in configuring the Skyetel side for use with your PBX is to set up an Endpoint Group. Here’s a typical setup for Incredible PBX 2027:

    • Name: MyPBX
    • Priority: 1
    • IP Address: PBX-Public-IP-Address
    • Port: 5060
    • Protocol: UDP
    • Description: my.incrediblepbx.com

    To receive incoming PSTN calls, you’ll need at least one DID. On the Skyetel site, you acquire DIDs under the Phone Numbers tab. You have the option of Porting in Existing Numbers (free for the first 60 days after you sign up for service) or purchasing new ones under the Buy Phone Numbers menu option.

    Once you have acquired one or more DIDs, navigate to the Local Numbers or Toll Free Numbers tab and specify the desired SIP Format and Endpoint Group for each DID. Add SMS/MMS and E911 support, if desired. Call Forwarding and Failover are also supported. That completes the VoIP setup on the Skyetel side. System Status is always available here.

    Configuring VoIP.ms for Incredible PBX 2027

    To sign up for VoIP.ms service, may we suggest you use our signup link so that Nerd Vittles gets a referral credit for your signup. Once your account is set up, you’ll need to set up a SIP SubAccount and, for Authentication Type, choose Static IP Authentication and enter your Incredible PBX 2027 server’s public IP address. For Transport, choose UDP. For Device Type, choose Asterisk, IP PBX, Gateway or VoIP Switch. Order a DID in their web panel, and then point the DID to the SubAccount you just created. Be sure to specify atlanta1.voip.ms as the POP from which to receive incoming calls. In the Incredible PBX GUI, be sure to enable the VoIP.ms trunk.

    Configuring V1VoIP for Incredible PBX 2027

    To sign up for V1VoIP service, sign up on their web site. Then login to your account and order a DID under the DIDs tab. Once the DID has been assigned, choose View DIDs and click on the Forwarding button beside your DID. For Option #1, choose Forward to IP Address/PBX. For the Forwarding Address, enter the public IP address of your server. For the T/O (timeout) value, set it to 2o seconds. Then click the Update button. Under the Termination tab, create a new Endpoint with the public IP address of your server so that you can place outbound calls through V1VoIP. In the Incredible PBX GUI, be sure to enable all of the V1VoIP trunks.

    Configuring Anveo Direct for Incredible PBX 2027

    To sign up for Anveo Direct service, sign up on their web site and then login. After adding funds to your account, purchase a DID under Inbound Service -> Order DID. Next, choose Configure Destination SIP Trunk. Give the Trunk a name. For the Primary SIP URI, enter $[E164]$@server-IP-address. For Call Options, select your new DID from the list. You also must whitelist your public IP address under Outbound Service -> Configure. Create a new Call Termination Trunk and name it to match your server. For Dialing Prefix, choose six alphanumeric characters beginning with a zero. In Authorized IP Addresses, enter the public IP address of your server. Set an appropriate rate cap. We like $0.01 per minute to be safe. Set a concurrent calls limit. We like 2. For the Call Routing Method, choose Least Cost unless you’re feeling extravagant. For Routes/Carriers, choose Standard Routes. Write down your Dialing Prefix and then click the Save button.

    Before you can make outbound calls through Anveo Direct from your PBX, you first must configure the Dialing Prefix that you wrote down in the previous step. Log into the GUI as admin using a web browser and edit the Anveo-Out trunk in Connectivity -> Trunks. Enable the Trunk. Then click on the custom-Settings tab and replace anveo-pin with your actual Dialing Prefix. Click Submit and Apply Config to complete the setup. In the Incredible PBX GUI, be sure to enable all of the remaining Anveo trunks.

    By default, incoming Anveo Direct calls will be processed by the Default inbound route on your PBX. If you wish to redirect incoming Anveo Direct calls using DID-specific inbound routes, then you’ve got a bit more work to do. In addition to creating the inbound route using the 11-digit Anveo Direct DID, enter the following commands after logging into your server as root using SSH/Putty:

    cd /etc/asterisk
echo "[from-anveo]" >> extensions_custom.conf
echo "exten => _.,1,Ringing" >> extensions_custom.conf
echo "exten => _.,n,Goto(from-trunk,\\${SIP_HEADER(X-anveo-e164)},1)" >> extensions_custom.conf
asterisk -rx "dialplan reload"

    Configuring Extensions with Incredible PBX GUI

    Extensions are created using the Incredible PBX GUI: Applications:Extensions. Many SIP phones expect extensions to communicate on UDP port 5060. If this is the case with your SIP phone or softphone, then always create Chan_SIP extensions which communicate on UDP 5060. If your SIP phone or softphone provide port flexibility, then you have a choice in the type of SIP extension to create: Chan_SIP or the more versatile PJSIP (UDP 5061). Just remember to always configure SIP extensions with NAT Mode=YES in the Advanced tab. If your VoIP phones or softphones support IAX connectivity, you may wish to consider IAX extensions which avoid NAT problems.

    When you create a new Extension, a new entry is automatically created in the PBX Internal Directory. If you wish to allow individual users to manage their extensions or use the WebRTC softphone, then you will also have to create a (very) secure password for User Control Panel (UCP) access. Choose Admin:User Management and click on the key icon of the desired extension to assign a password for UCP and WebRTC access.

    Configuring a Desktop Softphone for Incredible PBX

    We’re in the home stretch now. You can connect virtually any kind of telephone to your new PBX. Plain Old Phones require an analog telephone adapter (ATA) which can be a separate board in your computer from a company such as Digium. Or it can be a standalone SIP device such as ObiHai’s OBi100 or OBi110 (if you have a phone line from Ma Bell to hook up as well). SIP phones can be connected directly so long as they have an IP address. These could be hardware devices or software devices such as the YateClient softphone. We’ll start with a free one today so you can begin making calls. You can find dozens of recommendations for hardware-based SIP phones both on Nerd Vittles and the PIAF Forum when you’re ready to get serious about VoIP telephony.

    We recommend YateClient for Windows which is free. Download it from here. Run YateClient once you’ve installed it and enter the credentials for the 701 extension on Incredible PBX. You can find them by running /root/show-passwords. You’ll need the IP address of your server plus your extension 701 password. In the YateClient, fill in the blanks using the IP address of your Server, 701 for your Username, and whatever Password was assigned to the extension when you installed Incredible PBX. Click OK to save your entries.

    Once you are registered to extension 701, close the Account window. Then click on YATE’s Telephony Tab and place some test calls to the numerous apps that are preconfigured on Incredible PBX. Dial a few of these to get started:

    DEMO - Apps Demo
123 - Reminders
947 - Weather by ZIP Code
951 - Yahoo News
TODAY - Today in History
LENNY - The Telemarketer's Worst Nightmare

    If you are a Mac user, another great no-frills softphone is Telephone. Just download and install it from the Mac App Store. For Android users, check out the terrific new VitalPBX Communicator. Works flawlessly with Incredible PBX.

    Configuring a Softphone Extension on a Smartphone

    Adding an Incredible PBX extension to your smartphone gets a little trickier. Whether you’re an iPhone or Android lover, all smartphones use batteries, and you don’t want to drain your battery by running a softphone as a foreground app all the time. Fortunately, you now have some choices in softphones engineered to work without draining your battery. While they all cost money, it’s not much money. We’ve written about all the choices, and you’ll find the links in our Softphone Provider Recommendations on the new Incredible PBX Wiki.

    With PJsip extensions, you’re not limited to a single phone connection at a time, and we’ve preconfigured extension 701 to support ten simultaneous connections. The setup on the softphone side is simple. For the server, enter the actual IP address of your PBX in the following format: 22.33.44.55:5061. Then enter 701 for the username and enter the password assigned to the 701 extension on your PBX. When an incoming call arrives, all the phones registered to extension 701 will ring simultaneously. Simply answer the call on the phone that is most convenient. For extension 702, you can change the number of simultaneous connections by clicking the Advanced tab and setting the number in Max Contacts.

    Configuring Outbound Routes in Incredible PBX GUI

    Outbound Routes serve a couple of purposes. First, they assure that calls placed by users of your PBX are routed out through an appropriate trunk to reach their destination in the least costly manner. Second, they serve as a security mechanism by either blocking or restricting certain calls by requiring a PIN to complete the calls. Never authorize recurring charges on credit cards registered with your VoIP providers and, if possible, place pricing limits on calls with your providers. If a bad guy were to break into your PBX, you don’t want to give the intruder a blank check to make unauthorized calls. And you certainly don’t want to join the $100,000 Phone Bill Club.

    To create outbound routes in the Incredible PBX GUI, navigate to Connectivity:Outbound Routes and click Add Outbound Route. In the Route Settings tab, give the Outbound Route a name and choose one or more trunks to use for the outbound calls. In the Dial Patterns tab, specify the dial strings that must be matched to use this Outbound Route. NXXNXXXXXX would require only 10-digit numbers with the first and fourth digits being a number between 2 and 9. Note that Outbound Routes are searched from the top entry to the bottom until there is a match. Make certain that you order your routes correctly and then place test calls watching the Asterisk CLI to make sure the calls are routed as you intended.

    Configuring Inbound Routes in Incredible PBX GUI

    Inbound Routes, as the name implies, are used to direct incoming calls to a specific destination. That destination could be an extension, a ring group, an IVR or AutoAttendant, or even a conference or DISA extension to place outbound calls (hopefully with a very secure password). Inbound Routes can be identified by DID, CallerID number, or both. To create Inbound Routes, choose Connectivity:Inbound Routes and then click Add Inbound Route. Provide at least a Description for the route, a DID to be matched, and the Destination for the incoming calls that match. If you only want certain callers to be able to reach certain extensions, add a CallerID number to your matching criteria. You can add Call Recording and CallerID CNAM Lookups under the Other tab.

    Audio Issues with Incredible PBX 2027

    While it is always a good idea anyway, if you experience one-way or no audio on some calls, be sure to add your external IP address and LAN subnet in the GUI by navigating to Settings -> Asterisk SIP Settings. In the NAT Settings section, click Detect Network Settings. Click Submit and Apply Settings to save your changes.

