Home » Cloud Computing (Page 17)
Category Archives: Cloud Computing
Cloud 9: VoIP on Steroids with Wazo and Vultr for $2.50/mo.
It tells you just how far we’ve come in Cloud Computing when $2.50 per month now buys you an Incredible PBX™ platform with great performance for a SOHO or home deployment. So what’s the catch? What else do you have to buy? If you’re in the United States, nothing! With a free Google Voice trunk, all of your incoming and outgoing calls to the United States and Canada are totally free. Does it matter where your phones are situated? Not at all. And how about scaling for large organizations? Not to worry! When you decide to move your entire organization to the Cloud, our friends at RentPBX stand ready to provide a 24×7 platform specifically engineered for VoIP at only $15 a month. Coupon code: NOGOTCHAS.
Getting Started with Vultr
We’ve used Vultr as our primary development platform for Nerd Vittles not only because of its price but also because of its reliability and feature set. With the recent reduction in the price of cloud instances, it’s now more than compelling as a stand-alone cloud solution for VoIP applications. An additional 50¢ a month buys you automatic daily, weekly, or monthly backups to a separate, fault tolerant storage system in the same data center. And, of course, Wazo itself generates nightly backups as well. What’s not to like? But don’t take our word for it. Walk through this tutorial with Vultr. You can even pay by the hour and kick the tires. Five hours of experimentation will set you back a whopping 2¢. Nope, that’s not a typo!
As you might imagine, the $2.50/month cloud instances at Vultr have been well received. In fact, that’s an understatement. Rather than oversubscribe users on their cloud platforms, Vultr limits the number of $2.50 cloud instances on each server. Lucky for all of us, Vultr maintains cloud hosting services in 15 cities around the world. As this is written, the $2.50 instances still were available in New York and Miami. Those locations obviously can change by the hour, but we have yet to see them disappear completely. A word to the wise: HURRY!
Getting Started with Incredible PBX for Wazo
After you have set up your account at Vultr using our referral link,1 the first step is to create your new cloud instance. Choose the desired site that has $2.50/month availability and select the 64-bit Debian 8 as your server platform. IMPORTANT: With Wazo, it’s extremely important that you leave the Server Hostname & Label blank. Otherwise, Wazo’s setup wizard will fail.
(1) Once you’ve built and started your new virtual machine, log into your server as root using SSH/Putty and immediately change your root password: passwd.
(2) With the $2.50 size VULTR virtual machine, you must create a swapfile before beginning the Incredible PBX for Wazo installation. Here are the commands:
dd if=/dev/zero of=/swapfile bs=1024 count=1024k chown root:root /swapfile chmod 0600 /swapfile mkswap /swapfile swapon /swapfile echo "/swapfile swap swap defaults 0 0">>/etc/fstab sysctl vm.swappiness=10 echo vm.swappiness=10>>/etc/sysctl.conf free -h cat /proc/sys/vm/swappiness
(3) Now you’re ready to kick off the Incredible PBX for Wazo install. The first phase is to bring Debian 8 up to current specs. Here are the commands:
cd /root apt-get -y install cloud-init wget http://incrediblepbx.com/IncrediblePBX14-Wazo.sh chmod +x IncrediblePBX14-Wazo.sh ./IncrediblePBX14-Wazo.sh
(4) Once the Debian 8 upgrade is complete, reboot your server and log back in as root. Then run the Incredible PBX for Wazo installer a second time:
./IncrediblePBX14-Wazo.sh
(5) Your server will pause after the Wazo install is complete. Verify that Wazo started successfully by pressing the ENTER key.
(6) Your server then will run the Wazo setup wizard. Verify that the wizard completed without errors by pressing the ENTER key.
(7) The Incredible PBX for Wazo installer then will complete the remainder of the setup without user intervention. It takes less than 10 minutes.
(8) Now proceed to the Incredible PBX Initial Configuration tutorial to continue your setup and begin your adventure. Enjoy!
Published: Monday, May 15, 2017
Support Issues. With any application as sophisticated as this one, you’re bound to have questions. Blog comments are a difficult place to address support issues although we welcome general comments about our articles and software. If you have particular support issues, we encourage you to get actively involved in the PBX in a Flash Forum. It’s the best Asterisk tech support site in the business, and it’s all free! Please have a look and post your support questions there. Unlike some forums, the PIAF Forum is extremely friendly and is supported by literally hundreds of Asterisk gurus and thousands of users just like you. You won’t have to wait long for an answer to your question.
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
- Vultr provides a modest referral credit to Nerd Vittles for those that use our referral code. It in no way colors our recommendation of Vultr. As we noted, we use Vultr as our primary development platform, and we did so long before there were referral credits. You won’t be disappointed. [↩]
Best of Both Worlds: Marrying Asterisk to 3CX’s Free PBX with a $35 Raspberry Pi
One of the real beauties of Asterisk® has always been its flexibility in talking to other PBXs, both commercial and open source. There are numerous reasons why you might want to try this. First, it makes it easy to migrate to a commercial platform where you can get support for mission critical telephony requirements. Second, you may want a hybrid setup where servers with on-site support personnel can run Asterisk while remote satellite offices can take advantage of a commercial PBX and the support options it offers. Third, you may want to take advantage of specific features that are only available by relying upon multiple PBX solutions. In the case of 3CX, their integrated softphone clients with one-click setup simplicity, conferencing and WebRTC apps, and Call Center offerings are the best in the business while providing unmatched VoIP security. Asterisk on the other hand is light-years ahead of almost everybody in the text-to-speech and voice recognition fields while offering the most powerful VoIP toolkit to build any custom VoIP application imaginable.
Today we thought it would be fun to walk you through the easy way to tie an Incredible PBX server with all its features to a powerful (free) 3CX platform with its virtually flawless softphone clients.1 When we’re finished, you’ll have a free 3CX server in the Cloud at a one-time total cost of $17.50. And you’ll be able to place and receive free U.S./Canada calls from any iPhone, Android phone, or PC using the 3CX client from anywhere in the world with nothing more than a WiFi connection. The Google Voice trunk supporting the calls will reside on Incredible PBX for the Raspberry Pi. When you’re sold on the power of the 3CX platform, you can upgrade to the 3CX 4-simultaneous call commercial offering with unlimited users and trunks at an annual cost of just $149. Maintenance and upgrades are included. Large organizations have relied upon back office servers for custom applications forever. And now you can take advantage of the same flexibility using a tiny $35 Raspberry Pi and our free (as in really free) Incredible PBX software. No Gotchas!
Initial Raspberry Pi Platform Setup
Before we can interconnect 3CX’s Free PBX with a Raspberry Pi, you obviously have to set up both PBX platforms. For the Raspberry Pi, our recent Nerd Vittles tutorial will walk you through the setup process. In lieu of a Raspberry Pi, you can use any legacy FreePBX®-based Asterisk platform including Incredible PBX 13, PIAF3, Elastix®, AsteriskNOW®, or FreePBX Distro®. The setup procedure is exactly the same.
Building a 3CX Server in the Cloud
Building a 3CX server in the Cloud is equally easy. Let’s go through the process once again. If you’re just experimenting, a lifetime Cloud-based server at CloudAtCost for a one-time charge of $17.50 cannot be beat. We would hasten to add that we don’t recommend this platform for production use, but it’s a terrific proof-of-concept option. When you’re actually ready to deploy 3CX for production use, the least costly Cloud solution is the $3.49 per month OVH RAID offering with 2GB of RAM and 10GB storage. The $5 per month offerings from Digital Ocean and Vultr are other alternatives worth a look. Both of these platforms come with free credits ($10 and $20, respectively) to let you try things out.
To get started, sign up for a $17.50 server at Cloud at Cost. They will send you credentials to log into the Cloud at Cost Management Portal. Change your password IMMEDIATELY after logging in. Just go to SETTINGS and follow your nose.
To build your free 3CX PBX, create a virtual machine by clicking on the CLOUDPRO button in the CloudAtCost control panel. Then click Add New Server. Choose 1 CPU, 512MB RAM, and 10GB storage for your server. Choose Debian 8 64bit as the OS Type and click Complete.
While CloudAtCost is building your server platform, obtain a free license key for 3CX.
Once the Debian 8 server appears in your Control Panel, it will look something like what’s shown above, not CentOS obviously. The red arrow points to the i button you’ll need to click to decipher the password for your new virtual machine. You’ll need both the IP address and the password for your new virtual machine in order to log into the server which is now up and running with a barebones Debian 8 operating system. Note the yellow caution flag. That’s telling you that Cloud at Cost will automatically shut down your server in a week to save (them) computing resources. You can change the setting to keep your server running 24/7. Click Modify, Change Run Mode, and select Normal – Leave Powered On. Click Continue and OK to save your new settings.
Finally, you’ll want to change the Host Name for your server to something more descriptive than c7…cloudpro.92… Click the Modify button again and click Rename Server to make the change. Your management portal then will show the new server name as shown above.
Next, log in to your new Debian server as root using SSH or Putty and issue the commands below. Step #1 is to change your root password. What appears as the fourth line below is actually part of the third line and needs to be run as a single command. The last line to install SendMail will actually be run after you elect to use the Web Interface Wizard to configure 3CX. Just run it from the SSH command line before you switch to a browser to complete the 3CX setup.
passwd wget -O- http://downloads.3cx.com/downloads/3cxpbx/public.key | apt-key add - echo "deb http://downloads.3cx.com/downloads/3cxpbx/ /" | tee /etc/apt/sources.list.d/3cxpbx.list apt-get update rm -f /zang-debian.sh apt-get -y install 3cxpbx apt-get -y install sendmail sendmail-bin
When the initial setup finishes, choose the Web Interface Wizard and complete the install using your favorite web browser. Enter your 3CX license key when prompted. Make up a very secure Username and Password to access your 3CX portal. Specify that your IP address is Dynamic when prompted (even though it isn’t). This tells 3CX to generate an FQDN for your server. Accept the default ports for HTTP (5000) and HTTPS (5001) access to your server. We recommend choosing 4-digit extensions numbers which will make it easy to distinguish 3CX extension numbers from 3-digit extension numbers of the RasPi platform. While logged into the 3CX management portal, adjust Settings → Email to Mail Server → 127.0.0.1 and Reply to → noreply@YourActual3CX-FQDN. Leave the other settings blank and click TEST then OK. Now download your favorite 3CX smartphone client, send yourself the Welcome Email for your default extension, and your 3CX initial setup is complete.
Server Interconnection Overview
Now we’re ready to interconnect the two servers. What we’ll be doing is creating Trunks on both the Raspberry Pi and the 3CX server and tying them together. We’ll use this trunk to handle the call traffic between the two PBXs. Then we’ll add incoming and outgoing call routes on both servers to specify how the individual calls should be routed. Because the free version of 3CX limits the administrator to a single trunk, we’ll offload all of the provider trunks to the Raspberry Pi and reserve the one available 3CX trunk as the interconnect path to the Raspberry Pi. For today’s setup, we’ll use 3CX’s free softphone clients as the actual phone devices for end-users. Of course, you could also use your favorite SIP phones, and 3CX provides automatic configuration for dozens of devices. But we want to introduce the 3CX smartphone clients because they provide an incredibly easy way to get users connected without having to worry about punching holes in firewalls.
To place outbound calls on the 3CX side, 3CX provides enormous flexibility in call routing. Because we chose 4-digit local extensions when we set up the 3CX server, it will make it easy to route other calls through the outbound trunk to the Raspberry Pi using nothing more than the length of the dial string. For example, 3-digit calls line up perfectly with extension numbers on the Incredible PBX for RasPi platform. So 3CX users can easily reach extensions connected directly to the Raspberry Pi. And 10-digit 3CX calls will be forwarded to the Raspberry Pi as traditional outbound calls. They will be processed just as if you had dialed a 10-digit call from a Raspberry Pi extension. For example, if you have a registered Google Voice trunk to handle 10-digit calls on the Raspberry Pi, then the same call path would be used for calls originating from 3CX extensions. And, yes, calls to the U.S. and Canada would still be free and would display the CallerID associated with the Raspberry Pi’s Google Voice trunk. You could get more creative and add an additional dialing prefix on the 3CX side to route specific types of calls to a designated outbound trunk on the Raspberry Pi side based upon the dialing prefix, but we’ll leave that as a homework project for you.
