Home » Incredible PBX (Page 28)
Category Archives: Incredible PBX
The Most Versatile VoIP Provider: FREE PORTING
JUST RELEASED: Visit the Incredible PBX WikiRTPbleed Security Alert: Asterisk Calls Can Be Intercepted
If you’ve installed Asterisk® during the past 4½ years, your server has a MAJOR security problem. If you didn’t already know, with Asterisk, your VoIP conversations actually are carried over a random UDP port using the Real Time Protocol (RTP), not the SIP port (UDP 5060) which handles the setup and teardown of your VoIP connections. It turns out that, since March 2013, all of that RTP traffic and thus your conversations could be intercepted and redirected by anyone on the Internet. As this recent article in The Register noted:
The problem occurs when [communications] systems like IP telephony have to get past network address translation (NAT) firewalls. The traffic has to find its way from the firewall’s public IP address to the internal address of the device or server, and to do that, RTP learns the IP and port addresses to associate with a call.
The problem is, the process doesn’t use any kind of authentication.
This is exacerbated by the fact that, by default, Asterisk and FreePBX® traditionally use the NAT=yes setting (whether needed or not) to enable this navigational magic just in case your calls need it. Without it, you may end up with no audio or one-way audio on your calls. Traditional wisdom was that an attacker needed to be positioned between the caller and the Asterisk server in order to intercept this media stream. As luck would have it, it turns out the man in the middle didn’t need to be in the middle after all. He could be anywhere on the Internet. The old adage to talk on the phone as if someone else were listening turns out to have been pretty good advice in the case of Asterisk communications. Even if you had a firewall, chances are you protected UDP port 5060 while exposing and forwarding UDP 10000-20000 to Asterisk without any safeguards.
According to last week’s Asterisk advisory, “To exploit this issue, an attacker needs to send RTP packets to the Asterisk server on one of the ports allocated to receive RTP. When the target is vulnerable, the RTP proxy responds back to the attacker with RTP packets relayed from the other party. The payload of the RTP packets can then be decoded into audio.” Specifically, if UDP ports 10000-20000 are publicly exposed to the Internet, anybody and everybody can intercept your communications without credentials of any kind. WOW!
So, there’s a patch to fix this, right? Well, not exactly:
Note that as for the time of writing, the official Asterisk fix is vulnerable to a race condition. An attacker may continuously spray an Asterisk server with RTP packets. This allows the attacker to send RTP within those first few packets and still exploit this vulnerability.
The other recommended "solutions" aren’t much better:
- When possible the nat=yes option should be avoided
- To protect against RTP injection, encrypt media streams with SRTP
- Add config option for SIP peers to prioritize RTP packets
The nat=no option doesn’t work if you or your provider employs NAT-based routers. The SRTP option only works on more recent releases of Asterisk, and it also requires SRTP support on every SIP phone. Prioritizing RTP packets is not a task for mere mortals.
Surprisingly, the one solution that is not even mentioned is hardening your firewall to block incoming UDP 10000-20000 traffic that originates outside your server. Our recognized SIP expert on the PIAF Forum had the simple solution. Bill Simon observed:
If the SDP in the INVITE or subsequent re-INVITE contains routable IP addresses, then use them for media. If the SDP contains non-routable IP addresses, then the client is behind a NAT and not using any NAT traversal techniques like SIP ALG, ICE/STUN, so send to the originating IP. Why are we making allowances here for media to come from anywhere? I think you can probably clamp down your firewall as much as you want, because symmetric RTP should allow media to get through by way of establishing an outbound stream (inbound stream comes back on the same path).
Our testing confirms that simply blocking incoming RTP traffic on your firewall solves the problem without any Asterisk patch. In short, RTP traffic cannot originate from anonymous sources on the Internet.
For those using Incredible PBX® or Travelin’ Man 3 or an IPtables firewall, the fix is easy. Simply remove or comment out the INPUT rule that looks like this and restart IPtables:
-A INPUT -p udp -m udp --dport 10000:20000 -j ACCEPT
On RedHat/CentOS servers, the rule is in /etc/sysconfig/iptables. On Debian/Ubuntu and Raspbian servers, you’ll find the rule in /etc/iptables/rules.v4. On Incredible PBX for Issabel servers, you’ll find the rule in /usr/local/sbin/iptables-custom. On all Incredible PBX platforms, remember to restart IPtables using only this command: iptables-restart.
Published: Friday, September 8, 2017
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
Another Perfect Pair: Flawless VoIP with Wazo and 3CX
We previously documented how to interconnect an Issabel PBX with 3CX to take advantage of the best of both worlds. Today, we’ll again use the Nerd Vittles free 3CX server offering and interconnect it with a Wazo PBX. An added benefit of using Wazo is the fact that you can set up redundant (and free) HA servers with Wazo in minutes. Once we get the pieces in place, from Wazo extensions, you’ll be able to call your 3CX Clients by dialing 4 digits. And, from 3CX Clients, you can call Wazo extensions as well as all of your Asterisk® applications in the same way with the added bonus of being able to make outbound calls through your Wazo trunks by dialing any number with an 8 prefix from 3CX extensions. Once you have both of your PBXs running, the setup time to interconnect them is under 5 minutes.
Why would you want to maintain two PBXs? As we previously noted, the simple answer is the added flexibility you achieve coupled with a 99% reduction in VoIP headaches. If you haven’t yet used 3CX Clients on a PC or Mac desktop or on an iOS or Android device, you have missed perhaps the greatest VoIP advancement of the last decade. As the name suggests 3CX Clients connect to a 3CX server with less than a one-minute setup. They work flawlessly from anywhere using WiFi or cellular. