Home » Posts tagged 'FreeSWITCH'

Tag Archives: FreeSWITCH

The Most Versatile VoIP Provider: FREE PORTING

Some Further Thoughts & Solutions Regarding DDoS Attacks



This month’s DDoS attacks on SIP infrastructure in the VoIP community should give us all pause to reflect upon what each of us can do to lessen the impact of these attacks in our Internet-centric community. Suffice it to say, DDoS attacks can be directed toward carriers (last week it was Bandwidth.com), VoIP providers (last week it was VoIP.ms), and VoIP servers (that would be your PBX). While they may not like it, carriers and many VoIP providers have the financial resources to withstand or mitigate a DDoS attack. You, on the other hand, with your budget-basement cloud server probably do not. So what can you do?

Almost 10 years ago, we introduced the Travelin’ Man 3 firewall for VoIP servers. The idea was novel at the time. You can’t attack what you can’t see. By placing an Incredible PBX server behind the IPtables firewall with no public exposure except for trusted sites and users, your server is essentially hidden from the Internet and all of the world’s bad guys. At the time, the design was poo-poo’d by the SIP purists who were adamant that SIP ports needed to be publicly exposed to function reliably. Wrong. Then there was the FreePBX® firewall which blocked repeated attacks from the IP address of a would-be attacker. But what if a botnet unleashed hundreds of thousands of attacks on your IP address. The FreePBX blocking mechanism obviously would fail. One of the shortcomings of Asterisk®: it isn’t a SIP proxy.

The moral of the story is pretty simple. Unless you have an unlimited bank account to thwart DDoS attacks and unless your PBX is sitting behind a SIP proxy, you’re much safer with a fully-protected Incredible PBX platform. And, for those believing your IP address is too obscure to attract much attention, try installing a server on CloudAtCost, or Digital Ocean, or Vultr without a firewall to protect your SSH port. You’ll quickly discover how popular you are. Stay safe!

Originally published: Monday, September 27, 2021



Need help with Asterisk? Visit the VoIP-info Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Is SIP Trunking Safe & Reliable in the DDoS World?



Since last Thursday when VoIP.ms suffered (and continues to suffer) one of the worst Distributed Denial of Service (DDOS) attacks in the VoIP era, we’ve been asked a thousand times whether any SIP trunking provider can provide a safe and reliable platform under circumstances similar to the VoIP.ms outage. We obviously cannot vouch for every trunking provider but, based upon our discussions with two of the major carriers that support Incredible PBX, we are confident that either of them could withstand a similar attack and your phones would still ring. Keep in mind that one of the hidden beauties of VoIP is the ability to configure your PBX to use multiple carriers for failover in making outbound calls, something we have always recommended. Unfortunately, inbound calls are tied to registration of each DID with one and only one carrier. Thus, if that carrier goes off line, incoming calls to DIDs registered with that carrier will fail.

To restate the obvious, no provider is going to publicly document their DDOS remediation methodology thereby providing attackers with a blueprint to their network design and remediation strategy. However, under non-disclosure agreements, we have spoken at length with the owners of our two major Incredible PBX providers: Skyetel and Clearly IP. Based upon our NDA discussions over the past few days, we are satisfied that the SIP trunking offerings of our two primary carriers are sufficiently robust to withstand a VoIP.ms-like DDOS attack. Having said that, we are optimistic that the VoIP.ms outage has placed a renewed spotlight on the seriousness of these DDOS attacks with the FBI and the U.S. Department of Homeland Security.

So what’s missing from the VoIP.ms design that has made their infrastructure so vulnerable? Lots. For openers, VoIP.ms apparently does not rely upon SIP proxies or firewalls using industry-standard network management procedures. In fact, until several days ago, VoIP.ms reportedly was hosting its own DNS servers exclusively. While that has been addressed by moving to Cloudflare, other design vulnerabilities have been more difficult to ameliorate. For example, SIP trunking with VoIP.ms by design requires registration to one of several dozen POPs on both your PBX and on their public-facing portal. An inability to access their public portal means an administrator cannot redirect traffic to another POP in case of an outage. And, if an individual POP is overwhelmed with a DDOS attack, that POP can no longer redirect its incoming calls to a failover location. And apparently it is the only server from which this redirection can be initiated. As the current five-day outage makes clear, reengineering this design would be a Herculean task. So an important lesson learned should be that FORWARDING DIDS TO ANOTHER NUMBER OR SIP ADDRESS SHOULD BE COMPLETELY INDEPENDENT OF YOUR PUBLIC-FACING ARCHITECTURE.

What can you do at this juncture to lessen your vulnerability to a future DDOS attack? First, don’t put all of your eggs in one carrier’s basket. This is especially true with your main phone numbers (DIDs). Second, if you are a major organization, move your most important DIDs to one of our preferred providers, Skyetel or ClearlyIP. And, if money is no object, consider an AT&T, Verizon, T-Mobile, or Google Voice trunk. With multi-path forwarding, simultaneous incoming calls can be redirected to other DIDs hosted with SIP trunking providers. These paths can easily be adjusted in the event of a DDOS attack. Many of these providers offer heavily discounted rates for forwarding calls to other SIP destinations which need not be publicly disclosed.

Latest VoIP.ms Update:


Originally published: Monday, September 20, 2021



Need help with Asterisk? Visit the VoIP-info Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Introducing Skyetel: A VoIP Provider for All Seasons

Having been around the block more times than we can remember, suffice it to say it takes a lot to get us excited about a VoIP provider. Let us tick off some criteria to even get our attention: terrific pricing, failsafe reliability, and first class performance. So just imagine our excitement to discover that an early follower of Nerd Vittles now provides one of the most compelling VoIP services we’ve ever tested with triple redundancy in multiple data centers. And Skyetel now has added what, for some, was the most important piece: support for VoIP servers with dynamic IP addresses. While it’s still beta code, it’s easy to use and reliable. There’s yet another hidden benefit. Incredible PBX coupled with Skyetel makes a perfect platform for redundant servers. We’ll cover it in a future article, but here’s the basic design.

Let’s sweeten the pot a bit more. We were looking for a service provider that could offer a compelling price for the hobbyist and home user while also having the depth to provide millions of minutes to organizations and resellers that actually have such a need. Skyetel now offers Nerd Vittles readers two special offers. First, you can claim a $10 credit for your new account simply by opening a ticket once you sign up. Once you have kicked the tires and are satisfied with the service, you won’t want to miss the Nerd Vittles BOGO offer. Skyetel will match your original deposit up to $250. Deposit $50 and Skyetel will double it. Or plan ahead with a $250 deposit and Skyetel will still double it. That translates into $500 of half-price VoIP service! Once you have funded your account with your money, Skyetel will provide free porting of your DIDs for the first 60 days after you open your account plus a 10% reduction in your current origination rate and DID costs by presenting your last month’s bill.1 Effective 10/1/2023, $25/month minimum spend required. For resellers and high volume users, document your requirements on your Nerd Vittles signup form and let us put you in touch with someone at Skyetel that will make you a deal you can’t refuse. And what does Nerd Vittles get out of this? Glad you asked. We’re delighted to have Skyetel as a platinum sponsor to keep the lights burning and the deals flowing for another decade of articles and open source offerings for our dedicated followers.

Original Skyetel DepositSkyetel Deposit MatchAvailable SIP Service $'s
$20$20$40
$50$50$100
$100$100$200
$200$200$400
$250$250$500

We want to also address the elephant in the room. Some have asked about our relationship with Vitelity, a long time sponsor of Nerd Vittles and our open source projects. They’re alive and well. However, the company has gone through several acquisitions in the past few years, and their focus now has shifted more to the reseller and wholesale market. ALL EXISTING VITELITY CUSTOMERS ARE UNAFFECTED BY THIS CHANGE IN DIRECTION. And we are more than happy to put new resellers and wholesalers in touch with someone at Vitelity that can address your requirements. The good news is that you’ll now have two companies to compare while new home users and small businesses have a viable alternative moving forward.

Skyetel’s State-of-the-Art Network Design

Because Skyetel’s system architecture is radically different from most other VoIP providers, we wanted to spend a minute documenting their setup. Typically, a VoIP provider may offer a failover server in case their primary server fails. But all calls flow through the primary server unless there is a system failure. As we noted previously, Skyetel’s current setup includes three redundant data centers, all of which receive incoming calls while being firewalled from each other. Once you place or receive a call from the Skyetel network, their data center is completely removed from the audio path of the call which flows directly between your server and the outside party. Thus, even if the data center experienced a total system failure in the middle of your call, neither you nor the other party would ever know it. This design also eliminates the potential of a man-in-the-middle attack from your VoIP provider’s server.