For incoming calls on the 3CX side, in addition to 4-digit local extension-to-extension calling, we can define the destination for incoming calls that originate from either a Raspberry Pi extension or from outside calls coming in from one of the Raspberry Pi’s provider trunks. These are managed by assigning one or more DIDs in the 3CX trunk configuration and then creating 3CX Inbound DID Rules that tell 3CX where to route calls to each defined DID. For 3CX softphone clients registered to extensions, it means your cellphone will ring whenever a call is routed to that particular extension. On the Raspberry Pi side, we create Incoming Call Routes for each DID to be routed to 3CX and specify our defined 3CX trunk as the destination for incoming calls from those DIDs. Not all DIDs on the Raspberry Pi have to be routed to the 3CX server obviously. That is merely one of many call destination options available to the administrator on the Raspberry Pi server.
Here’s a typical call path for an outside call that is placed to a Google Voice number registered with your Raspberry Pi. The Asterisk server running on the Raspberry Pi would answer the call placed to the Google Voice Trunk. Asterisk then would check for an Incoming Route on the Raspberry Pi with a DID matching the number of your Google Voice trunk. Finding a match, Asterisk would check for the desired destination of the call and would note that it is listed as the registered 3CX trunk. Asterisk would pass the call through this trunk to the 3CX server including its associated DID and CallerID info. The 3CX server would answer the incoming call and would check for an Incoming Route matching the DID passed from Asterisk. Finding a match, it would pass the call to the Extension specified in the Incoming Route. When 3CX rings the extension, it would also detect that a softphone was registered to that extension and would also ring the 3CX client on the user’s smartphone. The user answers the call on the 3CX client of their smartphone and begins a conversation. The free version of the 3CX server supports 8 simultaneous calls so you are unlikely to ever run out of call paths for calls in the home and small office environment.
Firewall Setup for Server Interconnection
Because the 3CX server is sitting in the Cloud, its firewall is configured automatically as part of the setup process. If your Raspberry Pi is sitting behind a NAT-based firewall, then you would need to map port UDP 5060 from the router on your public IP address to the private IP address of your Raspberry Pi. In addition, login to your Raspberry Pi as root using SSH and run /root/add-ip to whitelist the public IP address of your 3CX server in the cloud. Otherwise, the 3CX server cannot establish a connection to your Raspberry Pi.
Raspberry Pi Trunk Configuration
Using a browser, login to the web interface for FreePBX on your Raspberry Pi and choose Connectivity → Trunks → Add SIP (chan_sip) Trunk. Name the trunk remote. In the Outgoing Settings, make the entries shown below naming the trunk remote and using a secure secret that will be used to interconnect the two servers. The Register String looks like the following: main:secret@3CX-IP-Address where main is the 3CX server trunk name, secret is your secure secret, and 3CX-IP-Address is the 3CX public IP address.
3CX Trunk Configuration
Using a browser, login to your 3CX server: https://3CX-IP-Address:5001 or http://3CX-IP-Address:5000. From your Dashboard, choose SIP Trunks → Add SIP Trunk. Create a Generic SIP Trunk and then fill in the blanks as shown below. For Registrar/Server/Gateway Hostname or IP, use the public IP address or FQDN of your Raspberry Pi. For Type of Authentication choose Outbound. The authentication credentials should be remote and the secure secret you chose, and the Main Trunk No should match the DID of the Google Voice trunk you set up on your Raspberry Pi. Then pick a default Destination for incoming calls.
3CX Outbound Rules Configuration
Next, we need to tell 3CX which outgoing calls to send out through the Raspberry Pi trunk we just set up. In our example today, we’re going to send all 10-digit calls and 3-digit calls. The 10-digit calls will be routed out the Google Voice trunk on the Raspberry Pi side. And the 3-digit calls will be sent directly to Raspberry Pi extensions. So we’ll need two Outbound Rules.
For the first rule, choose Outbound Rules → Add. For the Rule Name, specify StandardOut. Apply the rule to Calls to Numbers with a length: 10. For Route 1, choose Generic SIP Trunk as the Destination. Click OK to save the new rule.
For the second rule, choose Outbound Rules → Add. For Rule Name, specify StandardInt. Apply the rule to Calls to Numbers with a length: 3. For Route 1, choose Generic SIP Trunk as the Destination. Click OK to save the new rule.
If you already have configured a 3CX smartphone client for one of your 3CX extensions, you now should be able to dial any 3-digit or 10-digit number and have the call processed through your new 3CX→RasPi trunk without any further setup assuming you’ve created a Google Voice trunk on the Raspberry Pi side. That wasn’t too hard, was it?
Routing Incoming Google Voice Calls to 3CX
Depending upon your own requirements, you may want to route incoming Google Voice calls or other trunks directly to an extension and/or softphone on your 3CX server. You obviously could set up multiple trunks of any type on the Raspberry Pi side and have the calls to each trunk routed to a different extension or softphone on the 3CX side. To enable this on the 3CX side, edit your Generic SIP Trunk and click the DIDs tab. Then Add each of the 10-digit DIDs of the Raspberry Pi trunks you wish to redirect. Next, create an Inbound Rule for every DID and tell 3CX where to route the calls.
On the Raspberry Pi side, add each of your Google Voice Trunks. Then create an Inbound Route for each DID and specify the Destination as Trunks → Remote (sip). The 3CX server will take care of routing the various incoming calls to each of the Google Voice trunks to its predefined extension and/or softphone. Enjoy!
Originally published: Monday, March 6, 2017
9 Countries Have Never Visited Nerd Vittles. Got a Friend in Any of Them https://t.co/wMfmlhiQ9y #asterisk #freepbx pic.twitter.com/TPFGZbqWB6
— Ward Mundy (@NerdUno) April 22, 2016
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
- A simpler Bridge setup is available in the paid versions of 3CX. [↩]
Twofer Tuesday: 2 Cloud Servers for the Price of a RasPi
It’s been more than a year since we last chatted about Cloud At Cost. Because they’re in the midst of yet another 50% off Fire Sale and to close out February with a bang, it seemed like a good time to take a fresh look at a terrific way to get started with Linux. For today’s $35 cloud project, we’re going to build a free WordPress server and a free commercial PBX compliments of 3CX. For what it’s worth, we’ve been running a PIAF5 server at CloudAtCost for more than four months without a single hiccup. It provides flawless Google Voice calling from either a connected SIP phone or from the 3CX Client running on a SIM-free Android phone or iPhone. See our recent article for tips on setting up a SIM-free mobile phone.
For those coming from the Windows World, Linux can be a little intimidating. Learning with a Cloud-based server presents its own challenges because of the security issues when your server sits on the public Internet. And then there’s the cost factor. Not everyone has several hundred dollars to buy hardware and, frankly, learning about Linux on a $35 Raspberry Pi can drive most folks to drink. So today we’ll show you another way. It’s not necessarily a better way. But it’s different, and it’s loads of fun for not much money. Today’s project takes about an hour, and you’ll have two terrific Linux applications to play with for life when we’re finished.
There’s lots to hate at Cloud At Cost, a Canadian provider that offers virtual machines in the cloud for a one-time fee with no recurring charges. For $35, you currently get two virtual machine platforms, and each has 512MB of RAM, 10GB of storage, and a gigabit Internet connection FOR LIFE. We haven’t seen a week go by when Cloud at Cost didn’t offer some sort of discount. Today it’s 50% off which brings the per server cost down to $17.50 each. That’s less than most lunches these days. If you don’t like half off and would prefer to wait for a better discount, check their Twitter feed every few days. So that’s the good news. But, if 99.999% reliability, performance, and excellent customer support are your must-haves, then look elsewhere. So why would anyone in their right mind sign up for a cloud solution that didn’t offer those things? Did we mention it’s $17.50 for a lifetime cloud server!
If you take our recommendation, you’ll need to go into this with the right attitude. It’s not going to be flawless perfection computing. It’s a sandbox on which to experiment with Linux, and VoIP, and Cloud Computing. Will your virtual machine disintegrate at some juncture? Maybe so. We’ve had about a third of ours fail at some point. But you can rebuild them easily, especially if you keep a backup. Our experience is that the first couple days are critical. If you start seeing sluggish performance which degenerates to zero, don’t waste your time. Take good notes as you go along, delete the virtual machine, and rebuild a new one. It won’t cost you a dime, and it’ll save you hours of frustration. We suspect that bad folks get onto some of the servers and delight in bringing the machines to their knees. So the quicker you cut your losses, the better off you will be. Is CloudAtCost a good solution for production use? Don’t risk it unless waterboarding is your favorite sport. It’s probably not gonna work, and you WILL be disappointed. Repeat after me: IT’S A SANDBOX!
Building a LAMP Server in the Cloud
Our first objective today is to show you how to build a rock-solid, secure Linux server in the Cloud with all the bells and whistles that make Linux the server platform of choice for almost every organization in the world. We’ll continue by showing you how to embellish the platform with WordPress to do something that’s special for you whether it’s your own blog like Nerd Vittles, or a school newspaper, or an on-line shopping site to sell comic books. The basic foundation for most Linux platforms is called a LAMP server which stands for Linux, Apache, MySQL, and PHP. Linux is an open source operating system that includes contributions from thousands of developers around the world. Apache is the web server platform on which most commercial businesses stake their reputation. MySQL is the open source database management system now owned by Oracle. If it’s good enough for Facebook, it’s good enough for you. And PHP is THE web-based programming language that will let you build almost any application using Linux, Apache, and MySQL.
So what’s the big deal? There are thousands of online tutorials that will show you how to build a LAMP server. For long time readers of Nerd Vittles, you already know that the component we continually stress is security. Without that, the rest really doesn’t matter. You’ll be building a platform for someone else to hijack and use for nefarious purposes. When we’re finished with today’s Project #1, you’ll have a cloud-based LAMP server that is totally invisible to the rest of the world with the exception of its web interface. And we’ll show you a simple way to reduce the exposure of that web interface to some of its most likely attackers. Will it be 100% secure? Nope. If you have a web server on the public Internet, it’s never going to be 100% secure because there’s always the chance of a software bug that nobody has yet discovered and corrected. THAT’S WHAT BACKUPS ARE FOR!
Creating a CentOS Machine in the Cloud
To get started, you’ve got to plunk down your $35 at Cloud at Cost. This buys you two server platforms while they’re cheap! Once you’ve paid the piper, they will send you credentials to log into the Cloud at Cost Management Portal. Change your password IMMEDIATELY after logging in. Just go to SETTINGS and follow your nose.
To create your first virtual machine, click on the CLOUDPRO button and click Add New Server. If you’ve only purchased the $17.50 CloudPRO 1 platform, then you’ll need all of the available resources shown in the pick list. Otherwise, choose 1 CPU, 512MB RAM, and 10GB storage for your first server. Leave CentOS 6.7 64bit selected as the OS Type and click Complete. Depending upon the type of special pricing that Cloud at Cost is offering when you sign up, the time to build your virtual machine can take anywhere from a minute to the better part of a day. We’ve learned to build new virtual machines at night, and they’re usually available for use by the next morning. Luckily, this slow performance does not impact existing virtual machines that already are running in their hosting facility.
Initial Configuration of Your CentOS 6 VM
With a little luck, your virtual machine soon will appear in your Cloud at Cost Management Portal and look something like what’s shown above. The red arrow points to the i button you’ll need to click to decipher the password for your new virtual machine. You’ll need both the IP address and the password for your new virtual machine in order to log into the server which is now up and running with a barebones CentOS 6.7 operating system. Note the yellow caution flag. That’s telling you that Cloud at Cost will automatically shut down your server in a week to save (them) computing resources. You can change the setting to keep your server running 24/7. Click Modify, Change Run Mode, and select Normal – Leave Powered On. Click Continue and OK to save your new settings.
Finally, you’ll want to change the Host Name for your server to something more descriptive than c7…cloudpro.92… Click the Modify button again and click Rename Server to make the change. Your management portal then will show the new server name as shown above.
