Home » Posts tagged 'gpl' (Page 2)

Tag Archives: gpl

The Most Versatile VoIP Provider: FREE PORTING

Honeymoon Time: Meet Incredible PBX 16-15.2 for CentOS 7



After two months of development, we are pleased to announce the production-ready release of Incredible PBX 16-15 on the CentOS 7 platform with the latest Asterisk® 16 and FreePBX® 15 components. After years of frustrating upgrades, we are equally pleased to announce that those running Incredible PBX 13-13 can upgrade to the new Incredible PBX 16-15 platform with a handful of button clicks. And you’ll never miss a beat. What are you waiting for?

In addition to the latest Asterisk 16 release, you also get the entire FreePBX 15 GPL module collection including their new User Control Panel (UCP) and a much enhanced web GUI plus the entire Incredible PBX feature set. As with Incredible PBX LITE, it’s plug-and-play with immediate calling capability using any of four commercial SIP providers. Or you can choose one of 16 other preconfigured SIP providers, enter your credentials, and enjoy instant connectivity without worrying about SIP settings. Last, but not least, you can easily turn your Incredible PBX 16-15 server into a secure public-facing PBX or interconnect a Raspberry Pi for traveling so that you never miss a call.

What’s Included? Incredible PBX 16-15 serves up a VoIP powerhouse featuring Asterisk 16, the FreePBX 15 GPL platform including User Control Panel (UCP), an Apache web server, the latest MariaDB SQL server (formerly MySQL), SendMail, and the Incredible PBX feature set including SIP, SMS, Opus, voice recognition, PicoTTS Text-to-Speech VoIP applications plus fax support, Click-to-Dial, News, Weather, Reminders, ODBC, and hundreds of features that typically are found in commercial PBXs: Conferencing, IVRs and AutoAttendants, Email Delivery of Voicemails, and much more.

Choosing a SIP Provider. Incredible PBX 16-15 comes preconfigured with support for five SIP extensions and four of the major SIP providers: Skyetel, VoIP.ms, V1VoIP, and Anveo Direct. We obviously hope you’ll choose Skyetel not only because they financially support Nerd Vittles and our open source projects, but also because it is a clearly superior platform offering crystal-clear communications and triple-redundancy so you never miss a call. Skyetel also sets itself apart from the other providers in the support department. They actually respond to issues, and there’s never a charge. As the old saying goes, they may not be the cheapest, but you get what you pay for. Even without taking advantage of Nerd Vittles half-price offer on up to $500 of Skyetel services, they’re still dirt cheap compared to the Bell Sisters and cable companies. Skyetel is so sure you’ll love their service that they give you a $10 credit to kick the tires before you ever spend a dime. Traditional DIDs are $1 per month. Outbound conversational calls are $0.012 per minute. Incoming conversational calls are a penny a minute, and CallerID lookups are $0.004. You only pay for minutes you use. Once you’re satisfied with the service and fund your account, you can port in your existing DIDs at no cost for 60 days after signup. In short, you have nothing to lose by trying out the Skyetel service. Effective 10/1/2023, $25/month minimum spend required.

Choosing a Platform for Incredible PBX 16-15

As with our other open source offerings, the platform choice for Incredible PBX 16-15 depends upon a number of factors. For most folks, you’d be crazy to go out and purchase hardware to use in your home or office when cloud-based platforms are available for about a dollar a month. Unless you plan to publicly expose your server on the Internet to facilitate remote SIP connections, the OpenVZ offerings below are perfectly adequate while in business with the cautionary note that you need off-site backups AND a tested backup plan. Three providers previously listed have closed their doors in 2019. You’ve been warned.

ProviderRAMDiskBandwidthPerformance as of 12/1/19Cost
CrownCloud KVM (LA)1GB20GB +
Snapshot
1TB/month598Mb/DN 281Mb/UP
2CPU Core
$25/year
Best Buy!
Naranjatech KVM (The Netherlands)1GB20GB1TB/monthHosting since 2005
VAT: EU res.
20€/year w/code:
SBF2019
BudgetNode KVM (LA)1GB40GB RAID101TB/monthAlso available in U.K PM @Ishaq on LET before payment$24/year
FreeRangeCloud KVM (Ashburn VA, Winnipeg, Freemont CA)1GB20GB SSD3TB/monthPick EGG loc'n
Open ticket for last 5GB SSD
$30/year w/code:
LEBEGG30

Installing Incredible PBX 16-15 with CentOS 7

9/21 ALERT UPDATE: A recent SolusVM update has broken systemd upon which Incredible PBX and Asterisk depend. SolusVM is the virtualizer used by many of the bargain-basement cloud providers. For the time being, these installs fail so you are cautioned to avoid any SolusVM-based cloud platform. Vultr, Digital Ocean, and OVH are your best bets at the moment. And Vultr and Digital Ocean both support Nerd Vittles through referral credits. We will post an update when the situation changes.

If you’ve installed previous iterations of Incredible PBX, today’s drill is similar. Here is a thumbnail sketch of the install procedure for Incredible PBX 16-15. Begin by installing a minimal CentOS 7 (64-bit) platform or pick the CentOS 7 option with 1GB RAM and 20GB of storage from your cloud provider’s menu of choices. Then log into your server as root and issue the following commands:

passwd
yum -y update
yum -y install net-tools nano wget tar
wget http://incrediblepbx.com/incrediblepbx16-15.2.tar.gz
tar zxvf incrediblepbx16-15.2.tar.gz
rm -f incrediblepbx16-15.2.tar.gz
# to add swap file on non-OpenVZ cloud platforms with no swap file
./create-swapfile-DO
# kick off Phase I install
./IncrediblePBX16-15.sh
# after reboot, kick off Phase II install
./IncrediblePBX16-15.sh
# add HylaFax/AvantFax, if desired
./incrediblefax16.sh
# set desired timezone
./timezone-setup
# display your passwords
./show-passwords
# remember to enable TUN/TAP if using VPS Control Panel with OpenVZ
# reconfigure PortKnocker if installing on an OpenVZ platform
echo 'OPTIONS="-i venet0:0"' >> /etc/sysconfig/knockd
service knockd restart
# set up NeoRouter VPN client, if desired
nrclientcmd
# check network speed
wget -O speedtest-cli https://raw.githubusercontent.com/sivel/speedtest-cli/master/speedtest.py
chmod +x speedtest-cli
./speedtest-cli

WebMin is also installed and configured as part of the base install. The root password for access is the same as your Linux root password. We strongly recommend that you not use WebMin to make configuration changes to your server. You may inadvertently damage the operation of your PBX beyond repair. WebMin is an excellent tool to LOOK at how your server is configured. When used for that purpose, we highly recommend WebMin as a way to become familiar with your Linux configuration.

Planning Ahead for That Rainy Day

If you haven’t already learned the hard way, let us save you from a future shock. Hardware fails. All of it. So spend an extra hour now so that you’ll be prepared when (not if) disaster strikes. First, once you have your new PBX configured the way you plan to use it, make a backup of your PBX by running the Incredible Backup script: /root/incrediblebackup16

Copy down the name of the backup file that was created. You’ll need it in a few minutes.

Second, build yourself an identical VirtualBox platform on your desktop PC. It’s the same steps as outlined above.

Next, create a /backup folder on your VirtualBox PBX and copy the backup file from your main server to your VirtualBox server and restore it after logging in to VirtualBox PBX as root:

mkdir /backup
scp root@main-pbx-ip-address:/backup/backup-file-name.tar.gz /backup/.
/root/incrediblerestore16 /backup/backup-file-name.tar.gz

Complaints that you "forgot" to make a backup and your hardware has failed or your provider has gone out of business are not welcomed. We’re sorry for your loss. Case closed.

Completing the Incredible PBX Setup Procedure

Unless your desktop PC and server are both on the same private LAN, the install procedure should be performed from a desktop PC using SSH or Putty. This will insure that your desktop PC is also whitelisted in the Incredible PBX firewall. Using the console to perform the install is NOT recommended as your desktop PC will not be whitelisted in the firewall. This may result in your not being able to log in to your server. Once you have network connectivity, log in to your server as root from a desktop PC using your root password. Accept the license agreement by pressing ENTER.

Kick off the Phase I install. Once your server reboots and you log back in as root, start the Phase II install. All of your passwords will be randomly assigned with the exception of the root user Linux password. You can set it at any time by issuing the command: passwd. You also must set up an admin password to access the FreePBX web GUI with the command: /root/admin-pw-change. With the exception of your root user and FreePBX admin passwords, most of the remaining passwords can be displayed using the command: /root/show-passwords.

Finally, if your PBX is sitting behind a NAT-based router, you’ll need to redirect incoming UDP 5060 and UDP 10000-20000 traffic to the private IP address of your PBX. This is required for all of the SIP providers included in the Incredible PBX 16-15 default build that don’t require a SIP registration. Otherwise, inbound calls will fail.

Configuring Skyetel for Incredible PBX 16-15

If you’ve decided to go with Skyetel, here’s the drill. Sign up for Skyetel service and take advantage of the Nerd Vittles specials. First, complete the Prequalification Form here. You then will be provided a link to the Skyetel site to complete your registration. Once you have registered on the Skyetel site and your account has been activated, open a support ticket and request the $10 credit for your account by referencing the Nerd Vittles special offer. Once you are satisfied with the service, fund your account as desired, and Skyetel will match your deposit of up to $250 simply by opening another ticket. That gets you up to $500 of half-price calling. Credit is limited to one per person/company/address/location.

Skyetel does not use SIP registrations to make connections to your PBX. Instead, Skyetel utilizes Endpoint Groups to identify which servers can communicate with the Skyetel service. An Endpoint Group consists of a Name, an IP address, a UDP or TCP port for the connection, and a numerical Priority for the group. For incoming calls destined to your PBX, DIDs are associated with an Endpoint Group to route the calls to your PBX. For outgoing calls from your PBX, a matching Endpoint Group is required to authorize outbound calls through the Skyetel network. Thus, the first step in configuring the Skyetel side for use with your PBX is to set up an Endpoint Group. Here’s a typical setup for Incredible PBX 16-15:

  • Name: MyPBX
  • Priority: 1
  • IP Address: PBX-Public-IP-Address
  • Port: 5060
  • Protocol: UDP
  • Description: my.incrediblepbx.com

To receive incoming PSTN calls, you’ll need at least one DID. On the Skyetel site, you acquire DIDs under the Phone Numbers tab. You have the option of Porting in Existing Numbers (free for the first 60 days after you sign up for service) or purchasing new ones under the Buy Phone Numbers menu option.

Once you have acquired one or more DIDs, navigate to the Local Numbers or Toll Free Numbers tab and specify the desired SIP Format and Endpoint Group for each DID. Add SMS/MMS and E911 support, if desired. Call Forwarding and Failover are also supported. That completes the VoIP setup on the Skyetel side. System Status is always available here.

Configuring VoIP.ms for Incredible PBX 16-15

To sign up for VoIP.ms service, may we suggest you use our signup link so that Nerd Vittles gets a referral credit for your signup. Once your account is set up, you’ll need to set up a SIP SubAccount and, for Authentication Type, choose Static IP Authentication and enter your Incredible PBX 16-15 server’s public IP address. For Transport, choose UDP. For Device Type, choose Asterisk, IP PBX, Gateway or VoIP Switch. Order a DID in their web panel, and then point the DID to the SubAccount you just created. Be sure to specify atlanta1.voip.ms as the POP from which to receive incoming calls.

Configuring V1VoIP for Incredible PBX 16-15

To sign up for V1VoIP service, sign up on their web site. Then login to your account and order a DID under the DIDs tab. Once the DID has been assigned, choose View DIDs and click on the Forwarding button beside your DID. For Option #1, choose Forward to IP Address/PBX. For the Forwarding Address, enter the public IP address of your server. For the T/O (timeout) value, set it to 2o seconds. Then click the Update button. Under the Termination tab, create a new Endpoint with the public IP address of your server so that you can place outbound calls through V1VoIP.

Configuring Anveo Direct for Incredible PBX 16-15

To sign up for Anveo Direct service, sign up on their web site and then login. After adding funds to your account, purchase a DID under Inbound Service -> Order DID. Next, choose Configure Destination SIP Trunk. Give the Trunk a name. For the Primary SIP URI, enter $[E164]$@server-IP-address. For Call Options, select your new DID from the list. You also must whitelist your public IP address under Outbound Service -> Configure. Create a new Call Termination Trunk and name it to match your server. For Dialing Prefix, choose six alphanumeric characters beginning with a zero. In Authorized IP Addresses, enter the public IP address of your server. Set an appropriate rate cap. We like $0.01 per minute to be safe. Set a concurrent calls limit. We like 2. For the Call Routing Method, choose Least Cost unless you’re feeling extravagant. For Routes/Carriers, choose Standard Routes. Write down your Dialing Prefix and then click the Save button.