Skyetel Pricing Overview

This summary is not intended to be an exhaustive listing of all Skyetel services. Follow this link for a complete summary of fees and services. Traditional DIDs are $1 per month. Toll free numbers an additional 20¢ per month. Outbound conversational calls are $0.012 per minute. DIDs can be SMS/MMS enabled for 10¢ per month. E911 service is $1.50 per month. Incoming conversational calls are a penny a minute. CallerID lookups are $0.004 per call. Voicemail transcription is available for 10¢ per message.

Signing Up for Skyetel Service

So here’s the drill to sign up for Skyetel service and take advantage of the Nerd Vittles specials. First, complete the Prequalification Form here. You then will be provided a link to the Skyetel site to complete your registration. Once you have registered on the Skyetel site and your account has been activated, open a support ticket and request your free $10 credit to kick the tires. You cannot port in numbers at no cost until you actually fund your account out of your own pocket. Once you have funded your account, open another ticket for the BOGO credit for your account by referencing the Nerd Vittles special offer. You then can initiate your free number porting requests on the portal and request a credit for the porting fees. BOGO credit is limited to one per person/company/address/location. If you want to take advantage of the 10% discount on your current service, attach a copy of your last month’s bill. See footnote 1 for the fine print. If you have high call volume requirements, document these in your Prequalification Form, and we will be in touch. Easy Peasy!

For those that may be concerned that one day, after your credit expires, you could be paying a penny a minute for phone calls, let me provide a little Ma Bell history lesson for you. When my roommate and I were in law school, our typical phone bill often exceeded $200 a month because we both had girlfriends a couple hundred miles up the road. In today’s dollars, that phone bill translates into roughly $1,200 a month. That would have been 120,000 minutes a month at a penny a minute in today’s dollars. So, yes, VoIP is having a profound influence on the AT&T and Verizon Bell Sisters.

Skyetel Endpoint Group Configuration

Unlike many VoIP providers, Skyetel does not use SIP registrations to make connections to your PBX. Instead, Skyetel utilizes Endpoint Groups to identify which servers can communicate with the Skyetel service. An Endpoint Group consists of a Name, an IP address, a UDP or TCP port for the connection, and a numerical Priority for the group. For incoming calls destined to your PBX, DIDs are associated with an Endpoint Group to route the calls to your PBX. For outgoing calls from your PBX, a matching Endpoint Group is required to authorize outbound calls through the Skyetel network. Thus, the first step in configuring the Skyetel side for use with your PBX is to set up an Endpoint Group. A typical setup for use with Incredible PBX®, Asterisk®, or FreePBX® would look like the following:

  • Name: MyPBX
  • Priority: 1
  • IP Address: PBX-Public-IP-Address
  • Port: 5060
  • Protocol: UDP
  • Description: server1.incrediblepbx.com

Skyetel DID Configuration

To receive incoming PSTN calls, you’ll need at least one DID. On the Skyetel site, you acquire DIDs under the Phone Numbers tab. You have the option of Porting in Existing Numbers (free for the first 60 days after you sign up for service) or purchasing new ones under the Buy Phone Numbers menu option.

Once you have acquired one or more DIDs, navigate to the Local Numbers or Toll Free Numbers tab and specify the desired SIP Format and Endpoint Group for each DID. Add SMS/MMS and E911 support, if desired. Call Forwarding and Failover are also supported. That completes the VoIP setup on the Skyetel side. System Status is always available here.

Incredible PBX Firewall Setup for Skyetel

The Travelin’ Man 3 firewall included with all Incredible PBX platforms limits access to your server based upon whitelisted IP addresses of outside providers and users. In order to receive calls from the multiple Skyetel data centers, the following entries need to be included in the whitelist of your PBX. For new installs of Incredible PBX 13-13 for CentOS, the entries already are included. Otherwise, issue the following commands from the Linux CLI and choose the 0 option using the add-ip utility in /root:

  • /root/add-ip Skyetel-NW 52.41.52.34
  • /root/add-ip Skyetel-SW 52.8.201.128
  • /root/add-ip Skyetel-NE 52.60.138.31
  • /root/add-ip Skyetel-SE 50.17.48.216
  • /root/add-ip Skyetel-EU 35.156.192.164

NOTE: If your PBX is sitting behind a NAT-based router, then you will also need to forward UDP port 5060 from your router to the internal IP address of your PBX. Otherwise, incoming calls from Skyetel will fail. You also may need to add a NAT=yes entry to each of the Skyetel trunk configurations using the GUI. The telltale sign that the NAT entry is required will be incoming calls with one-way or no audio.

Incredible PBX Trunk Setups for Skyetel

Because Skyetel uses multiple data centers without trunk registrations, you’ll actually need to configure 6 separate Skyetel trunks in the Incredible PBX GUI. The same setup applies for those using generic FreePBX aggregations. We’ve created a script to create all of the trunks for you. Just issue the following commands. The last command assures that you don’t accidentally run the script a second time which would cause all sorts of issues. Feel free to review the code if you want to learn how to create trunks in FreePBX from the command line.

cd /root
wget http://incrediblepbx.com/add-skyetel
chmod +x add-skyetel
# uncomment next line if your incoming calls all have 10-digit numbers
# sed -i 's|from-trunk|from-pstn-e164-us|' add-skyetel
./add-skyetel
chmod -x add-skyetel

Incredible PBX Inbound Routing for Skyetel

Next we need to tell your PBX how to route incoming calls from Skyetel. Using a browser, log into the IP address of your PBX using your admin credentials. Because there is no trunk registration with Skyetel trunks, you will need to create an Inbound Route for every Skyetel DID. You cannot rely upon a Default inbound route because FreePBX treats the calls as blocked anonymous calls without an Inbound Route pointing to the 11-digit number of each Skyetel DID. From the GUI, choose Connectivity -> Inbound Routes -> Add Inbound Route. For both the Description and DID fields, enter the 11-digit phone number beginning with a 1. Set the Destination for the incoming DID as desired and click Submit. Reload the Dialplan when prompted. Place a test call to each of your DIDs after configuring the Inbound Routes.

Incredible PBX Outbound Routing to Skyetel

If Skyetel will be your primary provider, you can use both 10-digit and 11-digit dialing to process outbound calls through your Skyetel account. From the GUI, choose Connectivity -> Outbound Routes -> Add Outbound Route. For the setup, we recommend the following using the CallerID Number you wish to associate with your outbound calls through Skyetel:

Enter the Dial Patterns under the Dial Patterns tab before saving your outbound route. Here’s what you would enter for 10-digit and 11-digit dialing. If you want to require a dialing prefix to use the Skyetel Outbound Route, enter it in the Prefix field for both dial strings.

Audio Issues with Skyetel

If you experience one-way or no audio on some calls, make sure you have filled in the NAT Settings section in the GUI under Settings -> Asterisk SIP Settings -> General. In addition to adding your external and internal IP addresses there, be sure to add your external IP address in /etc/asterisk/sip_general_custom.conf like the following example and restart Asterisk:

externip=xxx.xxx.xxx.xxx

If you’re using PJSIP trunks or extensions on your PBX, implement this fix as well.

Receiving SMS Messages Through Skyetel

Most Skyetel DIDs support SMS messaging. Once you have purchased one or more DIDs, you can edit each number and, under the SMS &MMS tab, you can redirect incoming SMS messages to an email or SMS destination of your choice using the following example:



Sending SMS Messages Through Skyetel

We’ve created a simple script that will let you send SMS messages from the Linux CLI using your Skyetel DIDs. In order to send SMS messages, you first will need to create a SID key and password in the Skyetel portal. From the Settings icon, choose API Keys -> Create. Once the credentials appear, copy both your SID and Password. Then click SAVE.

Next, from the Linux CLI, issue the following commands to download the sms-skyetel script into in your /root folder. Then edit the file and insert your SID, secret, and DID credentials in the fields at the top of the script. Save the file, and you’re all set.

cd /root
wget http://incrediblepbx.com/sms-skyetel
chmod +x sms-skyetel
nano -w sms-skyetel

To send an SMS message, use the following syntax where 18005551212 is the 11-digit SMS destination: sms-skyetel 18005551212 "Some message"

SMS and MMS Messaging with Postcards

Skyetel now has released a terrific, open source Docker app, Postcards, that lets you build an SMS and MMS messaging platform for your entire organization. Suffice it to say, anything you ever wanted to do with SMS and MMS messaging, you can do with Postcards. We won’t repeat Skyetel’s excellent tutorial, but you certainly need to visit their site and take Postcards for a spin.

NEW: Skyetel Support for Dynamic IP Addresses

You asked for it, and Skyetel has delivered. For Nerd Vittles users running servers with dynamic IP addresses, Skyetel now provides support for your platform. Log into your server as root and cd /usr/src. Then review this tutorial which describes the steps to put the pieces in place. Be advised that this is beta software at this juncture. If you run into issues, please post your questions on the PIAF Forum. Here are the actual steps:

(1) Log in to your Skyetel portal and Add a New Endpoint Group for your server giving it the name and current public IP address of your server.

(2) While still logged in, tap the Gear icon to open Settings dialog and choose API Keys tab.

(3) Add a new API key and write down your new SID and SID password.

(4) If your server is behind a router or firewall, log into that device and map UDP 5060 and UDP 10000-20000 to the private LAN address of your server.

NOTE: If your server is on the Debian, Ubuntu, or Raspbian platform, substitute the following command for the first two yum commands in step #5 below:

apt-get -y install coreutils curl git jq

(5) Log into your server and issue the following commands to install the EndPoint Updater:

yum -y install coreutils curl git epel-release
yum -y --enablerepo=epel install jq
cd /usr/src
git clone https://bitbucket.org/skyetel/ip-endpoint-group-update.git
cd ip-endpoint-group-update
./ip-update-endpointgroup.sh

(6) Fill in your credentials when prompted, and the cron script will be installed to keep your server’s dynamic IP address registered with Skyetel.

Introducing Skyetel’s New Fax Platform

Every time we read an article predicting the demise of fax technology, we have to chuckle. We’ve been reading the articles for about 30 years now, and fax still is the goto solution for many organizations. Can you spell HIPPA? Finally, Skyetel has dipped its toes in the fax waters by offering an easy-to-use fax solution for receipt of traditional and T.38 faxes. Simply purchase a Skyetel DID and configure it for vFax routing. Enter an email address for delivery of the faxes, and you’re done.


Sending faxes from the Skyetel portal still is on the drawing boards, but it’s coming. In the meantime, Incredible Fax™ which is bundled with all Incredible PBX® platforms will let you send faxes ’til the cows come home with our easy-to-use Hylafax/AvantFax implementation.

Implementing the New Spam Call Filter

One of the most often requested features for any PBX is spam call filtering. Skyetel takes it to the next level by dealing with the spammers before the calls ever reach your PBX. For each of your Skyetel phone numbers, click on the Features tab and set the Spam Call Filter as desired.

Recording and Transcribing Skyetel Calls

As with spam call filtering, recording and/or transcribing Skyetel calls is only a click away. For each of your Skyetel phone numbers, click on the Features tab and set the option desired for Recording and/or Transcribing calls. Recordings and Transcriptions can be managed from your Skyetel Dashboard. Storage is free for up to 30 days, after which they are deleted.

Skyetel Monitoring of Endpoint Health

In addition to monitoring and reporting the health of all Skyetel services in your web portal, this latest addition allows you to configure Skyetel to not only monitor the State of every registered endpoint but also its Health with realtime metrics of the Latency, Packet Loss, and Jitter of each of your endpoints. Simply check the Network QOS options desired.

Skyetel Expansion for Canadian Users


Here’s some great news for our Canadian friends. Skyetel has been listening!

  • Porting to Skyetel in Canada now is significantly easier and faster
  • Awesome reductions in audio round trip times
  • Epic reductions in time-to-deliver
  • Faster response times to technical issues (and fewer of them!)
  • Audio for Canadian calls will now originate from Canadian data centers
  • SMS and MMS available on Canadian ported numbers

Originally published: Thursday, November 1, 2018  Updated: Wednesday, June 12, 2019


Support Issues. With any application as sophisticated as this one, you’re bound to have questions. Blog comments are a difficult place to address support issues although we welcome general comments about our articles and software. If you have particular support issues, we encourage you to get actively involved in the PBX in a Flash Forum. It’s the best Asterisk tech support site in the business, and it’s all free! Please have a look and post your support questions there. Unlike some forums, the PIAF Forum is extremely friendly and is supported by literally hundreds of Asterisk gurus and thousands of users just like you. You won’t have to wait long for an answer to your question.



Need help with Asterisk? Visit the VoIP-info Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



  1. In the unlikely event that Skyetel cannot provide a 10% reduction in your current origination rate and/or DID costs, Skyetel will give you an additional $50 credit to use with the Skyetel service. []

A Sobering Look at Asterisk and the 2019 VoIP Landscape




Every six months or so we like to gaze into our crystal ball for a quick look at the VoIP landscape. 2018 has been quite the transformative year with the acquisition of Digium® and Asterisk® by Sangoma®. Unfortunately, as we predicted, the Digium layoffs have already begun, and 2019 may only get worse. While we have no inside information, we wouldn’t be surprised to see Digium’s headquarters in Huntsville closed within six months in an effort to balance the books. Part of the problem may be attributable to the terms of the purchase itself. However, we sense there’s a more troubling development. And that is the reality that VoIP is becoming less and less appealing to home users and small businesses as more and more folks migrate purely to cell phones. Those with teenagers already know this transformation is underway. With services such as Google Fi starting at $20 for unlimited calling and texting, it’s difficult to justify VoIP services even at bargain basement prices. Making the cellular switch even more appealing are offers such as a $400 credit with the purchase of an LG G7 smartphone from Google or a free LG G7 with new Sprint service.

What you lose with a pure cellular platform are many of the features that have made PBXs popular in the VoIP space: call routing, text-to-speech and voice recognition applications, conferencing, SPAM call blocking, and much more. But 2018 also was the year that Google finally pulled the plug on free calling through your PBX. Instead, you now have to purchase and configure a $50 OBi200 to continue with Google Voice, and the integration is painful to put it charitably. The demise of Google Voice added one more nail to the free VoIP coffin. And, as many of you know, Vitelity, our long-time platinum sponsor, now has bowed out of the VoIP retail business due to a change in focus from Voyant, the company’s new owner. Finally, our bargain-basement cloud provider for experimentation, HiFormance, appears to have bitten the dust. Details here. Suggestions here. Reminder: "You get what you pay for."

It’s not all bad news for 2019. First, all of the Incredible PBX platforms are still alive and well. And they will remain open source GPL code. Second, we’ve found a terrific new VoIP provider, Skyetel, that will give you a $50 credit so you can kick the tires for a good long while. Effective 10/1/2023, $25/month minimum spend required. Third, if you’re looking for a robust Cloud platform, Digital Ocean still is offering a $100 signup credit for your first 60 days of service, and Incredible PBX runs swimmingly on their $5/month platform with CentOS. Spend another $1 a month, and you get automatic backups of your cloud-based server. It’s cheap insurance for something as important as your phone system.

If you’re like us, you may be getting a little nervous about the future of Asterisk. We’ve already provided a series of articles on FusionPBX for FreeSWITCH. Our original tutorial and the follow-on articles showing how to create voice prompts using IBM Watson and how to create and deploy TTS applications such as news and weather reports are worth a careful read. And, if you consider yourself a pioneer, then you owe it to yourself to try out the FreeSWITCH developers’ new cloud-based platform, SignalWire. Here’s the $55 Promo code that worked for us: ITEXPO2019. That should get you off to a great start. And check out the pricing: U.S. DIDs are $0.08 per month, U.S. Origination rate (incoming) is $0.00325 per minute, U.S. Termination rate (outgoing) is $0.0072 per minute, U.S. SMS Outbound is $0.0009 per message, and U.S. SMS Inbound messages are free. MMS also available. Once verified, you can spoof any CallerID name and number that you own! What’s not to like? Asterisk Trunk setup example available here.

CAUTIONARY NOTE: SignalWire should be considered EXPERIMENTAL SOFTWARE and is not yet suitable for production use.

That should be enough excitement to keep all of you entertained over the holidays. We’re planning a few days off to be with family and friends. Let us be the first to wish each of you a very Merry Christmas. We’re looking forward to an exciting 2019!

Originally published: Monday, December 17, 2018



Need help with Asterisk? Visit the VoIP-info Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



FusionPBX on Steroids: Text-to-Speech Apps Have Arrived


SECURITY ALERT: https://securityboulevard.com/2019/06/rce-using-caller-id-multiple-vulnerabilities-in-fusionpbx/

And you thought you needed an Asterisk® PBX for your users to enjoy FREE text-to-speech applications such as current News Headlines and Weather reports from the convenience of their telephone. Well, move over Asterisk. FusionPBX™ for FreeSWITCH™ now offers virtually identical functionality with all of the terrific advantages that FusionPBX provides: reliability, updates, performance, security and an unmatched UC platform with no rivals. To get started, make sure you have completed the steps in our FusionPBX introductory tutorial.

Intuitive support in FusionPBX for interactive TTS or STT applications is not (yet) available. So we’re doing the next best thing. Once or more a day, we will use cron jobs to retrieve the latest News Headlines and Weather reports for your local area. Then anyone using your PBX can pick up a phone and listen to the News Headlines by dialing 951 or U.S. weather forecasts by dialing 947, or worldwide weather forecasts from ApiXU by dialing 949.1 We’ll be using IBM’s awesome TTS engine to handle the text-to-speech chores. We think you will agree that IBM’s offering is the best in the business. And you can’t beat the price. After your first free month, you get a million characters of FREE text-to-speech synthesis every month forever! For ApiXU worldwide weather data, your first 2,500 queries are also FREE every month.

Here’s a sample from the 3CX implementation of these identical applications:


[soundcloud url="https://api.soundcloud.com/tracks/364353344″ params="auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&visual=true" width="80%" height="350″ iframe="true" /]

 

Getting Started with IBM Bluemix TTS Service

NOV. 1 UPDATE: IBM has moved the goal posts effective December 1, 2018:

You can start your free, 30-day trial of IBM Bluemix services without providing a credit card. Just sign up here. Once your account is activated, here’s how to obtain credentials for the TTS service to use with FusionPBX. Start by logging in to your IBM Bluemix account. Once you’re logged in, click on your account name (1) in the upper right corner of your web page to reveal the pull-down to select your Region, Organization, and Space. Follow the blue links at the bottom of the pull-down menu to create an Organization and Space for your TTS service.



Next, click the Menu icon which is displayed as three horizontal bars on the left side of the web page. Choose Watson. Click Create Watson Service and select Text to Speech from the applications listing. Watson will generate a new TTS service template and display it. Make certain that your Region, Organization, and Space are shown correctly. Then verify that the Standard Pricing Plan is selected. When everything is correct, click the Create button.

When your Text to Speech application displays, click Service Credentials and then click New Credential (+). When the Add New Credential dialog appears, leave the default settings as they are and click Add. Your Credentials Listing then will appear. Click View Credentials beside the new entry you just created. Write down your URL, username, and password. You’ll need these in Step #4 below to configure the IBM Bluemix TTS service. Logout of the IBM Cloud by clicking on the little face in the upper right corner of your browser window and choose Log Out. Confirm that you do, indeed, wish to log out.

Getting Started with ApiXU Weather

Finding free worldwide weather forecasts has been a difficult nut to crack. So we’re pleased to introduce ApiXU. Your first 5,000 API calls every month are free, but our Worldwide Weather application for FusionPBX actually makes two API calls to retrieve the latest weather conditions AND the weather forecast. What that means is you can make 2,500 free queries a month with the Nerd Vittles application. One or two a day should suffice. While the U.S. weather reports are retrieved by ZIP code, the ApiXU queries are retrieved by city. So long as you don’t choose small towns, the city names should be sufficiently unique to work well with the WorldWide Weather application. HINT: Nicosia in Cyprus (home of 3CX) works great! 😉




Before you can obtain worldwide weather reports, you’ll need to sign up for an account at ApiXU.com. Once you’re registered, log into your account and copy down your API Key. You’ll need it in a minute.

5 Steps to TTS Paradise with FusionPBX

Once you have your IBM TTS credentials in hand, there are only five simple steps to get everything set up for TTS application support on FusionPBX. When we’re finished, anyone on your PBX can pick up a phone and listen to the News Headlines by dialing 951, a U.S. Weather Forecast by dialing 947, or Worldwide Weather for most international cities by dialing 949.

  1. Download WAV file placeholders to FusionPBX
  2. Set up TTS Extensions in FusionPBX
  3. Install the Linux components to support TTS Applications
  4. Insert IBM and ApiXU Credentials, Email Address and Weather Locations
  5. Run the News Headlines and Weather Update Scripts

1. Downloading WAV File Placeholders

Login to your FusionPBX server as root using SSH or Putty. Change to /var/lib/freeswitch/recordings directory. List its contents to decipher the names of any subdirectories that have been created for your various FusionPBX domains. Change to each subdirectory under /var/lib/freeswitch/recordings and issue the following commands to install the TTS placeholders:

wget http://incrediblepbx.com/freeswitch/placeholders.tar.gz
tar zxvf placeholders.tar.gz
rm -f placeholders.tar.gz

IMPORTANT: Once you’ve copied the placeholders into position, use a browser to open the FusionPBX Dashboard for each of your domains. Navigate to Apps then Recordings and play each of the three placeholder files that were uploaded: News-update, Weather-forecast, and Weather-zip. Otherwise, they won’t be available for use in the next step of the setup.

2. Setting Up TTS Apps in FusionPBX

Before you can implement the Nerd Vittles TTS Apps for News Headlines, Weather by ZIP Code, and Worldwide Weather, we first need to create the proper environment on the FusionPBX side to support the new applications. We’ll be using the FusionPBX Dialplan Manager for this purpose. We need to set up three extensions to handle the calls: one for the News Headlines and one for each of the Weather applications.

Login to your FusionPBX Dashboard with a browser.

News Headlines: From the FusionPBX Dashboard, navigate to DialPlan, then Dialplan Manager, and click the Add (+) icon. Using your default Context, insert the following new entry into the Dialplan for News Headlines (951) by filling in the Name, Condition1, Action1, and Description fields as shown below. Leave the other defaults. Then click SAVE.



When the Dialplan listing reappears, find the NewsHeadlines entry in the list and click the pencil icon to Edit the entry. Add 951 in the Number field as shown below. Then click SAVE and BACK.



Now let’s add the Dialplan entries to support the two Weather applications.

Weather by ZIP Code: From the FusionPBX Dashboard, navigate to DialPlan, then Dialplan Manager, and click the Add (+) icon. Using your default Context, insert the following new entry into the Dialplan for Weather by ZIP Code (947) by filling in the Name, Condition1, Action1, and Description fields as shown below. Leave the other defaults. Then click SAVE.



When the Dialplan listing reappears, find the WeatherZIP entry in the list and click the pencil icon to Edit the entry. Add 947 in the Number field as shown below. Then click SAVE and BACK.



Worldwide Weather: From the FusionPBX Dashboard, navigate to DialPlan, then Dialplan Manager, and click the Add (+) icon. Using your default Context, insert the following new entry into the Dialplan for Worldwide Weather (949) by filling in the Name, Condition1, Action1, and Description fields as shown below. Leave the other defaults. Then click SAVE.



When the Dialplan listing reappears, find the WorldwideWeather entry in the list and click the pencil icon to Edit the entry. Add 949 in the Number field as shown below. Then click SAVE and BACK.



Try things out by dialing 947, 949, and 951 from any FusionPBX extension. Be sure these work before proceeding!

3. Installing Linux Components for TTS

First, we need to get the missing pieces in place to support TTS applications using IBM Bluemix TTS and the Nerd Vittles scripts. We want to add PHP support from the Linux CLI only so there will be no security issues. And we want to add support for SQLite 3 so we can look up latitude and longitude data for U.S. zip codes. Just issue the following commands to get everything set up:

apt-get update
apt-get -y install php-fpm php-curl php-cli php-pear php-db php-gd sqlite3 libsqlite3-dev
apt-get -y install sox lame libsox-fmt-mp3
sed -i 's|;cgi.fix_pathinfo=1|cgi.fix_pathinfo=0|' /etc/php/7.1/fpm/php.ini
systemctl restart php7.1-fpm

Next, we need to put the Nerd Vittles scripts and ZIP code database for SQLite 3 in place:

cd /
wget http://incrediblepbx.com/freeswitch/fusionpbx-tts-linux.tar.gz
tar zxvf fusionpbx-tts-linux.tar.gz
rm -f fusionpbx-tts-linux.tar.gz

Finally, we need to add cron jobs to run the three update scripts at least once a day. You can run them more often depending upon your needs. We have these configured to run at 6:15 am and 6:20 am every day. Adjust to meet your own requirements. On a busy PBX, you probably don’t want to run them during the workday.

echo "15 6 * * * root /root/nv-weather-update.sh >/dev/null 2>&1" >> /etc/crontab
echo "20 6 * * * root /root/nv-news-update.sh >/dev/null 2>&1" >> /etc/crontab
echo "25 6 * * * root /root/nv-wwweather-update.sh >/dev/null 2>&1" >> /etc/crontab

4. Adding TTS Credentials to FusionPBX

Now we need to add your IBM TTS and ApiXU credentials, email address, a local ZIP code for Weather by ZIP code reports, and a city for Worldwide Weather reports. Edit the credentials file and save it with your information:

cd /root
nano -w ibm-credentials.php

5. Running the News & Weather Update Scripts

Finally, we need to run the News Headlines and two Weather update scripts once to put current data in place for FusionPBX callers. After the initial setup, the cron jobs will update the News Headlines and Weather reports every day moving forward. Press ENTER as each of the scripts finishes to get back to a command prompt.

cd /root
./nv-news-update.sh
./nv-weather-update.sh
./nv-wwweather-update.sh

Taking the News & Weather Apps for a Spin

Now you’re ready to try things out. From any phone connected to your PBX, dial 951 for current News Headlines. Then dial 947 for a local Weather Report matching your zip code. Finally, dial 949 to retrieve a worldwide weather forecast for most international cities.

If you don’t yet have a FusionPBX server set up but would like to sample the voice quality of the TTS applications running on our FusionPBX server in New York, here are several ways to try them out using an IVR we set up using an IBM voice prompt from last week’s tutorial. Airport codes reflect (PROVIDER LOCATION-SERVER LOCATION-DID LOCATION).

  • Skyetel DID: 843-970-9997 (SEA-BUF-CHS)
  • Vitelity DID: 646-666-5997 (DEN-BUF-NYC)
  • VoIPms DID: 843-606-0444 (ATL-BUF-CHS)
  • Free iNUM Call: 883510009901997 (ATL-BUF-ATL)
  • Free SIP Call: 883510009901997@sip.inum.net (ATL-BUF-ATL)

Originally published: Monday, September 24, 2018


Support Issues. With any application as sophisticated as this one, you’re bound to have questions. Blog comments are a terrible place to handle support issues although we welcome general comments about our articles and software. If you have particular support issues, we encourage you to get actively involved in the PBX in a Flash Forums. It’s the best Asterisk tech support site in the business, and it’s all free! Please have a look and post your support questions there. Unlike some forums, ours is extremely friendly and is supported by literally hundreds of gurus and thousands of users just like you. You won’t have to wait long for an answer to your question.



Need help with Asterisk? Visit the PBX in a Flash Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Some Recent Nerd Vittles Articles of Interest…

  1. The included applications are licensed pursuant to GPL2 with the exception of nv-worldwide-weather.php which is licensed pursuant to The MIT License. Terms and conditions of both licenses are included in /root/COPYING. []

Creating Free IBM Voice Prompts for FusionPBX/FreeSWITCH

SECURITY ALERT: https://securityboulevard.com/2019/06/rce-using-caller-id-multiple-vulnerabilities-in-fusionpbx/

One of the first things you’ll need if you choose to migrate to FusionPBX and FreeSWITCH is voice prompts. You can record your own in FusionPBX using the Recordings application by dialing *732. Of course, your PBX will probably sound like you recorded your own prompts. 🙂 Our first recommendation is to always direct folks to Allison Smith whose voice prompts for Asterisk are legendary. But, for those on a tight budget, recordings by a professional voice talent may not be a viable option. So, today, we want to deliver the next best thing with synthesized voice prompts that are second to none. For regular readers of Nerd Vittles, you’re already aware of our enthusiasm for IBM’s new TTS offerings. You can try them out for yourself by clicking View Demo here. Or you can sample the Weather Report for 3CX that we uploaded to SoundCloud:


[soundcloud url="https://api.soundcloud.com/tracks/364353344″ params="auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&visual=true" width="80%" height="350″ iframe="true" /]

Cost issues aside, other users may need voice prompts for VoIP applications that require a language other than English. With IBM’s TTS offerings, you have quite a selection of voices and languages from which to choose:

There are many occasions where you may want to build IVRs or applications that require custom voice prompts to obtain information from callers such as requests for a name, a phone number, a part number, a location, a department, or many other pieces of data that are used to formulate data base queries. And now there’s a simple, professional, and free way to create these voice prompts using IBM’s TTS platform and FusionPBX. The first million characters of TTS synthesis and the resultant voice files are free every month. That will be more than ample for almost all of our users. To get started, you’ll need to set up a free account with IBM Bluemix and install FusionPBX on a platform of your choice: a dedicated server, a virtual machine on your desktop PC using VirtualBox, or a cloud-based server.

NOV. 1 UPDATE: IBM has moved the goal posts effective December 1, 2018:

Getting Started with IBM Bluemix TTS Service

You can start your free, 30-day trial of IBM Bluemix services without providing a credit card. Just sign up here. Once your account is activated, here’s how to obtain credentials for the TTS service to use with FusionPBX.

Getting Started with FusionPBX

We won’t repeat the tutorial that walks you through installation of FusionPBX. Just follow the steps outlined here. Once your server is up and running, log into your server as root using SSH or Putty. We need to add MP3 support to the SOX application before we can create voice prompts reliably with IBM’s Bluemix TTS service. Here’s how:

apt-get update
apt-get install libsox-fmt-mp3 -y

Installing the Voice Prompts Script for TTS

Now we’re ready to install the Nerd Vittles Voice Prompts script that we’ll use to actually create the custom voice prompts. While you’re still logged into your server as root with SSH or Putty, issue the following commands:

cd /root
wget http://incrediblepbx.com/freeswitch/ibmprompt-fusion.tar.gz
tar zxvf ibmprompt-fusion.tar.gz
rm -f ibmprompt-fusion.tar.gz

Adding Your Credentials to the Script

Using your favorite editor, it’s time to add your IBM TTS credentials to the Voice Prompt script: nano -w ibmprompt.php. Simply replace the x’s in $API_KEY with your credentials from above. If you prefer a different voice for your voice prompts, update the $IBM_voice option using the examples shown below. For example, for the Brazilian Portuguese voice, use $IBM_voice = "pt-BR_IsabelaVoice". Verify that the $IBM_url matches what was provided with your credentials. Once you’ve updated the entries, save the file: Ctrl-X, Y, and ENTER.

Taking Voice Prompts Script for a Test Drive

Now we’re ready to try things out. The syntax while logged into the /root folder looks like this. If creating a prompt in a different language, text should be in native language, not English.

./ibmprompt.php "Text of your voice prompt"

Once the voice prompt is generated, you’ll find voiceprompt.wav in the /root folder. We’ve added a second script to actually move the new voice prompts into place to use with FusionPBX. So, once you’ve created the voice prompt above, issue the following command to assign a prompt name and copy the prompt into your FusionPBX recordings folders. Don’t forget the .wav extension on the prompt name you choose, and don’t put any spaces in the prompt name. Use hyphens.

./ibmprompt-to-fusionpbx prompt-name.wav

Once you have put the recordings in place in FusionPBX, you can edit and play them back within the FusionPBX GUI by navigating to Apps -> Recordings. Enjoy!

Originally published: Wednesday, September 19, 2018


Support Issues. With any application as sophisticated as this one, you’re bound to have questions. Blog comments are a terrible place to handle support issues although we welcome general comments about our articles and software. If you have particular support issues, we encourage you to get actively involved in the PBX in a Flash Forums. It’s the best Asterisk tech support site in the business, and it’s all free! Please have a look and post your support questions there. Unlike some forums, ours is extremely friendly and is supported by literally hundreds of gurus and thousands of users just like you. You won’t have to wait long for an answer to your question.



Need help with Asterisk or 3CX? Visit the PBX in a Flash Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Some Recent Nerd Vittles Articles of Interest…

Back to School: Introducing FusionPBX for FreeSWITCH

SECURITY ALERT: https://securityboulevard.com/2019/06/rce-using-caller-id-multiple-vulnerabilities-in-fusionpbx/

It’s been quite a week with the surprise acquisition of Digium® and Asterisk® by Sangoma®. It became official on Wednesday, September 5. You can read all about it here, and you can read our cautious optimism here. As with the recent Google Voice transformation, we hope it serves as a gentle reminder to the VoIP community not to put all your eggs in one basket. With the start of the new school year, we could think of no better time to explore an excellent alternative. And today we’re pleased to introduce FusionPBX™ for FreeSwitch™.

9/10 EDIT: We’ll be updating this article in coming days to add tutorials on additional features rather than releasing new articles that force you to jump around. So mark your place at the end of the article and come back soon to see the new additions.

FreeSWITCH is an open source softswitch that’s been around for over a decade. The lead designer is Anthony Minessale, who originally worked on the Asterisk project. FusionPBX is a GUI front end for FreeSWITCH that performs many of the same functions that FreePBX® performs for Asterisk. It’s the brainchild of Mark J. Crane. With that background, let’s dive right in.

Today we’ll get a functioning server set up with trunks and extensions so that you can begin making calls. We’ll also show you how to interconnect with an Incredible PBX server in the Cloud to add Google Voice GVSIP functionality for free calling in the U.S. and Canada. Once you get that far, we’d recommend you pick up a good book on FreeSWITCH, review the excellent FusionPBX documentation, and roll up your sleeves. There’s virtually nothing that FusionPBX and FreeSWITCH can’t do with a telephone.

Creating the Debian 8 Minimal Platform

We’ll be building FusionPBX atop a minimal install of Debian 8 (Jessie). If you’re creating your server in the Cloud with 1GB or less of RAM (such as the $3.50/month Vultr platform), we strongly recommend creation of a swap file after you set up the Debian 8 platform:

dd if=/dev/zero of=/swapfile bs=1024 count=1024k
chown root:root /swapfile
chmod 0600 /swapfile
mkswap /swapfile
swapon /swapfile
echo "/swapfile          swap            swap    defaults        0 0" >> /etc/fstab
sysctl vm.swappiness=10
echo vm.swappiness=10 >> /etc/sysctl.conf
free -h
cat /proc/sys/vm/swappiness

Next, create a very secure root password: passwd

Now put the missing pieces in place to support your FusionPBX install:

apt-get update
apt-get upgrade
apt-get install nano -y
apt-get install dialog -y
apt-get install ca-certificates -y
apt-get install systemd -y
apt-get install systemd-sysv -y
reboot

Installing FusionPBX and FreeSWITCH

Now we’re ready to install FusionPBX with FreeSWITCH. Issue the following command on a single line. Be advised that FusionPBX currently uses FreeSWITCH 1.6, not 1.8. If you buy a book about FreeSWITCH 1.8, just be aware that there may be some features that are not yet available with FusionPBX.

wget -O - https://raw.githubusercontent.com/fusionpbx/fusionpbx-install.sh/master/debian/pre-install.sh | sh; cd /usr/src/fusionpbx-install.sh/debian && ./install.sh

When the install completes, you’ll see a message that looks something like this:

Installation has completed.

   Use a web browser to login.
      domain name: https://45.76.249.125
      username: admin*
      password: D6pHudQGqeYsQUWK

   *The browser domain name is used as part of the authentication.

   If you need to login to a different domain then use username@domain.
      username: admin@45.76.249.125

   Official FusionPBX Training
      Fastest way to learn FusionPBX: https://www.fusionpbx.com.
      Available online and in person. Includes documentation and recording.

      Location:               Online
      Admin Training:          7 -  9 August 2018 (3 Days)
      Advanced Training:      21 - 22 August 2018 (2 Days)
      Continuing Education:        30 August 2018 (1 Day)
      Timezone:               https://www.timeanddate.com/weather/usa/boise

   Additional information.
      https://fusionpbx.com/training.php
      https://fusionpbx.com/support.php
      https://www.fusionpbx.com
      http://docs.fusionpbx.com

If you’re coming from the FreePBX world and you’re new to FusionPBX and FreeSWITCH, be advised that your browser login name is NOT admin. It’s admin@some-IP-address. The reason is because FreeSWITCH supports multiple domains, unlike FreePBX. The default domain will be the IP address from which you performed the installation. On a server in the cloud, it will be your public IP address. On a private LAN, it will be the localhost private IP address, e.g. 127.0.0.1 or 127.0.0.2.

Locking Down Your Server

FusionPBX includes a basic IPtables firewall setup. Those that have followed Nerd Vittles over the years know that we view a firewall whitelist (Travelin’ Man 3) as absolutely essential to avoid security problems down the road. In the case of FusionPBX, we recommend changing the SSH access port from 22 to a random number above 1000. Then it can remain exposed so long as you check regularly to make certain no one is attempting to access your server via SSH: cat /var/log/auth.log. We also recommend locking down HTTP and HTTPS to your whitelisted IP addresses rather than leaving those ports open to the world. Finally, we recommend closing off IPv6 access to your server except from localhost. Here’s how.

Let’s assume you want to change the SSH access port from 22 to 1789. Simply issue the following commands and restart SSH. WARNING: Be careful not to log out of your server until we update the firewall, or you will lock yourself out of your server!

sed -i 's|#Port 22|Port 22|'  /etc/ssh/sshd_config
sed -i 's|Port 22|Port 1789|' /etc/ssh/sshd_config
/etc/init.d/ssh restart

To reconfigure IPtables using a WhiteList of allowed IP addresses, you first need to decipher what those IP addresses actually are. You’ll need the public and private IP addresses of any PCs from which you wish to access FusionPBX. Depending upon your pain threshold and bank account, SIP access can remain open. However, you’ll still need the IP addresses of your hosting providers and the IP addresses of each of the locations where you plan to install a SIP phone for direct access to properly configure FusionPBX. Once you have those IP addresses in hand, it’s time to edit /etc/iptables/rules.v4. The filter section of the default install looks like:

*filter
:INPUT DROP [1:40]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [58:8069]
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p udp -m udp --dport 5060:5091 -m string --string "friendly-scanner" --algo bm --to 65535 -j DROP
-A INPUT -p udp -m udp --dport 5060:5091 -m string --string "sipcli/" --algo bm --to 65535 -j DROP
-A INPUT -p udp -m udp --dport 5060:5091 -m string --string "VaxSIPUserAgent/" --algo bm --to 65535 -j DROP
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 7443 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 5060:5091 -j ACCEPT
-A INPUT -p udp -m udp --dport 5060:5091 -j ACCEPT
-A INPUT -p udp -m udp --dport 16384:32768 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A INPUT -p udp -m udp --dport 1194 -j ACCEPT
COMMIT

1. Modify the SSH rule (–dport 22) replacing 22 with your new SSH port number, e.g. 1789.

2. Using #, comment out the HTTP (–dport 80) and HTTPS (–dport 443) rules. There simply are too many zero day vulnerabilities with PHP and SQL injection to leave web ports exposed to the public.

3. Just above the COMMIT line, whitelist your private LAN IP addresses. Do NOT whitelist the 172 subnet if you’re deploying on Amazon! Amazon treats these as routable IP addresses on their network.

-A INPUT -s 127.0.0.0/8 -j ACCEPT
-A INPUT -s 10.0.0.0/8 -j ACCEPT
-A INPUT -s 172.16.0.0/12 -j ACCEPT
-A INPUT -s 192.168.0.0/16 -j ACCEPT

4. If you’re planning to use NeoRouter VPN, add the following above the COMMIT line:

-A INPUT -p tcp -m tcp --dport 32976 -j ACCEPT

5. Add rules above the COMMIT line for each IP address you wish to WhiteList, e.g.

-A INPUT -s 8.8.8.8 -j ACCEPT

6. Save the file.

7. Edit /etc/iptables/rules.v6 to look like this:

*filter
:INPUT DROP [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -s ::1 -j ACCEPT
COMMIT

8. Restart IPtables and Fail2Ban:

/etc/init.d/netfilter-persistent restart
/etc/init.d/fail2ban restart
iptables -nL
ip6tables -nL

9. If your server is on the public Internet and you’d like to add SSL security, which is required for WebRTC deployments, we’re adding a separate tutorial below as part of the WebRTC implementation to show you the easy way to do this. Keep reading.