    Adding Incredible PBX 2027 to an OpenVPN Network

    We previously have documented the procedure for creating an OpenVPN server as well as OpenVPN client templates (.ovpn). If you need a refresher, the tutorial is here. To add your Incredible PBX 2027 server to an existing OpenVPN network, begin by creating an incrediblepbx2027.ovpn template on your OpenVPN server. Be sure to comment out or delete the setenv line in the template. Then copy this template to /etc on your Incredible PBX 2027 server. The following commands are already in place:

    echo "[Unit]
Description=openvpn2027
ConditionPathExists=/etc/openvpn-start
After=rclocal.service
[Service]
Type=forking
ExecStart=/etc/openvpn-start /etc/incrediblepbx2027.ovpn
TimeoutSec=0
StandardOutput=tty
RemainAfterExit=yes
PermissionsStartOnly=true
SysVStartPriority=99
[Install]
WantedBy=multi-user.target" > /etc/systemd/system/openvpn2027.service

    We’ve also enabled this openvpn2027.service which will start when you reboot your server. The OpenVPN IP address should now appear on the LAN line in pbxstatus:

    systemctl enable openvpn2027.service
reboot

    Incredible PBX 2027 Administration

    We’ve eased the pain of administering your new PBX with a collection of scripts which you will find in the /root folder after logging in with SSH or Putty. Here’s a quick summary of what each of the scripts does.

    add-fqdn is used to whitelist a fully-qualified domain name in the firewall. Because Incredible PBX 2027 blocks all traffic from IP addresses that are not whitelisted, this is what you use to authorize an external user for your PBX. The advantage of an FQDN is that you can use a dynamic DNS service to automatically update the IP address associated with an FQDN so that you never lose connectivity.

    add-ip is used to whitelist a public IP address in the firewall. See the add-fqdn explanation as to why this matters.

    del-acct is used to remove an IP address or FQDN from the firewall’s whitelist.

    admin-pw-change is used to set the admin password for access to the FreePBX/Incredible PBX web GUI using a browser pointed to the local IP address of your server.

    apache-pw-change is used to set the admin password for access to Apache/Incredible PBX apps including AsteriDex and Reminders. This provides a password layer of protection for access to these applications.

    incrediblebackup2021 makes a backup of critical components on your PBX to a tarball saved in /backup. This should be copied to safe location off-site for a rainy day.

    incrediblerestore2021 restores a backup file which has been copied to the /backup folder.

    ipchecker is a script which deciphers the public IP addresses associated with whitelisted FQDNs created with add-fqdn on your server. If any of the addresses have changed, the firewall is restarted after updating the IP addresses. By default, it is executed every 10 minutes by /etc/crontab.

    licenses.sh displays the license associated with each of the FreePBX modules on your server.

    logos-b-gone removes proprietary artwork from your PBX and is no longer necessary with the included IncrediblePBX FreePBX module.

    mime-construct is a command-line utility to send emails with attachments.

    neorouter-login is a script to add your PBX to a NeoRouter VPN. Tutorial here.

    odbc-gen.sh is a script that was run to generate the ODBC settings for Asterisk. Do NOT use it.

    openvpn-start is a script to add your PBX to an existing OpenVPN network using an .ovpn config file. Tutorial here.

    pbxstatus displays status of all major components of Incredible PBX 2027.

    pptp-install is a script to create a PPTP network connection for your PBX. Tutorial here.

    purge-cdr-cel-records removes all CDR and CEL records from the MySQL database.

    reset-conference-pins is a script that automatically and randomly resets the user and admin pins for access to the preconfigured conferencing application. Dial C-O-N-F from any registered SIP phone to connect to the conference.

    reset-extension-passwords is a script that automatically and randomly resets ALL of the SIP passwords for extensions 701-705. Be careful using this one, or you may disable existing registered phones and cause Fail2Ban to blacklist the IP addresses of those users. HINT: You can place a call to the Ring Group associated with all five extensions by dialing 777.

    reset-reminders-pin is a script that automatically and randomly resets the pin required to access the Telephone Reminders application by dialing 123. It’s important to protect this application because a nefarious user could set up a reminder to call a number anywhere in the world assuming your SIP provider’s account was configured to allow such calls.

    show-feature-codes is a cheat sheet for all of the feature codes which can be dialed from any registered SIP phone. It documents how powerful a platform Incredible PBX 2027 actually is. A similar listing is available in the GUI at Admin -> Feature Codes.

    show-passwords is a script that displays most of the passwords associated with Incredible PBX 2027. This includes SIP extension passwords, voicemail pins, conference pins, telephone reminders pin, and your Anveo Direct outbound calling pin (if configured). Note that voicemail pins are configured by the user of a SIP extension the first time the user accesses the voicemail system by dialing *97.

    sig-fix disables Module Signature Checking in the FreePBX GUI. This should not be necessary unless you have added or edited FreePBX Modules with missing module signatures.

    sms-skyetel is a script to send SMS messages using a Skyetel trunk.

    sms-voip.ms is a script to send SMS messages using a VoIP.ms trunk.

    sms-blast, sms-blaster, and sms-dictator are scripts for message blasting. Tutorial here.

    timezone-setup is a script to set the timezone for your PBX.

    update-IncrediblePBX is a script that runs the Automatic Update Utility whenever you login to your server as root. These updates typically resolve bugs and security issues with your PBX. Do NOT remove it.

    wolfram is a script to deploy Wolfram Alpha on your PBX. Tutorial here.

    Forwarding Calls to Your Cellphone. Keep in mind that inbound calls to your DIDs automatically ring all five SIP extensions, 701-705. The easiest way to also ring your cellphone is to set one of these five extensions to forward incoming calls to your cellphone. After logging into your PBX as root, issue the following command to forward calls from extension 705 to your cellphone: asterisk -rx "database put CF 705 6781234567"

    To remove call forwarding: asterisk -rx "database del CF 705"

    Implementing Call By Name with 411

    Once you have an Outbound Trunk and Route configured, deploying Call by Name by dialing 411 is simple. The way it works is to pick up any phone connected to your PBX and dial 411. When prompted for the name of the person or company to call, say the name as you entered it in the AsteriDex directory, e.g. Delta Air Lines. The name will then be looked up to decipher the number of the person or company to call. Then the call will be placed using your default outbound route. To deploy Call By Name, simply follow the setup instructions in this Nerd Vittles tutorial.

    Keeping FreePBX 16 Modules Current

    We strongly recommend that you periodically update all of your FreePBX modules to eliminate bugs and to reduce security vulnerabilities. From the Linux CLI, log into your server as root and issue the following commands:

    rm -f /tmp/*
fwconsole ma upgradeall
fwconsole reload
/root/sig-fix
systemctl restart apache2
/root/sig-fix

     

    Originally published: Monday, January 16, 2023


    Need help with Asterisk? Visit the VoIP-info Forum.

     

    Special Thanks to Our Generous Sponsors


    FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

    BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

    The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

    VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
     

    Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
     

    Happy New Year: It’s Incredible PBX 2027 for Ubuntu 22.04

    Last week to celebrate New Year’s Day, we introduced Incredible PBX 2027 for Rocky 8 with AMD64-compatible hardware. Today we’re pleased to introduce Incredible PBX 2027 for Ubuntu 22.04 LTS with its ten-year life cycle to complement Asterisk® 20 featuring LTS support until the fall of 2027. Both new AMD64 releases come with full support for FreePBX® 16 as well as all the Incredible PBX goodies to which you’ve become accustomed.

    We also want to offer our thanks to the many talented individuals on the VoIP-Info.org Forum who have assisted us in working through the growing pains of bringing you these new open source products at zero cost. And our special thanks to @kenn10 for his Herculean efforts refining the Incredible PBX 2027 install scripts. Come join the party!

    If you’re using on-premise hardware, begin by downloading the Live Server ISO image of Ubuntu 22.04 for amd64. Follow our previous tutorials for tips on installation with VirtualBox or VMware ESXi. If you’d prefer to experiment in the cloud for about a penny an hour, open an account at Vultr or Digital Ocean using our referral links that support the Nerd Vittles project. You’ll also get some free credit to try out the service. Then create a new $5/month Ubuntu 22.04, 64-bit instance in your favorite city. Want some cheaper KVM cloud alternatives? Visit the Incredible PBX Wiki for tips.

    If your PBX is sitting behind a NAT-based router, you’ll need to redirect incoming UDP 5060-5061 and UDP 10000-20000 traffic to the private IP address of your server. This is required for all of the SIP providers included in the Incredible PBX 2027 build. Otherwise, all inbound calls will fail.

    Installing Incredible PBX 2027 on Ubuntu 22.04 Server

    If you’re building the Ubuntu platform from the ISO, select the option to install a Minimal Server Platform. Then you’ll need to create a temporary user as part of the install. Enable installation of SSH and no additional components. After reboot, login as the new user and issue these commands:

    # set root password
sudo passwd root
exit
# log back in as root
# delete temporary user
userdel -r temp-user-name
# decipher server IP address
ip a
# try logging in via SSH: ssh root@ip-address

    On desktop machines, if you experience a 2-minute delay on boot up waiting for network to be configured, issue these two commands after logging in as root:

    systemctl disable systemd-networkd-wait-online.service
systemctl mask systemd-networkd-wait-online.service

    If you cannot login via SSH or Putty as root then, from the console while logged in as root, issue these commands:

    apt install nano -y
cd /etc/ssh
nano -w sshd_config
# change the following entries as shown here:
  PermitRootLogin yes
  PasswordAuthentication yes
# save the file and restart SSH
# Ctrl-X, Y, and press ENTER key
systemctl restart ssh

    ALERT: On some cloud platforms, e.g. RackNerds, they reportedly provide a non-interactive version of Ubuntu 22.04. So, after completing the steps above, you will need to run the following script: /usr/local/sbin/unminimize. Next, run: apt update && apt upgrade. Finally, reboot the server and log back in as root to continue.

    Once your Ubuntu 22.04 platform is properly configured, login as root using SSH or Putty. Issue the commands below to kick off the install:

    apt install wget tar nano -y
wget http://incrediblepbx.com/IncrediblePBX2027-U.sh
chmod +x IncrediblePBX2027-U.sh
./IncrediblePBX2027-U.sh

    On homespun, ISO-built platforms, you will be prompted within a minute or so on whether to preserve your existing SSH configuration. Press ENTER to accept the default.

    Setting a Hostname for Incredible PBX 2027

    Once your server is up and running, you’ll need to set a hostname for the machine that is resolvable on the Internet. Failure to do so will make access to the FreePBX GUI a painfully delayed process. If you don’t have an FQDN that can be used, you can use the default: noreply.incrediblepbx.com. To change it, edit /etc/hosts and /etc/hostname. Also enter your new FQDN with the command: hostname myfqdn.com.

    If you’re running your PBX in the Oracle Cloud, this message thread will show you how to set the hostname there.

    Next Steps with Incredible PBX 2027

    Before you can manage your PBX through a web browser, you first will need to set the root password for Ubuntu as well as the admin passwords for FreePBX and Apache web apps such as Reminders and AsteriDex. These all can be set by logging into your server as root and issuing the following commands: passwd, admin-pw-change, and apache-pw-change.

    Outbound mail functionality needs to be working so that you can receive voicemail messages and faxes by email. To prevent SPAM, most ISPs and ITSPs block messages from downstream mail servers. That would be you. The easiest way to resolve this is to configure SendMail using Gmail as an SMTP Smarthost. You obviously need a Gmail account to implement this and you also will need to obtain an App password for your Gmail account, and use that in lieu of your regular Gmail password when configuring SendMail. With your Gmail username and App password in hand, log into your server as root and run: /root/enable-gmail-smarthost-for-sendmail.