Before you can make outbound calls through Anveo Direct from your PBX, you first must configure the Dialing Prefix that you wrote down in the previous step. Log into the GUI as admin using a web browser and edit the Anveo-Out trunk in Connectivity -> Trunks. Click on the custom-Settings tab and replace anveo-pin with your actual Dialing Prefix. Click Submit and Apply Config to complete the setup.

By default, incoming Anveo Direct calls will be processed by the Default inbound route on your PBX. If you wish to redirect incoming Anveo Direct calls using DID-specific inbound routes, then you’ve got a bit more work to do. In addition to creating the inbound route using the 11-digit Anveo Direct DID, enter the following commands after logging into your server as root using SSH/Putty:

cd /etc/asterisk
echo "[from-anveo]" >> extensions_custom.conf
echo "exten => _.,1,Ringing" >> extensions_custom.conf
echo "exten => _.,n,Goto(from-trunk,\\${SIP_HEADER(X-anveo-e164)},1)" >> extensions_custom.conf
asterisk -rx "dialplan reload"

Configuring a Softphone for Incredible PBX 16-15

We’re in the home stretch now. You can connect virtually any kind of telephone to your new PBX. Plain Old Phones require an analog telephone adapter (ATA) which can be a separate board in your computer from a company such as Digium. Or it can be a standalone SIP device such as ObiHai’s OBi100 or OBi110 (if you have a phone line from Ma Bell to hook up as well). SIP phones can be connected directly so long as they have an IP address. These could be hardware devices or software devices such as the YateClient softphone. We’ll start with a free one today so you can begin making calls. You can find dozens of recommendations for hardware-based SIP phones both on Nerd Vittles and the PIAF Forum when you’re ready to get serious about VoIP telephony.

We recommend YateClient which is free. Download it from here. Run YateClient once you’ve installed it and enter the credentials for the 701 extension on Incredible PBX. You can find them by running /root/show-passwords. You’ll need the IP address of your server plus your extension 701 password. In the YateClient, fill in the blanks using the IP address of your Server, 701 for your Username, and whatever Password was assigned to the extension when you installed Incredible PBX. Click OK to save your entries.

Once you are registered to extension 701, close the Account window. Then click on YATE’s Telephony Tab and place some test calls to the numerous apps that are preconfigured on Incredible PBX. Dial a few of these to get started:

DEMO - Apps Demo
123 - Reminders
947 - Weather by ZIP Code
951 - Yahoo News
TODAY - Today in History
LENNY - The Telemarketer's Worst Nightmare

If you are a Mac user, another great no-frills softphone is Telephone. Just download and install it from the Mac App Store. For Android users, check out the terrific new VitalPBX Communicator. Works flawlessly with Incredible PBX.

Audio Issues with Incredible PBX 16-15

If you experience one-way or no audio on some calls, add your external IP address and LAN subnet in the GUI by navigating to Settings -> Asterisk SIP Settings. In the NAT Settings section, click Detect Network Settings. Click Submit and Apply Settings to save your changes.

Incredible PBX 16-15 Administration

We’ve eased the pain of administering your new PBX with a collection of scripts which you will find in the /root folder after logging in with SSH or Putty. Here’s a quick summary of what each of the scripts does.

add-fqdn is used to whitelist a fully-qualified domain name in the firewall. Because Incredible PBX 16-15 blocks all traffic from IP addresses that are not whitelisted, this is what you use to authorize an external user for your PBX. The advantage of an FQDN is that you can use a dynamic DNS service to automatically update the IP address associated with an FQDN so that you never lose connectivity.

add-ip is used to whitelist a public IP address in the firewall. See the add-fqdn explanation as to why this matters.

del-acct is used to remove an IP address or FQDN from the firewall’s whitelist.

admin-pw-change is used to set the admin password for access to the FreePBX/Incredible PBX web GUI using a browser pointed to the local IP address of your server.

apache-pw-change is used to set the admin password for access to Apache/Incredible PBX apps including AsteriDex and Reminders. This provides a password layer of protection for access to these applications.

reset-conference-pins is a script that automatically and randomly resets the user and admin pins for access to the preconfigured conferencing application. Dial C-O-N-F from any registered SIP phone to connect to the conference.

reset-extension-passwords is a script that automatically and randomly resets ALL of the SIP passwords for extensions 701-705. Be careful using this one, or you may disable existing registered phones and cause Fail2Ban to blacklist the IP addresses of those users. HINT: You can place a call to the Ring Group associated with all five extensions by dialing 777.

reset-reminders-pin is a script that automatically and randomly resets the pin required to access the Telephone Reminders application by dialing 123. It’s important to protect this application because a nefarious user could set up a reminder to call a number anywhere in the world assuming your SIP provider’s account was configured to allow such calls.

show-feature-codes is a cheat sheet for all of the feature codes which can be dialed from any registered SIP phone. It documents how powerful a platform Incredible PBX 16-15 actually is. A similar listing is available in the GUI at Admin -> Feature Codes.

show-passwords is a script that displays most of the passwords associated with Incredible PBX 16-15. This includes SIP extension passwords, voicemail pins, conference pins, telephone reminders pin, and your Anveo Direct outbound calling pin (if configured). Note that voicemail pins are configured by the user of a SIP extension the first time the user accesses the voicemail system by dialing *97.

update-IncrediblePBX is the Automatic Update Utility which checks for server updates from incrediblepbx.com every time you log into your server as root using SSH or Putty. Do NOT disable it as it is used to load important fixes and security updates when necessary. We recommend logging into your server at least once a week.

pbxstatus (shown above) displays status of all major components of Incredible PBX 16-15.

Forwarding Calls to Your Cellphone. Keep in mind that inbound calls to your DIDs automatically ring all five SIP extensions, 701-705. The easiest way to also ring your cellphone is to set one of these five extensions to forward incoming calls to your cellphone. After logging into your PBX as root, issue the following command to forward calls from extension 705 to your cellphone: asterisk -rx "database put CF 705 6781234567"

To remove call forwarding: asterisk -rx "database del CF 705"

Configuring SendMail with Incredible PBX 16-15

In order to receive voicemails by email delivery, outbound mail functionality from your server obviously is required. If you’ve deployed your server in your home, your Internet Service Provider probably blocks downstream mail servers such as Incredible PBX from sending mail. This is done to reduce SPAM. In this case, you will need to configure SendMail using either your ISP or Gmail as an SMTP Relay Host. Here are the steps using a Gmail account:

cd /etc/mail
yum -y install sendmail-cf
hostname -f > genericsdomain
touch genericstable
cd /usr/bin
rm -f makemap
ln -s ../sbin/makemap.sendmail makemap
cd /etc/mail
makemap -r hash genericstable.db < genericstable
mv sendmail.mc sendmail.mc.original
wget http://incrediblepbx.com/sendmail.mc.gmail
cp sendmail.mc.gmail sendmail.mc
mkdir -p auth
chmod 700 auth
cd auth
echo AuthInfo:smtp.gmail.com \\"U:smmsp\\" \\"I:user_id\\" \\"P:password\\" \\"M:PLAIN\\" > client-info
echo AuthInfo:smtp.gmail.com:587 \\"U:smmsp\\" \\"I:user_id\\" \\"P:password\\" \\"M:PLAIN\\" >> client-info
echo AuthInfo:smtp.gmail.com:465 \\"U:smmsp\\" \\"I:user_id\\" \\"P:password\\" \\"M:PLAIN\\" >> client-info
# Stop here and edit client-info (nano -w client-info) in all three lines.
# Replace  user_id with your gMail account name without @gmail.com
# Replace password with your real gMail password OR
#  use your Gmail App Key if 2-step verification is enabled
# Be sure to replace the double-quotes shown above if they don't appear in the file!!!
# Save your changes (Ctrl-X, Y, then Enter)
chmod 600 client-info
makemap -r hash client-info.db < client-info
cd ..
make
systemctl restart sendmail

If your server is hosted in the cloud and your provider does not block TCP port 25, then you can send mail without using a SmartHost; however, your server's hostname must actually be real or downstream mail servers will reject your mail. You can set your server's hostname like this: hostname myserver.myhost.com. This is usually sufficient; however, it's a good idea to also add the hostname in /etc/hostname and in /etc/hosts as the first entry on 127.0.0.1 line:

127.0.0.1   myserver.myhost.com pbx.local localhost localhost.localdomain

Next, test outbound mail using this command with your actual email address:

echo "test" | mail -s testmessage yourname@youremaildomain.com

Once you are sure your emails are being delivered reliably, here's a sample GUI voicemail configuration for an extension:



Getting Started with Incredible Fax 16

Believe it or not, there still are lots of folks that use faxes in their everyday lives. If you're one of them, Incredible PBX has your back. Begin by logging into your server as root and running incrediblefax16.sh to install HylaFax and AvantFax on your server. You'll be prompted a dozen or more times for information. Answer no to the secure fax question. For the rest of the prompts, just press ENTER to accept the default entries. Rebooting your server is required when the install finishes. Once your server is back on line, there will be a new AvantFax tab in the GUI. Before proceeding, be sure to set an Apache web apps password by running /root/apache-pw-change. Next, login to AvantFax with your browser. You first will be prompted for your Apache credentials. Enter admin for the username and whatever password you set up in the previous step. Then you will be prompted for your AvantFax credentials. The default is admin:password. After you enter the username and password, you will be prompted to change your admin password. The old password is still password. Then enter your desired password twice and save the setting. The AvantFax dashboard then will display. If nothing has come unglued, you should see four green Idle icons:



You can Send Faxes from within AvantFax by choosing the Send Fax tab, or you can use one of many HylaFax clients. Google is your friend.

Receiving faxes currently has issues not the least of which are fax detection being broken and incoming faxes never reaching the specified destination. We will continue to work on this and provide updates when they become available. For the time being, the simple workaround if you're using Skyetel as your provider is to designate a DID as a fax line (Call Routing: vFax) in the Skyetel Dashboard. Then Skyetel will manage the incoming faxes without any additional configuration on your PBX. You still can send faxes from within the AvantFax GUI.

Getting Started with ODBC for Asterisk

If you're new to the ODBC World, here's a quick primer. The idea behind Open Data Base Connectivity is to simplify the task of connecting up any flavor database management system so that it can talk to applications and foreign databases without having to write custom code to support every different DBMS. ODBC serves in much the same way as a translator who sits between you and foreign visitors. With the benefit of a translator, whatever is spoken is understood on both ends of the conversation. The real beauty of ODBC is that it is conversant with almost every DBMS offering on the planet including Oracle, Informix, SAS, MS Access, DB2, SQL Server, MySQL, MariaDB, PostgreSQL, Sybase, and even dBase, FoxPro, and XDB. All you really need is the ODBC connector for your operating system plus one or more database drivers for the DBMS data sources you wish to use.

Because the FreePBX modules are driven by MySQL tables, we've included the MySQL connector for Asterisk in Incredible PBX 16-15 together with two sample applications to get you started. If you add your own MySQL databases, it's easy to connect them with ODBC by simply running the odbc-gen.sh script in /root again. The two sample applications we've included will show you how to integrate ODBC queries into your Asterisk dialplan. The code is available in odbc.conf in the /etc/asterisk folder. The first sample is a typical employee database. By dialing 222, you will be prompted to enter the employee number (12345), and the ODBC app then will look up the employee number and read you the name of the employee. The second sample is a speed dialer using the AsteriDex database. The sample entries in the database include a 3-numeric-digit DIALCODE which simply matches the first three letters of each AsteriDex name spelled out on a phone, e.g. 335 = DELta Airlines and 263 = AMErican Airlines. As you add new entries to AsteriDex, you can add dialcodes in the same way or in any other scheme you prefer. Once you have signed up with a provider so that you can make outbound calls, just dial 223 and enter the AsteriDex dialcode to place the call. Think of it as a Speed Dialer on Steroids.

Beginning the Incredible PBX 13-13 Migration

For anyone that's been involved with Asterisk and FreePBX, you already know what a pain it was to move from one release to another. It's still not quite automatic, but it's damn close. You can't perform an in-place migration to move from Asterisk 13 and FreePBX 13 to Asterisk 16 with FreePBX 15. So you'll need to first bring up an Incredible PBX 16-15.2 platform as documented above. It must be separate and apart from your already functioning Incredible PBX 13-13.10 server. Once you've done that, use add-ip to whitelist the IP address of your 13-13 server on the 16-15 PBX and whitelist the IP address of your 16-15 server on the 13-13 PBX. This will make it easy to copy files between the two servers.