Finally, a cautionary note. If you leave your SIP ports exposed to the Internet, then you’ll need to regularly monitor your FreeSWITCH log for attempted attacks. You can download the Incredible Utilities scripts including update-blacklist that we run regularly as a cron job to blacklist all of the most recent bad guys. Please note that IP addresses detected as "bad guys" with this script take precedence over whitelist entries you may have made in step #5 above so be sure to also add the IP addresses from step #5 to this script’s WHITELIST table before running the script, or you may inadvertently lock yourself out of your own server.

cd /
wget http://incrediblepbx.com/freeswitch/incredible-utils-FS.tar.gz
tar zxvf incredible-utils-FS.tar.gz
rm -f incredible-utils-FS.tar.gz

Getting Started with FusionPBX

Using the account credentials displayed after your installation completed, login to FusionPBX using your favorite browser. Don’t forget to include the IP address in the admin field:


Before you do anything else, navigate to Advanced -> Access Controls. Here you will want to whitelist all of the IP addresses of SIP service providers and other PBXs to which you want to interconnect. Simply add Allow entries in the Domains category for each IP address/CIDR entry. HINT: Single IP addresses have a CIDR entry of /32. WARNING: We don’t recommend using FQDN/Domain entries. Despite legitimate FQDNs, all of our entry attempts resulted in "cannot locate" alerts in the FreeSWITCH CLI (fs_cli). This means that future connection attempts from those providers would fail without any indication of what caused the failures. Also, do NOT add entries for IP addresses of phones/softphones that will register to extensions or calls to and from those extensions will fail. This is anything but intuitive but, trust us, you will save hours of hair-pulling.

Creating Extensions in FusionPBX

While you’re still logged into the FusionPBX GUI, let’s add an extension to demonstrate how easy it is. Choose Accounts -> Extensions and click on the + symbol to add a new extension. Here is a sample to get you started, but you really only need the extension number and voicemail PIN entries:



Unlike in FreePBX, the default extension password is not displayed on the template. Once you SAVE the extension, you then have to edit it and click on the Password field to display the default entry. This can be changed, if desired.

Configuring a Softphone for FusionPBX

You can connect virtually any kind of telephone to your new PBX, and FusionPBX includes terrific provisioning tools for dozens of SIP phones. We’ll start with a free SIP softphone today so you can begin making calls. You can find dozens of recommendations for hardware-based SIP phones both on Nerd Vittles and the PIAF Forum when you’re ready to get serious about VoIP telephony.

We recommend YateClient which is free. Download it from here. Run YateClient once you’ve installed it and enter the credentials for the extension you created above. You’ll need the IP address of your server plus your extension’s password. Fill in the Yate Client template using the IP address of your Server, the extension number for your Username, and whatever Password you assigned to the extension when you created it. Click OK to save your entries.

Once the Yate softphone shows that it has registered with FusionPBX, try a test call by dialing *9664 which should begin playing the default Music on Hold.

Creating Trunks/Providers/Gateways in FusionPBX

In FusionPBX and FreeSWITCH, what FreePBX and Asterisk users call Trunks are referred to as Providers or Gateways. These are commercial outfits that offer to interconnect your PBX with the rest of the telephones in the world using a SIP connection. The first step is to register with the providers of your choice and obtain your SIP credentials and the FQDN(s) of the provider’s servers to which you should register. Most allow authentication by either username/password or by IP address. If you have a static IP address for your server, that is the safer method since you don’t have to worry about someone guessing your password. The only difference in the setup is the Register field should be changed to False.

As luck would have it, there is thorough documentation on the FreeSWITCH site to configure literally hundreds of Providers. Here’s the link.

Before you actually set up your new Provider in FusionPBX, we first need to add the provider’s server to FusionPBX’s Access Control List (ACL). As noted, we’ve encountered problems attempting to register FQDNs in the ACL so we strongly recommend you ping the FQDN of your provider’s server and obtain its actual IP address. Once you have it, navigate to Advanced -> Access Controls -> domains. Click on the Pencil icon to edit the ACL list for domains. Next, click on the + icon at the top of the Nodes listing. Change Type to allow. Enter the IP address of your provider’s server in CIDR. Leave the Domain field blank. Enter your Provider in the Description field. Click the SAVE button.

Now we’re ready to add your Provider. Navigate to Accounts -> Gateways and click the + symbol to add a new one. Click on the Advanced button to expose all of the available fields. Now find your provider in the FreeSWITCH listing and copy the sample entries using your own credentials to the appropriate fields in the FusionPBX template. SAVE your settings when you’re finished. If you chose username/password authentication with Register=True, then your new gateway’s Status should display as Running with a State of REGED.

If you want to take advantage of free calling in the U.S. and Canada using Google Voice, then you’ll need to interconnect your FusionPBX server with an Incredible PBX GVSIP gateway as described in this Nerd Vittles article. On the FusionPBX side, the first step is to add the IP address of the Incredible PBX GVSIP gateway to the ACL (as described above). Next, assuming you followed the tutorial and created a trunk on the Incredible PBX server named FusionPBX in step #2, here’s what the corresponding Gateway should look like on the FusionPBX side:

Gateway: GVSIP-Host
Username: FusionPBX
Password: same as on GVSIP-Host
From User: FusionPBX
From Domain: FusionPBX
Realm: IP address of GVSIP-Host
Expire Seconds: 90
Register: True
Retry Seconds: 30
Auth Username (in Advanced): FusionPBX
Domain: default setting
Context: Public
Profile: external
Description: GVSIP-Host

Be advised that you still need to WhiteList the IP addresses of the two servers on the corresponding sites using IPtables. And you need to whitelist the public IP addresses even if you choose to register the trunk using private VPN addresses. The reason is because FreeSwitch uses the public IP addresses internally, and the registration will fail without the whitelist entries.

Creating Inbound Routes in FusionPBX

As with all PBXs, Inbound Routes define how incoming calls from Trunks/Gateways are routed to destinations on your PBX. Creating inbound routes in FusionPBX (Dialplan -> Inbound Routes) is much the same as the process with FreePBX except the search Conditions are considerably broader than merely a DID or CallerID match and may include Time Conditions to accommodate after-hours calling:



As with FreePBX, the Action can be any destination available on your PBX including an extension, voicemail, company directory, or an IVR:



Typically, inbound calls should be routed to the public Context. And, unlike FreePBX where the first matching inbound route wins, with FusionPBX, you can prioritize the routes numerically to assign a certain search Order.



Creating Outbound Routes in FusionPBX

Outbound Routes tell your PBX how to route calls to destinations outside your PBX using Trunks/Gateways available on your PBX. Creating outbound routes in FusionPBX (Dialplan -> Outbound Routes) is equally flexible offering virtually limitless combinations to assist PBX designers in setting up scenarios for processing outbound calls. As with inbound routes, outbound routes can be prioritized by assigning an Order. And each outbound route can include a primary Gateway as well as up to two Alternates for routing the calls.



Unlike FreePBX which used NXXNXXXXXX and similar combinations as Dialplan Expressions, FusionPBX uses more powerful RegEx coding with many predefined options:



Choosing Providers for FusionPBX

Here’s a shameless plug for our Platinum Sponsor, Vitelity, if you’re looking for an incredible deal on a DID with unlimited inbound calling. You’ll find the offer at the end of this article. If dirt-cheap outbound calls are of interest and Google Voice isn’t an option where you’re calling from or to, then you can’t beat Anveo Direct. The AnveoDirect provider setup for FusionPBX isn’t included in the link we posted above, but it couldn’t be simpler.



To make outbound calls with Anveo Direct, you dial a number with the country code preceded by a special 6-character code starting with 0 which you create on the Anveo Direct web site. You also must whitelist the IP address of your PBX as part of the setup on the Anveo side. Once configured, a call to a number in the U.S. would look like this: 04He9x18005551212@sbc.anveo.com. When creating the Outbound Route for 10-digit dialing using the tutorial above, the AnveoDirect setup would define the Dialplan Expression as 10-digit dialing with a Prefix of 04HE9x1 assuming your 6-character secret code was 04He9x. The trailing 1 in the Prefix converts the 10-digit dialed number to 11-digits as required by Anveo’s international dial code requirement. We think you’ll like their pricing:



Using Gmail as SMTP Smarthost with FusionPBX

Be sure to test sending an email to yourself from the command line to be sure Exim is working properly. Here’s how:

echo "test" | mail -s testmessage yourname@yourmailserver.com

If you don’t receive the email, be advised that many providers block downstream SMTP mail servers in which case you may want to use your Gmail account as an SMTP Smarthost with FusionPBX. Here’s how. Begin by reconfiguring Exim: dpkg-reconfigure exim4-config

  • Type Mail Server: Mail sent by smarthost using SMTP
  • System Mail Name: Your server’s FQDN (see /etc/hostname)
  • Allowed Senders: accept defaults
  • Other Destinations: accept default
  • Relay Mail: leave blank
  • Outgoing SmartHost: smtp.gmail.com::587 (note the double colons)
  • Hide local name: no
  • Keep DNS-queries minimal: no
  • Delivery method local mail: Maildir format in home directory
  • Split config into small files: no
  • Root and Postmaster recipient: root

