Hard to believe it’s been four years since the introduction of the original Raspberry Pi®. Over eight million RasPi’s have been shipped. To celebrate its fourth birthday, Eben Upton has done it again. Meet the sensational Raspberry Pi 3 sporting a 1.2GHz 64-bit quad-core ARM Cortex-A53 CPU with ten times the performance of the original Raspberry Pi. Of particular interest to the VoIP community will be the RasPi 3’s integrated 802.11n wireless LAN and Bluetooth 4.1 hardware. And, of course, the RasPi 3 retains its compatibility with the Raspberry Pi 1 and 2. Did we mention it’s still just $35? Because we like to celebrate birthdays, too, we’re pleased to introduce a brand new Incredible PBX™ image for the Raspberry Pi 2 and 3 featuring Raspbian 8 and the latest release of Asterisk® 13. Unlike previous builds, this one installs in under a minute. Yes, it’s still FREE and features pure open source GPL code. No Gotchas!
Raspberry Pi 3 Performance. Gone are the days of worrying about Raspberry Pi performance. Both the user interface and call quality now match what you’d expect to find on a $300-$500 VoIP server. Even with a Raspberry Pi 2, we have detected no performance degradation thanks to the latest Raspbian 8 OS and a virtually flawless Asterisk 13 platform. For best results, we recommend 32GB Class 10 microSD cards which now are plentiful at the $10 price point.
Raspberry Pi 3 Shopping List. Before you can install Incredible PBX, you’ll need a compatible Raspberry Pi 3 platform. Here’s the short list:
$35* Raspberry Pi 3 from MCM or Newark or Amazon
$10 Power Adapter (2.5 amps minimum!)
$9 32GB microSDHC Class 10 card
£12.95 Rainbow Pibow case or $9.50 Official RasPi case
About That Asterisk. We write about Asterisk® regularly, but the asterisk we’re talking about is the one accompanying the $35* price tag for the Raspberry Pi 3. Yes, that’s the advertised price. And, no, if you want one this year, you’re not going to pay that. There are the marked up shipping prices, the bundled add-on’s that you don’t need or want, and the must-have accessories like a power adapter. We’re assuming you already own a USB keyboard and an HDMI-compatible monitor. If so, just plan on $100 and consider yourself lucky if you get all the pieces for less. Our order from Pimoroni in the U.K. with a case and 3-day shipping was £59.36 or $82.95 U.S. Our order from MCM for just the RasPi 3 with shipping was $46.99.
Incredible PBX Feature Set. Where to begin? Let’s start with the Alphabet Stew: IAX, SIP, GVSIP, SMS, and SRTP functionality. Voice Recognition and Text-to-Speech VoIP application support using FLITE, GoogleTTS, and PicoTTS. Free calling with Google Voice, Simonics SIP gateway, or RingPlus cellular service. And all of your Nerd Vittles favorites: Fax, AsteriDex, Click-to-Dial, News, Weather, Reminders, and Wakeup Calls. Plus hundreds of features that typically are found in commercial PBXs: Conferencing, IVRs and AutoAttendants, Email Delivery of Voicemail, Voicemail Blasting, and more…
10-Layer Network Security Model. Most phone calls cost money. Unlike many of the other “free” VoIP solutions, our most important criteria for VoIP is rock-solid security. If your free server ends up costing you thousands of dollars in phone bills due to fraud, it isn’t free at all. Once you plug in that network cable, you’ve painted a bullseye on your checkbook.
No single network security system can protect you against zero-day vulnerabilities that no one has ever seen. Deploying multiple layers of security is not only smart, it’s essential with today’s Internet topology. It works much like the Bundle of Sticks from Aesop’s Fables. The more sticks there are in your bundle, the more difficult it is to break them apart. If a vulnerability suddenly appears in the Linux kernel, or in Asterisk, or in Apache, or in your favorite web GUI, you can continue to sleep well knowing that other layers of security have your back. No one else in the telecommunications industry has anything close. Ours is all open source GPL code so we would encourage everyone to get on board and do their part to make the Internet a safer place!