In addition to the whitelisting procedure above, there are three more steps to complete on the Incredible PBX 13-13 server. First, you'll need to update the backup module:

cd /root
./gpl-install-fpbx backup

Next, login to the GUI as admin using a browser and make a backup of your FreePBX components. Access Admin -> Backup & Restore and click Backup Wizard. Give the backup a name and description: incrediblepbx. Choose to run the backup Monthly. Choose Yes for voicemails, recordings, and CDR data. Choose Email Notifications and enter your email address. For Remote Save, choose No. Your backup will be saved locally in /var/spool/asterisk/backup/incrediblepbx. Click Finish.

Click the Pencil icon under incrediblepbx Actions to edit the files to be backed up. Using the + icon, make your Items list look like the following:

Click Save & Run button when you've made the necessary changes to kick off the backup. Unless you want monthly backups, you can click the trashcan icon under incrediblepbx Actions to remove the task we just created once the backup completes.

Copy the backup file from /var/spool/asterisk/backup/incrediblepbx to your desktop PC.

Restoring Your Data to Incredible PBX 16-15

Now let's continue on the Incredible PBX 16-15.2 server. Login to the GUI as admin using your favorite browser. From the FreePBX Dashboard, choose Admin -> Backup & Restore. Click the Restore tab. Click on Upload a Backup File and choose the backup file from your desktop. Once the backup is loaded, click Restore with CDR Data button to begin. When the whirring stops, there may be an error message. Just ignore it. Return to the Dashboard. Clear the warning about Bind Ports. It's incorrect. Your setup was copied correctly with chan_SIP on UDP 5060 and PJsip on UDP 5061 (unless you changed them). You now can use your browser to review your setup and verify that your 13-13 data came over correctly. Finally, verify that voicemail settings for your extensions got properly configured, and you should be good to go with Incredible PBX 16-15. Enjoy!

Where To Go From Here

Complete documentation on the FreePBX GPL Modules is available here.

Complete documentation on the Incredible PBX additions is available here.

An introduction to configuring extensions, trunks, and routes is available here.

Originally published: Monday, September 16, 2019



Need help with Asterisk? Visit the VoIP-info Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Sangoma Merging Proprietary Code Cripples GPL Module



What some of us feared with Sangoma’s acquisition of Asterisk® and FreePBX® is now coming to pass with the departure of almost the entire previous FreePBX development team. New Sangoma staff are "fixing" outstanding FreePBX software bugs in GPL code by merging in proprietary, non-GPL code. In addition to violating the spirit of the GPL,1 it also has immediate consequences for those using Linux platforms other than CentOS since the proprietary code and Zend Guard won’t run under Debian, Ubuntu, or Raspbian.

This issue first appeared when voicemails were not restored using the new Backup & Restore module for FreePBX 15. The module itself had almost two man-years of programming time invested in it, and the beauty of the module as we have previously noted was that it allowed transparent migration of a FreePBX 13 platform to FreePBX 15. At least that was the theory. Unfortunately, there still are some minor bugs which were reported in several issues on the FreePBX Bug Tracker including this one.


In addressing the identified bug, the Sangoma solution required installation of the commercial SysAdmin module which had two major shortcomings: (1) it required non-GPL code to use the new Backup & Restore module and (2) the Backup & Restore module would no longer run on any platform other than the proprietary RHEL-based FreePBX Distro. Thus, while the Backup & Restore component continues to be advertised as a GPLv3 module, it now is actually commercial because of its SysAdmin dependency.

What’s particularly disappointing about this issue’s resolution is that the voicemail recordings which were not being restored do actually exist in the backup files created by the Backup & Restore module. So the simple bug fix was the addition of a single line of code to restore the data, if any, in the backup:

tar zxvf $BACKUP ./var/spool/asterisk/voicemail -C /

Instead, what was proffered was a hack that forced users to migrate to a commercial platform. Whether intended or not, this sort of monetizing scenario is exactly what we feared when Sangoma acquired Asterisk and FreePBX. We hope you will join us in voicing your concern. This is not the way to be a good steward of an open source project.

Originally published: Monday, September 2, 2019



Need help with Asterisk? Visit the VoIP-info Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



  1. One of the major shortcomings of the GPL is that it’s a toothless tiger when it comes to GPL infractions by the actual copyright holder of the code. There is no enforcement mechanism when the copyright owner himself breaches the terms of the GPL. []

Migrating Painlessly from Incredible PBX 13-13 to 16-15



Asterisk® 13 will be 6 years old this October. That’s like three lifetimes in VoIP years. So let’s face it. It’s time to start making plans to move on up. The latest LTS version is Asterisk 16 which gets you another 4+ years with security fixes. We won’t dwell on the shortcomings of PJsip in Asterisk 13 and the fact that chanSIP is getting long in the tooth. So the sooner you migrate the better off you will be. Thanks to the latest FreePBX® 15 Backup & Restore module and some great tips from @DavidFoxworth and @Kenn10 on the PIAF Forum, 16-15 migration should be painless. We’re a little late with this week’s article because we wanted to finish the script to also let you migrate your Call Detail Records as well. Now it’s soup.

If you’re just getting started with Incredible PBX® 16-15 then you’ll get all of today’s additions as part of your initial install. Just follow our this tutorial. If you want to deploy Incredible PBX 16-15 as a public server on the Internet, this tutorial will walk you through that upgrade.

Beginning the Incredible PBX 13-13 Migration

For anyone that’s been involved with Asterisk and FreePBX, you already know what a pain it was to move from one release to another. It’s still not quite automatic, but it’s damn close. You can’t perform an in-place migration to move from Asterisk 13 and FreePBX 13 to Asteerisk 16 with FreePBX 15. So you’ll need to first bring up an Incredible PBX 16-15.1 platform that is separate and apart from your already functioning Incredible PBX 13-13.10 server. Once you’ve done that, use add-ip to whitelist the IP address of your 13-13 server on the 16-15 PBX and whitelist the IP address of your 16-15 server on the 13-13 PBX. This will make it easy to copy files between the two servers.

In addition to the whitelisting procedure above, there are three more steps to complete on the Incredible PBX 13-13 server. First, you’ll need to update the backup module:

cd /root
./gpl-install-fpbx backup

Next, login to the GUI as admin using a browser and make a backup of your FreePBX components. Access Admin -> Backup & Restore and click Backup Wizard. Give the backup a name and description: incrediblepbx. Choose to run the backup Monthly. Choose Yes for voicemails, recordings, and CDR data. Choose Email Notifications and enter your email address. For Remote Save, choose No. Your backup will be saved locally in /var/spool/asterisk/backup/incrediblepbx. Click Finish.

Click the Pencil icon under incrediblepbx Actions to edit the files to be backed up. Using the + icon, make your Items list look like the following:

Click Save & Run button when you’ve made the necessary changes to kick off the backup. Unless you want monthly backups, you can click the trashcan icon under incrediblepbx Actions to remove the task we just created once the backup completes.

Copy the backup file from /var/spool/asterisk/backup/incrediblepbx to your desktop PC.

Finally, let’s back up your Call Detail Records (cdr/cel) which won’t get imported with the FreePBX 15 restore utility. Log in to the Linux CLI as root and issue the following commands to create the CDR backup and copy it to your 16-15 server. Replace the xx’s with the IP address of your 16-15 server.

cd /root
mysqldump -u root -ppassw0rd --single-transaction --quick \\ 
 --lock-tables=false asteriskcdrdb > asteriskcdr1313.sql
gzip asteriskcdr1313.sql
scp asteriskcdr1313.sql.gz root@xx.xx.xx.xx:/root/asteriskcdr1313.sql.gz

Restoring Your Data to Incredible PBX 16-15

Let’s begin on the Incredible PBX 16-15 server by logging into the Linux CLI as root. Issue the following commands to set up your server platform for the Incredible PBX 13-13 import. Unless you have just installed Incredible PBX 16-15 since 3 p.m. EDT today, be sure to perform all of the steps below. It won’t hurt to do it again just to be sure you have the latest and greatest code:

cd /root
wget http://incrediblepbx.com/newbackup16-15.tar.gz
tar zxvf newbackup16-15.tar.gz
rm -f newbackup16-15.tar.gz
./install-backup

Next, login to the GUI as admin using your favorite browser. The new FreePBX 15 backup module is still a little rough around the edges, but it will get the job done. And that’s what matters. From the FreePBX Dashboard, choose Admin -> Backup & Restore. Be prepared. It will blow up. Not to worry. Click the Back button on your browser once or twice to return to the FreePBX Dashboard. Now repeat the drill: Admin -> Backup & Restore. This time it will work. Now click the Restore tab. Click on Upload a Backup File and choose the backup file from your desktop. Once the backup is loaded, click RunRestore button to begin. When the whirring stops, there will be an error message. Ignore it. Don’t click anything just yet. Instead, drop down to the Linux CLI again and run: /root/restore-fix.

When it completes, return to the GUI and your browser, close the Restore dialog, and return to the Dashboard. Ignore the warning about Bind Ports. Click Settings->SIP Settings->SIP Settings (pj_sip) and scroll down to UDP. Click YES then Submit then Apply Config. We’re almost finished.

Return to the Linux CLI and run: /root/import-cdr1313 to import your 13-13 cdr and cel data. This will overwrite existing CDR data on your 16-15 server. If anyone needs to get it back, we’ll add the steps below in coming days. Stay tuned.

Known Issues with Incredible PBX 13-13 Imports

You now can use your browser to review your setup and verify that your 13-13 data came over. If you’re using CallerID Superfecta, you’ll need to enable it under Admin -> CID Superfecta. Next, access Applications -> Misc Applications and set the extension for Demo IVR to 3366. Save your settings and reload the dialplan when prompted. Be advised that Custom Destinations currently do not populate so you’ll need to cut-and-paste your entries from your 13-13 server. There should only be a few: Fax (HylaFax), Time of Day, and perhaps OutAnyWhere. OSS EndPoint Manager is not compatible with FreePBX 15 and will not be restored. Finally, verify that voicemail settings for your extensions got properly set. You may need to again enable voicemail, set a VM password, and configure email delivery of voicemails, if desired.

FIXED: Importing Ring Groups from 13-13 caused calls to fail unless Send Progress was set to No for each of the ring groups. This is no longer necessary. Voicemail data did not get restored properly. This has been fixed by running restore-fix script.

Managing CDR Data with Incredible PBX 16-15

Call Detail Records are stored in two tables in MySQL’s asteriskcdrdb database. Unlike in FreePBX 13, FreePBX 15 uses the InnoDB storage engine and a number of new fields in the cdr table so don’t attempt to merely restore your FreePBX 13 asteriskcdrdb database to FreePBX 15, or you will get a royal mess. Our conversion utility, import-cdr1313, makes it easy to migrate the data as explained above. What we didn’t do was restore any existing CDR data you may have already accumulated on your 16-15 server. But we did make a backup of the data which is stored in asteriskcdr1615new.sql. You can use this backup for two purposes. You can replace the CDR 13-13 data that we just imported with your original 16-15 data, or you can add your previous CDR 16-15 data to the 13-13 data. As stored, asteriskcdr1615new.sql will completely replace the existing contents of the asteriskcdrdb database using the command:

mysql -u root -ppassw0rd asteriskcdrdb < asteriskcdr1615new.sql

If you want to supplement the 13-13 CDR data that was imported with your previous 16-15 CDR data, it's a bit more complex. Begin by making a couple copies of the backup file and then we'll edit one of the new files:

cp asteriskcdr1615new.sql asteriskcdr1615bak.sql
cp asteriskcdr1615new.sql asteriskcdr1615supp.sql
nano -w asteriskcdr1615supp.sql

We need to delete two sections from the file. First, scroll down to Table structure for table `cdr`. Press Ctrl-K to cut (delete) every line until you reach Dumping data for table `cdr`. Second, scroll down further to Table structure for table `cel`. Press Ctrl-K to cut (delete) every line until you reach Dumping data for table `cel`. Now Save the modified file: Ctrl-X, Y, then ENTER. You now can append your previous 16-15 CDR data to the current CDR database with the following command:

mysql -u root -ppassw0rd asteriskcdrdb < asteriskcdr1615supp.sql

We're all human and sometimes mistakes are made. Not to worry. You can put Humpty back together again by starting with your original CDR database, adding the 13-13 CDR data again, and then supplementing it with your previous 16-15 data. Here's how.

mysql -u root -ppassw0rd asteriskcdrdb < asteriskcdr1615bak.sql
./import-cdr1313
cp asteriskcdr1615new.sql asteriskcdr1615supp.sql
# make required changes described above to asteriskcdr1615supp.sql
mysql -u root -ppassw0rd asteriskcdrdb < asteriskcdr1615supp.sql

Two other tips, and you'll be a CDR database expert. First, you can restore an empty (but functional) CDR database with this command:

mysql -u root -ppassw0rd asteriskcdrdb < asteriskcdrdb.sql

Finally, you can make a backup of your existing CDR database at any time with the command:

mysqldump -u root -ppassw0rd --single-transaction --quick \\
 --lock-tables=false asteriskcdrdb > asteriskcdr1615latest.sql

Originally published: Monday, July 29, 2019



Need help with Asterisk? Visit the VoIP-info Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Deploying an Incredible PBX 16-15 Public Server with Skyetel



Safely deploying a public-facing Asterisk® server with full FreePBX® functionality has become the Holy Grail for Nerd Vittles in 2019. Today we tackle it on our new Incredible PBX® 16-15 platform featuring the latest releases of Asterisk 16 and FreePBX 15. The icing on today’s cake is a terrific new offer from Skyetel that supplements the current Nerd Vittles BOGO offer of up to $500 in half-priced VoIP services. Beginning today, Skyetel also will start you off with a $10 credit just for opening an account here. Then, after you have had an opportunity to kick the tires and perhaps purchase a DID for a buck, you can make $9 worth of phone calls before deciding whether to take advantage of the BOGO special by making a purchase of up to $250 and having Skyetel match your contribution. Once you have funded your account, you then can also take advantage of Skyetel’s free number porting offer for the next 60 days. To get your $10 credit, just open a ticket and request the $10 Nerd Vittles credit once you’ve signed up. To get the Nerd Vittles BOGO price match and take advantage of free number porting, simply open another ticket once you have added up to $250 to your account. Effective 10/1/2023, $25/month minimum spend required.