    If your Incredible PBX 2027 is hosted with a cloud provider, be advised that many providers do not include a swap file as part of their offering. FreePBX requires a swap file. To add one, issue this command after logging into your server as root: /root/create-swapfile-DO.

    To correctly set the time on your PBX, run: /root/timezone-setup.

    By default, the voicemail password for each of the configured extensions (701-705) is set to the extension number. This means the user will be prompted to set a voicemail password on the first login to voicemail for each extension. A phone must be registered to the actual extension to access its voicemail account. For example, once a phone is registered to extension 701, the voicemail setup can be accessed by dialing *98701.

    Overview of the Initial Asterisk Setup Process

    For those new to PBXs, here’s a two paragraph summary of how Voice over IP (VoIP) works. Phones connected to your PBX are registered with Extensions so that they can make and receive calls. When a PBX user picks up a phone and dials a number, an Outbound Route tells the PBX which Trunk to use to place the call based upon established dialing rules. Unless the dialed number is a local extension, a Trunk registered with some service provider accepts the call, and the PBX sends the call to that provider. The provider then routes the call to its destination where the recipient’s phone rings to announce the incoming call. When the recipient picks up the phone, the conversation begins.

    Looking at things from the other end, when a caller somewhere in the world wishes to reach you, the caller picks up a telephone and dials a number known as a DID that is assigned to you by a provider with whom you have established service. When the provider receives the call to your DID, it routes the call to your PBX based upon destination information you established with the provider. Your PBX receives the call with information identifying the DID of the call as well as the CallerID name and number of the caller. An Inbound Route on your PBX then determines where to send the call based upon that DID and CallerID information. Typically, a call is routed to an Extension, a group of Extensions known as a Ring Group, or an IVR or AutoAttendant giving the caller choices on routing the call to the desired destination. Once the call is routed to an Extension, the PBX rings the phone registered to that Extension. When you pick up the phone, the conversation begins.

    Configuring Trunks with Incredible PBX GUI

    Perhaps the most difficult component to configure in the PBX is the Trunk. Almost every provider has a different way of doing things. We’ve taken some of the torture out of the exercise by providing a script which will configure settings for dozens of providers in seconds. Once installed, all you need to do is edit the desired Trunk (Connectivity:Trunks), change the Disable Trunk entry to No, and insert your credentials in both the PEER Details and Registration string of the SIP Settings Outgoing and Incoming tabs. Skyetel is enabled by default and needs no setup on the PBX side.

    Configuring Skyetel for Incredible PBX 2027

    If you’ve decided to go with Skyetel, here’s the drill. Sign up for Skyetel service and take advantage of the Nerd Vittles specials. First, complete the Prequalification Form here. You then will be provided a link to the Skyetel site to complete your registration. Once you have registered on the Skyetel site and your account has been activated, open a support ticket and request the $10 credit for your account by referencing the Nerd Vittles special offer. Once you are satisfied with the service, fund your account as desired, and Skyetel will match your deposit of up to $250 simply by opening another ticket. That gets you up to $500 of half-price calling. Credit is limited to one per person/company/address/location. Effective 10/1/2023, $25/month minimum spend required.

    Skyetel does not use SIP registrations to make connections to your PBX. Instead, Skyetel utilizes Endpoint Groups to identify which servers can communicate with the Skyetel service. An Endpoint Group consists of a Name, an IP address, a UDP or TCP port for the connection, and a numerical Priority for the group. For incoming calls destined to your PBX, DIDs are associated with an Endpoint Group to route the calls to your PBX. For outgoing calls from your PBX, a matching Endpoint Group is required to authorize outbound calls through the Skyetel network. Thus, the first step in configuring the Skyetel side for use with your PBX is to set up an Endpoint Group. Here’s a typical setup for Incredible PBX 2027:

    • Name: MyPBX
    • Priority: 1
    • IP Address: PBX-Public-IP-Address
    • Port: 5060
    • Protocol: UDP
    • Description: my.incrediblepbx.com

    To receive incoming PSTN calls, you’ll need at least one DID. On the Skyetel site, you acquire DIDs under the Phone Numbers tab. You have the option of Porting in Existing Numbers (free for the first 60 days after you sign up for service) or purchasing new ones under the Buy Phone Numbers menu option.

    Once you have acquired one or more DIDs, navigate to the Local Numbers or Toll Free Numbers tab and specify the desired SIP Format and Endpoint Group for each DID. Add SMS/MMS and E911 support, if desired. Call Forwarding and Failover are also supported. That completes the VoIP setup on the Skyetel side. System Status is always available here.

    Configuring VoIP.ms for Incredible PBX 2027

    To sign up for VoIP.ms service, may we suggest you use our signup link so that Nerd Vittles gets a referral credit for your signup. Once your account is set up, you’ll need to set up a SIP SubAccount and, for Authentication Type, choose Static IP Authentication and enter your Incredible PBX 2027 server’s public IP address. For Transport, choose UDP. For Device Type, choose Asterisk, IP PBX, Gateway or VoIP Switch. Order a DID in their web panel, and then point the DID to the SubAccount you just created. Be sure to specify atlanta1.voip.ms as the POP from which to receive incoming calls. In the Incredible PBX GUI, be sure to enable the VoIP.ms trunk.

    Configuring V1VoIP for Incredible PBX 2027

    To sign up for V1VoIP service, sign up on their web site. Then login to your account and order a DID under the DIDs tab. Once the DID has been assigned, choose View DIDs and click on the Forwarding button beside your DID. For Option #1, choose Forward to IP Address/PBX. For the Forwarding Address, enter the public IP address of your server. For the T/O (timeout) value, set it to 2o seconds. Then click the Update button. Under the Termination tab, create a new Endpoint with the public IP address of your server so that you can place outbound calls through V1VoIP. In the Incredible PBX GUI, be sure to enable all of the V1VoIP trunks.

    Configuring Anveo Direct for Incredible PBX 2027

    To sign up for Anveo Direct service, sign up on their web site and then login. After adding funds to your account, purchase a DID under Inbound Service -> Order DID. Next, choose Configure Destination SIP Trunk. Give the Trunk a name. For the Primary SIP URI, enter $[E164]$@server-IP-address. For Call Options, select your new DID from the list. You also must whitelist your public IP address under Outbound Service -> Configure. Create a new Call Termination Trunk and name it to match your server. For Dialing Prefix, choose six alphanumeric characters beginning with a zero. In Authorized IP Addresses, enter the public IP address of your server. Set an appropriate rate cap. We like $0.01 per minute to be safe. Set a concurrent calls limit. We like 2. For the Call Routing Method, choose Least Cost unless you’re feeling extravagant. For Routes/Carriers, choose Standard Routes. Write down your Dialing Prefix and then click the Save button.

    Before you can make outbound calls through Anveo Direct from your PBX, you first must configure the Dialing Prefix that you wrote down in the previous step. Log into the GUI as admin using a web browser and edit the Anveo-Out trunk in Connectivity -> Trunks. Enable the Trunk. Then click on the custom-Settings tab and replace anveo-pin with your actual Dialing Prefix. Click Submit and Apply Config to complete the setup. In the Incredible PBX GUI, be sure to enable all of the remaining Anveo trunks.

    By default, incoming Anveo Direct calls will be processed by the Default inbound route on your PBX. If you wish to redirect incoming Anveo Direct calls using DID-specific inbound routes, then you’ve got a bit more work to do. In addition to creating the inbound route using the 11-digit Anveo Direct DID, enter the following commands after logging into your server as root using SSH/Putty:

    cd /etc/asterisk
echo "[from-anveo]" >> extensions_custom.conf
echo "exten => _.,1,Ringing" >> extensions_custom.conf
echo "exten => _.,n,Goto(from-trunk,\\${SIP_HEADER(X-anveo-e164)},1)" >> extensions_custom.conf
asterisk -rx "dialplan reload"

    Configuring Extensions with Incredible PBX GUI

    Extensions are created using the Incredible PBX GUI: Applications:Extensions. Many SIP phones expect extensions to communicate on UDP port 5060. If this is the case with your SIP phone or softphone, then always create Chan_SIP extensions which communicate on UDP 5060. If your SIP phone or softphone provide port flexibility, then you have a choice in the type of SIP extension to create: Chan_SIP or the more versatile PJSIP (UDP 5061). Just remember to always configure SIP extensions with NAT Mode=YES in the Advanced tab. If your VoIP phones or softphones support IAX connectivity, you may wish to consider IAX extensions which avoid NAT problems.

    When you create a new Extension, a new entry is automatically created in the PBX Internal Directory. If you wish to allow individual users to manage their extensions or use the WebRTC softphone, then you will also have to create a (very) secure password for User Control Panel (UCP) access. Choose Admin:User Management and click on the key icon of the desired extension to assign a password for UCP and WebRTC access.

    Configuring a Desktop Softphone for Incredible PBX

    We’re in the home stretch now. You can connect virtually any kind of telephone to your new PBX. Plain Old Phones require an analog telephone adapter (ATA) which can be a separate board in your computer from a company such as Digium. Or it can be a standalone SIP device such as ObiHai’s OBi100 or OBi110 (if you have a phone line from Ma Bell to hook up as well). SIP phones can be connected directly so long as they have an IP address. These could be hardware devices or software devices such as the YateClient softphone. We’ll start with a free one today so you can begin making calls. You can find dozens of recommendations for hardware-based SIP phones both on Nerd Vittles and the PIAF Forum when you’re ready to get serious about VoIP telephony.

    We recommend YateClient for Windows which is free. Download it from here. Run YateClient once you’ve installed it and enter the credentials for the 701 extension on Incredible PBX. You can find them by running /root/show-passwords. You’ll need the IP address of your server plus your extension 701 password. In the YateClient, fill in the blanks using the IP address of your Server, 701 for your Username, and whatever Password was assigned to the extension when you installed Incredible PBX. Click OK to save your entries.

    Once you are registered to extension 701, close the Account window. Then click on YATE’s Telephony Tab and place some test calls to the numerous apps that are preconfigured on Incredible PBX. Dial a few of these to get started:

    DEMO - Apps Demo
123 - Reminders
947 - Weather by ZIP Code
951 - Yahoo News
TODAY - Today in History
LENNY - The Telemarketer's Worst Nightmare

    If you are a Mac user, another great no-frills softphone is Telephone. Just download and install it from the Mac App Store. For Android users, check out the terrific new VitalPBX Communicator. Works flawlessly with Incredible PBX.