After exim4 restarts, add the following entries to the end of /etc/exim4/passwd.client using your Gmail credentials:

gmail-smtp.l.google.com:YOUR-NAME@gmail.com:PASSWORD
*.google.com:YOUR-NAME@gmail.com:PASSWORD
smtp.gmail.com:YOUR-NAME@gmail.com:PASSWORD

Finally, issue the following commands to update exim4 and implement your changes:

update-exim4.conf
/etc/init.d/exim4 restart

Send yourself another test email to verify that everything is working properly. If the mail still doesn’t make it, be sure your provider (HiFormance, for example) is not also blocking port 587. You’ll need to open a ticket with them if this is the case. You can test whether the port is blocked with the following command:

telnet gmail-smtp-msa.l.google.com 587

Solving NAT and Audio Problems with FusionPBX

If you experience one-way audio, no audio, or calls that won’t disconnect when the called party hangs up, you’ve probably entered NAT Hell. First, make sure that SIP ALG is turned off on your router. If that doesn’t solve it, edit /etc/default/freeswitch from the Linux CLI and remove -nonat. Save the file and then systemctl daemon-reload. Switch to the FusionPBX GUI and navigate to Advanced -> SIP Profiles. Edit BOTH the internal and external profiles. Then modify BOTH the ext_rtp_ip AND ext_sip_ip entries and change them to autonat:XXX.XXX.XXX.XXX replacing XXX.XXX.XXX.XXX with your server’s public IP address. Then SAVE both profiles. Finally, return to the Linux CLI and restart FreeSWITCH: service freeswitch restart.

Congratulations! You now should have a working PBX. We’ll get deeper into the weeds down the road, but today’s tutorial coupled with the HTML FusionPBX Documentation or PDF version should be sufficient to get you started with a functioning PBX. Take some time to explore all of the Applications that are included in FusionPBX. Enjoy!



9/10 EDIT: New additions begin here…

Implementing WebRTC with FusionPBX

The first step in deploying WebRTC is to add SSL security to your server. The easiest way to do this is to take advantage of the free offering from LetsEncrypt. Begin by assigning a fully-qualified domain name (FQDN) to the public IP address of your server. Wait a few minutes for DNS propagation. Then you’re ready to install your LetsEncrypt certificate. Unlike many of the other LetsEncrypt implementations, the FusionPBX folks have made this a walk in the park. While logged into your server as root, issue the following commands:

cd /usr/src/fusionpbx-install.sh
cd debian/resources
./letsencrypt.sh
service freeswitch restart




Once the certificate is installed and you’ve restarted FreeSWITCH, close your browser and then restart it. Go to the FQDN of your server, and the lock should appear signifying that your site is now fully encrypted. Don’t proceed with the WebRTC steps until this is working.

To get a successful WebRTC implementation where you can make and receive phone calls from a browser, you’re going to need to use the Chrome or Firefox browser. We’ve also had success using the latest Safari browser.

For those that despise implementing complex procedures by viewing video tutorials, we offer the following regurgitation of the steps documented by Mark Crane in his ClueCon video below. This isn’t hard, but it is tedious so don’t skip any steps.



 

While you’re still logged into your server as root, let’s put the FusionPBX WebRTC client in place so you’ll have that option as one of several WebRTC clients to use down the road. The advantage of the FusionPBX WeRTC client is that it can handle your login automatically.

cd /usr/src
git clone https://github.com/fusionpbx/fusionpbx-apps
cd fusionpbx-apps
cp -R sipjs/ /var/www/fusionpbx/app/
chown -R www-data:www-data /var/www/fusionpbx/

Now let’s switch back to your browser and login to FusionPBX using your superadmin credentials. A word of caution… To get WebRTC working, your default Domain must be the FQDN of your server, not an IP address. Once you add this domain, you must switch to it and enter new extensions, trunks, and routes to that domain before proceeding. Begin by adding the domain: Advanced -> Domains -> Add (+). Switch to the domain in the upper right column that’s showing your current domain by clicking on it. It doubles as the Domain Selector.

First, let’s tell FreeSwitch to use your secure SSL setup. Navigate to Advanced -> Variables. Go to the SIP Profile: Internal section and change the false setting of internal_ssl_enable to true. Click SAVE. Go to the SIP Profile: External section and change the false setting of external_ssl_enable to true. Click SAVE. Navigate to Status -> SIP Status and click FLUSH CACHE. Switch back to your SSH session as root and restart FreeSWITCH: service freeswitch restart. Back in your browser, return to Status -> SIP Status, click REFRESH, and verify that both the Internal and External interfaces show TLS enabled.

Navigate to Advanced -> SIP Profiles -> Internal and set wss-binding to true. Switch back to your SSH session as root and restart FreeSWITCH: service freeswitch restart. Back in your browser, return to Status -> SIP Status, click FLUSH CACHE and then REFRESH. You now should see an internal entry for Secure Web Sockets (WSS) in your internal SIP Profile. Finally, to do video with WebRTC, navigate to Advanced -> Variables and add H264 to the list of supported codecs in both outbound_codec_prefs and global_codec_prefs: ULAW, ALAW, H264. Click SAVE. Navigate to Status -> SIP Status and click FLUSH CACHE then RESCAN the internal profile. Clicking on sofia status profile internal will let you verify that the H264 codec has been added successfully. That completes the required pieces to support WebRTC with FusionPBX.

To use the FusionPBX WebRTC client that we installed earlier, we first need to update the FusionPBX menus in the browser: Advanced -> Upgrade -> Menu Defaults and EXECUTE.

Now create an extension to use with WebRTC: Accounts -> Extensions -> Add (+). Once you’ve created the new Extension, drop down to the fourth item (Users) and click on the pull-down menu. Choose the Admin user and click the ADD button followed by SAVE. Next, log out and back into FusionPBX to associate the extension with your user account.

We’re now ready to try out the FusionPBX WebRTC client. Navigate to Apps -> SIPjs which will activate the WebRTC client with your extension credentials. In a separate window, you can verify that SIPjs is registered to your extension by navigating to Status -> Registrations. Verify that you can make a call by dialing *9664 for some nice Hold Music.

Adding Free IBM Voice Prompts to FusionPBX

NOV. 1 UPDATE: IBM has moved the goal posts effective December 1, 2018:

One of the first things you’ll need with your new FusionPBX server is voice prompts for IVRs and custom applications. We’ve now added a tutorial which will walk you through setting up a platform to obtain free IBM voice prompts for your server. Here’s the link.

Blocking SIP Access by IP Address

If you’ve implemented SSL security with an FQDN as recommended above, then you’ll reduce the hammering your server takes from the bad guys by blocking those that attempt SIP registrations or calls using the IP address of your server. This, of course, means that all of your SIP registrations must be made using the FQDN of your server, not by IP address. For providers, you MUST whitelist their IP addresses in the ignoreip field of /etc/fail2ban/jail.conf and restart Fail2Ban, or they will be blocked when they attempt to send data by IP address. We’ve included a script in /root which will tell you which IP addresses currently are blocked: sip-attackers-blocked.

cd /
wget http://incrediblepbx.com/freeswitch/block-sip-by-ip.tar.gz
tar zxvf block-sip-by-ip.tar.gz
rm -f block-sip-by-ip.tar.gz
service fail2ban restart

Adding Free News/Weather TTS Apps

We’ve rolled out the first three Incredible PBX text-to-speech applications for FusionPBX: Yahoo News Headlines, Weather Reports by ZIP Code, and Worldwide Weather Forecasts. This new Nerd Vittles tutorial will walk you through the simple installation steps.

Originally published: Monday, September 3, 2018  Updated: Monday, September 24, 2018


Support Issues. With any application as sophisticated as this one, you’re bound to have questions. Blog comments are a terrible place to handle support issues although we welcome general comments about our articles and software. If you have particular support issues, we encourage you to get actively involved in the PBX in a Flash Forums. It’s the best tech support site in the business, and it’s all free! Please have a look and post your support questions there. Unlike some forums, ours is extremely friendly and is supported by literally hundreds of gurus and thousands of users just like you. You won’t have to wait long for an answer to your question.



Need help with Asterisk? Visit the PBX in a Flash Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Some Recent Nerd Vittles Articles of Interest…