Making the Case for a Public-Facing PBX

We’ve had some of our pioneers trying out the new Incredible PBX 16-15-PUBLIC implementation this past week, and the question arose as to why anyone would want to do this. After all, PBX in a Flash 3 and Incredible PBX for the better part of a decade have been deployed with a whitelist using the Travelin’ Man 3 firewall, and there’s never been a security issue. So why switch horses now? The short answer is mobile users with dynamic IP addresses. If all the users of your PBX are sitting behind the same NAT-based router with static IP addresses, the Travelin’ Man 3 design is perfect. The bad guys could never even see your server. But if some of your users either reside or travel outside your home base or if you want calls to follow you on your smartphone when you leave home or the office, then Travelin’ Man 3 blocked SIP access from these remote phones until their new IP addresses were whitelisted. Multiply this by dozens or hundreds of users, and network management suddenly became a full-time job. Yes, we’ve had tools such as dynamic DNS and PortKnocker to ease the pain, but it still was a knuckle-drill for mobile users. And, in today’s world, much of the workforce is quickly morphing into mobile users without a traditional desk at an office.

The world also is becoming more SIP savvy. Just as folks are learning that a $35 antenna can provide an awesome collection of 4K Ultra HD TV channels without the expense of a monthly cable bill, others are learning that a SIP telephone or softphone app on your smartphone can provide free calls to and from anybody with a SIP URI without sharing your communications with Facebook or Microsoft. Today’s PUBLIC PBX makes free worldwide SIP calling a reality.

Building the Base Platform for Incredible PBX PUBLIC

To get started today, you need to begin by installing Incredible PBX 16-15 using the latest tutorial. There still are a few bugs in the FreePBX 15 fax module so you won’t be able to successfully install and use Incredible Fax for the time being. We’ll let everyone know when the issues have been resolved.

Once you have set up your Incredible PBX 16-15.2 server, the next step is to assign one or two fully-qualified domain names (FQDNs) to your server. You can have one FQDN for registering SIP extensions and a different one for anonymous SIP (invites) access to your server, or you can use the same FQDN for both. Security through obscurity provides an extra layer of protection for your server so choose your FQDNs carefully. sip.yourname.com provides almost no protection while f246g.yourname.com pretty much assures that nobody is going to guess your domain name. This is particularly important with the FQDN for SIP registrations because registered extensions on your PBX can obviously make phone calls that cost money.

By default, Incredible PBX 16-15 configures five extensions (701-705) and a Ring Group for those extensions (777) as well as four trunks including Skyetel. It’s ready to make and receive calls as soon as you sign up with one of the four providers listed in the tutorial. You can add as many additional providers and extensions as you like and modify the ring group to meet your needs. To get started, be sure to configure the correct time zone for your server as this affects delivery of reminders. Run /root/timezone-setup. Next, set a secure password for admin access to the FreePBX GUI modules. Run /root/admin-pw-change. Then set a secure password for admin access to web applications such as AsteriDex, Reminders, and User Control Panel. Run /root/apache-pw-change. In addition to reviewing your extensions and ring group, review the default inbound route and choose the destination for the incoming calls from your provider. Finally, configure the outbound route to use the provider sequence desired. By default, it uses Skyetel for outbound calls.

Going Public with Incredible PBX 16-15

Once you’ve tested making and receiving calls with your new server, you’re ready to convert it into a public-facing PBX. In order to run the install script below, you’ll need your FQDNs that you chose above, plus a port number for future SSH/Putty access to your server, plus a list of the extensions you wish to make available for public access to your PBX. These whitelisted extensions can be reached via SIP URI from anywhere in the world by anybody. It works just like your old MaBell phone. Anybody, anywhere can dial your number. What’s changed is now the calls are free. So choose your list carefully. We recommend using the year you were born for your SSH port to keep things simple for you. Once the GO-PUBLIC-16-15 script has been run, you can only access your PBX via SSH/Putty at the new port, e.g. SSH -p 1990 root@yourFQDN.com

Now we’re ready to run the install script. It takes less than a minute. Before you begin, log out of ALL SIP extensions you have previously registered with Incredible PBX and change the server destination from an IP address to the FQDN you plan to assign to SIP registrations. Otherwise, these IP addresses will get banned while the install script is running below!

cd /root
wget http://incrediblepbx.com/go-public-16-15.tar.gz
tar zxvf go-public-16-15.tar.gz
rm -f go-public-16-15.tar.gz
./GO-PUBLIC-16-15

A Few Words About Incredible PBX PUBLIC Security

As with all Incredible PBX servers, Incredible PBX 16-15-PUBLIC includes the Automatic Update Utility. Please don’t disable it. It’s our only way to push updates to you if some vulnerability is discovered down the road. It gets run whenever you login to your server as root using SSH/Putty. Do so regularly and follow us on Twitter for security alerts. There’s also an Incredible PBX RSS Feed that is displayed when you login to the Incredible PBX GUI with a browser. It, too, includes security alerts and should be checked regularly. It’s your phone bill.

Incredible PBX 16-15-PUBLIC uses the ipset utility in conjunction with the IPtables firewall to block several countries that have inordinately high concentrations of folks that try to break into VoIP servers. In addition, your public PBX includes the VoIP Blacklist which includes another 100,000 bad guys from around the globe. These blacklists get updated every night by a script which is run from /etc/crontab. For your own safety, don’t disable or delete /etc/update-voipbl.sh or the other components upon which it relies.

Here are some other things you should do regularly to assure that your server remains secure. Login via SSH/Putty as root and check pbxstatus after the Automatic Update Utility is run. With the exception of the fax components, all the other items should be green all the time. From the Linux CLI, run: iptables -nL. This will show your firewall rules and whether any IP addresses have been banned by Fail2Ban. If there are banned IP addresses that are not your own, please open a thread on the PIAF Forum and let us know about it. If there are dozens of banned IP addresses, shutdown your server immediately until the problem is identified and resolved. If the IP addresses happen to be your own users because of using incorrect passwords or because of using a server IP address instead of its FQDN for SIP registrations, unban the IP address: fail2ban-client set asterisk unbanip xxx.xxx.xxx.xxx
Finally, watch the Asterisk CLI periodically for abnormal activity: asterisk -rvvvvvvvvvv

Tightening Up SSH Server Access

You obviously need a very secure root password for access to your server using SSH/Putty. Changing the TCP port for SSH access avoids the script kiddies, but it doesn’t offer much protection from a determined cracker. SSH login attempts are monitored by Fail2Ban, but Fail2Ban has issues when a determined intruder is using a powerful computing platform such as Amazon EC2. The more prudent solution is to disable SSH port access and use SSH Public Key Authentication as documented in the linked tutorial. Always, always use ssh-copy-id to copy your credentials to more than one desktop machine so that you don’t inadvertently lock yourself out of your PBX in the case of a hardware failure.

Introducing the VitalPBX Communicator

Our previous article offered some suggestions for SIP softphones. These become more important once you deploy a public-facing PBX and want to stay connected while you’re away from home or the office. If you’re using an Android smartphone even without a SIM card and provider, there is no finer softphone than the new VitalPBX Communicator. Using the Account Assistant, enter the SIP extension of your PBX as the Username. Enter the SIP extension password as the Password. For the Domain, enter the SIP registration FQDN you specified above (not the IP address of your server!). Choose UDP for the Transport. And click Login to begin. In the Network Settings, turn OFF WiFi only. If you enable Background Mode and Start At Boot Time in Advanced Settings, the softphone will remain registered and available even when you’re using other applications. On a Google Pixel 3, this consumes about 20% of the phone’s battery life from a full charge. A similar app is available for Windows-based PCs. An iPhone app is under development.

For other platforms, the Linphone application is an excellent alternative. See our previous Linphone tutorial for details. Here are the download links for each supported platform:

A Word to the Wise. Our experience suggests that SIP communications with an iPhone is notoriously awful. Under identical conditions using the same application on both an iPhone and an Android phone typically results in calls failing or experiencing one-way or no audio on the iPhone. Save yourself some frustration and purchase ANY Android phone for SIP communications (HINT: With the exception of the camera, the Moto g6 is virtually identical in shape and performance to Google’s Pixel 3 at less than one-third the cost). As noted, no SIM card is required. WiFi works perfectly. If you want a cell phone provider, check out Mint Mobile’s dirt cheap offering ($15/mo. for unlimited calls and text plus 3GB of LTE data). Nerd Vittles (and you) receive a perk when you use our link to sign up for service.

Special Thanks: We want to give an extra special tip of the hat to the PIAF Forum members who assisted in working the kinks out of the last two weeks’ Incredible PBX 16-15 offerings. We also wish to thank JavaPipe LLC for a number of DDOS tips and tricks in securing CentOS 7 with IPtables.

Originally published: Monday, July 22, 2019



Need help with Asterisk? Visit the VoIP-info Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Enchilada Amore: It’s Incredible PBX 16-15 for CentOS 7

Just when you thought the VoIP community was running out of open source offerings, along comes last week’s Incredible PBX 16® LITE and today’s Incredible PBX 16-15 for CentOS® 7 featuring the same great feature set as the LITE version including Asterisk 16®. And now you also get the entire FreePBX® 15 GPL module collection including their new User Control Panel (UCP) and a much enhanced web GUI plus the entire Incredible PBX feature set. As with Incredible PBX LITE, it’s plug-and-play with immediate calling capability using any of four commercial SIP providers. Or you can choose one of 16 other preconfigured SIP providers, enter your credentials, and enjoy instant connectivity without worrying about SIP settings. We began the Incredible PBX 16 adventure last week. Let’s catch you up if you’re just joining.

UPDATE: A new release of Incredible PBX 16-15 is now available here. It resolves most issues with migration from Incredible PBX 13-13.

UPDATE: Turn your Incredible PBX 16-15 server into a secure public-facing PBX. Here’s how.

What’s Included? Incredible PBX 16-15 serves up a VoIP powerhouse featuring Asterisk 16, the FreePBX 15 GPL platform including User Control Panel (UCP), an Apache web server, the latest MariaDB SQL server (formerly MySQL), SendMail, and the Incredible PBX feature set including SIP, SMS, Opus, voice recognition, PicoTTS Text-to-Speech VoIP applications plus fax support, Click-to-Dial, News, Weather, Reminders, ODBC, and hundreds of features that typically are found in commercial PBXs: Conferencing, IVRs and AutoAttendants, Email Delivery of Voicemail, and much more.

Choosing a SIP Provider. Incredible PBX 16-15 comes preconfigured with support for five SIP extensions and four of the major SIP providers: Skyetel, VoIP.ms, V1VoIP, and Anveo Direct. We obviously hope you’ll choose Skyetel not only because they financially support Nerd Vittles and our open source projects, but also because it is a clearly superior platform offering crystal-clear communications and triple-redundancy so you never miss a call. Skyetel also sets itself apart from the other providers in the support department. They actually respond to issues, and there’s never a charge. As the old saying goes, they may not be the cheapest, but you get what you pay for. Even without taking advantage of Nerd Vittles half-price offer on up to $500 of Skyetel services, they’re still dirt cheap compared to the Bell Sisters and cable companies. Traditional DIDs are $1 per month. Outbound conversational calls are $0.012 per minute. Incoming conversational calls are a penny a minute, and CallerID lookups are $0.004. With all four providers, you only pay for minutes you use. Using more than one is a good idea.