    Configuring a Softphone Extension on a Smartphone

    Adding an Incredible PBX extension to your smartphone gets a little trickier. Whether you’re an iPhone or Android lover, all smartphones use batteries, and you don’t want to drain your battery by running a softphone as a foreground app all the time. Fortunately, you now have some choices in softphones engineered to work without draining your battery. While they all cost money, it’s not much money. We’ve written about all the choices, and you’ll find the links in our Softphone Provider Recommendations on the new Incredible PBX Wiki.

    With PJsip extensions, you’re not limited to a single phone connection at a time, and we’ve preconfigured extension 701 to support ten simultaneous connections. The setup on the softphone side is simple. For the server, enter the actual IP address of your PBX in the following format: 22.33.44.55:5061. Then enter 701 for the username and enter the password assigned to the 701 extension on your PBX. When an incoming call arrives, all the phones registered to extension 701 will ring simultaneously. Simply answer the call on the phone that is most convenient. For extension 702, you can change the number of simultaneous connections by clicking the Advanced tab and setting the number in Max Contacts.

    Configuring Outbound Routes in Incredible PBX GUI

    Outbound Routes serve a couple of purposes. First, they assure that calls placed by users of your PBX are routed out through an appropriate trunk to reach their destination in the least costly manner. Second, they serve as a security mechanism by either blocking or restricting certain calls by requiring a PIN to complete the calls. Never authorize recurring charges on credit cards registered with your VoIP providers and, if possible, place pricing limits on calls with your providers. If a bad guy were to break into your PBX, you don’t want to give the intruder a blank check to make unauthorized calls. And you certainly don’t want to join the $100,000 Phone Bill Club.

    To create outbound routes in the Incredible PBX GUI, navigate to Connectivity:Outbound Routes and click Add Outbound Route. In the Route Settings tab, give the Outbound Route a name and choose one or more trunks to use for the outbound calls. In the Dial Patterns tab, specify the dial strings that must be matched to use this Outbound Route. NXXNXXXXXX would require only 10-digit numbers with the first and fourth digits being a number between 2 and 9. Note that Outbound Routes are searched from the top entry to the bottom until there is a match. Make certain that you order your routes correctly and then place test calls watching the Asterisk CLI to make sure the calls are routed as you intended.

    Configuring Inbound Routes in Incredible PBX GUI

    Inbound Routes, as the name implies, are used to direct incoming calls to a specific destination. That destination could be an extension, a ring group, an IVR or AutoAttendant, or even a conference or DISA extension to place outbound calls (hopefully with a very secure password). Inbound Routes can be identified by DID, CallerID number, or both. To create Inbound Routes, choose Connectivity:Inbound Routes and then click Add Inbound Route. Provide at least a Description for the route, a DID to be matched, and the Destination for the incoming calls that match. If you only want certain callers to be able to reach certain extensions, add a CallerID number to your matching criteria. You can add Call Recording and CallerID CNAM Lookups under the Other tab.

    Audio Issues with Incredible PBX 2027

    While it is always a good idea anyway, if you experience one-way or no audio on some calls, be sure to add your external IP address and LAN subnet in the GUI by navigating to Settings -> Asterisk SIP Settings. In the NAT Settings section, click Detect Network Settings. Click Submit and Apply Settings to save your changes.

    Adding Incredible PBX 2027 to an OpenVPN Network

    We previously have documented the procedure for creating an OpenVPN server as well as OpenVPN client templates (.ovpn). If you need a refresher, the tutorial is here. To add your Incredible PBX 2027 server to an existing OpenVPN network, begin by creating an incrediblepbx2027.ovpn template on your OpenVPN server. Be sure to comment out or delete the setenv line in the template. Then copy this template to /etc on your Incredible PBX 2027 server. The following commands are already in place:

    echo "[Unit]
Description=openvpn2027
ConditionPathExists=/etc/openvpn-start
After=rclocal.service
[Service]
Type=forking
ExecStart=/etc/openvpn-start /etc/incrediblepbx2027.ovpn
TimeoutSec=0
StandardOutput=tty
RemainAfterExit=yes
PermissionsStartOnly=true
SysVStartPriority=99
[Install]
WantedBy=multi-user.target" > /etc/systemd/system/openvpn2027.service

    We’ve also enabled this openvpn2027.service which will start when you reboot your server. The OpenVPN IP address should now appear on the LAN line in pbxstatus:

    systemctl enable openvpn2027.service
reboot

    Incredible PBX 2027 Administration

    We’ve eased the pain of administering your new PBX with a collection of scripts which you will find in the /root folder after logging in with SSH or Putty. Here’s a quick summary of what each of the scripts does.

    add-fqdn is used to whitelist a fully-qualified domain name in the firewall. Because Incredible PBX 2027 blocks all traffic from IP addresses that are not whitelisted, this is what you use to authorize an external user for your PBX. The advantage of an FQDN is that you can use a dynamic DNS service to automatically update the IP address associated with an FQDN so that you never lose connectivity.

    add-ip is used to whitelist a public IP address in the firewall. See the add-fqdn explanation as to why this matters.

    del-acct is used to remove an IP address or FQDN from the firewall’s whitelist.

    admin-pw-change is used to set the admin password for access to the FreePBX/Incredible PBX web GUI using a browser pointed to the local IP address of your server.

    apache-pw-change is used to set the admin password for access to Apache/Incredible PBX apps including AsteriDex and Reminders. This provides a password layer of protection for access to these applications.

    incrediblebackup2021 makes a backup of critical components on your PBX to a tarball saved in /backup. This should be copied to safe location off-site for a rainy day.

    incrediblerestore2021 restores a backup file which has been copied to the /backup folder.

    ipchecker is a script which deciphers the public IP addresses associated with whitelisted FQDNs created with add-fqdn on your server. If any of the addresses have changed, the firewall is restarted after updating the IP addresses. By default, it is executed every 10 minutes by /etc/crontab.

    licenses.sh displays the license associated with each of the FreePBX modules on your server.

    logos-b-gone removes proprietary artwork from your PBX and is no longer necessary with the included IncrediblePBX FreePBX module.

    mime-construct is a command-line utility to send emails with attachments.

    neorouter-login is a script to add your PBX to a NeoRouter VPN. Tutorial here.

    odbc-gen.sh is a script that was run to generate the ODBC settings for Asterisk. Do NOT use it.

    openvpn-start is a script to add your PBX to an existing OpenVPN network using an .ovpn config file. Tutorial here.

    pbxstatus displays status of all major components of Incredible PBX 2027.

    pptp-install is a script to create a PPTP network connection for your PBX. Tutorial here.

    purge-cdr-cel-records removes all CDR and CEL records from the MySQL database.

    reset-conference-pins is a script that automatically and randomly resets the user and admin pins for access to the preconfigured conferencing application. Dial C-O-N-F from any registered SIP phone to connect to the conference.

    reset-extension-passwords is a script that automatically and randomly resets ALL of the SIP passwords for extensions 701-705. Be careful using this one, or you may disable existing registered phones and cause Fail2Ban to blacklist the IP addresses of those users. HINT: You can place a call to the Ring Group associated with all five extensions by dialing 777.

    reset-reminders-pin is a script that automatically and randomly resets the pin required to access the Telephone Reminders application by dialing 123. It’s important to protect this application because a nefarious user could set up a reminder to call a number anywhere in the world assuming your SIP provider’s account was configured to allow such calls.

    show-feature-codes is a cheat sheet for all of the feature codes which can be dialed from any registered SIP phone. It documents how powerful a platform Incredible PBX 2027 actually is. A similar listing is available in the GUI at Admin -> Feature Codes.

    show-passwords is a script that displays most of the passwords associated with Incredible PBX 2027. This includes SIP extension passwords, voicemail pins, conference pins, telephone reminders pin, and your Anveo Direct outbound calling pin (if configured). Note that voicemail pins are configured by the user of a SIP extension the first time the user accesses the voicemail system by dialing *97.

    sig-fix disables Module Signature Checking in the FreePBX GUI. This should not be necessary unless you have added or edited FreePBX Modules with missing module signatures.

    sms-skyetel is a script to send SMS messages using a Skyetel trunk.

    sms-voip.ms is a script to send SMS messages using a VoIP.ms trunk.

    sms-blast, sms-blaster, and sms-dictator are scripts for message blasting. Tutorial here.

    timezone-setup is a script to set the timezone for your PBX.

    update-IncrediblePBX is a script that runs the Automatic Update Utility whenever you login to your server as root. These updates typically resolve bugs and security issues with your PBX. Do NOT remove it.

    wolfram is a script to deploy Wolfram Alpha on your PBX. Tutorial here.

    Forwarding Calls to Your Cellphone. Keep in mind that inbound calls to your DIDs automatically ring all five SIP extensions, 701-705. The easiest way to also ring your cellphone is to set one of these five extensions to forward incoming calls to your cellphone. After logging into your PBX as root, issue the following command to forward calls from extension 705 to your cellphone: asterisk -rx "database put CF 705 6781234567"

    To remove call forwarding: asterisk -rx "database del CF 705"

    Implementing Call By Name with 411

    Once you have an Outbound Trunk and Route configured, deploying Call by Name by dialing 411 is simple. The way it works is to pick up any phone connected to your PBX and dial 411. When prompted for the name of the person or company to call, say the name as you entered it in the AsteriDex directory, e.g. Delta Air Lines. The name will then be looked up to decipher the number of the person or company to call. Then the call will be placed using your default outbound route. To deploy Call By Name, simply follow the setup instructions in this Nerd Vittles tutorial.

    Keeping FreePBX 16 Modules Current

    We strongly recommend that you periodically update all of your FreePBX modules to eliminate bugs and to reduce security vulnerabilities. From the Linux CLI, log into your server as root and issue the following commands:

    rm -f /tmp/*
fwconsole ma upgradeall
fwconsole reload
/root/sig-fix
systemctl restart apache2
/root/sig-fix

     

    Originally published: Monday, January 9, 2023


    Need help with Asterisk? Visit the VoIP-info Forum.

     

    Special Thanks to Our Generous Sponsors


    FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

    BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

    The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

    VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
     

    Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
     

    Happy New Year: Introducing Incredible PBX 2027

    Sunday, January 1, 2023 / 7 Comments on Happy New Year: Introducing Incredible PBX 2027



    If we have one complaint with open source VoIP telephony, it would be this. Commercial PBXs used to last for a decade or more. Now, most open source VoIP platforms are measured in months. So, we have a better idea. We’re going to tell you up front how long Incredible PBX 2027 with Rocky 8 and Asterisk® 20 and FreePBX® 16 is going to be supported. And, for procrastinators, you’ll have until the fall of that year to line up an alternative. Having said all of that, we are pleased to introduce Incredible PBX 2027-R for Rocky 8 and AlmaLinux 8 featuring Asterisk 20 and your choice of FreePBX 15 or 16.

    UPDATE: Proxmox image of Incredible PBX 2027-R now available in the Incredible PBX Repository.