Logging into Your CentOS 6 VM
In order to configure and manage your new CentOS 6 virtual machine, you’ll need to log into the new server using either SSH or, for Windows users, Putty. After installing Putty, run it and log in to the IP address of your VM with username root and the password you deciphered above. On a Mac, open a Terminal session and issue a command like this using the actual IP address of your new virtual machine:
ssh root@12.34.56.78
Before you do anything else, reset your root password to something very secure: passwd
Installing the LAMP Server Basics
Now we’re ready to build your LAMP server platform. We’ve chopped this up into lots of little steps so we can explain what’s happening as we go along. There’s nothing hard about this, but we want to document the process so you can repeat it at any time. As we go along, just cut-and-paste each clump of code into your SSH or Putty session and review the results to make sure nothing comes unglued. If something does, the beauty of virtual machines is you can delete them instantly within your management portal and just start over whenever you like. So here we go…
We’ll begin by permanently turning off SELINUX which causes more problems than it solves. The first command turns it off instantly. The second line assures that it’ll stay off whenever you reboot your virtual machine.
setenforce 0 sed -i s/SELINUX=enforcing/SELINUX=disabled/g /etc/selinux/config
First, let’s address a couple of CloudAtCost quirks that may cause problems down the road. CloudAtCost has a nasty habit of not cleaning up after itself with fresh installs. The net result is your root password gets reset every time you reboot.
killall plymouthd echo killall plymouthd >> /etc/rc.local rm -f /etc/rc3.d/S97*
Now let’s bring CentOS 6.7 up to current CentOS 6.8 specs and add a few important applications:
yum -y update yum -y install nano wget expect net-tools dialog git xz yum -y install kernel-headers yum -y install kernel-devel reboot
After reboot, log back in as root. Now we’ll set up your Apache web server and configure it to start whenever you reboot your server:
yum -y install httpd service httpd start chkconfig httpd on
Next, let’s set up your MySQL server, bring it on line, and make sure it restarts after server reboots. Unless you plan to add Asterisk® and FreePBX® to your server down the road, you’ll want to uncomment the two commands that begin with # by removing the # symbol and replacing new-password with a very secure password for your root user account in MySQL. Be sure to run the last command to secure your server. After logging in, the correct answers are n,Y,Y,Y,Y.
yum -y install mysql mysql-server service mysqld start chkconfig mysqld on #/usr/bin/mysqladmin -u root password 'new-password' #/usr/bin/mysqladmin -u root -p -h localhost.localdomain password 'new-password' mysql_secure_installation
Next, we’ll set up PHP and configure it to work with MySQL:
yum -y install php yum -y install php-mysql service httpd restart
Finally let’s get SendMail installed and configured. Insert your actual email address in the last line and send yourself a test message to be sure it’s working. Be sure to check your spam folder since the message will show a sender address of localhost which many email systems including Gmail automatically identify as spam.
yum -y install sendmail rpm -e postfix service sendmail restart yum -y install mailx echo "test" | mail -s testmessage youracctname@yourmailserver.com
Installing Supplemental Repositories
One of the beauties of Linux is not being totally dependent upon CentOS for all of your packaged applications. Let’s add a few other repositories that can be used when you need to add a special package that is not in the CentOS repository. Let’s start with EPEL. We’ll disable it by default and only use it when we need it.
yum -y install http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm sed -i 's|enabled=1|enabled=0|' /etc/yum.repos.d/epel.repo
We actually need the EPEL repo to install Fail2Ban for monitoring of attacks on certain Linux services such as SSH:
yum --enablerepo=epel install fail2ban -y cd /etc wget http://incrediblepbx.com/fail2ban-lamp.tar.gz tar zxvf fail2ban-lamp.tar.gz
Another important repository is REMI. It is especially helpful if you decide to upgrade PHP from the default version 5.3 to one of the newer releases: 5.5 or 5.6. In this case, you’ll want to activate the specific repository to support the release you choose in /etc/yum.repos.d/remi-safe.repo.
yum -y install http://rpms.famillecollet.com/enterprise/remi-release-6.rpm sed -i 's|enabled=1|enabled=0|' /etc/yum.repos.d/remi-safe.repo
One final repository to have on hand is RPMForge, now renamed RepoForge. We’ll use it in a bit to install a dynamic DNS update utility which you actually won’t need at CloudAtCost since your server is assigned a static IP address. But it’s handy to have in the event you wish to assign a free FQDN to your server anyway.
yum -y install http://incrediblepbx.com/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm sed -i 's|enabled = 1|enabled = 0|' /etc/yum.repos.d/rpmforge.repo
Country Blocking with IPSET
We’ll use the EPEL repo to install ipset, a terrific addition to the IPtables Linux firewall that lets you quickly block entire countries from accessing your server:
yum --enablerepo=epel install ipset -y
Next, we’ll add a sample script that documents how the country blocking mechanism works with ipset. For a complete list of countries that can be blocked, go here. If you need a decoder badge to match abbreviations against country names, you’ll find it here. To add other countries, simply edit the shell script and clone lines 4-7 using the names of the countries and country zone files that you wish to add. Be sure to insert the new lines before the commands to restart iptables and fail2ban. This script will need to be run each time your server reboots and before IPtables is brought on line. We’ll handle that a little later.
echo "#\\!/bin/bash" > /etc/block-china.sh echo " " >> /etc/block-china.sh echo "cd /etc" >> /etc/block-china.sh echo "ipset -N china hash:net" >> /etc/block-china.sh echo "rm cn.zone" >> /etc/block-china.sh echo "wget -P . http://www.ipdeny.com/ipblocks/data/countries/cn.zone" >> /etc/block-china.sh echo "for i in $(cat /etc/cn.zone ); do ipset -A china $i; done" >> /etc/block-china.sh echo "service iptables restart" >> /etc/block-china.sh echo "service fail2ban restart" >> /etc/block-china.sh sed -i 's|\\\\||' /etc/block-china.sh chmod +x /etc/block-china.sh
Adding a Few Handy Utilities
If you’re like us, you’ll want to test the speed of your Internet connection from time to time. Let’s install a free script that you can run at any time by logging into your server as root and issuing the command: /root/speedtest.py. Here were our results from last year. Running speedtest on a new server we built today showed a vast improvement in performance. Downloads were over ten times as fast, and upload speeds more than tripled. In fact, we now are using two CloudAtCost servers to host the old PIAF3 repositories.
cd /root wget https://raw.githubusercontent.com/sivel/speedtest-cli/master/speedtest.py chmod +x speedtest.py
Next, let’s put in place a simple status display which will quickly tell you what’s running and what’s not. We’ve borrowed some GPL code from Incredible PBX to help you out. Run status-lamp at any time for a snapshot of your server.
cd /usr/local/sbin wget http://incrediblepbx.com/status-lamp.tar.gz tar zxvf status-lamp.tar.gz rm -f status-lamp.tar.gz sed -i 's|myip.pbxinaflash.com|myip.incrediblepbx.com|' /usr/local/sbin/status-lamp
Now we’ll put the Linux Swiss Army Knife in place. It’s called WebMin, and it provides a GUI to configure almost everything in Linux. Pick up a good WebMin book from your public library to get started. Once installed, you access WebMin from your browser at the IP address of your server on the default port of 10000: https://serverIPaddress:10000. It’s probably a good idea to change this port number and the commented out line shows how to do it with the new port being 9001 in the example. The way in which we typically configure the Linux firewall will block all access to WebMin except from an IP address which you have whitelisted, e.g. your home computer’s public IP address.
cd /root yum -y install perl perl-Net-SSLeay openssl perl-IO-Tty yum -y install http://prdownloads.sourceforge.net/webadmin/webmin-1.831-1.noarch.rpm #sed -i 's|10000|9001|g' /etc/webmin/miniserv.conf service webmin restart chkconfig webmin on
Configuring the Linux IPtables Firewall
RULE #1: DON’T BUILD SERVERS EXPOSED TO THE INTERNET WITHOUT SECURITY!
As installed by CloudAtCost, your server provides ping and SSH access from a remote computer and nothing else. The good news: it’s pretty safe. The bad news: it can’t do anything useful for anybody because all web access to the server is blocked. We want to fix that, tighten up SSH access to restrict it to your IP address, and deploy country blocking to show you how.
As we implement the firewall changes, you need to be extremely careful in your typing so that you don’t accidentally lock yourself out of your own server. A typo in an IP address is all it takes. The good news is that, if you do lock yourself out, you still can gain access via the CloudAtCost Management Portal by clicking the Console button of your virtual machine. Because the console is on the physical machine and the lo interface is whitelisted, you can log in and disable the firewall temporarily: service iptables stop
. Then fix the typo and restart the firewall: service iptables start
.
First, let’s download the new IPtables config file into your root folder and take a look at it.
cd /root wget http://incrediblepbx.com/iptables-lamp.tar.gz tar zxvf iptables-lamp.tar.gz
Now edit the /root/iptables-lamp file by issuing the command: nano -w /root/iptables-lamp
You can scroll up and down through the file with Ctl-V and Ctl-Y. Cursor keys work as well. Once you make changes, save your work: Ctl-X, Y, ENTER
. You’re now an expert with the nano text editor, an absolutely essential Linux tool.
Here’s what that file actually looks like:
*filter :INPUT DROP [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -p tcp -m tcp --tcp-flags ACK ACK -j ACCEPT -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j DROP -A INPUT -i lo -j ACCEPT -A INPUT -p tcp ! --syn -m state --state NEW -j DROP -A INPUT -m state --state INVALID -j DROP -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP -A INPUT -p tcp -m tcp --tcp-flags SYN,FIN SYN,FIN -j DROP -A INPUT -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j DROP -A INPUT -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -j DROP -A INPUT -p tcp -m tcp --tcp-flags ACK,FIN FIN -j DROP -A INPUT -p tcp -m tcp --tcp-flags ACK,URG URG -j DROP -A INPUT -p tcp -m set --match-set china src -j DROP -A INPUT -p udp -m udp --dport 53 -j ACCEPT -A INPUT -p tcp -m tcp --dport 53 -j ACCEPT -A INPUT -p tcp -m tcp --dport 113 -j ACCEPT -A INPUT -p udp -m udp --dport 123 -j ACCEPT -A INPUT -p tcp -m tcp --dport 123 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT #-A INPUT -s 12.34.56.78 -j ACCEPT #-A INPUT -s yourFQDN.dyndns.org -j ACCEPT -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT
Reminder: If you add another country to your block-china script, don’t forget to add a corresponding new country entry to your iptables file. See line 17 above that includes the word "china" for the syntax. There’s nothing much else to tweak except the two commented out (brown) lines that begin with #. First, remove the # symbol by moving the cursor to the right of the first one and hitting the backspace/delete key on your keyboard. Replace 12.34.56.78
with the public IP address of the computer from which you will be accessing your virtual machine. If you need multiple entries for multiple computers at different addresses, clone the line by pressing Ctrl-K and then Ctrl-U twice. Yes, we know. Some folks IP addresses change from time to time. In the next section, we’ll show you how to set up a Dynamic DNS entry with a utility that will keep track of your current IP address. In this case, uncomment the second commented line and replace yourFQDN.dyndns.org
with your dynamic DNS address. Be very careful to assure that your FQDN is always on line. If the firewall cannot verify your DNS entry when it starts, the IPtables firewall will not start which means your server will be left unprotected. HINT: IP addresses are much safer because they are never verified.
Once you have your whitelisted addresses configured, comment out the port 22 line to keep the bad guys from trying to break into your server with SSH. Then save the file: Ctl-X, Y, ENTER
. Next, issue the following commands to copy everything into place and restart the firewall.
mv /etc/sysconfig/iptables /etc/sysconfig/iptables.orig cp -p /root/iptables-lamp /etc/sysconfig/iptables echo "/etc/block-china.sh" >> /etc/rc.local /etc/block-china.sh
Always, always, always check to be sure your firewall is functioning: iptables -nL
. If you don’t see your desktop computer’s public IP address near the end of the listing, then the firewall is dead. status-lamp should also show IPtables down. Check for an error message which will tell you the problematic line so you can correct it.
Implementing Dynamic DNS Service
There are a number of free and paid Dynamic DNS providers. The way this works is you choose a fully-qualified domain name (FQDN) to identify your computer. Then you run a dynamic DNS update utility periodically from that computer. It reports back the current public IP address of your computer and your provider updates the IP address assigned to your FQDN if it has changed. In addition to supporting sites with ever changing IP addresses, it also allows you to permanently assign an FQDN to your computer or server so that it can be accessed without using a cryptic IP address.
If that computer happens to be an Incredible PBX server or a LAMP server that you’ve set up using this tutorial, then the following will get the DNS client update utility loaded using the RPM Forge repository that we previously installed:
yum --enablerepo=rpmforge install ddclient -y
Similar DNS update clients are available for Windows, Mac OS X, and many residential routers. Then it’s just a matter of plugging in the credentials for your dynamic DNS provider and your FQDN. In the case of the CentOS client, the config file is /etc/ddclient/ddclient.conf
. Now reboot your server and pick up a good book on Linux to begin your adventure.
Now For Some Fun…
First, let’s check things out and make sure everything is working as it should. With your favorite web browser, visit the IP address of your new server. You should see the default Apache page:
Next, let’s be sure that PHP is working as it should. While still logged into your server as root using SSH or Putty, issue the following commands and make up some file name to replace test4567 in both lines. Be sure to keep the .php file name extension. Note to gurus: Yes, we know the second line below is unnecessary if you remove the space after the less than symbol in the first line. Unfortunately, WordPress forces the space into the display which left us no alternative.
echo "< ?php phpinfo(); ?>" > /var/www/html/test4567.php sed -i 's|< |<|' /var/www/html/test4567.php
Now jump back to your web browser and access the new page you just created using the IP address of your server and the file name you made up: http://12.34.56.78/test4567.php
The PHPinfo listing will tell you everything you ever wanted to know about your web server setup including all of the PHP functions that have been enabled. That's why you want an obscure file name for the page. You obviously don't want to share that information with every bad guy on the planet. Remember. This is a public-facing web site that anyone on the Internet can access if they know or guess your IP address.
When you're ready to set up your own web site, just name it index.php and store the file in the /var/www/html directory of your server. In the meantime, issuing the following command will assure that anyone accessing your site gets a blank page until you're ready to begin your adventure:
echo " " > /var/www/html/index.php
Ready to learn PHP programming? There's no shortage of books to get you started.
Adding WordPress to Your LAMP Server
Where to begin with WordPress? What used to be a simple platform for bloggers has morphed into an all-purpose tool that makes building virtually any type of web site child's play. If you want to see what's possible, take a look at the templates and sample sites shown on WPZOOM. Unless you're an art major and savvy web designer, this will be the best $70 you ever spent. One of these templates will have your site up and running in minutes once we put the WordPress pieces in place. For the big spenders, $149 will give you access to over 50 gorgeous templates which you can download and use to your heart's content on multiple sites. And, no, your sites don't blow up after a year. You just can't download any additional templates or updates unless you renew your subscription. The other alternative is choose from thousands of templates that are provided across the Internet as well as in the WordPress application itself.
WordPress templates run the gamut from blogs to newsletters to photographer sites to e-commerce to business portfolios to video to travel to magazines to newspapers to education to food to recipes to restaurants and more. Whew! There literally is nothing you can't put together in minutes using a WordPress template. But, before you can begin, we need to get WordPress installed on your server. This is optional, of course. And, if you follow along and add WordPress, we've set it up in such a way that WordPress becomes the primary application for your site. Stated differently, when people use a browser to access your site, your WordPress template will immediately display. When we finish the basic WordPress setup and once you upload an image or two, you'll have a site that looks something like this:
Before you begin, we strongly recommend that you acquire a domain for your site if you plan to use it for anything but experimentation. The reason is because it can be complicated to migrate a WordPress site from one location to another.1 Once you've acquired your domain, point the domain to the IP address of your new server. With a dirt cheap registrar such as Omnis.com, it's easy:
Now let's get started. To begin, we need to load the WordPress application onto your server:
cd /root mkdir wordpress cd wordpress wget http://wordpress.org/latest.tar.gz tar -xvzf latest.tar.gz -C /var/www/html
Next, we'll configure MySQL to support WordPress. We're assuming that you have NOT already created root passwords for MySQL. If you have, you'll need to add -pYourPassword to the various commands below immediately after root. There is no space between -p and your root password. Also edit the first line and make up a new password (replacing XYZ below) for the wordpress user account that will manage WordPress on your server before you cut and paste the code:
mysql -u root -e 'CREATE USER wordpress@localhost IDENTIFIED BY "XYZ";' mysql -u root -e 'CREATE DATABASE wordpress;' mysql -u root -e 'GRANT ALL ON wordpress.* TO wordpress@localhost;' mysql -u root -e 'FLUSH PRIVILEGES;'
Next, we need to configure WordPress with your new MySQL credentials. Before you cut and paste, replace XYZ in the fourth line with the password you assigned in the preceding MySQL step:
cp /var/www/html/wordpress/wp-config-sample.php /var/www/html/wordpress/wp-config.php sed -i 's|database_name_here|wordpress|' /var/www/html/wordpress/wp-config.php sed -i 's|username_here|wordpress|' /var/www/html/wordpress/wp-config.php sed -i 's|password_here|XYZ|' /var/www/html/wordpress/wp-config.php chown -R apache:apache /var/www/html/wordpress
Before you forget, take a moment and create a very secure password for your MySQL root user accounts. Here are the commands. Just replace new-password with your new password before you cut and paste. Note that you also will be prompted for this password when you execute the second command because you will now have a root user password in place from executing the first command.
/usr/bin/mysqladmin -u root password 'new-password' /usr/bin/mysqladmin -u root -p -h localhost.localdomain password 'new-password'
Finally, we need to modify your Apache web server to support WordPress as the primary application. Be sure to enter your actual email address in the third line before you cut and paste the code below:
echo " " >> /etc/httpd/conf/httpd.conf echo "" >> /etc/httpd/conf/httpd.conf echo 'ServerAdmin somebody@somedomain.com' >> /etc/httpd/conf/httpd.conf echo "DocumentRoot /var/www/html/wordpress" >> /etc/httpd/conf/httpd.conf echo "ServerName wordpress" >> /etc/httpd/conf/httpd.conf echo "ErrorLog /var/log/httpd/wordpress-error-log" >> /etc/httpd/conf/httpd.conf echo "CustomLog /var/log/httpd/wordpress-acces-log common" >> /etc/httpd/conf/httpd.conf echo " " >> /etc/httpd/conf/httpd.conf echo " " >> /etc/httpd/conf/httpd.conf service httpd restart
That should do it. Open a browser and navigate to the IP address of your server. You should be greeted with the following form. Fill in the blanks as desired. The account you're setting up will be the credentials you use to add and modify content on your WordPress site when you click Log In (as shown above). Make the username obscure and the password even more so. Remember, it's a public web site accessible worldwide! When you click Install WordPress, you'll be off to the races.
After your server whirs away for a minute or two, you will be greeted with the WordPress login prompt. With the username and password you entered above, you'll be ready to start configuring your WordPress site.
Once you're logged in, navigate to Appearance -> Themes and click Add New Theme. There's you will find literally hundreds of free WordPress templates that can be installed in a matter of seconds if WPZOOM is too rich for your blood. For a terrific all-purpose (free) theme, try Atahualpa. We'll leave our actual demo site running for a bit in case you want to explore and check out its performance. Installing and configuring the new theme took less than a minute:
A Final Word to the Wise. WordPress is relatively secure but new vulnerabilities are discovered regularly. Keep your templates, plug-ins, AND the WordPress application up to date at all times! The WordFence plug-in is a must-have. And we strongly recommend adding the following lines to your WordPress config file which then will let WordPress update everything automatically. Microsoft has given automatic updates a bad name, but in the case of WordPress, they work well.
echo "define('WP_AUTO_UPDATE_CORE', true);" >> /var/www/html/wordpress/wp-config.php echo "add_filter( 'auto_update_plugin', '__return_true' );" >> /var/www/html/wordpress/wp-config.php echo "add_filter( 'auto_update_theme', '__return_true' );" >> /var/www/html/wordpress/wp-config.php
Building a 3CX Server in the Cloud
Now we're ready for our second cloud project. In less than 10 minutes, we're going to build a free 3CX commercial PBX using the remaining Cloud resources from our $35 purchase. To create your second virtual machine, click on the CLOUDPRO button in the CloudAtCost control panel and then click Add New Server. Choose 1 CPU, 512MB RAM, and 10GB storage for your second server. Choose Debian 8 64bit as the OS Type and click Complete.
Obtain a free license key for 3CX. Next, log in to your new Debian server as root using SSH or Putty and issue these commands. We'll begin by changing your root password.
NOTE: What appears as the fourth line below needs to be added to line #3!
passwd wget -O- http://downloads.3cx.com/downloads/3cxpbx/public.key | apt-key add - echo "deb http://downloads.3cx.com/downloads/3cxpbx/ /" | tee /etc/apt/sources.list.d/3cxpbx.list apt-get update rm -f /zang-debian.sh apt-get -y install 3cxpbx apt-get -y install sendmail sendmail-bin
When the initial setup finishes, choose the Web Interface Wizard and complete the install using your favorite web browser. Enter your 3CX license key when prompted. Make up a very secure Username and Password to access your 3CX portal. Specify that your IP address is Dynamic when prompted (even though it isn't). This tells 3CX to generate an FQDN for your server. Accept the default ports for HTTP (5000) and HTTPS (5001) access to your server. We recommend choosing 4-digit extensions numbers so you'll be ready for next week's project interconnecting your 3CX server to a Raspberry Pi for the best of both worlds. While logged into the 3CX management portal, adjust Settings → Email to Mail Server → 127.0.0.1 and Reply to → noreply@YourActual3CX-FQDN. Leave the other settings blank and click TEST then OK. Set up a SIP trunk with inbound and outbound call routes. Now download your favorite 3CX smartphone client, send yourself the Welcome Email for your default extension, and start calling. It really doesn't get much easier in the VoIP World. Come join the PIAF Forum if you need a helping hand!
Free Calling in the U.S. and Canada with PIAF5. We know our more frugal U.S. residents are wondering if there's a way to make free calls even with 3CX. You didn't really think there would be a release of PBX in a Flash without Google Voice support, did you? It's easy using the Simonics SIP to Google Voice gateway service. Setup time is about a minute, and the one-time cost is $4.99 using this Nerd Vittles link. Setup instructions for the 3CX side are straight-forward as well, and we've documented the procedure on the PIAF Forum.
Free Calling Worldwide with SIP URIs. There's another free calling option as well. PIAF5 and 3CX support worldwide SIP URI calling at no cost. As part of the PIAF5 install procedure, 3CX registers an FQDN for you with one of the 3CX domains if you indicate that your server has a dynamic IP address. Unless you really know what you're doing with DNS, it's a good idea to tell 3CX you have a dynamic IP address whether you do or not. Here's why. Once you have an assigned FQDN in the 3CX universe, one very slick feature is the ease with which you can publish a SIP URI address for any or all of your 3CX extensions thereby allowing PIAF5 users to receive calls from any SIP client worldwide at no cost. Setup takes less than a minute. It's as easy as 1-2-3. Here's how:
1. Login to the 3CX GUI and go to Settings → Network → FQDN. Tick "Allow calls from/to external SIP URIs" and make note of your FQDN, e.g. mypiaf5server.3cx.us. Click OK.
2. For an extension to enable (e.g. 001), go to Extensions → Edit 001 → Options → SIP ID and create any desired SIP URI alias for this extension, e.g. billybob. Click OK.
3. Anyone with a SIP client anywhere worldwide can now call extension 001 using SIP URI: billybob@mypiaf5server.3cx.us.
Special Thanks: Our special tip of the hat goes to a few web sites that we found helpful in putting this article together especially Unixmen and Matt Wilcox & friends and Programming-Review.