Choosing a Platform for Incredible PBX 16-15

As with our other open source offerings, the platform choice for Incredible PBX 16-15 depends upon a number of factors. For most folks, you’d be crazy to go out and purchase hardware to use in your home or office when cloud-based platforms are available for about a dollar a month. Unless you plan to publicly expose your server on the Internet to facilitate remote SIP connections, the OpenVZ offerings below are perfectly adequate while in business with the cautionary note that you need off-site backups AND a tested backup plan. Three providers previously listed have closed their doors in 2019. You’ve been warned.

ProviderRAMDiskBandwidthPerformance as of 12/1/19Cost
CrownCloud KVM (LA)1GB20GB +
Snapshot
1TB/month598Mb/DN 281Mb/UP
2CPU Core
$25/year
Best Buy!
Naranjatech KVM (The Netherlands)1GB20GB1TB/monthHosting since 2005
VAT: EU res.
20€/year w/code:
SBF2019
BudgetNode KVM (LA)1GB40GB RAID101TB/monthAlso available in U.K PM @Ishaq on LET before payment$24/year
FreeRangeCloud KVM (Ashburn VA, Winnipeg, Freemont CA)1GB20GB SSD3TB/monthPick EGG loc'n
Open ticket for last 5GB SSD
$30/year w/code:
LEBEGG30

Installing Incredible PBX 16-15 with CentOS 7

If you’ve installed previous iterations of Incredible PBX, today’s drill is similar. Here is a thumbnail sketch of the install procedure for Incredible PBX 16-15. Begin by installing a minimal CentOS 7 (64-bit) platform or pick the CentOS 7 option with 1GB RAM and 20GB of storage from your cloud provider’s menu of choices. Then log into your server as root and issue the following commands:

passwd
yum -y update
yum -y install net-tools nano wget tar
wget http://incrediblepbx.com/incrediblepbx16-15.1.tar.gz
tar zxvf incrediblepbx16-15.1.tar.gz
rm -f incrediblepbx16-15.1.tar.gz
# to add swap file on non-OpenVZ cloud platforms with no swap file
./create-swapfile-DO
# kick off Phase I install
./IncrediblePBX16-15.sh
# after reboot, kick off Phase II install
./IncrediblePBX16-15.sh
# add HylaFax/AvantFax, if desired
./incrediblefax16.sh
# set desired timezone
./timezone-setup
# display your passwords
./show-passwords
# remember to enable TUN/TAP if using VPS Control Panel with OpenVZ
# reconfigure PortKnocker if installing on an OpenVZ platform
echo 'OPTIONS="-i venet0:0"' >> /etc/sysconfig/knockd
service knockd restart
# set up NeoRouter VPN client, if desired
nrclientcmd
# check network speed
wget -O speedtest-cli https://raw.githubusercontent.com/sivel/speedtest-cli/master/speedtest.py
chmod +x speedtest-cli
./speedtest-cli

WebMin is also installed and configured as part of the base install. The root password for access is the same as your Linux root password. We strongly recommend that you not use WebMin to make configuration changes to your server. You may inadvertently damage the operation of your PBX beyond repair. WebMin is an excellent tool to LOOK at how your server is configured. When used for that purpose, we highly recommend WebMin as a way to become familiar with your Linux configuration.

Planning Ahead for That Rainy Day

If you haven’t already learned the hard way, let us save you from a future shock. Hardware fails. All of it. So spend an extra hour now so that you’ll be prepared when (not if) disaster strikes. First, once you have your new PBX configured the way you plan to use it, make a backup of your PBX by running the Incredible Backup script: /root/incrediblebackup16

Copy down the name of the backup file that was created. You’ll need it in a few minutes.

Second, build yourself an identical VirtualBox platform on your desktop PC. It’s the same steps as outlined above.

Next, create a /backup folder on your VirtualBox PBX and copy the backup file from your main server to your VirtualBox server and restore it after logging in to VirtualBox PBX as root:

mkdir /backup
scp root@main-pbx-ip-address:/backup/backup-file-name.tar.gz /backup/.
/root/incrediblerestore16 /backup/backup-file-name.tar.gz

Complaints that you "forgot" to make a backup and your hardware has failed or your provider has gone out of business are not welcomed. We’re sorry for your loss. Case closed.

Completing the Incredible PBX Setup Procedure

Unless your desktop PC and server are both on the same private LAN, the install procedure should be performed from a desktop PC using SSH or Putty. This will insure that your desktop PC is also whitelisted in the Incredible PBX firewall. Using the console to perform the install is NOT recommended as your desktop PC will not be whitelisted in the firewall. This may result in your not being able to log in to your server. Once you have network connectivity, log in to your server as root from a desktop PC using your root password. Accept the license agreement by pressing ENTER.

Kick off the Phase I install. Once your server reboots and you log back in as root, start the Phase II install. All of your passwords will be randomly assigned with the exception of the root user Linux password. You can set it at any time by issuing the command: passwd. With the exception of your root user password, the remaining passwords can be displayed using the command: /root/show-passwords.

Finally, if your PBX is sitting behind a NAT-based router, you’ll need to redirect incoming UDP 5060 and UDP 10000-20000 traffic to the private IP address of your PBX. This is required for all of the SIP providers included in the Incredible PBX 16-15 default build. Otherwise, inbound calls will fail.

Configuring Skyetel for Incredible PBX 16-15

If you’ve decided to go with Skyetel, here’s the drill. Sign up for Skyetel service and take advantage of the Nerd Vittles BOGO special. First, complete the Prequalification Form here. You then will be provided a link to the Skyetel site to complete your registration. Once you have registered on the Skyetel site and your account has been activated, open a support ticket and request the BOGO credit for your account by referencing the Nerd Vittles special offer. Skyetel will match your deposit of up to $250 which gets you up to $500 of helf-price calling. Credit is limited to one per person/company/address/location. Effective 10/1/2023, $25/month minimum spend required.

Skyetel does not use SIP registrations to make connections to your PBX. Instead, Skyetel utilizes Endpoint Groups to identify which servers can communicate with the Skyetel service. An Endpoint Group consists of a Name, an IP address, a UDP or TCP port for the connection, and a numerical Priority for the group. For incoming calls destined to your PBX, DIDs are associated with an Endpoint Group to route the calls to your PBX. For outgoing calls from your PBX, a matching Endpoint Group is required to authorize outbound calls through the Skyetel network. Thus, the first step in configuring the Skyetel side for use with your PBX is to set up an Endpoint Group. Here’s a typical setup for Incredible PBX 16-15:

  • Name: MyPBX
  • Priority: 1
  • IP Address: PBX-Public-IP-Address
  • Port: 5060
  • Protocol: UDP
  • Description: my.incrediblepbx.com

To receive incoming PSTN calls, you’ll need at least one DID. On the Skyetel site, you acquire DIDs under the Phone Numbers tab. You have the option of Porting in Existing Numbers (free for the first 60 days after you sign up for service) or purchasing new ones under the Buy Phone Numbers menu option.

Once you have acquired one or more DIDs, navigate to the Local Numbers or Toll Free Numbers tab and specify the desired SIP Format and Endpoint Group for each DID. Add SMS/MMS and E911 support, if desired. Call Forwarding and Failover are also supported. That completes the VoIP setup on the Skyetel side. System Status is always available here.

Configuring VoIP.ms for Incredible PBX 16-15

To sign up for VoIP.ms service, may we suggest you use our signup link so that Nerd Vittles gets a referral credit for your signup. Once your account is set up, you’ll need to set up a SIP SubAccount and, for Authentication Type, choose Static IP Authentication and enter your Incredible PBX 16-15 server’s public IP address. For Transport, choose UDP. For Device Type, choose Asterisk, IP PBX, Gateway or VoIP Switch. Order a DID in their web panel, and then point the DID to the SubAccount you just created. Be sure to specify atlanta1.voip.ms as the POP from which to receive incoming calls.

Configuring V1VoIP for Incredible PBX 16-15

To sign up for V1VoIP service, sign up on their web site. Then login to your account and order a DID under the DIDs tab. Once the DID has been assigned, choose View DIDs and click on the Forwarding button beside your DID. For Option #1, choose Forward to IP Address/PBX. For the Forwarding Address, enter the public IP address of your server. For the T/O (timeout) value, set it to 2o seconds. Then click the Update button. Under the Termination tab, create a new Endpoint with the public IP address of your server so that you can place outbound calls through V1VoIP.

Configuring Anveo Direct for Incredible PBX 16-15

To sign up for Anveo Direct service, sign up on their web site and then login. After adding funds to your account, purchase a DID under Inbound Service -> Order DID. Next, choose Configure Destination SIP Trunk. Give the Trunk a name. For the Primary SIP URI, enter $[E164]$@server-IP-address. For Call Options, select your new DID from the list. You also must whitelist your public IP address under Outbound Service -> Configure. Create a new Call Termination Trunk and name it to match your server. For Dialing Prefix, choose six alphanumeric characters beginning with a zero. In Authorized IP Addresses, enter the public IP address of your server. Set an appropriate rate cap. We like $0.01 per minute to be safe. Set a concurrent calls limit. We like 2. For the Call Routing Method, choose Least Cost unless you’re feeling extravagant. For Routes/Carriers, choose Standard Routes. Write down your Dialing Prefix and then click the Save button.

Before you can make outbound calls through Anveo Direct from your PBX, you first must configure the Dialing Prefix that you wrote down in the previous step. Log into the GUI as admin using a web browser and edit the Anveo-Out trunk in Connectivity -> Trunks. Click on the custom-Settings tab and replace anveo-pin with your actual Dialing Prefix. Click Submit and Apply Config to complete the setup.

By default, incoming Anveo Direct calls will be processed by the Default inbound route on your PBX. If you wish to redirect incoming Anveo Direct calls using DID-specific inbound routes, then you’ve got a bit more work to do. In addition to creating the inbound route using the 11-digit Anveo Direct DID, enter the following commands after logging into your server as root using SSH/Putty:

cd /etc/asterisk
echo "[from-anveo]" >> extensions_custom.conf
echo "exten => _.,1,Ringing" >> extensions_custom.conf
echo "exten => _.,n,Goto(from-trunk,\\${SIP_HEADER(X-anveo-e164)},1)" >> extensions_custom.conf
asterisk -rx "dialplan reload"

Configuring a Softphone for Incredible PBX 16-15

We’re in the home stretch now. You can connect virtually any kind of telephone to your new PBX. Plain Old Phones require an analog telephone adapter (ATA) which can be a separate board in your computer from a company such as Digium. Or it can be a standalone SIP device such as ObiHai’s OBi100 or OBi110 (if you have a phone line from Ma Bell to hook up as well). SIP phones can be connected directly so long as they have an IP address. These could be hardware devices or software devices such as the YateClient softphone. We’ll start with a free one today so you can begin making calls. You can find dozens of recommendations for hardware-based SIP phones both on Nerd Vittles and the PIAF Forum when you’re ready to get serious about VoIP telephony.

We recommend YateClient which is free. Download it from here. Run YateClient once you’ve installed it and enter the credentials for the 701 extension on Incredible PBX. You can find them by running /root/show-passwords. You’ll need the IP address of your server plus your extension 701 password. In the YateClient, fill in the blanks using the IP address of your Server, 701 for your Username, and whatever Password was assigned to the extension when you installed Incredible PBX. Click OK to save your entries.

Once you are registered to extension 701, close the Account window. Then click on YATE’s Telephony Tab and place some test calls to the numerous apps that are preconfigured on Incredible PBX. Dial a few of these to get started:

DEMO - Apps Demo
123 - Reminders
947 - Weather by ZIP Code
951 - Yahoo News
TODAY - Today in History
LENNY - The Telemarketer's Worst Nightmare

If you are a Mac user, another great no-frills softphone is Telephone. Just download and install it from the Mac App Store. For Android users, check out the terrific new VitalPBX Communicator. Works flawlessly with Incredible PBX.

Audio Issues with Incredible PBX 16-15

Only if you experience one-way or no audio on some calls, add your external IP address and LAN subnet in the GUI by navigating to Settings -> Asterisk SIP Settings. In the NAT Settings section, click Detect Network Settings. Click Submit and Apply Settings to save your changes.