    CAUTION: Because of frequent changes in Rocky 8 that regularly "break things," we no longer recommend it for production use with Incredible PBX>

    Begin by downloading and installing Rocky 8 Minimal. If you prefer AlmaLinux, download and install their minimal image from here. If you prefer a cloud-based platform, consider CrownCloud for $25/year or our Platinum sponsor, Vultr. Both providers host Rocky 8 and AlmaLinux 8 AMD64 images in addition to other operating systems so platform setup is quick.

    Once you have your platform up and running, login as root and issue the following commands to kick off the Incredible PBX 2022 install:

    cd /root
yum -y install wget tar
wget http://incrediblepbx.com/incrediblepbx2027.tar.gz
tar zxvf incrediblepbx2027.tar.gz
rm -f incrediblepbx2027.tar.gz
./IncrediblePBX2027.sh

    Once the Phase I install finishes, your server will reboot. Log back in as root and run the installer a second time:

    cd /root
./IncrediblePBX2027.sh

    When the install finishes, reboot your server and login again as root. Incredible PBX will run the Automatic Update Utility to bring your server up to current specs.

    If you chose to install AlmaLinux 8, issue the following command while still logged into the Linux CLI as root:

    sed -i 's|Rocky 8|AlmaLinux 8|' /usr/local/sbin/pbxstatus

    Just a few more preliminary steps, and you’ll be ready to go:

    1. Create a secure root password for your server by issuing the command: passwd

    2. Remove temporary user account: userdel -r temp-user-name

    3. Set up an admin password for browser access to the FreePBX GUI: /root/admin-pw-change

    4. Set up an admin password for Apache access to AsteriDex and Reminders: /root/apache-pw-change

    5. Set the correct time zone for your server: /root/timezone-setup

    6. If free -h shows no swapfile enabled, issue this command: /root/create-swapfile-DO

    As with all Incredible PBX builds, a preconfigured Linux firewall is included which blocks all access except from whitelisted IP addresses. You can whitelist additional IP addresses using the /root/add-ip script or /root/add-fqdn.

    You’re now ready to explore the Incredible PBX feature set using the tutorials available on the Incredible PBX Wiki.

    Configuring Gmail Smarthost for Incredible PBX 2027

    One piece you’ll need for many tasks in Incredible PBX 2027-R is a way to send emails from your server. The easiest method to accomplish this is to configure SendMail to use a Gmail SmartHost. We’ve included a script in the /root folder to make it painless. Simply run: /root/enable-gmail-smarthost-for-sendmail. When prompted, enter your Gmail account name (without @gmail.com) and then enter a Gmail Application Password, not your standard Gmail password. If you don’t have one, you can obtain one here. Once you’ve configured SendMail, try things out by sending an email to any valid email address:

    echo "test" | mail -s testmessage someone@somewhere.vom

    Upgrading to FreePBX 16 with Incredible PBX 2027-R

    By default, Incredible PBX 2027-R comes preconfigured with the tried-and-true FreePBX 15 GUI. But there’s a new kid on the block, FreePBX 16. If you’d like to take it for a spin, the upgrade is painless. Simply issue the following command while logged into your server as root: /root/upgrade-to-FreePBX16.


    Audio Issues with Incredible PBX 2027-R

    If you experience one-way or no audio on some calls, add your external IP address and LAN subnet in the GUI by navigating to Settings -> Asterisk SIP Settings. In the NAT Settings section, click Detect Network Settings. Click Submit and Apply Settings to save your changes. While you’re there, click on the chan/pjsip tab and set Allow Transports Reload to NO.

    Choosing SIP Providers for Incredible PBX 2027-R

    Incredible PBX 2027-R comes preconfigured with support for five SIP extensions and a dozen major SIP providers including Skyetel, VoIP.ms, V1VoIP, and Anveo Direct. We hope you’ll choose Skyetel not only because they financially support Nerd Vittles and our open source projects, but also because it is a clearly superior platform offering crystal-clear communications and triple-redundancy so you never miss a call. Skyetel also sets itself apart from the other providers in the support department. They actually respond to issues, and there’s never a charge. As the old saying goes, they may not be the cheapest, but you get what you pay for. Even without taking advantage of Nerd Vittles half-price offer on up to $500 of Skyetel services, they’re still dirt cheap compared to the Bell Sisters and cable companies. Skyetel is so sure you’ll love their service that they give you a $10 credit to kick the tires before you ever spend a dime. Traditional DIDs are $1 per month. Outbound conversational calls are $0.012 per minute. Incoming conversational calls are a penny a minute, and CallerID lookups are $0.004. You only pay for minutes you use. Once you’re satisfied with the service and fund your account, you can port in your existing DIDs at no cost for 60 days after signup. In short, you have nothing to lose by trying out the Skyetel service.

    Configuring Skyetel for Incredible PBX 2027-R

    If you’ve decided to go with Skyetel, here’s the drill. Sign up for Skyetel service and take advantage of the Nerd Vittles specials. First, complete the Prequalification Form here. You then will be provided a link to the Skyetel site to complete your registration. Once you have registered on the Skyetel site and your account has been activated, open a support ticket and request the $10 credit for your account by referencing the Nerd Vittles special offer. Once you are satisfied with the service, fund your account as desired, and Skyetel will match your deposit of up to $250 simply by opening another ticket. That gets you up to $500 of half-price calling. Credit is limited to one per person/company/address/location. Effective 10/1/2023, $25/month minimum spend required.

    Skyetel typically does not use SIP registrations to make connections to your PBX. Instead, Skyetel utilizes Endpoint Groups to identify which servers can communicate with the Skyetel service. An Endpoint Group consists of a Name, an IP address, a UDP or TCP port for the connection, and a numerical Priority for the group. For incoming calls destined to your PBX, DIDs are associated with an Endpoint Group to route the calls to your PBX. For outgoing calls from your PBX, a matching Endpoint Group is required to authorize outbound calls through the Skyetel network. Thus, the first step in configuring the Skyetel side for use with your PBX is to set up an Endpoint Group. Here’s a typical setup for Incredible PBX 2020:

    • Name: MyPBX
    • Priority: 1
    • IP Address: PBX-Public-IP-Address
    • Port: 5060
    • Protocol: UDP
    • Description: my.incrediblepbx.com

    To receive incoming PSTN calls, you’ll need at least one DID. On the Skyetel site, you acquire DIDs under the Phone Numbers tab. You have the option of Porting in Existing Numbers (free for the first 60 days after you sign up for service) or purchasing new ones under the Buy Phone Numbers menu option.

    Once you have acquired one or more DIDs, navigate to the Local Numbers or Toll Free Numbers tab and specify the desired SIP Format and Endpoint Group for each DID. Add SMS/MMS and E911 support, if desired. Call Forwarding and Failover are also supported. That completes the VoIP setup on the Skyetel side. System Status is always available here.

    Configuring VoIP.ms for Incredible PBX 2027-R

    To sign up for VoIP.ms service, may we suggest you use our signup link so that Nerd Vittles gets a referral credit for your signup. Once your account is set up, you’ll need to set up a SIP SubAccount and, for Authentication Type, choose Static IP Authentication and enter your Incredible PBX 2027-R server’s public IP address. For Transport, choose UDP. For Device Type, choose Asterisk, IP PBX, Gateway or VoIP Switch. Order a DID in their web panel, and then point the DID to the SubAccount you just created. Be sure to specify atlanta1.voip.ms as the POP from which to receive incoming calls. In the Incredible PBX GUI, be sure to enable the VoIP.ms trunk.

    Configuring V1VoIP for Incredible PBX 2027-R

    To sign up for V1VoIP service, sign up on their web site. Then login to your account and order a DID under the DIDs tab. Once the DID has been assigned, choose View DIDs and click on the Forwarding button beside your DID. For Option #1, choose Forward to IP Address/PBX. For the Forwarding Address, enter the public IP address of your server. For the T/O (timeout) value, set it to 2o seconds. Then click the Update button. Under the Termination tab, create a new Endpoint with the public IP address of your server so that you can place outbound calls through V1VoIP. In the Incredible PBX GUI, be sure to enable all of the V1VoIP trunks.

    Configuring Anveo Direct for Incredible PBX 2027-R

    To sign up for Anveo Direct service, sign up on their web site and then login. After adding funds to your account, purchase a DID under Inbound Service -> Order DID. Next, choose Configure Destination SIP Trunk. Give the Trunk a name. For the Primary SIP URI, enter $[E164]$@server-IP-address. For Call Options, select your new DID from the list. You also must whitelist your public IP address under Outbound Service -> Configure. Create a new Call Termination Trunk and name it to match your server. For Dialing Prefix, choose six alphanumeric characters beginning with a zero. In Authorized IP Addresses, enter the public IP address of your server. Set an appropriate rate cap. We like $0.01 per minute to be safe. Set a concurrent calls limit. We like 2. For the Call Routing Method, choose Least Cost unless you’re feeling extravagant. For Routes/Carriers, choose Standard Routes. Write down your Dialing Prefix and then click the Save button.

    Before you can make outbound calls through Anveo Direct from your PBX, you first must configure the Dialing Prefix that you wrote down in the previous step. Log into the GUI as admin using a web browser and edit the Anveo-Out trunk in Connectivity -> Trunks. Enable the Trunk. Then click on the custom-Settings tab and replace anveo-pin with your actual Dialing Prefix. Click Submit and Apply Config to complete the setup. In the Incredible PBX GUI, be sure to enable all of the remaining Anveo trunks.

    By default, incoming Anveo Direct calls will be processed by the Default inbound route on your PBX. If you wish to redirect incoming Anveo Direct calls using DID-specific inbound routes, then you’ve got a bit more work to do. In addition to creating the inbound route using the 11-digit Anveo Direct DID, enter the following commands after logging into your server as root using SSH/Putty:

    cd /etc/asterisk
echo "[from-anveo]" >> extensions_custom.conf
echo "exten => _.,1,Ringing" >> extensions_custom.conf
echo "exten => _.,n,Goto(from-trunk,\\${SIP_HEADER(X-anveo-e164)},1)" >> extensions_custom.conf
asterisk -rx "dialplan reload"

    Configuring BulkVS for Incredible PBX 2027-R

    Unlike traditional telephony, you have nothing to lose by configuring multiple trunks with Incredible PBX. If you don’t make calls using one or more of the trunks, you pay nothing. Another more recent provider with excellent rates is BulkVS. We’ve covered the BulkVS setup in a separate tutorial if you’d like to give them a try.

    Configuring a Softphone for Incredible PBX 2027-R

    We’re in the home stretch now. You can connect virtually any kind of telephone to your new PBX. Plain Old Phones require an analog telephone adapter (ATA) which can be a separate board in your computer from a company such as Digium. Or it can be a standalone SIP device. SIP phones can be connected directly so long as they have an IP address. These could be hardware devices or software devices such as the YateClient softphone. We’ll start with a free one today so you can begin making calls. You can find dozens of recommendations for hardware-based SIP phones both on Nerd Vittles and the VoIP-Info.org Forum when you’re ready to get serious about VoIP telephony.