Do your part and do your homework. Comparison shop as if your phone bill matters! 😉 Incredible PBX provides:
- Preconfigured IPtables Linux Firewall
- Preconfigured Travelin’ Man 3 WhiteLists
- Randomized Port Knocker for Remote Access
- TM4 WhiteListing by Telephone (optional)
- Fail2Ban Log Monitoring for SSH, Apache, Asterisk
- Randomized Ultra-Secure Passwords
- Automatic Update Utility for Security & Bug Fixes
- Asterisk Manager Lockdown to localhost
- Apache htaccess Security for Vulnerable Web Apps
- Security Alerts via RSS Feeds in Kennonsoft and Incredible PBX GUIs
Installation Tutorial. Here’s everything need to know about installation and setup. “Automatic” means you just watch.
- Download and unzip Incredible PBX image from SourceForge (with or without GV OAuth support)
- Transfer Incredible PBX image to microSD card
- Boot Raspberry Pi from new microSD card
- Login to RasPi console as pi:raspberry to initialize your server (Automatic)
- Reboot after writing down your server IP address (Automatic)
- Login via SSH as root:password to randomize passwords & configure firewall (Automatic)
- Optionally, install Incredible Fax: /root/incrediblefax13_raspi3.sh (Credentials: admin:password)
Configuring Trunks with Incredible PBX
Before you can actually make and receive calls, you’ll need to add one or more VoIP trunks with providers, create extensions for your phones, and add inbound and outbound routes that link your extensions to your trunks. Here’s how a PBX works. Phones connect to extensions. Extensions connect to outbound routes that direct calls to specific trunks, a.k.a. commercial providers that complete your outbound calls to any phone in the world. Coming the other way, incoming calls are directed to your phone number, otherwise known as a DID. DIDs are assigned by providers and you register your trunks using credentials handed out by these providers. Incoming calls are routed to your DIDs which use inbound routes telling the PBX how to direct the calls internally. A call could go to an extension to ring a phone, or it could go to a group of extensions known as a ring group to ring a group of phones. It could also go to a conference that joins multiple people into a single call. Finally, it could be routed to an IVR or AutoAttendant providing a list of options from which callers could choose by pressing various keys on their phone.
We’ve done most of the prep work for you with Incredible PBX. We’ve set up an Extension to which you can connect a SIP phone or softphone. We’ve set up an Inbound Route that, by default, sends all incoming calls to a Demo IVR. And we’ve built a dozen trunks for some of the best providers in the business. Sign up with the ones you prefer, plug in your credentials, and you’re good to go.
Unlike traditional telephone service, you need not and probably should not put all your eggs in one basket when it comes to telephone providers. In order to connect to Plain Old Telephones, you still need at least one provider. But there is nothing wrong with having several. And a provider that handles an outbound call (termination) need not be the same one that handles an incoming call (origination) and provides your phone number (DID). We cannot recommend Vitelity highly enough, and it’s not just because they have financially supported our projects for almost a decade. They’re as good as VoIP providers get, and we use lots of them. If you’re lucky enough to live in the U.S., you’d be crazy not to set up a Google Voice account. It’s free as are all phone calls to anywhere in the U.S. and Canada. The remaining preconfigured providers included in Incredible PBX are equally good, and we’ve used and continue to use almost all of them. So pick a few and sign up. You only pay for the calls you make with each provider so you have little to lose by choosing several. The PIAF Forum includes dozens of recommendations on VoIP providers if you want additional information.
With the preconfigured trunks in Incredible PBX, all you need are your credentials for each provider and the domain name of their server. Log into Incredible PBX GUI Administration as admin using a browser. From the System Status menu, click Connectivity -> Trunks. Click on each provider you have chosen and fill in your credentials including the host entry. Be sure to uncheck the Disable Trunk checkbox! Fill in the appropriate information for the Register String. Save your settings by clicking Submit Changes. Then click the red Apply Config button.