Incredible PBX 16-15 Administration

We’ve eased the pain of administering your new PBX with a collection of scripts which you will find in the /root folder after logging in with SSH or Putty. Here’s a quick summary of what each of the scripts does.

add-fqdn is used to whitelist a fully-qualified domain name in the firewall. Because Incredible PBX 16-15 blocks all traffic from IP addresses that are not whitelisted, this is what you use to authorize an external user for your PBX. The advantage of an FQDN is that you can use a dynamic DNS service to automatically update the IP address associated with an FQDN so that you never lose connectivity.

add-ip is used to whitelist a public IP address in the firewall. See the add-fqdn explanation as to why this matters.

del-acct is used to remove an IP address or FQDN from the firewall’s whitelist.

reset-conference-pins is a script that automatically and randomly resets the user and admin pins for access to the preconfigured conferencing application. Dial C-O-N-F from any registered SIP phone to connect to the conference.

reset-extension-passwords is a script that automatically and randomly resets ALL of the SIP passwords for extensions 701-705. Be careful using this one, or you may disable existing registered phones and cause Fail2Ban to blacklist the IP addresses of those users. HINT: You can place a call to the Ring Group associated with all five extensions by dialing 777.

reset-reminders-pin is a script that automatically and randomly resets the pin required to access the Telephone Reminders application by dialing 123. It’s important to protect this application because a nefarious user could set up a reminder to call a number anywhere in the world assuming your SIP provider’s account was configured to allow such calls.

show-feature-codes is a cheat sheet for all of the feature codes which can be dialed from any registered SIP phone. It documents how powerful a platform Incredible PBX 16-15 actually is. A similar listing is available in the GUI at Admin -> Feature Codes.

show-passwords is a script that displays ALL of the passwords associated with Incredible PBX 16-15. This includes SIP extension passwords, voicemail pins, conference pins, telephone reminders pin, and your Anveo Direct outbound calling pin (if configured). Note that voicemail pins are configured by the user of a SIP extension the first time the user accesses the voicemail system by dialing *97.

update-IncrediblePBX is the Automatic Update Utility which checks for server updates from incrediblepbx.com every time you log into your server as root using SSH or Putty. Do NOT disable it as it is used to load important fixes and security updates when necessary. We recommend logging into your server at least once a week.

pbxstatus (shown above) displays status of all major components of Incredible PBX 16-15.

Forwarding Calls to Your Cellphone. Keep in mind that inbound calls to your DIDs automatically ring all five SIP extensions, 701-705. The easiest way to also ring your cellphone is to set one of these five extensions to forward incoming calls to your cellphone. After logging into your PBX as root, issue the following command to forward calls from extension 705 to your cellphone: asterisk -rx "database put CF 705 6781234567"

To remove call forwarding: asterisk -rx "database del CF 705"

Configuring SendMail with Incredible PBX 16-15

In order to receive voicemails by email delivery, outbound mail functionality from your server obviously is required. If you’ve deployed your server in your home, your Internet Service Provider probably blocks downstream mail servers such as Incredible PBX from sending mail. This is done to reduce SPAM. In this case, you will need to configure SendMail using either your ISP or Gmail as an SMTP Relay Host. Here are the steps using a Gmail account:

cd /etc/mail
yum -y install sendmail-cf
hostname -f > genericsdomain
touch genericstable
makemap -r hash genericstable.db < genericstable
mv sendmail.mc sendmail.mc.original
wget http://incrediblepbx.com/sendmail.mc.gmail
cp sendmail.mc.gmail sendmail.mc
mkdir -p auth
chmod 700 auth
cd auth
echo AuthInfo:smtp.gmail.com \\"U:smmsp\\" \\"I:user_id\\" \\"P:password\\" \\"M:PLAIN\\" > client-info
echo AuthInfo:smtp.gmail.com:587 \\"U:smmsp\\" \\"I:user_id\\" \\"P:password\\" \\"M:PLAIN\\" >> client-info
echo AuthInfo:smtp.gmail.com:465 \\"U:smmsp\\" \\"I:user_id\\" \\"P:password\\" \\"M:PLAIN\\" >> client-info
# Stop here and edit client-info (nano -w client-info) in all three lines.
# Replace  user_id with your gMail account name without @gmail.com
# Replace password with your real gMail password
# Be sure to replace the double-quotes shown above if they don't appear in the file!!!
# Save your changes (Ctrl-X, Y, then Enter)
chmod 600 client-info
makemap -r hash client-info.db < client-info
cd ..
make
systemctl restart sendmail

If your server is hosted in the cloud and your provider does not block TCP port 25, then you can send mail without using a SmartHost; however, your server's hostname must actually be real or downstream mail servers will reject your mail. You can set your server's hostname like this: hostname myserver.myhost.com. This is usually sufficient; however, it's a good idea to also add the hostname in /etc/hostname and in /etc/hosts as the first entry on 127.0.0.1 line:

127.0.0.1   myserver.myhost.com pbx.local localhost localhost.localdomain

Next, test outbound mail using this command with your actual email address:

echo "test" | mail -s testmessage yourname@youremaildomain.com

Once you are sure your emails are being delivered reliably, here's a sample GUI voicemail configuration for an extension:



Getting Started with Incredible Fax 16

Believe it or not, there still are lots of folks that use faxes in their everyday lives. If you're one of them, Incredible PBX has your back. Begin by logging into your server as root and running incrediblefax16.sh to install HylaFax and AvantFax on your server. You'll be prompted a dozen or more times for information. Answer no to the secure fax question. For the rest of the prompts, just press ENTER to accept the default entries. Rebooting your server is required when the install finishes. Once your server is back on line, there will be a new AvantFax tab in the GUI. Before proceeding, be sure to set an Apache web apps password by running /root/apache-pw-change. Next, login to AvantFax with your browser. You first will be prompted for your Apache credentials. Enter admin for the username and whatever password you set up in the previous step. Then you will be prompted for your AvantFax credentials. The default is admin:password. After you enter the username and password, you will be prompted to change your admin password. The old password is still password. Then enter your desired password twice and save the setting. The AvantFax dashboard then will display. If nothing has come unglued, you should see four green Idle icons:



You can Send Faxes from within AvantFax by choosing the Send Fax tab, or you can use one of many HylaFax clients. Google is your friend.

Receiving faxes currently has issues not the least of which are fax detection being broken and incoming faxes never reaching the specified destination. We will continue to work on this and provide updates when they become available. For the time being, the simple workaround if you're using Skyetel as your provider is to designate a DID as a fax line (Call Routing: vFax) in the Skyetel Dashboard. Then Skyetel will manage the incoming faxes without any additional configuration on your PBX. You still can send faxes from within the AvantFax GUI.

Getting Started with ODBC for Asterisk

If you're new to the ODBC World, here's a quick primer. The idea behind Open Data Base Connectivity is to simplify the task of connecting up any flavor database management system so that it can talk to applications and foreign databases without having to write custom code to support every different DBMS. ODBC serves in much the same way as a translator who sits between you and foreign visitors. With the benefit of a translator, whatever is spoken is understood on both ends of the conversation. The real beauty of ODBC is that it is conversant with almost every DBMS offering on the planet including Oracle, Informix, SAS, MS Access, DB2, SQL Server, MySQL, MariaDB, PostgreSQL, Sybase, and even dBase, FoxPro, and XDB. All you really need is the ODBC connector for your operating system plus one or more database drivers for the DBMS data sources you wish to use.

Because the FreePBX modules are driven by MySQL tables, we've included the MySQL connector for Asterisk in Incredible PBX 16-15 together with two sample applications to get you started. If you add your own MySQL databases, it's easy to connect them with ODBC by simply running the odbc-gen.sh script in /root again. The two sample applications we've included will show you how to integrate ODBC queries into your Asterisk dialplan. The code is available in odbc.conf in the /etc/asterisk folder. The first sample is a typical employee database. By dialing 222, you will be prompted to enter the employee number (12345), and the ODBC app then will look up the employee number and read you the name of the employee. The second sample is a speed dialer using the AsteriDex database. The sample entries in the database include a 3-numeric-digit DIALCODE which simply matches the first three letters of each AsteriDex name spelled out on a phone, e.g. 335 = DELta Airlines and 263 = AMErican Airlines. As you add new entries to AsteriDex, you can add dialcodes in the same way or in any other scheme you prefer. Once you have signed up with a provider so that you can make outbound calls, just dial 223 and enter the AsteriDex dialcode to place the call. Think of it as a Speed Dialer on Steroids.

Where To Go From Here

Complete documentation on the FreePBX GPL Modules is available here.

Complete documentation on the Incredible PBX additions is available here.

An introduction to configuring extensions, trunks, and routes is available here.

Originally published: Monday, July 15, 2019



Need help with Asterisk? Visit the VoIP-info Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



F-O-R-K? A Few Thoughts on the Sangoma Employee Exodus




Full Disclosure: We’re not exactly big fans of Sangoma® and their stewardship of the Asterisk® and FreePBX® projects. So read our commentary with a grain of salt or two. As we predicted when Sangoma purchased Digium®, the employee exodus has begun. The biggest surprise is that a disturbing number of the departures are from the FreePBX SchmoozeCom operation including two of its founding partners: Tony Lewis, the soon-to-be former Chief Operating Officer (COO) of Sangoma, and Brian Walters who has been with Tony forever. Rob Thomas and Philippe Lindheimer, two of the original developers of FreePBX, also have left. Correction: Philippe has simply moved out of the FreePBX dev team. While we haven’t kept close tabs on the Sangoma operation for the past couple years, a little digging uncovered some rumors of other possible departures which, if true, would cripple FreePBX development for all intents and purposes. Then there’s the Digium side of things. Mark Spencer, who founded Digium and Asterisk, left with the Golden Parachute as a result of the Digium sale. But he was followed out the door by Danny Windham, Digium’s former CEO, and David Duffett, who has been the cheerful, public face of Asterisk for many, many years.

In measuring what the future holds, we’ve got a few folks we think you should be watching for the next few months. On the Digium side, the most obvious are some of the old-timers like Matt Jordan and Malcolm Davenport. On the FreePBX side, our radar is focused on two key developers: Luke Duquaine and Andrew Nagy. While nobody is irreplaceable, the complexity of FreePBX and its incredibly steep learning curve would make more departures crippling. You can’t farm out FreePBX development as you would phone manufacturing.

May 18 UPDATE: Matt Jordan is leaving as Digium’s CTO to take a position with Amazon. Andrew Nagy has resigned as the head of Sangoma’s FreePBX development team. His last day was yesterday.

This exodus coupled with some rumored departures got us thinking about the possibility of a fork of both the Asterisk and FreePBX projects. After all, it’s open source GPL software. And loyalty isn’t what it once was in the corporate world. Surely, Sangoma employment contracts had non-compete provisions, right? Probably so. But wait. What about the GPL license that Sangoma issues with each new release of Asterisk and FreePBX? Since we’re talking hypotheticals and while you shouldn’t treat this as a legal opinion, here’s one wrinkle that jumps out. Take a look at these GPL license agreement extracts to which Sangoma is bound:

To protect your rights, we need to prevent others from denying you
these rights or asking you to surrender the rights.

Developers that use the GNU GPL protect your rights with two steps:
(1) assert copyright on the software, and (2) offer you this License
giving you legal permission to copy, distribute and/or modify it.

Each time you convey a covered work, the recipient automatically
receives a license from the original licensors, to run, modify and
propagate that work, subject to this License.

You may not impose any further restrictions on the exercise of the
rights granted or affirmed under this License.

Without doing the legal research, I’d be surprised if there has ever been a case pitting a non-compete contract against a GPL license agreement when both were issued by the same company. Generally the enforcement scope of non-compete agreements turns upon state law and whether the employer gave up a protectable interest such as confidential information. That’s an easy case with existing FreePBX commercial modules, but it would be a difficult argument to make with open source GPL software which, by definition, is clearly not confidential. We’ll just have to see how this plays out. In the meantime, keep your ears peeled, and let us know if you hear of other Sangoma happenings. We’ll be listening, too.

Originally published: Friday, April 26, 2019   Updated: Saturday, May 18, 2019



Need help with Asterisk? Visit the VoIP-info Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Yowza! A Fault-Tolerant Incredible PBX Platform for $1/Mo.


Not that you needed another reason to sign up for Skyetel’s triple-redundant SIP hosting platform, but we have a new one for you anyway. A fault-tolerant VoIP platform always has been the Holy Grail for many organizations. When your business depends on telephone calls, the very last thing you want to fail is your phone system. When most administrators think of fault-tolerant, high availability (HA) servers, the first word that comes to mind is expensive. For example, FreePBX® charges $1500/node just for HA software licenses. Using Skyetel trunks with Incredible PBX® 13-13.10, you now can deploy a fault-tolerant solution including the cloud-based secondary server for about a dollar a month. And, unlike the FreePBX design, the primary and secondary servers need not be colocated. Today we’ll get you up and running.

Many SIP providers require users to register their PBX with their service before you can make and receive calls. Skyetel does not.1 Instead, Skyetel relies upon the IP address of the PBX to determine whether to relay calls to and from your PBX. Dynamic IPs are supported. This is incredibly useful in designing a fault-tolerant PBX platform. If SIP registration is required with your SIP provider, then it obviously takes considerably more engineering effort to enable and disable the redundant server platform since you can’t be registered to two different servers using the same accounts at the same time. With Skyetel, that’s never a problem. Let’s quickly review the Skyetel setup process, and you’ll see why their design facilitates fault tolerance without spending a fortune on additional hardware and software. Effective 10/1/2023, $25/month minimum spend required.