    We recommend YateClient for Windows which is free. Download it from here. Run YateClient once you’ve installed it and enter the credentials for the 701 extension on Incredible PBX. You can find them by running /root/show-passwords. You’ll need the IP address of your server plus your extension 701 password. In the YateClient, fill in the blanks using the IP address of your Server, 701 for your Username, and whatever Password was assigned to the extension when you installed Incredible PBX. Click OK to save your entries.

    Once you are registered to extension 701, close the Account window. Then click on YATE’s Telephony Tab and place some test calls to the numerous apps that are preconfigured on Incredible PBX. Dial a few of these to get started:

    DEMO - Apps Demo
123 - Reminders
947 - Weather by ZIP Code
951 - Yahoo News Headlines
TODAY - Today in History
LENNY - The Telemarketer's Worst Nightmare

    If you are a Mac user, another great no-frills softphone is Telephone. Just download and install it from the Mac App Store. For Android users, check out the terrific new VitalPBX Communicator. Works flawlessly with Incredible PBX.

    Introducing WebMin for Incredible PBX 2027-R

    WebMin is also installed and configured as part of the base install. The root password for access is the same as your Linux root password. We strongly recommend that you not use WebMin to make configuration changes to your server. You may inadvertently damage the operation of your PBX beyond repair. WebMin is an excellent tool to LOOK at how your server is configured. When used for that purpose, we highly recommend WebMin as a way to become familiar with your Linux configuration. To access WebMin, open a browser to http://server-ip-address:9001.

    Incredible PBX Administration

    We’ve eased the pain of administering your new PBX with a collection of scripts which you will find in the /root folder after logging in as root with SSH or Putty. Here’s a quick summary of what each of the scripts does.

    add-fqdn is used to whitelist a fully-qualified domain name in the firewall. Because Incredible PBX 2020 blocks all traffic from IP addresses that are not whitelisted, this is what you use to authorize an external user for your PBX. The advantage of an FQDN is that you can use a dynamic DNS service to automatically update the IP address associated with an FQDN so that you never lose connectivity.

    add-ip is used to whitelist a public IP address in the firewall. See the add-fqdn explanation as to why this matters.

    del-acct is used to remove an IP address or FQDN from the firewall’s whitelist.

    admin-pw-change is used to set the admin password for access to the FreePBX/Incredible PBX web GUI using a browser pointed to the local IP address of your server.

    apache-pw-change is used to set the admin password for access to Apache/Incredible PBX apps including AsteriDex and Reminders. This provides a password layer of protection for access to these applications.

    reset-conference-pins is a script that automatically and randomly resets the user and admin pins for access to the preconfigured conferencing application. Dial C-O-N-F from any registered SIP phone to connect to the conference.

    reset-extension-passwords is a script that automatically and randomly resets ALL of the SIP passwords for extensions 701-705. Be careful using this one, or you may disable existing registered phones and cause Fail2Ban to blacklist the IP addresses of those users. HINT: You can place a call to the Ring Group associated with all five extensions by dialing 777.

    reset-reminders-pin is a script that automatically and randomly resets the pin required to access the Telephone Reminders application by dialing 123. It’s important to protect this application because a nefarious user could set up a reminder to call a number anywhere in the world assuming your SIP provider’s account was configured to allow such calls.

    show-feature-codes is a cheat sheet for all of the feature codes which can be dialed from any registered SIP phone. It documents how powerful a platform Incredible PBX 2020 actually is. A similar listing is available in the GUI at Admin -> Feature Codes.

    show-passwords is a script that displays most of the passwords associated with Incredible PBX 2020. This includes SIP extension passwords, voicemail pins, conference pins, telephone reminders pin, and your Anveo Direct outbound calling pin (if configured). Note that voicemail pins are configured by the user of a SIP extension the first time the user accesses the voicemail system by dialing *97.

    update-IncrediblePBX is the Automatic Update Utility which checks for server updates from incrediblepbx.com every time you log into your server as root using SSH or Putty. Do NOT disable it as it is used to load important fixes and security updates when necessary. We recommend logging into your server at least once a week.

    pbxstatus (shown above) displays status of all major components of Incredible PBX.

    Forwarding Calls to Your Cellphone. Keep in mind that inbound calls to your DIDs automatically ring all five SIP extensions, 701-705. The easiest way to also ring your cellphone is to set one of these five extensions to forward incoming calls to your cellphone. After logging into your PBX as root, issue the following command to forward calls from extension 705 to your cellphone: asterisk -rx "database put CF 705 6781234567"

    To remove call forwarding: asterisk -rx "database del CF 705"

    Implementing Call By Name with 411

    Once you have an Outbound Trunk and Route configured, deploying Call by Name by dialing 411 is simple. The way it works is to pick up any phone connected to your PBX and dial 411. When prompted for the name of the person or company to call, say the name as you entered it in the AsteriDex directory, e.g. Delta Air Lines. The name will then be looked up to decipher the number of the person or company to call. Then the call will be placed using your default outbound route. To deploy Call By Name, simply follow the setup instructions in this Nerd Vittles tutorial.

    Keeping FreePBX Modules Current

    We strongly recommend that you periodically update all of your FreePBX modules to eliminate bugs and to reduce security vulnerabilities. From the Linux CLI, log into your server as root and issue the following commands:

    rm -f /tmp/*
fwconsole ma upgradeall
fwconsole reload
/root/sig-fix
/root/sig-fix

    Where To Go From Here

    Complete documentation on the ClearlyIP Devices Module is available here.

    Complete documentation on the FreePBX GPL Modules is available here.

    Complete documentation on the Incredible PBX additions is available here.

    An introduction to configuring extensions, trunks, and routes is available here.

    Originally published: Sunday, January 1, 2023


    Need help with Asterisk? Visit the VoIP-info Forum.

     

    Special Thanks to Our Generous Sponsors


    FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

    BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

    The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

    VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
     

    Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
     


     

    Introducing Incredible PBX 2022 for the Raspberry Pi

    Tuesday, June 14, 2022 / 2 Comments on Introducing Incredible PBX 2022 for the Raspberry Pi



    It’s been a year and a half since our last Incredible PBX® release for the Raspberry Pi platform, and the RasPi enhancements just keep coming. The latest RasPi 4 supports dual 4K monitors, two USB 2.0 ports, two USB 3.0 ports, gigabit Ethernet, a USB-C power supply, a Broadcom BCM2711, Quad core Cortex-A72 (ARM v8) 64-bit SoC running at 1.5GHz, and POE connectivity with the addition of the POE Hat. You can read all about it here. Incredible PBX 2022 supports the latest RasPi boards and keyboard and is backwards compatible.

    UPDATE: Download the latest Incredible PBX 2027 image for RasPi here.

    We’ve preserved the Raspbian 10 platform in this build because the Debian 11 release has broken free faxing, at least for the short term. This build features Asterisk® 16 or 18 with the latest FreePBX® 15 GPL modules plus the feature set you know and love. We’ve added PJSIP support for Skyetel and the new gTTS release for terrific text-to-speech applications including our News Headlines (951) and Weather Forecasts by ZIP Code (947). It’s all rolled into one terrific bundle that can be installed in about a minute after you download the image from SourceForge and burn the image to a microSD card.

    Unlike other aggregations, there’s nothing to compile with Incredible PBX/FAX 2022 for Raspbian. And, unlike the FreePBX Distro, we don’t rely on static packages which make it difficult to add future modifications on your own. Instead, Incredible PBX/Fax 2022 offers a snapshot image with a complete toolkit to make future modifications as desired. And, of course, Incredible PBX/Fax 2022 features the ClearlyIP module repository which protects you from proprietary modifications that limit or cripple your PBX moving forward.

    What’s Included? Incredible PBX/Fax 2022 serves up a never before available VoIP powerhouse featuring Asterisk 16 or 18 and all FreePBX 15 GPL modules, an Apache web server, the latest MariaDB SQL server (formerly MySQL), Exim4 mail server, Incredible Fax with turnkey Hylafax and AvantFax, and most of the Incredible PBX feature set including SIP, PJSIP, SMS, voice recognition, AsteriDex, gTTS Text-to-Speech VoIP applications plus email delivery of faxes in PDF format, Click-to-Dial, News, Weather, Telephone Reminders, and hundreds of features that typically are found in commercial PBXs: Conferencing, IVRs and Email Delivery of transcribed voicemails, AutoAttendants, Voicemail Blasting, and more. We’ve also incorporated the Zero Trunk Configuration feature from the LITE build which lets you sign up with one of our VoIP providers and start making and receiving calls instantly. Or you can use the new ClearlyIP trunking module included in the GUI for seamless integration of SMS messaging into FreePBX and its User Control Panel.

    Choosing a SIP Provider. As we mentioned, Incredible PBX/Fax 2022 comes preconfigured to support many of the major SIP providers including those that financially support Nerd Vittles and our open source projects: ClearlyIP, Skyetel, and VoIP.ms. As the old saying goes, they may not be the cheapest, but you get what you pay for. With all our providers, you only pay for minutes you use so signing up with more than one provider is a smart idea. For the full list of supported VoIP providers, visit the Incredible PBX Wiki.

    >

    Assembling the Required Raspberry Pi Components

    Before you can deploy Incredible PBX 2022, you’ll first need the necessary Raspberry Pi hardware. To support the enhanced Incredible PBX/Fax platform, we strongly recommend either the Raspberry Pi 400 or the Raspberry Pi 4B with at least 2GB RAM for under $42. You can choose a reseller below for quicker delivery. Assuming you already own an HDMI-compatible monitor and a USB keyboard (only required if you don’t buy a RasPi 400)…

  • Raspberry Pi 4B or Raspberry Pi 400
  • $8 USB-C RasPi 4 (only) Power Supply
  • $11 32GB microSDHC Class 10 card (strongly recommended!)
  • $5 Official RasPi 4B Case or see above for our favorite

    • Getting Started with Incredible PBX 2022

    Here’s our 10-Step Guide to installation and setup. "Automatic" means just watch. Steps #1 and #2: follow the links. For the remaining steps, we’ll further document the procedures.