Originally published: Tuesday, February 28, 2017
9 Countries Have Never Visited Nerd Vittles. Got a Friend in Any of Them https://t.co/wMfmlhiQ9y #asterisk #freepbx pic.twitter.com/TPFGZbqWB6
— Ward Mundy (@NerdUno) April 22, 2016
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest...
- Should you ever have to migrate your WordPress site from one domain to another, here are two helpful tools to consider: the Automatic Domain Name Changer Plugin and our favorite: WordPress-Domain-Changer. [↩]
Chasing Rainbows: The VoIP in the Cloud Trifecta
Week after week, the VoIP landscape for Cloud Computing continues to improve. And today we have more terrific news. Not only is there a new release of Wazo with simplified support for WebRTC and FollowMe roaming, but the Wazo 17.02 release also is now available on the RentPBX platform worldwide. Coupling Wazo and RentPBX with a secondary Cloud platform to achieve total VoIP redundancy is the VoIP in the Cloud Trifecta if ever there were one. RentPBX has been a platinum sponsor of Nerd Vittles for many years and, while they may not be the cheapest Cloud provider, they are certainly the best when it comes to VoIP. The reason is simple. Their cloud platform is only used for VoIP so you’re not competing for server resources with a zillion customers that are compiling millions of lines of code all day long. You also get free support! Their worldwide hosting locations translate into crystal clear VoIP calling without jitter using your favorite VoIP providers. With the Nerd Vittles NoGotchas coupon code, monthly service is just $15. For mission critical VoIP platforms, we recommend you set up Wazo with RentPBX as your primary server and configure a secondary server at OVH or Vultr.com or Digital Ocean for an additional $3.50 to $5 per month. Using Wazo’s native High Availability feature, your business gets a fault-tolerant platform with automatic failover for less than $20 a month.
Installing Incredible PBX for Wazo at RentPBX
We want to quickly walk you through the installation procedure at RentPBX because it’s the easiest cloud platform to get up and running, period. First, sign up for an account at RentPBX and order Incredible PBX for Wazo which you’ll find under the PBX in a Flash section of their site. Next, choose your favorite hosting location. We strongly recommend their Miami site if you’re east of the Rockies. For example, ping times to atlanta.voip.ms are under 14 milliseconds. The LA node works great for those on the Left Coast. Then choose Incredible PBX Wazo (Debian 8 Asterisk 14) for your platform. Enter a hostname for your server (HINT: test.rentpbx.com works fine if you don’t have your own) and click Continue. Enter NoGotchas for your Promo Code. Click Validate Code and then Checkout. Once you receive your credentials, login to your new server as root using SSH or Putty. The RentPBX setup procedure is a two-step install. First, you get Debian up to date. Then you reboot and the main Incredible PBX installer will be run.
Because of some new certificates, you will get an exim prompt during the initial phase of the install. Just type q to proceed. After initial reboot, log back in with your root credentials and complete the prompts to add your Wazo web password, a telephone reminders numeric password, and a PPTP username and password. Review your passwords carefully. Then press ENTER to proceed with the installation of Incredible PBX for Wazo. Set your time zone when prompted. After about 5-10 minutes, you will be prompted to verify that the Wazo base install completed successfully. It’s perfectly normal that some of the Wazo services are disabled at this juncture. If you see “Wazo fully booted” after the listing of services, you’re good to go. Just press ENTER to proceed. The installer then will run the Wazo Wizard. Within a minute or two, you will again be asked to verify that it completed successfully. If you see no error messages, press ENTER and go have a cup of coffee. The rest of the install will proceed without further prompting. In 10-20 minutes, your server will be ready to use.
Setting Up SIP and Google Voice Trunks with Wazo
When the installation is finished, you can make toll-free calls in the U.S. and Canada without doing anything except dialing "1″ and the 10-digit number from any phone connected to your server. For other calls, there are two steps in setting up trunks to use with Incredible PBX. First, you have to sign up with the provider of your choice and obtain trunk credentials. These typically include the FQDN of the provider’s server as well as your username and password to use for access to that server. Second, you have to configure a trunk on the Incredible PBX for Wazo server so that you can make or receive calls outside of your PBX. As with the platform tutorials, we have taken the guesswork out of the trunk setup procedure for roughly a dozen respected providers around the globe. In addition, Wazo Snapshots goes a step further and actually creates the trunks for you, minus your credentials, as part of the initial Incredible PBX install.
For Google Voice trunks, log into your server as root and run ./add-gvtrunk. When prompted, insert your 10-digit Google Voice number, your Google Voice email address and OAuth 2 token. The native Google Voice OAuth tutorial explains how to obtain it.
For the other providers, review the setup procedure below and then edit the preconfigured trunk for that provider by logging into the Wazo web GUI and choosing IPX → Trunk Management → SIP Protocol. Edit the setup for your provider (as shown above) and fill in your credentials and CallerID number in the General tab. Activate the trunk in the Register tab after again filling in your credentials. Save your settings when finished. No additional configuration for these providers is required using the Incredible PBX for Wazo Snapshot.
- Wazo Trunks Tutorial: Installing a Vitelity SIP Trunk
- Wazo Trunks Tutorial: Installing a VoIP.ms SIP Trunk
- Wazo Trunks Tutorial: Installing a RingPlus SIP Trunk
- Wazo Trunks Tutorial: Installing a FreeVoipDeal (Betamax) SIP Trunk
- Wazo Trunks Tutorial: Installing a Google Voice-Simonics SIP Trunk
- Wazo Trunks Tutorial: Deploying Native Google Voice with OAuth Trunks
- Wazo Trunks Tutorial: Installing an Anveo Direct Outbound SIP Trunk
- Wazo Trunks Tutorial: Installing a Skype Connect SIP Trunk
- Wazo Trunks Tutorial: Installing a LocalPhone SIP Trunk
- Wazo Trunks Tutorial: Installing a CallCentric SIP Trunk
- Wazo Trunks Tutorial: Installing a FlowRoute SIP Trunk
Directing Incoming Calls from Wazo Trunks
Registered Wazo trunks typically include a DID number. With the exception of CallCentric, this is the number that callers would dial to reach your PBX. With CallCentric, it’s the 11-digit account number of your account, e.g. 17771234567. In the Wazo web GUI, we use IPX → Call Management → Incoming Calls to create inbound routes for every DID and trunk associated with your PBX. Two sample DIDs have been preconfigured to show you how to route calls to an extension or to an IVR. To use these, simply edit their settings and change the DID to match your trunk. Or you can create new incoming routes to send calls to dozens of other destinations on your PBX.
Routing Outgoing Calls from Wazo to Providers
Outgoing calls from extensions on your Wazo PBX must be routed to a trunk provider to reach call destinations outside your PBX. Outgoing call routing is managed in IPX → Call Management → Outgoing Calls. You tell Wazo which trunk provider to use in the General tab. Then you assign a Calling Digit Sequence to this provider in the Exten tab. For example, if NXXNXXXXXX were assigned to Vitelity, this would tell Wazo to send calls to Vitelity if the caller dialed a 10-digit number. Wazo has the flexibility to add and remove digits from a dialed number as part of the outbound call routing process. For example, you might want callers to dial 48NXXNXXXXXX to send calls to a Google Voice trunk where 48 spells "GV" on the phone keypad. We obviously don’t want to send the entire dial string to Google Voice so we tell Wazo to strip the first 2 digits (48) from the number before routing the call out your Google Voice trunk. We’ve included two examples in the Wazo Snapshot to get you started. Skype Connect (shown below) is an example showing how to strip digits and also add digits before sending a call on its way:
Setting Up a Softphone & WebRTC with Wazo
If you’re a Mac user, you’re lucky (and smart). Download and install Telephone from the Mac App Store. Start up the application and choose Telephone:Preference:Accounts. Click on the + icon to add a new account. To set up your softphone, you need 3 pieces of information: the IP address of your server (Domain), and your Username and Password. In the World of Wazo, you’ll find these under IPBX → Services → Lines. Just click on the Pencil icon beside the extension to which you want to connect. Now copy or cut-and-paste your Username and Password into the Accounts dialog of the Telephone app. Click Done when you’re finished, and your new softphone will come to life and should show Available. Dial the IVR (4871) to try things out. With Telephone, you can use over two dozen soft phones simultaneously on your desktop.
For everyone else, we recommend the YateClient softphone which is free. Download it from here. Run YateClient once you’ve installed it and enter the credentials for the Wazo Line. You’ll need the IP address of your server plus your Line username and password associated with the 701 extension. On the Wazo platform, do NOT use an actual extension number for your username with Wazo. Go to IPBX Settings → Lines to decipher the appropriate username and password for the desired extension. Click OK to save your entries.
WebRTC allows you to use your Chrome or Firefox browser as a softphone. Extension 701 comes preconfigured for WebRTC access with Incredible PBX for Wazo. It shares the same password as the Line associated with extension 701, but the username is 701 rather than the username associated with the Line. You can decipher the password by accessing the Wazo Web GUI and then IPBX → Services → Users → Incredible PBX → XiVO Client Password. Or log into your server as root using SSH or Putty and run: /root/show-701-pw
. Wazo introduces several new features to WebRTC including support for the awesome new Opus codec plus voicemail management and even Gravatar support. It’s all preconfigured!
Special Note: Beginning with this version of Wazo (17.02), WebRTC is fully integrated with NGINX on your server, and a simplified method for configuring WebRTC users has been added. When you create a new User account, simply choose the SIP (WebRTC) Protocol when creating a new user account, and all of the Advanced Line options required to support WebRTC will be preconfigured for you.
To use WebRTC, you first need to accept the different SSL certificates associated with the WebRTC app. From your browser, go to the following site and click on each link to accept the certificates. Once you’ve completed this process, visit the Wazo WebRTC site.
Before logging in, click on the Gear icon in the lower right corner and then click on the Pencil icon to edit your Settings. Fill in the public IP address of your Wazo server and specify 443 for the Port. Leave the Backend field blank and click Save. Now login to your WebRTC account with Username 701. The Password is the one you obtained running show-701-pw. The IP Address (if required) is the address of your Wazo PBX.
Implementing FollowMe Roaming with a CellPhone
In addition to ringing your SIP extension when incoming calls arrive, Wazo 17.02 can also ring your cellphone simultaneously. This obviously requires at least one outbound trunk. If that trunk provider also supports CallerID spoofing, then Wazo will pass the CallerID number of the caller rather than the DID associated with the trunk. Incredible PBX for Wazo comes with cellphone support for extension 702 ready to go. To enable it, access the Wazo Web GUI and go to IPBX → Services → Users → Incredible PBX and insert your Mobile Phone Number using the same dial string format associated with the trunk you wish to use to place the calls to your cellphone. You then can answer the incoming calls on either your cellphone or the registered SIP phone. If you answer on your cellphone, you will be prompted whether you wish to accept the call. If you press 1 after observing the CallerID, the caller will be connected. If you decline, the caller will be routed to the Wazo voicemail account of the extension.
Activating Voice Recognition for Wazo
Google has changed the licensing of their speech recognition engine about as many times as you change diapers on a newborn baby. Today’s rule restricts use to “personal and development use.” Assuming you qualify, the very first order of business is to enable speech recognition for your Wazo PBX. Once enabled, the Incredible PBX feature set grows exponentially. You’ll ultimately have access to the Voice Dialer for AsteriDex, Worldwide Weather Reports where you can say the name of a city and state or province to get a weather forecast for almost anywhere, Wolfram Alpha for a Siri-like encyclopedia for your PBX, and Lefteris Zafiris’ speech recognition software to build additional Asterisk apps limited only by your imagination. And, rumor has it, Google is about to announce new licensing terms, but we’re not there yet. To try out the Voice Dialer in today’s demo IVR, you’ll need to obtain a license key from Google. This Nerd Vittles tutorial will walk you through that process. Add your key to /var/lib/asterisk/agi-bin/speech-recog.agi on line 72.
Adding DISA Support to Your Wazo PBX
If you’re new to PBX lingo, DISA stands for Direct Inward System Access. As the name implies, it lets you make calls from outside your PBX using the call resources inside your PBX. This gives anybody with your DISA credentials the ability to make calls through your PBX on your nickel. It probably ranks up there as the most abused and one of the most loved features of the modern PBX.