Once your Skyetel account is set up, there are basically two steps to enable connections with your PBX. First, you create an Endpoint Group with the IP address of your PBX. Second, you purchase one or more DIDs and point each of them to the Endpoint Group you just created. With Incredible PBX platforms, the Skyetel trunk and firewall setup already is in place. All you need to do is create an Inbound Route for each of your Skyetel DIDs using its 11-digit phone number. Ten and eleven-digit outbound calls, by default, always are routed to Skyetel for processing. So how do we handle fault-tolerance on the Skyetel side? It’s easy. Just add the IP address of the secondary PBX to the Endpoint Group that you set up for your primary PBX. That’s it. When Skyetel can’t send inbound calls to your primary PBX, it now will send them to your secondary server.


Now let’s address what has to happen at your end to bring up a fault-tolerant platform. We will assume that you already have set up and configured extensions, trunks, routes, and all desired bells and whistles on an Incredible PBX 13-13.10 platform somewhere. It really doesn’t matter where. We will also assume you have deployed SIP telephones for all of your users and registered them with your PBX. There are five simple steps to implement a fault-tolerant PBX architecture. First, you need a cloud-based Incredible PBX 13-13.10 server with static IP address and nightly-refreshed mirror image of your primary server. Second, SSH needs to be configured for SSH key-based authentication between the two servers. We’ll use rsync and SSH on the primary server to keep voicemails synchronized between your primary and secondary servers during the day. Third, we’ll add the IP address of the secondary PBX as the secondary registration IP address on each of your SIP phones. Fourth, you’ll need to copy over the firewall and whitelist rules from your primary server to your second server and restart IPtables after making certain that you’ve whitelisted the IP addresses of BOTH servers on the primary server. Fifth, we’ll add the IP address of the secondary PBX to the Endpoint Group of your primary PBX on the Skyetel site. That’s it. Once you’ve completed these five steps, your users will never miss a call. Since Skyetel doesn’t sit in the middle of the RTP stream on calls that are underway, callers may never even know their primary PBX failed.

So let’s address the worst case scenario. Your primary server has an unrecoverable system failure in the middle of the work day, and you have no backup. What do you lose? Not phone calls! And, assuming you’re making hourly dumps of your voicemails to the secondary PBX, you only would lose whatever voicemails arrived during the minutes preceding the system failure. If an hour is too painful in your operation, then make voicemail dumps more frequently. The only other data that would be lost is the CDR data since the last nightly backup was restored. If that’s too painful, that data also can be archived on a more frequent basis using a simple bash script. And, just to repeat, the total additional cost for this fault-tolerant platform is approximately $1 a month depending upon the VPS provider you choose, and we have a half dozen that we recommend AND USE at that price point. Let’s get started.

Building a Secondary Redundant Server

Start by signing up for a cloud-based OpenVZ VPS platform with one of our recommended providers. Server locations and special signup details are documented in our article. Average cost is about $1/month on an annual contract with 1Gbit port or *free 1Gbit port upgrade on request based upon LowEndBox offer. Protect yourself by paying with PayPal which gives you 6 months to dispute a charge if the provider happens to go belly up. NOTE: Performance is almost directly proportional to annual cost with our Tier 1 and Tier 2 providers.

ProviderRAMDiskBandwidthPerformance as of 12/1/19Cost
CrownCloud KVM (LA)1GB20GB +
Snapshot
1TB/month598Mb/DN 281Mb/UP
2CPU Core
$25/year
Best Buy!
Naranjatech KVM (The Netherlands)1GB20GB1TB/monthHosting since 2005
VAT: EU res.
20€/year w/code:
SBF2019
BudgetNode KVM (LA)1GB40GB RAID101TB/monthAlso available in U.K PM @Ishaq on LET before payment$24/year
FreeRangeCloud KVM (Ashburn VA, Winnipeg, Freemont CA)1GB20GB SSD3TB/monthPick EGG loc'n
Open ticket for last 5GB SSD
$30/year w/code:
LEBEGG30

If you can’t bear repeating this step in the event of a provider implosion, then consider one of the $5/month cloud platforms offered by Digital Ocean or Vultr.2 Ask yourself if it’s worth $4/month to eliminate the risk of having to spend an hour rebuilding your secondary PBX platform. Regardless of what you decide, here’s the drill. Set up a 64-bit CentOS 6 platform on your VPS. Since you already are familiar with the Incredible PBX 13-13 setup procedure, just follow last week’s quick-and-dirty checklist to set up your new secondary server. If your primary server also has the Whole Enchilada or Incredible Fax installed, we recommend you install the same components on your secondary server. If your secondary server is CentOS 7-based, issue the following command to assure that key-based authentication will work: chmod 711 /root. When you’re finished, write down the IP address of your secondary server.

Setting Up SSH Key-Based Authentication

In order to automate the process of loading updates from your primary server to your secondary one, we need a way to login between the servers without being prompted for a password. Key-based authentication provides that feature. Begin by whitelisting the IP addresses of BOTH your primary and secondary PBXs on BOTH of your servers. Using add-ip in /root, add server1 entry: ./addip server1 12.34.56.78. Then add server2 entry: ./addip server2 23.45.67.89. When prompted, choose the 0 option to whitelist all ports.

Next, store the IP addresses of server1 and server2 on your primary server so we can find them when we need them for future tasks:

echo 12.34.56.79 > /etc/pbx/server1
echo 23.45.67.89 > /etc/pbx/server2

Next, on your primary server, generate an SSH key-pair: ssh-keygen. Press Enter when prompted for the key’s file name. Press Enter when prompted (twice) for a passphrase.

Then copy the new key to your secondary server using the IP address of your secondary server. Enter the root password for your secondary server when prompted.

ssh-copy-id root@$(cat /etc/pbx/server2)

Now test logging into your secondary server using SSH from your primary server. You should not be prompted for a password. Close the secondary server SSH session by typing exit.

ssh root@$(cat /etc/pbx/server2)
exit

Restoring Backup Image to Secondary Server

We will automate these steps down the road, but let’s first test the procedure to make sure things work as expected. Begin by creating a /backup folder on both servers. Then install the latest backup and restore scripts on both of your servers:

mkdir /backup
cd /root
rm -f incrediblebackup
rm -f incrediblerestore
wget http://incrediblepbx.com/incrediblebackup13.tar.gz
tar zxvf incrediblebackup13.tar.gz
rm -f incrediblebackup13.tar.gz

On BOTH servers, verify that you have the latest backup and restore scripts. The following command should return the filenames of your backup and restore scripts:

grep PROCEEDNOW= /root/inc*

On BOTH servers, issue the following commands so that we can automate the backup and restore process without being prompted:

sed -i 's|PROCEEDNOW=false|PROCEEDNOW=true|' /root/incrediblebackup13
sed -i 's|PROCEEDNOW=false|PROCEEDNOW=true|' /root/incrediblerestore13

Finally, on both servers, make sure you have logged out and back in at least once so that the Automatic Update Utility has loaded the latest patches on both platforms.

Now let’s take a backup snapshot of your primary server: /root/incrediblebackup13

Copy the backup file to the secondary server at the server2 IP address below:

scp /backup/$(ls -t /backup | head -n 1) root@$(cat /etc/pbx/server2):/backup/.

Next, login to your secondary server as root using SSH. We want to restore the backup file that was just copied from the primary server. Keep in mind that our restore methodology overwrites files with the same names on the secondary server but it does not erase files on the secondary server which were not contained in the primary’s backup. With the exception of the /root directory, the latest iteration of Incredible Restore cleans out the other affected directories including voicemail files on the secondary server. This is especially important because voicemails may have been erased on the primary server since the last restore, and voicemail files get renumbered each time a voicemail is removed. Thus, failure to remove previous collections of voicemail files before restoring a new backup could produce a royal mess on the secondary server especially where the primary server processes numerous voicemails for multiple users every day. One other item of interest concerns primary servers behind NAT-based routers. Ordinarily, you would set the external IP address and local networks in SIP Settings to avoid NAT problems such as one-way audio. Since we may be copying a NAT-based backup to a public facing secondary PBX, we don’t want those settings carried over. We’ve addressed this by deleting the entries whenever you choose automated restores using the PROCEEDNOW=true flag. The full backup including these NAT settings is preserved if you execute a restore using the PROCEEDNOW=false flag. Finally, if you were using the backup and restore tools for normal server recovery, we obviously would want to include the /etc/crontab file in the restore. However, for fault tolerant deployments, we want to preserve separate cron jobs on the primary and secondary PBXs. We handle this using the PROCEEDNOW flag as described above. If you set it to true, we preserve /etc/crontab. Otherwise, we restore it from the backup file. Now restore the backup on the secondary PBX:

/root/incrediblerestore13 /backup/$(ls -t /backup | head -n 1) 

Although not recommended, we’ve been successful restoring a CentOS6-based primary server to a CentOS7-based secondary platform. Take a minute to actually examine the contents of the backup on the secondary server by logging into the FreePBX GUI with a browser. Be sure to check the extensions, trunks, and routes to verify that they match the entries on your primary server. If your primary server is behind a NAT-based router, check the SIP Settings to make certain the NAT entries for external IP address and localnets weren’t carried over to the public-facing secondary PBX.


Refreshing Spool Data to Secondary Server with rsync

Now we want to test updating voicemails and recordings from your primary server to the secondary. Using a SIP phone, connect to *701 and leave yourself a new voicemail. Verify that it exists in /var/spool/asterisk/voicemail/default/701/INBOX. Simulate the procedure that will be used periodically to copy new voicemail messages and recordings to your secondary server. Execute the following commands to verify the new voicemail was transferred:

rsync -a -e "ssh" /var/spool/* root@$(cat /etc/pbx/server2):/var/spool
ls -all /var/spool/asterisk/voicemail/default/701/INBOX

Adding the Secondary Server to Skyetel

As noted above, we need to add the IP address of your secondary server to the Endpoint Group of your primary server on Skyetel. After logging into your Skyetel account, choose Endpoints -> Endpoint Groups and click the gear icon beside your primary server’s endpoint group. Add an additional entry to the Group with a Priority of 2. Your entries should look similar to this:

Within a few minutes, the Endpoint Health dashboard should display three green dots for both of your servers signifying that all three Skyetel data centers can connect to both of your servers.

Adding Server2 Key-Based Authentication

On your secondary server, let’s set up key-based authentication to the primary PBX. Here are the commands to set it up and test it. You should get logged in and back out without a password prompt.

ssh-copy-id root@$(cat /etc/pbx/server1)
ssh root@$(cat /etc/pbx/server1)
exit

Choosing Compatible Phones for High Availability

Now that we have our HA platform in place, we need to configure your SIP phones to continue to work when the primary server fails and things switch over to the secondary PBX. For this to work, you’ll need SIP phones that are compatible with HA technology. Most are but some are not. Look through the registration menu on your SIP phone and enter the IP address of the secondary PBX in the field provided. Adjust the server timeout value to reflect the number of seconds your users can tolerate without a working phone. On the primary PBX, don’t forget to whitelist the public IP addresses associated with each of your SIP phones using add-ip! As for supported phones, here’s a hint. Most Digium, Snom, Yealink, Grandstream, Fanvil, and Aastra 6700i and 9000i series phones are safe bets. And here’s what a SIP extension setup would look like on Yealink’s popular T46G.


Reminder: Do NOT use a private IP address (as shown) for the secondary SIP registration, and only use a private IP address for the primary PBX if both the PBX and the SIP phone are behind the same NAT-based router.

Migrating Travelin’ Man 3 Firewall to Secondary PBX

You’ll find it much easier to manage one firewall and then copy those firewall settings from your primary server to your secondary PBX. There are 3 sets of files that need to be copied from the primary PBX before restarting the secondary’s firewall: (1) iptables and ip6tables from /etc/sysconfig, (2) all iptables* files in /usr/local/sbin, and (3) *.iptables files in /root. Make certain you have whitelisted the IP addresses of the primary and secondary PBXs using /root/add-ip before issuing these commands on the primary server:

cd /etc/pbx
scp /etc/sysconfig/iptables root@$(cat server2):/etc/sysconfig/.
scp /etc/sysconfig/ip6tables root@$(cat server2):/etc/sysconfig/.
scp /usr/local/sbin/iptables* root@$(cat server2):/usr/local/sbin/.
scp /root/*.iptables root@$(cat server2):/root/.
ssh root@$(cat server2) "service iptables restart; service fail2ban restart"
ssh root@$(cat server2) "iptables-custom"

Automating the Daily Synchronization Process

We’ll use three cron scripts to keep the data on your primary and secondary servers in sync. These scripts automatically manage the backup sets by removing all but the latest backup on both servers. Keep in mind that, if you add new packages to your primary server, you also will need to add the same packages to your secondary server. Aside from that caveat, everything else should remain synchronized using these three simple scripts. On the primary server, we’ll use backup1restore2 to make the nightly backup and copy it to the secondary server, and we’ll use rsync-spool-1to2 to execute the hourly spool sync to catch changes in voicemails, recordings, and fax data. On the secondary server, we’ll use restore2backup1 to restore the backup from the primary server each night. Let’s first put the cron scripts in place, and then we’ll set up the cron jobs.