    1. Download and unzip latest Incredible PBX/FAX 2022.6 image from SourceForge
    2. Transfer Incredible PBX/FAX 2022 image to microSD card and Boot server
    3. Login to RasPi console as root:password to initialize your server (Automatic)
    4. In Localization Options, set Locale, TimeZone, Keyboard, & WiFi Country
    5. Reboot after writing down your server IP address (Automatic)
    6. Login via SSH or Putty as root:password to set passwords & setup firewall (Automatic)
    7. Enter an email address for receipt of incoming faxes in PDF format
    8. Run admin-pw-change to set the admin password for access to the web GUI
    9. Register for and configure at least one trunk provider for Incredible PBX 2022
    10. Set up and test your Exim mail server as documented below

    ALERT: Reportedly, the latest Raspberry Pi 4 board will not boot with earlier Incredible PBX images. Today’s updated image solves that, but you may wish to simply move your existing build to the latest RasPi hardware and preserve your data. If you have an older (working) Raspberry Pi, simply issue the following commands on the old platform. Following shutdown, insert the new microSD card into your new RasPi 4.

    apt update
apt dist-upgrade
halt

    First Boot of Incredible PBX 2022 with Wi-Fi

    Incredible PBX 2022 requires Internet connectivity to complete its automated install. If you’re using a wired network connection, you can skip to the next section. With the Raspberry Pi 3B, 4B and 400, WiFi is built into the hardware. But you still have to insert your SSID name and SSID password to make a connection to your WiFi network. To do so, follow these next steps carefully. Insert the Incredible PBX 2022 microSD card into your Raspberry Pi and apply power to the hardware. When the bootup procedure finishes, login as root with the default password: password. At the first prompt, DO NOT PRESS THE ENTER KEY! Instead, press Ctrl-C to break out of the setup script. At the command prompt, issue the following commands to bring up the WiFi config file:

    cd /etc/wpa_supplicant
nano -w wpa_supplicant.conf

    If your WiFi network does not require a password, uncomment or insert the four lines below and save the file: Ctrl-X, Y, then Enter. Now restart your server: reboot. When the reboot finishes, you now should have network connectivity.

    network={
 key_mgmt=NONE
 priority=1
 country=US
}

    If your WiFi network requires a password, uncomment or insert the following into wpa_supplicant.conf:

    ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
country=US

network={
 ssid="YourSSID"
 psk="YourSSIDpassword"
 key_mgmt=WPA-PSK
 scan_ssid=1
 priority=7
}

     
    Then scroll down to the SSID entry and replace YourSSID with the actual SSID of your WiFi network. Make sure you preserve the entry with the quotes as shown. Next, replace YourSSIDpassword with the SSID password of your WiFi network. Save the file: Ctrl-X, Y, then Enter. Now restart your server: reboot. When the reboot finishes, you now should have network connectivity.

    Once the reboot process finishes, you should see an entry on about the middle line displayed on your monitor which reads: "My IP address is…". Write down the IP address shown. You’ll need it in a minute. Skip the next section since you are using a WiFi connection.

    If you don’t see an IP address assigned to your server, then correct the network deficiency (invalid WiFi credentials, DHCP not working, Internet down), and reboot until you see an IP address assigned to your server. DO NOT PROCEED WITHOUT AN ASSIGNED IP ADDRESS. NOTE: The Raspberry Pi 400 requires the latest Incredible PBX image for Wi-Fi connectivity.

    You’ll also need to change the default PortKnocker setting to your wireless LAN connection:

    sed -i 's|eth0|wlan0|' /etc/default/knockd
service knockd restart

     

    First Boot of Incredible PBX Using Wired Connection

    Incredible PBX 2022 requires Internet connectivity to complete its automated install. After connecting your server to your local network with a network cable, insert the Incredible PBX 2022 microSD card into your Raspberry Pi and apply power to the hardware. When the bootup procedure finishes, you should see an entry on about the middle line displayed on your monitor which reads: "My IP address is…". Write down the IP address shown. You’ll need it in the next step.

    If you don’t see an IP address assigned to your server, then correct the network deficiency (cable not connected, DHCP not working, Internet down), and reboot until you see an IP address assigned to your server. DO NOT PROCEED WITHOUT AN ASSIGNED IP ADDRESS.

    Completing the Incredible PBX Initialization Procedure

    Unless your desktop PC and RasPi are both on the same private LAN, the remainder of the install procedure should be completed from a desktop PC using SSH or Putty. This will assure that your desktop PC is also whitelisted in the Incredible PBX firewall. Using the console to complete the install is NOT recommended as your desktop PC will not be whitelisted in the firewall. This may result in your not being able to log in to your server. Once you have network connectivity, log in to your server as root from a desktop PC using the default password: password. Accept the license agreement by pressing ENTER. You then will be redirected to raspi-config. This is the utility used to expand your Incredible PBX 2022 image to use your entire microSD card; however, this new build does this for you so you can skip this step. Next, choose Localization Options and set Locale, TimeZone, Keyboard, & WiFi Country. Review the other items and then exit and reboot.

    Once your server reboots and you log back in as root, you’ll first be prompted to enter an email address for delivery of incoming faxes in PDF format. All of your passwords then will be randomly assigned with the exception of the root user Linux password and your admin passwords for access to the web GUI and AvantFax. You can set the root password by issuing the command: passwd. Set the admin password for access to the web GUI with this command: /root/admin-pw-change. Set the admin password for access to AvantFax with this command: /root/avantfax-pw-change. With the exception of these passwords, the remaining passwords can be displayed using the command: /root/show-passwords.

    Finally, if your PBX is sitting behind a NAT-based router, you’ll need to redirect incoming UDP 5060-5061 and UDP 10000-20000 traffic to the private IP address of your RasPi. This is required for all of the SIP providers included in the Incredible PBX 2022 build. Otherwise, all inbound calls will fail.

    Configuring Skyetel for Incredible PBX 2022

    If you’ve decided to go with Skyetel, here’s the drill. Sign up for Skyetel service and take advantage of the Nerd Vittles Free $10 credit and BOGO special. First, complete the Prequalification Form here. You then will be provided a link to the Skyetel site to complete your registration. Once you have registered on the Skyetel site and your account has been activated, open a support ticket and request the $10 credit for your account by referencing the Nerd Vittles special offer. Once you are happy with the service, open another ticket after funding your account and request that Skyetel match your deposit of up to $250. That gets you up to $500 of helf-price calling. Credit is limited to one per person/company/address/location. If you have numbers to port in, you can do it at no cost after funding your account. Effective 10/1/2023, $25/month minimum spend required.

    Skyetel typically does not require SIP registrations to make connections to your PBX. Instead, Skyetel utilizes Endpoint Groups to identify which servers can communicate with the Skyetel service. An Endpoint Group consists of a Name, an IP address, a UDP or TCP port for the connection, and a numerical Priority for the group. For incoming calls destined to your PBX, DIDs are associated with an Endpoint Group to route the calls to your PBX. For outgoing calls from your PBX, a matching Endpoint Group is required to authorize outbound calls through the Skyetel network. Thus, the first step in configuring the Skyetel side for use with your PBX is to set up an Endpoint Group. Here’s a typical setup for Incredible PBX 2022:

    • Name: MyPBX
    • Priority: 1
    • IP Address: PBX-Public-IP-Address
    • Port: 5061
    • Protocol: UDP
    • Description: 2022.incrediblepbx.com

    To receive incoming PSTN calls, you’ll need at least one DID. On the Skyetel site, you acquire DIDs under the Phone Numbers tab. You have the option of Porting in Existing Numbers (free for the first 60 days after you fund your account) or purchasing new ones under the Buy Phone Numbers menu option.

    Once you have acquired one or more DIDs, navigate to the Local Numbers or Toll Free Numbers tab and specify the desired SIP Format and Endpoint Group for each DID. Add SMS/MMS and E911 support, if desired. Call Forwarding and Failover are also supported. That completes the VoIP setup on the Skyetel side. System Status is always available here.

    Configuring VoIP.ms for Incredible PBX 2022

    To sign up for VoIP.ms service, may we suggest you use our signup link so that Nerd Vittles gets a referral credit for your signup. Once your account is set up, you’ll need to set up a SIP SubAccount and, for Authentication Type, choose Static IP Authentication and enter your Incredible PBX 2022 server’s public IP address. For Transport, choose UDP. For Device Type, choose Asterisk, IP PBX, Gateway or VoIP Switch. Order a DID in their web panel, and then point the DID to the SubAccount you just created. Be sure to specify atlanta1.voip.ms as the POP from which to receive incoming calls. On the Incredible PBX side, simply Enable the VoIPms trunk and save your update.

    Adding a Bootable SSD to Raspberry Pi

    Shown below are the two components that make up the 256GB storage solution for the Raspberry Pi. These include the M.2 SSD SATA drive and the M.2 enclosure which provides a USB connector that’s compatible with your RasPi. Assembly of the components takes less than a minute as shown in the steps below:




    You can order the M.2 SSD SATA drive and the UGREEN M.2 enclosure using our Amazon referral links which help support Nerd Vittles and the Incredible PBX open source project.

    Once you have assembled your SSD in the sleeve, log back in as root using SSH or Putty. For best performance, insert the SSD drive into one of the blue USB 3.0 ports and verify that /dev/sda device is shown when you issue the command: fdisk -l

    Now proceed with the following steps to copy the image from your microSD card to the new SSD SATA drive:

    rpi-clone -l -e sda -f sda
# answer prompts with yes and incred2022
# once the image is copied, dismount the drive when prompted
mount /dev/sda2 /mnt/clone
cd /mnt/clone/boot
cp -p -r /boot/* .
sed -i 's|sda2|mmcblk0p2|' /boot/cmdline.txt
cd /
umount /mnt/clone
halt

     
    Now you’re ready to restart your Raspberry Pi from the SSD SATA drive. Remove the microSD card and reboot your server.



    Configuring a Softphone for Incredible PBX 2022

    We’re in the home stretch now. You can connect virtually any kind of telephone to your new PBX. Plain Old Phones require an analog telephone adapter (ATA) which can be a separate board in your computer from a company such as Digium. Or it can be a standalone SIP device such as ObiHai’s OBi100 or OBi110 (if you have a phone line from Ma Bell to hook up as well). SIP phones can be connected directly so long as they have an IP address. These could be hardware devices or software devices such as the YateClient softphone. We’ll start with a free one today so you can begin making calls. You can find dozens of recommendations for hardware-based SIP phones both on Nerd Vittles and the PIAF Forum when you’re ready to get serious about VoIP telephony.

    We recommend YateClient for Windows which is free. Download it from here. Run YateClient once you’ve installed it and enter the credentials for the 701 extension on Incredible PBX. You can find them by running /root/show-passwords. You’ll need the IP address of your server plus your extension 701 password. In the YateClient, fill in the blanks using the IP address of your Server, 701 for your Username, and whatever Password was assigned to the extension when you installed Incredible PBX. Click OK to save your entries.

    Once you are registered to extension 701, close the Account window. Then click on YATE’s Telephony Tab and place some test calls to the numerous apps that are preconfigured on Incredible PBX. Dial a few of these to get started:

    DEMO - Apps Demo
123 - Reminders
947 - Weather by ZIP Code
951 - Yahoo News
TODAY - Today in History
LENNY - The Telemarketer's Worst Nightmare

    If you are a Mac user, another great no-frills softphone is Telephone. Just download and install it from the Mac App Store.