Configuring a Softphone for Incredible PBX
We’re in the home stretch now. You can connect virtually any kind of telephone to your new PBX. Plain Old Phones require an analog telephone adapter (ATA) which can be a separate board in your computer from a company such as Digium. Or it can be a standalone SIP device such as ObiHai’s OBi100 or OBi110 (if you have a phone line from Ma Bell to hook up as well). SIP phones can be connected directly so long as they have an IP address. These could be hardware devices or software devices such as the YateClient softphone. We’ll start with a free one today so you can begin making calls. You can find dozens of recommendations for hardware-based SIP phones both on Nerd Vittles and the PIAF Forum when you’re ready to get serious about VoIP telephony.
We recommend YateClient which is free. Download it from here. Run YateClient once you’ve installed it and enter the credentials for the 701 extension on Incredible PBX. You’ll need the IP address of your server plus your extension 701 password. Choose Applications _> Extensions -> 701 and write down your SIP/IAX Password. You can also find it in /root/passwords.FAQ. Fill in the blanks using the IP address of your Server, 701 for your Username, and whatever Password you assigned to the extension when you installed Incredible PBX. Click OK to save your entries.
Once you are registered to extension 701, close the Account window. Then click on YATE’s Telephony Tab and place some test calls to the numerous apps that are preconfigured on Incredible PBX. Dial a few of these to get started:
DEMO - Apps Demo
123 - Reminders
947 - Weather by ZIP Code
951 - Yahoo News
*61 - Time of Day
TODAY - Today in History
If you are a Mac user, another great no-frills softphone is Telephone. Just download and install it from the Mac App Store.
Configuring Google Voice
If you want to use Google Voice, you’ll need a dedicated Google Voice account to support Incredible PBX. The more obscure the username (with some embedded numbers), the better off you will be. This will keep folks from bombarding you with unsolicited Gtalk chat messages, and who knows what nefarious scheme will be discovered using Google messaging six months from now. So keep this account a secret!
IMPORTANT: Do NOT under any circumstances take Google’s bait to switch from Google Chat to Hangouts, or you will forever lose the ability to use Google Chat with Incredible PBX. Also be sure to enable the Google Chat option as one of your phone destinations in Settings, Voice Setting, Phones. That’s the destination we need for The Incredible PBX to work its magic! Otherwise, all inbound and outbound calls will fail. Good News! You’re in luck. Google has apparently had a change of heart on discontinuing Google Chat support so it’s enabled by default in all new Google Voice accounts. Once you’ve created a Gmail and Google Voice account, go to Google Voice Settings and click on the Calls tab. Make sure your settings match these:
- Call Screening – OFF
- Call Presentation – OFF
- Caller ID (In) – Display Caller’s Number
- Caller ID (Out) – Don’t Change Anything
- Do Not Disturb – OFF
- Call Options (Enable Recording) – OFF
- Global Spam Filtering – ON
Click Save Changes once you’ve adjusted your settings. Under the Voicemail tab, plug in your email address so you get notified of new voicemails. Down the road, receipt of a Google Voice voicemail will be a big hint that something has come unglued on your PBX.
One final word of caution is in order regardless of your choice of providers: Do NOT use special characters in any provider passwords, or nothing will work!
Now you’re ready to configure your Google Voice account in Incredible PBX. You can do it from within the Incredible PBX GUI by choosing Connectivity -> Google Voice. How you enter your credentials depends upon whether you have chosen the Incredible PBX image with OAuth 2 support. For a complete Google Voice OAuth tutorial, follow steps 8-10 in this Nerd Vittles tutorial. Once you’ve entered your credentials, you MUST restart Asterisk from the command line, or Google Voice calls will fail.
If you have trouble getting Google Voice to work (especially if you have previously used your Google Voice account from a different IP address), try this Google Voice Reset Procedure. It usually fixes connectivity problems. If it still doesn’t work, enable Less Secure Apps using this Google tool.
If you have difficulty finding the Google Chat option after setting up a new Google Voice account, follow this tutorial.
Another option is to use an inexpensive SIP Gateway to Google Voice. The Simonics trunk in the Incredible PBX GUI is preconfigured for this purpose. All you’ll need is your Google Voice credentials. Get started with this tutorial.
Adding Speech Recognition Support to Incredible PBX
1. Using an existing Google/Gmail account to join the Chrome-Dev Group.
2. Using the same account, create a new Speech Recognition Project.
3. Click on your newly created project and choose APIs & auth.
4. Turn ON Speech API by clicking on its Status button in the far right margin.
5. Click on Credentials in APIs & auth and choose Create New Key -> Server key. Leave the IP address restriction blank!
6. Write down your new API key or copy it to the clipboard.
7. Log into your server as root and edit the speech recognition script:
nano -w /var/lib/asterisk/agi-bin/speech-recog.agi
8. When the nano editor opens, go to line 70:
my $key = "". Insert your API key from Step #6 above between the quotation marks and save the file: Ctrl-X, Y, then Enter.
9. To use Wolfram Alpha by phone, you first must obtain a free Wolfram Alpha APP-ID. Then issue the following command replacing APP-ID with your actual ID. Do NOT change the yourID portion of the command:
sed -i "s|yourID|APP-ID|" /var/lib/asterisk/agi-bin/4747
Now you’re ready to try out the speech recognition apps. Dial 949 and say the name of a city and state/province/country to get a current weather forecast from Yahoo. Dial 411 and say “American Airlines” to be connected to American.
To access Wolfram Alpha by phone, dial 4747 and enter your query, e.g. “What planes are overhead.” Read the Nerd Vittles tutorial for additional examples and tips.
Enabling WiFi on the Raspberry Pi
With the Raspberry Pi 3, wi-fi hardware is included. With the Raspberry Pi 2, you’ll need to add an inexpensive wifi dongle. The next step is connecting to your WiFi router. Simply open /etc/wpa_supplicant/wpa_supplicant.conf with your favorite editor and insert the following code using the actual SSID name and password to access your local, password-protected WiFi router or any open WiFi network:
Finally, stop and restart the wlan0 interface, count to 15, and check the status of your server to decipher the new IP address for your WiFi connection:
If you want to run your Raspberry Pi exclusively off the WiFi connection, simply unplug the network cable from your RasPi and reboot your server.
UPDATE: There still is a quirk with the wireless LAN driver on the Raspberry Pi 3. The problem has to do with the default power management of the wlan0 interface which results in it being powered off after very brief periods of inactivity. Special thanks to Matt Gemmell for this fix. Just cut-and-paste the lines below into a terminal window, and you’ll be good to go.
WARNING: Run pbxstatus first. If the top line shows Raspberry Pi 3, the following WiFi patch is already installed.
echo "options 8192cu rtw_power_mgnt=0 rtw_enusbss=0 rtw_ips_mode=1" > /etc/modprobe.d/8192cu.conf
sed -i '/exit 0/d' /etc/rc.local
echo "sleep 10" >> /etc/rc.local
echo "iwconfig wlan0 power off" >> /etc/rc.local
echo "exit 0" >> /etc/rc.local
echo "[Unit]" > /etc/systemd/system/root-resume.service
echo "Description=Turn off wlan power management" >> /etc/systemd/system/root-resume.service
echo "After=suspend.target" >> /etc/systemd/system/root-resume.service
echo "" >> /etc/systemd/system/root-resume.service
echo "[Service]" >> /etc/systemd/system/root-resume.service
echo "Type=simple" >> /etc/systemd/system/root-resume.service
echo "ExecStartPre= /bin/sleep 10" >> /etc/systemd/system/root-resume.service
echo "ExecStart= /sbin/iwconfig wlan0 power off" >> /etc/systemd/system/root-resume.service
echo "" >> /etc/systemd/system/root-resume.service
echo "[Install]" >> /etc/systemd/system/root-resume.service
echo "WantedBy=suspend.target" >> /etc/systemd/system/root-resume.service
systemctl enable root-resume
After rebooting, if you issue the iwconfig wlan0 command, it should show: Power Management:off.
Update: Lessons Learned for Raspberry Pi 3 Road Warriors
As with all new devices, you learn some things as you go along. So we’re providing an update to our original article to offer a couple of additional tips and tricks for those that want to travel with a RasPi…
Alternative Power Sources. If you’re like us, you have a number of devices around the house or office that all require 5V power adapters of various amperages. The Raspberry Pi has traditionally been one of the most temperamental when it came to power adapters and, with the Raspberry Pi 3, the developers specifically mention a 2.5 amp minimum. If you travel and want to take devices such as the Raspberry Pi with you, the last thing you want to do is approach airport security with a bunch of wires hanging out of your carry-on bag. Well, there’s good news. The Anker device shown in the Amazon ad in the right column of Nerd Vittles can supply power to 6 devices including a Raspberry Pi 3. And we’ve given the RasPi a healthy workout with no adverse effects.
Deciphering the RasPi IP Address. As we mentioned, we travel a lot so obtaining a DHCP address for your RasPi in WiFi mode is not always the easiest thing to accomplish. If your smartphone supports tethering, that’s the easiest way to get connectivity on the road. A better way is to stick a WiFi HotSpot in your luggage and it, too, can be powered using the Anker device. See our recent article for WiFi HotSpot choices. Regardless of which option you choose, it will require some planning to use your RasPi sans monitor and keyboard. First, you need to preconfigure /etc/wpa_supplicant/wpa_supplicant.conf with the SSID of the device you’ll be using to hand out DHCP addresses. You’ll note from the discussion above that each entry in this file has a priority with higher numbers having higher priority. The way we typically do this is to assign our home network as the highest priority. Below that, we set up credentials for our MiFi Hotspot, then our smartphones, and finally open networks. So it looks like this:
- Home Network – 6
- MiFi HotSpot – 5
- Android phone – 4
- iPhone (AT&T) – 3
- Open Network – 1
Keep in mind that the Incredible PBX firewall probably will block you from accessing the RasPi from a computer on the public network. So you also must connect your computer to the same private WiFi network because private LAN addresses are whitelisted in the firewall by default.
Once you have connectivity for your RasPi and your laptop, the other wrinkle is figuring out the IP address of the Raspberry Pi. Our recommended approach goes like this. First, configure SendMail on the RasPi to use a Gmail account that you own as an SMTP smarthost to send emails. That should work almost anywhere you go. Second, modify /etc/rc.local to automatically send you an email with the IP address and SSID of your wireless network whenever the RasPi boots. Again, this takes some advance planning because you need to set all of this up and test it before you go on the road.
Here are the steps to modify SendMail to use an existing Gmail account as a SmartHost. Log into your RasPi as root and issue the following commands:
hostname -f > genericsdomain
makemap -r hash genericstable.db < genericstable
mv sendmail.mc sendmail.mc.original
cp sendmail.mc.gmail sendmail.mc
mkdir -p auth
chmod 700 auth
echo AuthInfo:smtp.gmail.com "U:smmsp" "I:user_id" "P:password" "M:PLAIN" > client-info
echo AuthInfo:smtp.gmail.com:587 "U:smmsp" "I:user_id" "P:password" "M:PLAIN" >> client-info
echo AuthInfo:smtp.gmail.com:465 "U:smmsp" "I:user_id" "P:password" "M:PLAIN" >> client-info
nano -w client-info
When the nano editor opens the client-info file, change the 3 user_id entries to your Gmail account name without @gmail.com and change the 3 password entries to your actual Gmail password. Save the file: Ctrl-X, Y, then ENTER.