There are three ways to implement DISA with Incredible PBX for Wazo. You can continue reading this section for our custom implementation with two-step authentication. There also are two native Wazo methods for implementing DISA using a PIN for security. First, you can dedicate a DID to incoming DISA calls. Or you can add a DISA option to an existing IVR. Both methods are documented in our tutorial on the PIAF Forum.
We prefer two-step authentication with DISA to make it harder for the bad guys. First, the outside phone number has to match the whitelist of numbers authorized to use your DISA service. And, second, you have to supply the DISA password for your server before you get dialtone to place an outbound call. Ultimately, of course, the monkey is on your back to create a very secure DISA password and to change it regularly. If all this sounds too scary, don’t install DISA on your PBX.
1. To get started, edit /root/disa-xivo.txt. When the editor opens the dialplan code, move the cursor down to the following line:
exten => 3472,n,GotoIf($["${CALLERID(number)}"="701"]?disago1) ; Good guy
2. Clone the line by pressing Ctrl-K and then Ctrl-U. Add copies of the line by pressing Ctrl-U again for each phone number you’d like to whitelist so that the caller can access DISA on your server. Now edit each line and replace 701 with the 10-digit number to be whitelisted.
3. Move the cursor down to the following line and replace 12341234 with the 8-digit numeric password that callers will have to enter to access DISA on your server:
exten => 3472,n,GotoIf($["${MYCODE}" = "12341234"]?disago2:bad,1)
4. Save the dialplan changes by pressing Ctrl-X, then Y, then ENTER.
5. Now copy the dialplan code into your Wazo setup, remove any previous copies of the code, and restart Asterisk:
cd /root sed -i '\:// BEGIN DISA:,\:// END DISA:d' /etc/asterisk/extensions_extra.d/xivo-extrafeatures.conf cat disa-xivo.txt >> /etc/asterisk/extensions_extra.d/xivo-extrafeatures.conf /etc/init.d/asterisk reload
6. The traditional way to access DISA is to add it as an undisclosed option in an IVR that is assigned to one of your inbound trunks (DIDs). For the demo IVR that is installed, edit the ivr-1.conf configuration file and change the "option 0″ line so that it looks like this. Then SAVE your changes.
exten => 0,1(ivrsel-0),Dial(Local/3472@default)
7. Adjust the inbound calls route of one of your DIDs to point to the demo IVR by changing the destination to Customized with the following Command:
Goto(ivr-1,s,1)
A sample is included in the Wazo Snapshot. Here’s how ours looks for the Demo IVR:
8. Now you should be able to call your DID and choose option 0 to access DISA assuming you have whitelisted the number from which you are calling. When prompted, enter the DISA password you assigned and press #. You then should be able to dial a 10-digit number to make an outside call from within your PBX.
SECURITY HINT: Whenever you implement a new IVR on your PBX, it’s always a good idea to call in from an outside number 13 TIMES and try every key from your phone to make sure there is no unanticipated hole in your setup. Be sure to also let the IVR timeout to see what result you get.
Implementing HA Redundancy with Wazo
With a business phone system, nothing is more important than never missing a call. Wazo’s High Availability (HA) option makes this a no-brainer, and it’s free! Just set up a second server either in the cloud or in your office and walk through our HA tutorial to set up the second server and activate HA. Even though located just across the border in Canada, OVH is hard to beat at $3.49 a month with 2 gigs of RAM and 10 gigs of storage. Vultr.com and Digital Ocean are also good candidates for a slave server, and the cost is still just $5 a month. Their 512MB platforms work fine with a drive cache, especially for a backup server. To get started, create a new Wazo platform using one of the highlighted links above. Be sure to use the same version of Wazo. Once the server is up and running, go to our Wazo HA tutorial and we’ll walk you through installing the NeoRouter Server and completing the Wazo setup. Be sure to configure Google Voice on the backup server before activating HA!
Test Drive Incredible PBX for Wazo
To give you a good idea of what to expect with Incredible PBX for Wazo, just pick up a phone and dial any toll-free number in the U.S. and Canada using a 1 prefix. We’ve also set up a sample IVR using voice prompts from Allison. Try it out from any phone on your PBX by dialing 4871 (IVR1):
Nerd Vittles Demo IVR Options
1 – Call by Name (say "Delta Airlines" or "American Airlines" to try it out)
2 – MeetMe Conference
3 – Wolfram Alpha (Coming Soon!)
4 – Lenny (The Telemarketer’s Worst Nightmare)
5 – Today’s News Headlines
6 – Weather Forecast (enter a 5-digit ZIP code)
7 – Today in History (Coming Soon!)
8 – Speak to a Real Person (or maybe just Lenny if we’re out)
What To Do and Where to Go Next?
Here are a boatload of projects to get you started exploring Wazo on your own. Just plug the keywords into the search bar at the top of Nerd Vittles to find numerous tutorials covering the topics or simply follow our links. Unless there is an asterisk (*) the components already are in place so do NOT reinstall them. Just read the previous tutorials to learn how to configure each component. Be sure to also join the PIAF Forum to keep track of the latest tips and tricks with Wazo. There’s a treasure trove of information that awaits.
- Activate SMS Messaging
- Configure CallerID Superfecta
- Explore Munin Graphics in Wazo
- Integrate Google Calendar Alerts
- Configure NeoRouter and PPTP VPN
- Set Up EndPoint Management in Wazo
- Customize and Create New Wazo IVRs
- Try Out SQLite3 Call Detail Reports
- Learn About Wazo Backups and Upgrades
- Deploy SIP URIs for Free Worldwide Calling
- Develop a PortKnocker Emergency Access Plan
- * Install FCC RoboCall BlackList with WhiteList
- * Install Siri-Like Wolfram Alpha Module
- * Install Lenny, The Robocallers’ Worst Nightmare
Wazo and Incredible PBX Dial Code Cheat Sheets
Complete Wazo documentation is available here. But here are two cheat sheets in PDF format for Wazo Star Codes and Incredible PBX Dial Codes.
Published: Monday, January 30, 2017
Look Before Your Leap: Don’t Jump From the Kettle into the Fire #asterisk https://t.co/OhXlHzEnvV #Home2RealOpenSource #IncrediblePBX #Wazo pic.twitter.com/cRD2my8JE5
— Ward Mundy (@NerdUno) December 16, 2016
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
XiVO Nirvana: Cloud Hosting with SIP Service for 15¢ a Day
Unlike in the Ma Bell era, the real beauty of VoIP technology is being able to experiment with different providers and never having to put all your eggs in one basket. And today we’re pleased to introduce a new XiVO hosting and trunk combination that provides first-class service at truly incredible price points. For the XiVO cloud provider, we’ve chosen OVH, a cloud platform that was recommended to us by our friends at 3CX. It also works great with the new PIAF5 platform for those exploring a (free) commercial alternative.
$3.49 a month at OVH (No, that is not a typo!) gets you an OpenStack KVM with 2GB RAM, 10GB of SSD storage, and RAID10 redundancy plus a 99.95% uptime SLA. And you have your choice of worldwide data centers with many more on the way. For those in the United States, the closest location for the time being is Québec which also happens to be the hometown of the XiVO developers. Ping times on both U.S. coasts are well under 100 milliseconds so you won’t have to worry about voice quality and latency.
For our XiVO SIP provider today, we’ll walk you through setting up inbound and outbound calling with Anveo Direct, one of the least expensive SIP providers in the world. In addition to great pricing, Anveo also provides SIP URI failover for your Anveo trunks. Just follow our previous tutorial to set up a SIP URI address for your XiVO server. Or you could use the SIP URI of your RingPlus mobile phone if you followed our previous tutorial. Anveo also happens to give you total control over call routing with their highly configurable LCR technology. Pay-by-the-minute incoming SIP calls in the U.S. are a penny per minute. Outgoing U.S. calls typically range from one-tenth to three-tenths of a cent per minute depending upon the destination.
Installing Incredible PBX for XiVO at OVH
To get started with OVH, order the VPS SSD 1 package and choose Debian 8 as your operating system. Once your credentials arrive, log into your server as root using SSH/Putty and immediately change your root password: passwd.
While still logged into your server as root using SSH/Putty, issue the following commands to kick off the base install:
cd /root wget http://incrediblepbx.com/IncrediblePBX13-XiVO.sh chmod +x IncrediblePBX13-XiVO.sh ./IncrediblePBX13-XiVO.sh
After rebooting (it takes about 2 minutes on the OVH platform), log into your server again as root and issue the following command to complete the XiVO and Incredible PBX installation and configuration:
./IncrediblePBX13-XiVO.sh
You now can proceed to Incredible PBX Initial Configuration tutorial to continue your setup. Much of this initial configuration already has been put in place using our XiVO Snapshot technology. Just review the settings and make sure they meet your requirements. Then you’ll be ready to set up your Anveo Direct trunk and routes to handle your SIP calls.
Getting Started with Anveo Direct
We previously have documented how to set up Anveo Direct for Outbound Calling from your XiVO PBX so we won’t repeat it here. Today we’ll show you how to obtain and configure an Anveo Direct DID to enable Inbound Calling to your XiVO PBX. We’re going to walk you through the procedure to install a U.S. DID, but Anveo Direct offers worldwide DIDs. And we’ll show you how to modify the default XiVO setup to support international DIDs should you wish to use them.
After you’ve set up Outbound Calling with Anveo Direct as previously documented, log back into the Anveo Direct portal with your credentials.
Under the Inbound Service tab, choose Order Anveo Direct DID and click Geographic. Then select the United States, your desired State, and your desired City to obtain a DID. Select one or more DIDs as desired and then click ORDER PHONE NUMBERS SELECTED. Choose either the pay-by-the-minute or all-you-can-eat option for your DID depending upon your needs and complete your purchase. There’s a 3-month minimum charge for all DIDs.
Once you complete your DID purchase, choose the Inbound Service tab again and choose Configure Destination SIP Trunks. ADD A NEW SIP TRUNK following the example below and specifying the IP address of your XiVO PBX. Include a Failover SIP URI if you’ve set one up. Don’t confuse the SIP URI entry with the Failover entry. The first is mandatory while the second is not. The SIP URI entry tells Anveo how to send out the SIP calls to your XiVO PBX. It should look like this using your own server’s IP address or FQDN: $[E164]$@1.2.3.4 or $[E164]$@ovh.yourdomain.com. Click SAVE when finished.
Next, choose the Inbound Service tab again and choose Configure AnveoDIDs. Every DID you purchased should already have an entry here. Click the EDIT button to open the options window. Then click the Call Options tab. From the pull-down, choose the Destination SIP Trunk entry that you created in the previous step:
Finally, under the CallerID tab, choose {E164} (no prefix). Then click SAVE. That completes the DID setup process on the Anveo Direct side. Now you simply have to configure XiVO to accept the incoming calls from your Anveo DID.
Configuring Anveo DIDs on Your XiVO PBX
Unlike most SIP providers, Anveo Direct does not require (nor permit) registration of your Anveo trunks. Calls to Anveo DIDs will simply be routed to your XiVO PBX based upon the SIP URI you specified above. If your Incredible PBX for XiVO server was built on or after November 9, 2016, then the Anveo trunk and dialplan are already in place. All you’ll need to do on the XiVO side is to add an Incoming Call route for each DID telling XiVO where to send the calls. If you have an existing Incredible PBX for XiVO server, there’s a little more work to do, and we’ve documented the steps to support Anveo DIDs on the PIAF Forum.
For U.S. DIDs, the DID format is 11 digits beginning with a 1. The example below would route incoming calls from the Anveo DID to the Demo IVR. You could just as easily have specified an extension or ring group to take the calls.
Published: Wednesday, November 9, 2016
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
2016, The Year of VoIP Choice: Redundancy and Multi-Tenant with Wazo
As we celebrate Labor Day, it seemed appropriate to document why Wazo separates the men from the boys so your phones don’t end up as boat anchors buried in the sand. Today our focus is "High Availability (HA)" and "Multi-Tenant (MT)", two very expensive options for many PBXs including some that loosely tout their platforms as free.