    Audio Issues with Incredible PBX 2022

    Only if you experience one-way or no audio on some calls, add your external IP address and LAN subnet in the GUI by navigating to Settings -> Asterisk SIP Settings. In the NAT Settings section, click Detect Network Settings. Click Submit and Apply Settings to save your changes.

    Configuring Gmail as Exim Smart Relay Host

    Most Raspberry Pi implementations will be on networks managed by companies like Comcast, Spectrum, and AT&T that block downstream mail servers (that’s you) from sending email. The solution is to use Gmail or your local ISP as a smart relay host to send mail from your server. You’ll need this to deliver voicemails via email. Here’s how to set it up using a Gmail account without two-step authentication. Log into your server as root and run dpkg-reconfigure exim4-config. Choose "mail sent by smarthost; received via SMTP or fetchmail." Accept all the defaults until you get to Outgoing Smarthost prompt. Enter: smtp.gmail.com::587. At the following prompts, choose NO, NO, mbox, and NO. When the setup completes, edit /etc/exim4/passwd.client and insert the following line using your Gmail AcctName and AcctPW. NOTE: Because insecure Gmail access is going away, you MUST use a Gmail App Password instead of your Gmail account password. 

    smtp.gmail.com:AcctName@gmail.com:AcctPW

    Save the file and then issue the following commands to complete the setup:

    update-exim4.conf
systemctl restart exim4
exim4 -qff

    Now send yourself a test email message to make sure things are working properly:

    echo "test" | mail -s testmessage yourname@yourmailprovider.com

    Once you have email messages flowing, incoming faxes automatically will be delivered to the email address you assigned when setting up your PBX. You can change this email address with the command: avantfax-email-change.

    Fixing Corrupted rc.local File & More

    Some prefer an email notification whenever your server is booted. Also fixes the corrupted rc.local file. Once you have configured a relay host above, you can add the feature by editing /etc/rc.local and making the file look like this replacing name@domain.com with your actual email address:

    #!/bin/sh -e

# Print the IP address
_IP=$(hostname -I) || true
if [ "$_IP" ]; then
  printf "My IP address is %s\n" "$_IP"
fi

_PRIVATE="Private IP: `cat /etc/hostip | cut -f1-2 -d " "`"
_PUBLIC="Public: $(dig TXT +short o-o.myaddr.l.google.com @ns1.google.com | sed 's|"||g')"
echo "$_PRIVATE   $_PUBLIC" | mail -s "Incredible PBX 2022.6 has booted" name@domain.com

sleep 5

service knockd start
sleep 30
chmod -R 777 /var/www/html/avantfax
exit 0

    Configuring Inbound Routes for Fax Detection

    Not all VoIP trunks support fax transmission, e.g. Vitelity. Assuming yours do and you’ll only know by trial and error, here’s how to configure FreePBX to automatically detect incoming faxes and process them for PDF delivery by email. The default inbound route is preconfigured to support email delivery of your faxes. So, any trunks using that default route require no further configuration. If you add additional Inbound Routes, here’s how to enable fax detection on those routes.

    Under the Fax tab of each new Inbound Route, enter the following settings:

    Detect Faxes: YES
Fax Detection Type: SIP
Fax Ring: YES
Fax Detect Time: 4
Fax Destination: Custom Destinations -> Fax (Hylafax)



    Managing Faxes with AvantFax

    You can manage your incoming and outgoing faxes using AvantFax. Click on the AvantFax tab in FreePBX to access it. The default credentials are admin:password. When you first access AvantFax with a browser, you may get a missing page error. Just press the back arrow key in your browser and the AvantFax main page will appear.

    If you want to change the admin password for AvantFax, log into your server as root with SSH/Putty and issue the command: /root/avantfax-pw-change.

    Send yourself a fax at no cost in the United States from FaxZero.

    Building the Incredible PBX Demo IVR

    If you’d like to try your hand at building an IVR, here are the steps to build the Incredible PBX Demo IVR. From the FreePBX Dashboard, choose Applications -> IVR -> Add IVR. Then fill in the template using the entries shown below. Then click Submit and Reload Dialplan.



    Building the Incredible PBX Stealth AutoAttendant

    Many users prefer to play an announcement to incoming callers with a brief pause thereafter which indicates that the call is being connected. If configured properly, this lets you embed several dial codes which can be entered while the announcement is playing and the call is being transferred. For example, you might wish to route incoming calls to Lenny if a caller presses 0. Or you might wish to immediately route an incoming call to a Ring Group if the caller presses 1. Here’s a sample IVR setup to get you started.


    Incredible PBX 2022 Administration

    We’ve eased the pain of administering your new PBX with a collection of scripts which you will find in the /root folder after logging in with SSH or Putty. Here’s a quick summary of what each of the scripts does.

    admin-pw-change lets you update the admin password for web browser access to the Incredible PBX GUI.

    apache-pw-change lets you update the admin password for Apache applications such as AsteriDex and Reminders.

    avantfax-pw-change lets you update the root password for AvantFax access (coming soon!).

    add-fqdn is used to whitelist a fully-qualified domain name in the firewall. Because Incredible PBX 2022 blocks all traffic from IP addresses that are not whitelisted, this is what you use to authorize an external user for your PBX. The advantage of an FQDN is that you can use a dynamic DNS service to automatically update the IP address associated with an FQDN so that you never lose connectivity.

    add-ip is used to whitelist a public IP address in the firewall. See the add-fqdn explanation as to why this matters.

    del-acct is used to remove an IP address or FQDN from the firewall’s whitelist.

    configure-exim-email lets you reconfigure the email server if you need to use an SMTP relay such as Google to get outbound email flowing. Tutorial here.

    iptables-restart is the ONLY command you should ever use to restart the IPtables firewall and Fail2Ban.

    knock.FAQ contains your PortKnocker credentials for emergency access to your server if the firewall locks you out. Tutorial here.

    proximity (once configured) will automatically forward calls to your cellphone when you are out of BlueTooth range from your RasPi. Also must enable running of script in /etc/crontab.

    reset-conference-pins is a script that automatically and randomly resets the user and admin pins for access to the preconfigured conferencing application. Dial C-O-N-F from any registered SIP phone to connect to the conference.

    reset-extension-passwords is a script that automatically and randomly resets ALL of the SIP passwords for extensions 701-705. Be careful using this one, or you may disable existing registered phones and cause Fail2Ban to blacklist the IP addresses of those users. HINT: You can place a call to the Ring Group associated with all five extensions by dialing 777.

    reset-reminders-pin is a script that automatically and randomly resets the pin required to access the Telephone Reminders application by dialing 123. It’s important to protect this application because a nefarious user could set up a reminder to call a number anywhere in the world assuming your SIP provider’s account was configured to allow such calls.



    rpi-clone is a utility that makes it easy to make a bootable image of the microSD card used to start your Raspberry Pi. You’ll need a USB-to-microSD adapter to begin. Insert a backup microSD card large enough to hold all of the data on the primary microSD card (df -h). Insert the USB stick with the card. Identify the backup microSD card, usually sda (fdisk -l). Format the backup microSD card: mkfs.vfat /dev/sda1 && mkfs.ext4 /dev/sda2. Then issue the following command to clone the primary microSD card: rpi-clone -f sda. Tutorial here.

    show-feature-codes is a cheat sheet for all of the feature codes which can be dialed from any registered SIP phone. It documents how powerful a platform Incredible PBX 2022 actually is. A similar listing is available in the GUI at Admin -> Feature Codes.

    show-passwords is a script that displays ALL of the passwords associated with Incredible PBX 2022. This includes SIP extension passwords, voicemail pins, conference pins, telephone reminders pin, and your Anveo Direct outbound calling pin (if configured). Note that voicemail pins are configured by the user of a SIP extension the first time the user accesses the voicemail system by dialing *97.

    timezone-setup lets you reconfigure the correct time zone for your server.

    purge-cdr-cel-records cleans out all existing entries in both the CDR and CEL tables of the Asterisk CDR database.

    log-cleanup removes all entries from most of the logs in /var/log.

    sig-fix disables module signature checking in FreePBX. It is automatically disabled upon installation.

    readme-RonR.txt documents the scripts provided from RonR build. We do NOT recommend using the FCC Blacklist because of its current size.

    update-asterisk16 is a utility that updates Asterisk 16 to the latest release. This should only be necessary when a security issue or bug is identified that affects the operation of your PBX.

    update-IncrediblePBX is the Automatic Update Utility which checks for server updates from incrediblepbx.com every time you log into your server as root using SSH or Putty. Do NOT disable it as it is used to load important fixes and security updates when necessary. We recommend logging into your server at least once a week.

    pbxstatus (shown above) displays status of all major components of Incredible PBX 2022.

    Forwarding Calls to Your Cellphone. Keep in mind that inbound calls to your DIDs automatically ring all five SIP extensions, 701-705. The easiest way to also ring your cellphone is to set one of these five extensions to forward incoming calls to your cellphone. After logging into your PBX as root, issue the following command to forward calls from extension 705 to your cellphone: asterisk -rx "database put CF 705 6781234567"

    To remove call forwarding: asterisk -rx "database del CF 705"

    Keeping FreePBX 15 Modules Current

    We strongly recommend that you periodically update all of your FreePBX modules to eliminate bugs and to reduce security vulnerabilities. Make a backup image with rpi-clone first! From the Linux CLI, log into your server as root and issue the following commands:

    rm -f /tmp/*
fwconsole ma upgradeall
fwconsole reload
/root/sig-fix
systemctl restart apache2
/root/sig-fix

    Upgrading Asterisk 16 to Asterisk 18

    For those that enjoy living on the bleeding edge, we’ve create a script which makes it easy to upgrade Incredible PBX 2022 to Asterisk 18. The tutorial is available on the new Incredible PBX Wiki along with dozens of other tutorials.

    Resolving an Expired Certificate Alert

    1. Navigate to Admin -> Certificate Management in the FreePBX GUI
    2. Click the Trashcan to delete the Self-Signed Certificate
    3. Click New Certificate -> Generate Self-Signed Certificate
    4. In the Description field, type: Default
    5. Click Generate Certificate button

    Continue Reading: Icing on the Cake for Incredible PBX and Raspberry Pi

    Now Available: Amazon’s Polly TTS for Incredible PBX. Works great on the RasPi platform!

    Originally published: Tuesday, March 24, 2022  Updated: Monday, February 22, 2021


    Need help with Asterisk? Visit the VoIP-info Forum.

     

    Special Thanks to Our Generous Sponsors


    FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

    BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

    The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

    VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
     

    Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
     

    Post navigation

    Older posts

    Support Nerd Vittles



    Free Asterisk Solutions

    free counters