On the primary server, issue the following commands to install the two scripts:

cd /root
wget http://incrediblepbx.com/backup1restore2
chmod +x backup1restore2
wget http://incrediblepbx.com/rsync-spool-1to2
chmod +x rsync-spool-1to2

On the secondary server, issue the following commands to install the restore script:

cd /root
wget http://incrediblepbx.com/restore2backup1
chmod +x restore2backup1

Before setting up the cron entries, you have a few decisions to make. First, decide how often you wish to run the backup/restore scripts. If your PBX configuration rarely changes, you may not need to run the backup and restore scripts every night. Second, decide what time to run the backup and restore scripts. The restore script on the secondary server should always be run about 30 minutes AFTER the backup script runs on the primary server. The reason should be obvious. Remember to take into consideration the time zones of your two servers when making the time calculations. Third, decide how frequently to run the spool synchronization script from the primary server. This will depend upon how busy your primary server is and how much data (voicemails) you’re willing to lose in the event of a catastrophic failure that occurs after the last sync operation. There’s probably little need to run the synchronization script while everyone is sleeping unless you get frequent fax deliveries overnight. Finally, the backup of the primary server requires that Asterisk be shut down for at most a few minutes so schedule the backups during a time when there is no server activity on your primary server. Your test backup that we ran above should provide some idea of how long the operation will take on your PBX. Once you have tackled these issues, edit /etc/crontab on both your primary and secondary servers. Add the cron jobs to the end of the files after verifying server time on BOTH servers using date.

NOTE: We strongly recommend setting the time zone on the secondary server to match the primary server’s time zone using the /root/timezone-setup script.

On the primary server, here is a sample entry to run the backup script as the root user once a day at 2:15 am (local time on primary server):

15 2 * * * root /root/backup1restore2 >/dev/null 2>&1

On the secondary server, this entry will run the restore script once a day at 2:45 am assuming secondary server is in the same time zone as primary server:

45 2 * * * root /root/restore2backup1 >/dev/null 2>&1

On the primary server, this entry runs rsync spool script every hour on the half hour:

30 * * * * root /root/rsync-spool-1to2 >/dev/null 2>&1

Testing Fault Tolerance on Your Platform

Once you’ve put all the pieces in place, the easiest way to test the HA functionality is to shut down Asterisk on the primary PBX: amportal stop. Also disable the rsync cron job in /etc/crontab. Depending upon the timeout seconds you configured on your SIP phones, you should be able to make calls through the secondary server shortly. Don’t forget to restart Asterisk on your primary PBX: amportal start. Note also that you will need to shut down Asterisk on the secondary server for a few minutes after restoring the primary server. This will force all of your SIP phones to re-register with the primary server. And, in a real-world outage of considerable duration, it may be necessary to do a reverse-rsync of the spool directories from the secondary server (using the template below as an example) to assure that no voicemails and other spool files were lost during the outage. Then it’s safe to once again enable the rsync cron job on the primary server.

amportal stop
rsync -a -e "ssh" /var/spool/* root@$(cat /etc/pbx/server1):/var/spool
sleep 900
amportal start

Originally published: Thursday, March 7, 2019



Need help with Asterisk? Visit the VoIP-info Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



  1. Skyetel is a platinum sponsor of Nerd Vittles and the open source projects of Ward Mundy & Associates, LLC. March is the final month to take advantage of the Nerd Vittles $50 usage credit when you sign up with Skyetel. []
  2. Digital Ocean and Vultr provide modest referral credits to Nerd Vittles for those that use our referral code. It in no way colors our recommendations regarding these two providers, both of whom we use extensively. []

In Search of a Better Mousetrap: Meet Incredible PBX 13-13.10



There are lots of choices in the VoIP marketplace these days, and everyone’s requirements are different. So one size certainly doesn’t fit all. So let me tick off our most important criteria, and you can compare our list to your own. At the top of our list are reliability, stability, performance, feature set, and ease of deployment and use. Next would be cost of ownership which includes not only the cost of initial deployment but also the recurring costs for both the hardware and software platforms as well as support. Finally, we think ease of migration, backups, and upgradeability are important issues to consider. Keep in mind that proprietary phone systems were designed to operate for a decade or more with only minor software tweaks. While that doesn’t sell more product, it certainly provides less aggravation for end-users as well as those that have to deploy and maintain these systems. We believe CentOS 6 and Asterisk 13 are equally stable. From our experience working with large organizations, the only thing worse than swapping out a user’s desktop computer was replacing their telephone.

Since the early days of Asterisk®, FreePBX®, and PBX in a Flash™, the Achilles’ heel of all of these platforms has always been the difficulty in upgrading. The primary cause was the number of moving parts in any open source platform where literally thousands of developers are always "improving" things. It’s one of the real advantages of a closed source product such as 3CX® which has the luxury of making changes under the covers without ever exposing any weaknesses in prior releases of their software. With today’s introduction of Incredible PBX® 13-13.10, we are hopeful that those days are behind us.

The upgradeability improvements are fairly obvious. First, Incredible Backup and the FreePBX backup module have both matured into easy-to-use tools to take snapshots of your PBX to accommodate migration to other server platforms. Second, FreePBX now offers the Bulk Handler utility which provides snapshots in CSV (spreadsheet) format for extensions, DIDs, User Manager users and groups, contacts, and Conferences so that these settings can be easily imported and exported. While this doesn’t encompass every setting in Asterisk and FreePBX, it gives you a leg up in moving to newer releases. And, as with 3CX, the FreePBX developers have provided an upgrade migration tool at least for their proprietary distro.

Having said all of that, we would caution everyone with a functioning PBX to ask yourself these three questions before migrating to a newer platform. First, is my current PBX secure and reliable? Second, are there functions my current PBX doesn’t provide that my users actually need? Third, if/when my current hardware platform dies or my current cloud provider goes out of business, do I have a tested recovery option to get back into operation quickly? If your answers are yes, no, and yes, our strongest recommendation is SIT TIGHT.

If you flunked the test, then you owe it to yourself to give today’s release of Incredible PBX 13-13.10 a try. Why? Because it’s free and always will be. Because it’s incredibly easy both to configure and to use. Because it provides the most comprehensive feature set in the VoIP industry. And because it will provide years of worry-free telephone service with free support.

Introducing 2019 Edition of Incredible PBX

Today marks our third major release of our flagship Incredible PBX 13-13 platform featuring 70+ new FreePBX GPL modules plus integrated support for free SIP URI worldwide calling plus all the latest components for OSS Endpoint Manager making SIP phone deployment a breeze. There also are terrific new backup and restore utilities which make migration and restoration of Incredible PBX platforms a snap. Finally, we’ve incorporated Skyetel SIP trunking in the build. It literally makes configuration of outbound and incoming calling a one-minute process. On the Skyetel side, create an Endpoint Group pointing to the IP address of your PBX, order one or more DIDs and point them to the new EndPoint Group. Done. On the Incredible PBX side, add Inbound Routes specifying the 11-digit numbers of your Skyetel DIDs and point each of them to the desired destination for incoming calls. Done. Outbound calls are automatically configured to use your Skyetel account. Our complete Skyetel tutorial is available here and includes an exclusive BOGO usage credit of up to $250.1 You now can deploy a fault-tolerant, high availability (HA) platform using Incredible PBX 13-13.10 and Skyetel. Here’s how. Effective 10/1/2023, $25/month minimum spend required.

Installing Incredible PBX 13-13.10 Locally

As with prior releases, the Incredible PBX ISO installer eases deployment on stand-alone hardware. For those that are new to Incredible PBX, head over to our detailed tutorial to get started. New releases for the Raspberry Pi and Ubuntu 18.04.2 are also available now.

Installing Incredible PBX 13-13.10 in the Cloud

Start by signing up for a cloud-based OpenVZ VPS platform with one of our recommended providers. Server locations and special signup details are documented in our article. Average cost is about $1/month on an annual contract with 1Gbit port or *free 1Gbit port upgrade on request based upon LowEndBox offer. Protect yourself by paying with PayPal which gives you 6 months to dispute a charge if the provider happens to go belly up. NOTE: Performance is almost directly proportional to annual cost with our Tier 1 and Tier 2 providers.

ProviderRAMDiskBandwidthPerformance as of 12/1/19Cost
CrownCloud KVM (LA)1GB20GB +
Snapshot
1TB/month598Mb/DN 281Mb/UP
2CPU Core
$25/year
Best Buy!
Naranjatech KVM (The Netherlands)1GB20GB1TB/monthHosting since 2005
VAT: EU res.
20€/year w/code:
SBF2019
BudgetNode KVM (LA)1GB40GB RAID101TB/monthAlso available in U.K PM @Ishaq on LET before payment$24/year
FreeRangeCloud KVM (Ashburn VA, Winnipeg, Freemont CA)1GB20GB SSD3TB/monthPick EGG loc'n
Open ticket for last 5GB SSD
$30/year w/code:
LEBEGG30

If you’ve installed previous iterations of Incredible PBX, here is a thumbnail sketch of the install procedure. Begin by installing a minimal CentOS 6 or CentOS 7 (64-bit) platform. Then log into your server as root and issue the following commands:

passwd
yum -y update
yum -y install net-tools nano wget tar
wget http://incrediblepbx.com/incrediblepbx-13-13-LEAN.tar.gz
tar zxvf incrediblepbx-13-13-LEAN.tar.gz
rm -f incrediblepbx-13-13-LEAN.tar.gz
# to add swap file on non-OpenVZ cloud platforms
./create-swapfile-DO
# kick off Phase I install
./IncrediblePBX-13-13.sh
# after reboot, kick off Phase II install
./IncrediblePBX-13-13.sh
# add Full Enchilada apps, if desired
./Enchilada-upgrade.sh
# add HylaFax/AvantFax, if desired
./incrediblefax13.sh
# set passwords
./update-passwords
# set desired timezone
./timezone-setup
# remember to enable TUN/TAP if using VPS Control Panel
# reconfigure PortKnocker if installing on an OpenVZ platform
echo 'OPTIONS="-i venet0:0"' >> /etc/sysconfig/knockd
service knockd restart
# fix pbxstatus for NeoRouter VPN support, if desired
cd /usr/local/sbin
sed -i "s|cat /etc/hostip|cat /etc/hostip \\| cut -f 3 -d ' ' |" pbxstatus
# set up NeoRouter client, if desired
nrclientcmd
# check network speed
wget -O speedtest-cli https://raw.githubusercontent.com/sivel/speedtest-cli/master/speedtest.py
chmod +x speedtest-cli
./speedtest-cli

Planning Ahead for That Rainy Day

If you haven’t already learned the hard way, let us save you from a future shock. Hardware fails. All of it. So spend an extra hour now so that you’ll be prepared when (not if) disaster strikes. First, once you have your new PBX configured the way you plan to use it, make a backup of your PBX by running the Incredible Backup script: /root/incrediblebackup13

Copy down the name of the backup file that was created. You’ll need it in a few minutes.

Second, build yourself a VirtualBox platform on your desktop PC. Then download, install, and run the new Incredible PBX 13-13.10 vbox image from SourceForge. Our tutorial makes it easy.

Next, create a /backup folder on your VirtualBox PBX and copy the backup file from your main server to your VirtualBox server and restore it after logging in to VirtualBox PBX as root:

mkdir /backup
scp root@main-pbx-ip-address:/backup/backup-file-name.tar.gz /backup/.
/root/incrediblerestore13 /backup/backup-file-name.tar.gz

Verify that everything looks right by using a browser to access and review the settings in your new VirtualBox PBX. At a minimum, verify extensions, trunks, and routes. Sleep well.


News Flash: Turn Incredible PBX into a Fault-Tolerant HA Platform for $1/Month

Adding Asterisk Apps: Introducing Incredible PBX 13-13 Whole Enchilada

Continue Reading: Configuring Extensions, Trunks & Routes

Don’t Miss: Incredible PBX Application User’s Guide covering the 31 Whole Enchilada apps

Check out the new Incredible PBX 13-13 ISO. Complete tutorial available here.

Originally published: Friday, March 1, 2019



Need help with Asterisk? Visit the VoIP-info Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



  1. Skyetel is a Platinum Sponsor of Nerd Vittles and open source projects of Ward Mundy & Associates, LLC. []