In the PBX context, HA means that, when your server fails, there’s another one waiting in the wings to automatically take over. Much of this technology is based upon open source tools, but Sangoma sells a pair of limited term licenses as a FreePBX® add-on for a cool $3,000 not including hardware AND annual maintenance fees. With Wazo, it’s FREE! You can pair two Raspberry Pi’s or two Cloud servers, or you can mix-and-match with any combination of servers you choose. Here’s how we did it in 3 minutes flat:
Multi-tenant has been discussed for the FreePBX platform for the better part of a decade. As best we can tell, it’s still a pipe dream. Virtual machines running separate servers are the suggested solution even though this requires managing multiple Asterisk platforms forever. With Wazo’s FREE Entities module, MT is a cake walk. We’ll walk you through the 5-minute setup process thanks to the tips provided by Amy Grant on the PIAF Forum.
Deploying Wazo HA Servers with NeoRouter
Here’s the HA setup drill. First, you build two identical Wazo platforms running the same version of Incredible PBX for Wazo. Then you set the first server up as the Master and the second one as the Slave. As we said, these servers don’t need to be on the same hardware platform. And they need not be colocated although they have to share the same private LAN. We’ll handle that little detail by taking advantage of the NeoRouter client software that’s already installed as part of every Incredible PBX for Wazo build.
Unless both of your servers reside on the same local area network, you will need to deploy a NeoRouter server somewhere, but NOT on your Wazo Master since the NeoRouter server itself would become a single point of failure should it die along with your primary server. The Slave server would be a great choice. We covered the NeoRouter Server setup a long time ago in this tutorial, but don’t use the vintage install script. Instead you’ll need to deploy a current version of the Free NeoRouter Server that matches your server platform now that we support operating systems other than CentOS. Incidentally, all of the supported Cloud platforms that we’ve documented for Wazo also support NeoRouter.
We’ve made NeoRouter Server setup easy with this script which works with CentOS/SL, Ubuntu, Debian, and Raspbian. The actual setup steps covered in our original tutorial still are the same.
cd /root wget http://incrediblepbx.com/install-neorouter-server chmod +x install-neorouter-server ./install-neorouter-server
After you have your Free NeoRouter Server in place, the next step is to run nrclientcmd on each Wazo server and login to your NeoRouter Server with your credentials. The NeoRouter Server will assign a private IP address to each machine on the NeoRouter VPN. The addresses will be in the range 10.0.0.1 to 10.0.0.255. We’ll use these assigned addresses when setting up the Master and Slave Wazo HA servers.
High Availability Prerequisites with Wazo
In the Incredible PBX for Wazo context, the prerequisites list for your two HA servers is a short one. (1) You need two functioning Incredible PBX for Wazo machines on the same local area network. (2) Both the Master and Slave must be running the same version of Wazo. (3) All trunk registration timeouts (expiry) must be less than 300 seconds. (4) The Slave server must have no phone provisioning plugins installed.
For those using Google Voice trunks with OAuth in conjunction with Incredible PBX for Wazo, keep in mind that this is NOT an integral component of Wazo so it technically is not supported. However, you can easily make it work by configuring any desired Google Voice trunks on BOTH the Master and Slave machines using add-gvtrunk before enabling High Availability. Then the Google Voice trunks will continue to work even after a failover to Slave.
High Availability Limitations with Wazo
When the Master node fails, some features are not available on the Slave:
- Call history / call records are not recorded.
- Voicemail messages saved on the Master node are not available.
- Custom voicemail greetings recorded on the Master node are not available.
- Phone provisioning is disabled, i.e. a phone will always keep the same configuration, even after restarting it.
- Phone remote directory is not accessible because the provisioned IP address points to the Master.
Configuring Your Servers for High Availability
Like most Wazo tasks, setting up High Availability on your Master and Slave servers is a 5-minute process. Begin by configuring HA in the Web interface: Configuration ‣ Management ‣ High Availability. (1) Configure the first server as Master with the Remote Address of the Slave. (2) Login to the Linux CLI of Master as root and restart Wazo: xivo-service restart. (3) For the second machine, configure the server as Slave with the Remote Address of the Master.
Next, return to the Linux CLI of Master while still logged in as root. (1) Set up file synchronization by running this script: xivo-sync -i. (2) Start configuration synchronization by running: xivo-master-slave-db-replication 192.168.1.2 using the actual IP address of your Slave. (3) Finally, synchronize the two servers by running xivo-sync on Master. Done! Isn’t it nice saving $3,000 for 5 minutes work using open source software? 🙂
If you love the nitty gritty details, you can read up on Wazo HA in their excellent documentation.
Here’s what pbxstatus will show on Master and Slave while both servers are operational:
And here’s what happens when you halt Master. Within a minute or two, your designated Slave server will come to life:
Choosing Compatible Phones for High Availability
That’s only half the story, of course. Now that you have HA up and running, the remaining trick is that you want your phones to continue to work when things switch over to Slave. To accomplish this, you’ll need to use SIP phones that are compatible with HA technology. Some are, and many are not. Wazo has made it easy for you by publishing a compatibility list. Their documentation includes Officially Supported Devices as well as Community Supported Devices. HINT: Snom, Yealink, and Aastra 6700i and 9000i series phones are your safest bets.1 Here’s what a SIP extension setup would look like on Yealink’s popular T46G:
Deploying Multi-Tenant Technology with Wazo
If you’re new to MT technology, the idea here is to provide separate extensions and trunks for use by different departments within an organization. The reasons should be obvious. These departments have separate budgets and separate clientele, and you probably don’t want the public calling a central number in order to reach everyone in an organization. And the organization wants to identify costs and log calls associated with its various departments.
Wazo handles MT using Entities. When you set up Incredible PBX for Wazo, it automatically created a single Entity named Incredible PBX. You can create additional ones and name them anything you like in the Wazo Web interface: Configuration ‣ Management ‣ Entities.
Next, create Contexts to support your new Entity. Mimic the existing contexts in IPX ‣ IPX Configuration ‣ Contexts and provide unique names for each of them. Be sure you associate each of the new contexts with the new entity you created. Then set up users, lines, trunks, and call routing for the new entity in the same way you did it for the original IncrediblePBX entity. Take a look at Amy Grant’s setup with Google Voice on the PIAF Forum for additional tips. Simple and it’s FREE!
Originally published: Monday, September 5, 2016 Updated: Saturday, January 28, 2017
9 Countries Have Never Visited Nerd Vittles. Got a Friend in Any of Them https://t.co/wMfmlhiQ9y #asterisk #freepbx pic.twitter.com/TPFGZbqWB6
— Ward Mundy (@NerdUno) April 22, 2016
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
- HA failover even works great using $29 UTP-E62 if you can find one. [↩]
Take the XiVO Plunge: 4 Months of Free Cloud Hosting
Nobody has to tell us how painful change can be. We oversaw the deployment of over 30,000 IBM PCs only to switch horses and become a dedicated Mac lover. And we’ve invested almost 10 years in another Asterisk® GUI only to be disappointed by the direction of that project. That led to our New Year’s Resolution to find a better mousetrap for unified communications open source development. And, boy, did we find one. So here’s the deal. You either believe in the open source community and want to foster free and open development of software, or you don’t. And, if you don’t, that’s perfectly fine. There are lots of commercial PBX alternatives including the terrific 3CX products from our platinum sponsor. But don’t wrap yourself in the open source flag, brag about free and freedom, and then market a product that is none of the above. If your distro’s license agreement prohibits redistribution thereby discouraging sharing which is the lynchpin of the GPL, then the product has little if anything to do with free and freedom.
The good news is we’ve now found an awesome alternative that is pure open source code with an actual GPL3 license. So come join the party and lend a hand with your suggestions and/or your code contributions. We’ll put your name in bright lights, and the open source community will be forever in your debt. Our challenge is to get you as excited about XiVO as we are. There’s nothing with VoIP and Unified Communications that you can’t do better, cheaper, and faster using XiVO. And XiVO’s Asterisk RealTime implementation has no competition, period. Instead of lengthy delays to process changes, rewrite Asterisk config files, and reload the entire Asterisk dial plan, Asterisk RealTime brings instantaneous configuration updates.
We can think of no better way to introduce you to this terrific platform than offering up a free cloud platform until 2017 to let you kick the tires. It won’t impact your production servers while letting you explore the possibilities offered by a state-of-the-art Asterisk 13 platform with no equal. Believe me. We know every wart and pimple in the old GUI platform, and you won’t have to wrestle with any of the traditional problems that we all assumed were native to Asterisk. Guess what? They weren’t. No, your server won’t blow up when you add a new module. No, Asterisk won’t refuse to start because you chose to upgrade an existing component. No, you won’t be Nickle and Dimed into buying critical platform enhancements. And, no, you won’t be charged hundreds of dollars for "support" only to be told that you need to switch to a more proprietary platform. Yes, the XiVO development team releases seamless upgrades every three weeks at no cost. Yes, uncrippled endpoint provisioning for dozens of phones is provided in XiVO at no cost. Yes, powerful call center and High Availability technology is included at no cost. And, yes, backups of your server are made every night for free.
There’s more good news. VULTR is a relatively new cloud provider that now hosts virtual machines in over a dozen cities around the world. For new subscribers, they are offering a $20 credit when you sign up using our referral link. And, yes, your registration provides a few shekels to Nerd Vittles to keep the lights on. The great news is that $20 buys you a full four months of XiVO cloud hosting service, and you won’t find a better do-it-yourself platform at any price, let alone free.
Building the Debian 8 Platform at Vultr for XiVO
The first step in your XiVO adventure is to sign up for a Vultr account with your $20 credit using the Nerd Vittles referral link. Once you’ve done that, it’s time to build your Debian 8 virtual machine to host XiVO in the Cloud. (1) Choose your favorite city to host your server, (2) pick the Debian 8 64-bit platform, and (3) choose the $5/month server size.
IMPORTANT: Leave the Server Hostname & Label blank!
Once your virtual machine is up and running, log in with SSH or Putty using the root password provided. Do NOT install XiVO from the console, or the firewall will lock you out of your own machine! Change your root password immediately: passwd.
Next, set up a swap file on your virtual machine, or the XiVO install will fail on the $5 platform:
dd if=/dev/zero of=/swapfile bs=1024 count=1024k chown root:root /swapfile chmod 0600 /swapfile mkswap /swapfile swapon /swapfile echo "/swapfile swap swap defaults 0 0" >> /etc/fstab sysctl vm.swappiness=10 echo vm.swappiness=10 >> /etc/sysctl.conf free -h cat /proc/sys/vm/swappiness
Installing Incredible PBX for XiVO in the Vultr Cloud
While still logged into your server as root using SSH/Putty, issue the following commands to kick off the install:
cd /root wget http://incrediblepbx.com/IncrediblePBX13-XiVO.sh chmod +x IncrediblePBX13-XiVO.sh ./IncrediblePBX13-XiVO.sh
The initial setup brings your Debian 8 server up to current specs, and then the virtual machine will reboot. After rebooting, log into your server again as root with your new root password. Issue the following command to complete the XiVO and Incredible PBX installation and configuration:
./IncrediblePBX13-XiVO.sh
You’ll be prompted to set your time zone, passwords, and choose the optional features of Incredible PBX you wish to install. We strongly recommend you install ALL of the Incredible PBX feature set. Many cannot be added later.
Verify that the XiVO install completed successfully when prompted. Then verify that the XiVO initial configuration completed successfully by once again pressing ENTER. The firewall and Incredible PBX install will then proceed without further prompting. Total setup time: under 10 minutes.
There still are some setup steps required, and these are performed within the XiVO GUI using a web browser. For step-by-step instructions on the Incredible PBX Initial Configuration Procedure, click here. Enjoy your adventure!