Now issue the following commands. In the last step, press ENTER to accept all of the default prompts:
chmod 600 client-info
makemap -r hash client-info.db < client-info
sed -i 's|sendmail-cf|sendmail/cf' /etc/mail/sendmail.mc
sed -i 's|sendmail-cf|sendmail/cf|' /etc/mail/sendmail.mc
sed -i 's|sendmail-cf|sendmail/cf|' /etc/mail/Makefile
sed -i 's|sendmail-cf|sendmail/cf|' /etc/mail/sendmail.cf
sed -i 's|sendmail-cf|sendmail/cf|' /etc/mail/databases
sed -i 's|sendmail-cf|sendmail/cf|' /etc/mail/sendmail.mc.gmail
sed -i 's|sendmail-cf|sendmail/cf|' /etc/mail/sendmail.cf.errors
Next, edit /etc/hosts and /etc/hostname. Change the raspberypi3 entries to: raspberrypi3.incrediblepbx.com.
Finally, stop and restart SendMail and then send yourself a test message. Be sure to check your spam folder!
apt-get install mailutils -y
echo "test" | mail -s testmessage email@example.com
The last step is to add these commands to /etc/rc.local to send you an email with your IP address and SSID whenever the RasPi is rebooted. Insert the following commands just above the exit 0 line at the end of the file. Use an email address to which you have access on the road!
ESSID=`iwconfig | grep ESSID | tail -1 | cut -f 9 -d " "`
echo "IP address: $(hostname -I) on $ESSID" | mail -s "RaspberryPi3 IP Address" firstname.lastname@example.org
Enabling Bluetooth on the Raspberry Pi
Incredible Fax Returns for the Raspberry Pi
Mastering the Incredible PBX Feature Set
Now would be a good time to explore the Incredible PBX applications. Continue reading there. If you have questions, join the PBX in a Flash Forums and take advantage of our awesome collection of gurus. There’s an expert available on virtually any topic, and the price is right. As with Incredible PBX, it’s absolutely free. Enjoy!
Originally published: Monday, March 7, 2016 Updated: Saturday, March 26, 2016
Support Issues. With any application as sophisticated as this one, you’re bound to have questions. Blog comments are a difficult place to address support issues although we welcome general comments about our articles and software. If you have particular support issues, we encourage you to get actively involved in the PBX in a Flash Forum. It’s the best Asterisk tech support site in the business, and it’s all free! Please have a look and post your support questions there. Unlike some forums, the PIAF Forum is extremely friendly and is supported by literally hundreds of Asterisk gurus and thousands of users just like you. You won’t have to wait long for an answer to your question.
Need help with Asterisk? Visit the PBX in a Flash Forum.
Awesome Vitelity Special.
Vitelity has generously offered a terrific discount for Nerd Vittles readers. You now can get an almost half-price DID from our special Vitelity sign-up link
. If you’re seeking the best flexibility in choosing an area code and phone number plus the lowest entry level pricing plus high quality calls, then Vitelity is the hands-down winner. Vitelity provides Tier A DID inbound service in over 3,000 rate centers throughout the US and Canada. When you use our special link to sign up
, Nerd Vittles gets a few shekels down the road to support our open source development efforts while you get an incredible signup deal as well. The going rate for Vitelity’s DID service is $7.95 a month which includes up to 4,000 incoming minutes on two simultaneous channels with terminations priced at 1.45¢ per minute. Not any more! For our users, here’s a deal you can’t (and shouldn’t) refuse! Sign up now, and you can purchase a Tier A DID with unlimited incoming calls and four simultaneous channels for just $3.99 a month. To check availability of local numbers and tiers of service from Vitelity, click here
You can only use the Nerd Vittles sign-up link
to order your DIDs, or you won’t get the special pricing! Vitelity’s rate is just 1.44¢ per minute for outbound calls in the U.S. There is a $35 prepay when you sign up. This covers future usage. Any balance is refundable if you decide to discontinue service with Vitelity.
3CX is a software PBX that’s easy to install & manage. It includes integrated softphones, WebRTC conferencing and essential add-ons out of the box, at no additional cost. Try the free edition at www.3cx.com.
Run on Premise or in the Cloud, on Windows and soon Linux
Softphones for iOS, Android, Win & Mac
Easy install, backup & restore, version upgrades
Automatically configures IP Phones, SIP Trunks & Gateways
Some Recent Nerd Vittles Articles of Interest…