Originally published: Monday, July 25, 2016
9 Countries Have Never Visited Nerd Vittles. Got a Friend in Any of Them https://t.co/wMfmlhiQ9y #asterisk #freepbx pic.twitter.com/TPFGZbqWB6
— Ward Mundy (@NerdUno) April 22, 2016
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
It’s All About Choices: Incredible PBX ISO Now Available in the Vultr VPS Cloud
[iframe-popup id="5″]
We’ve heard you. Many prefer the ease of installation offered by the Incredible PBX ISO. Unfortunately, until now, it wasn’t available if you wanted a do-it-yourself Cloud Solution other than, of course, using a turnkey Incredible PBX server at RentPBX. Well, now you have a choice. A great new VPS provider, Vultr, now gives you the option of using your own ISO when you deploy Cloud servers on their worldwide platforms. It’s not 100% intuitive just yet, but Vultr will get there. In the meantime, we’ll walk you through the procedure if you’d like to try it yourself. The good news is Incredible PBX can run on a $5/month Vultr server with 768MB of RAM plus a 768MB cache and a 15GB SSD plus 1TB of monthly bandwidth. And you can build your server in less than 30 minutes.
Getting Started with VULTR
Before you can set up virtual machines at VULTR, you’ll obviously need an account. Help Nerd Vittles keep the lights on by using our referral link. It doesn’t cost you a nickel extra. In fact,for a limited time, you get a $20 credit to try out the service when you sign up using our link above.
Once you’ve set up your account and logged in, the first step is to upload the Incredible PBX ISO so that you can use it to build cloud-based servers:
(1) Click on the Servers link in the left column.
(2) Click the ISO tab.
(3) Click the Add ISO button and use the following Incredible PBX ISO link to upload the ISO to VULTR:
http://sourceforge.net/projects/pbxinaflash/files/IncrediblePBX13.2.iso
(4) Once the ISO has been uploaded, it will display in your ISO uploads listing as shown above.
Building an Incredible PBX Server at VULTR
Now you have two ways to build Incredible PBX servers at VULTR. You can do it the traditional way by starting with a 64-bit CentOS 6.7 image and running the installer. Or you can use your new Incredible PBX ISO which we’ve preloaded into your VULTR account. Let’s do it the new way just to document the procedure.
Start by clicking on the Servers link in the left column. Then click + Deploy New Server button.
(1) Choose a Server Location from the list of choices shown above. For PBXs it’s always good to choose a location that’s near to both your VoIP hosting provider(s) and your actual phones where possible.
(2) For Server Type, click on the Custom ISO tab as shown above and select IncrediblePBX13.2.iso.
(3) For Server Size, choose the platform that meets your needs. You can always start small, take a snapshot of your server, and rebuild with a larger platform down the road if your requirements change.
(4) Choose any Additional Features and HostName desired. Then click the Deploy Now button.
(5) Click the Servers link to monitor the progress in building your virtual machine.
Installing Incredible PBX at VULTR from the ISO
Once your virtual machine Status changes from Installing to Running, (1) write down the IP address of your new server and click Restart button. (2) Click Manage. (3) Click View Console. Choose the type of Incredible PBX install you prefer and follow the prompts to enter your root password and time zone. When the operating system phase of the install finishes, your virtual machine will reboot. While this phase is underway, you’ll need to get prepared to disable the ISO during the reboot. You don’t want to inadvertently start the install all over again!
While the Phase I install is underway, click Server Details in your browser. Then choose (1) Settings, (2) Custom ISO, and (3) click Remove ISO. WAIT at the Are You Sure prompt until the reboot begins in the Console Window. Then click YES in your browser and also close the Console window.
Now use SSH or Putty to login to your new server as root at the IP address you wrote down above. Once logged in, run the Incredible PBX installer to begin Phase 2 of the install: ./IncrediblePBX13-12R.sh. Choose the type passwords you wish to use for Google Voice, and the install will begin. In order to bring your server up to current specs, it will reboot once more after a few minutes. Then you’ll need to kick off the install once again: ./IncrediblePBX13-12R.sh. Choose the type passwords you wish to use for Google Voice, and the install will finish without further interruption. When the install finishes, the server will reboot to bring Asterisk and your firewall on line.
Login to your server as root one more time to get the latest Incredible PBX updates and set up your passwords and verify your time zone. Then you’ll be ready to handle future server admin using your browser:
Make your root password very secure: passwd Create admin password for GUI access: /root/admin-pw-change Create admin password for web apps: htpasswd /etc/pbx/wwwpasswd admin Set your correct time zone: /root/timezone-setup Make a copy of your Knock codes: cat /root/knock.FAQ Review current info about your server: status
If you want to add fax support to your PBX, we’ve got one more installer to run, and you’ll be all set. Just run the following command and press the ENTER key each time you are prompted for input (about 21 times):
cd /root ./incrediblefax11.sh
Success!
It’s a GUI, GUI World Out There
Most management of Incredible PBX will be handled using your favorite browser and one of two GUIs: the Kennonsoft menu which appears when you access the IP address of your server using a browser AND the Incredible GUI which is available on the Admin page of the Kennonsoft menu.
Choose Incredible GUI Administration from the Admin menu of the Kennonsoft GUI (shown above) by clicking on User to switch. The default username is admin and the password is what you set in the preceding step. Now edit extension 701 so you can decipher or change the randomized passwords that was assigned to the 701 extension and its voicemail account: Applications -> Extensions -> 701.
Setting Up a Soft Phone to Use with Incredible PBX
Now you’re ready to set up a telephone so that you can play with Incredible PBX. We recommend YateClient which is free. Download it from here. Run YateClient once you’ve installed it and enter the credentials for the 701 extension on Incredible PBX. You’ll need the IP address of your server plus your extension
701 password. Choose Settings -> Accounts and click the New button. Fill in the blanks using the IP address of your server, 701 for your account name, and whatever password you created for the extension. Click OK.
Once you are registered to extension 701, close the Account window. Then click on YATE’s Telephony Tab and place some test calls to the numerous apps that are preconfigured on Incredible PBX. Dial a few of these to get started:
DEMO - Allison's IVR Demo
947 - Weather by ZIP Code
951 - Yahoo News
*61 - Time of Day
*68 - Wakeup Call
TODAY - Today in History
Now you’re ready to connect to the telephones in the rest of the world. If you live in the U.S., the easiest way (at least for now) is to set up a free Google Voice account. Google has threatened to shut this down but as this is written, it still works. An update supporting Google Voice OAUTH 2 authentication is available here with a complete tutorial. Just start at step #1b. A better long-term solution is to choose several SIP providers and set up redundant trunks for your incoming and outbound calls. The PIAF Forum includes dozens of recommendations to get you started. You’ll also find an incredible deal from our platinum sponsor, Vitelity, at the end of this article.
Configuring Google Voice
If you want to use Google Voice, you’ll need a dedicated Google Voice account to support Incredible PBX. If you want to use the inbound fax capabilities of Incredible Fax, then you’ll need an additional Google Voice line that can be routed to the FAX custom destination using the GUI. The more obscure the username (with some embedded numbers), the better off you will be. This will keep folks from bombarding you with unsolicited Gtalk chat messages, and who knows what nefarious scheme will be discovered using Google messaging six months from now. So keep this account a secret!
We’ve tested this extensively using an existing Gmail account, and inbound calling is just not reliable. The reason seems to be that Google always chooses Gmail chat as the inbound call destination if there are multiple registrations from the same IP address. So, be reasonable. Do it our way! Set up a dedicated Gmail and Google Voice account, and use it exclusively with Incredible PBX. It’s free at least through 2013. Google Voice no longer is by invitation only so, if you’re in the U.S. or have a friend that is, head over to the Google Voice site and register.
You must choose a telephone number (aka DID) for your new account, or Google Voice calling will not work… in either direction. Google used to permit outbound Gtalk calls using a fake CallerID, but that obviously led to abuse so it’s over! You also have to tie your Google Voice account to at least one working phone number as part of the initial setup process. Your cellphone number will work just fine. Don’t skip this step either. Just enter the provided 2-digit confirmation code when you tell Google to place the test call to the phone number you entered. Once the number is registered, you can disable it if you’d like in Settings, Voice Setting, Phones. But…
IMPORTANT: Be sure to enable the Google Chat option as one of your phone destinations in Settings, Voice Setting, Phones. That’s the destination we need for The Incredible PBX to work its magic! Otherwise, all inbound and outbound calls will fail. If you don’t see this option, you may need to call up Gmail and enable Google Chat there first. Then go back to the Google Voice Settings.
While you’re still in Google Voice Settings, click on the Calls tab. Make sure your settings match these:
- Call Screening – OFF
- Call Presentation – OFF
- Caller ID (In) – Display Caller’s Number
- Caller ID (Out) – Don’t Change Anything
- Do Not Disturb – OFF
- Call Options (Enable Recording) – OFF
- Global Spam Filtering – ON
Click Save Changes once you adjust your settings. Under the Voicemail tab, plug in your email address so you get notified of new voicemails. Down the road, receipt of a Google Voice voicemail will be a big hint that something has come unglued on your PBX.
One final word of caution is in order regardless of your choice of providers: Do NOT use special characters in any provider passwords, or nothing will work!
Now you’re ready to set up your Google Voice trunk in the GUI. After logging in with your browser, click the Connectivity tab and choose Google Voice/Motif. To Add a new Google Voice account, just fill out the form. Do NOT check the third box or incoming calls will never ring!
IMPORTANT LAST STEP: Google Voice will not work unless you restart Asterisk from the Linux command line at this juncture. Using SSH, log into your server as root and issue the following command: amportal restart.
If you have trouble getting Google Voice to work (especially if you have previously used your Google Voice account from a different IP address), try this Google Voice Reset Procedure. It usually fixes connectivity problems. If it still doesn’t work, enable Less Secure Apps using this Google tool.
Troubleshooting Audio and DTMF Problems
You can avoid one-way audio on calls and touchtones that don’t work with these simple settings in the GUI: Settings -> Asterisk SIP Settings. Just plug in your public IP address and your private IP subnet. Then set ULAW as the only Audio Codec.
A Few Words about the Incredible PBX Security Model for CentOS
Incredible PBX for CentOS joins our previous Ubuntu build as our most secure turnkey PBX implementation. As configured, it is protected by both Fail2Ban and a hardened configuration of the IPtables Linux firewall. The latest release also includes Port Knocker for simple, secure access from any remote computer or smartphone. You can get up to speed on how the technology works by reading the Nerd Vittles tutorial. Your Port Knocker credentials are stored in /root/knock.FAQ together with activation instructions for your server and mobile devices. The NeoRouter VPN client also is included for rock-solid, secure connectivity to remote users. Read our previous tutorial for setup instructions. As configured, nobody can access your PBX without your credentials AND an IP address that is either on your private network or that matches the IP address of your server or the PC from which you installed Incredible PBX. You can whitelist additional IP addresses by running the command-line utility /root/add-ip. You can remove whitelisted IP addresses by running /root/del-acct. Incredible PBX is preconfigured to let you connect to many of the leading SIP hosting providers without additional firewall tweaking. We always recommend you also add an extra layer of protection by running your server behind a hardware-based firewall with no Internet port exposure, but that’s your call. And it’s your phone bill. 😉
The IPtables firewall is a complex piece of software. If you need assistance with configuring it, visit the PIAF Forum for some friendly assistance.
Incredible Backup and Restore
We’re also pleased to offer our latest backup and restore utilities for Incredible PBX. Running /root/incrediblebackup will create a backup image of your server in /tmp. This backup image then can be copied to any other medium desired for storage. To restore it to another Incredible PBX server, simply copy the image to a server running Asterisk 13 and the same version of the Incredible PBX GUI. Then run /root/incrediblerestore. Doesn’t get much simpler than that.
Incredible PBX Automatic Update Utility
Every time you log into your server as root, Incredible PBX will ping the IncrediblePBX.com web site to determine whether one or more updates are available to bring your server up to current specs. We recommend you log in at least once a week just in case some new security vulnerability should come along.
In the meantime, we encourage you to sign up for an account on the PIAF Forum and join the discussion. In addition to providing first-class, free support, we think you’ll enjoy the camaraderie.
Incredible PBX Application User’s Guide
And now would be a great time to learn about the dozens of Incredible PBX applications. Enjoy!
Originally published: Tuesday, July 12, 2016
9 Countries Have Never Visited Nerd Vittles. Got a Friend in Any of Them https://t.co/wMfmlhiQ9y #asterisk #freepbx pic.twitter.com/TPFGZbqWB6
— Ward Mundy (@NerdUno) April 22, 2016
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…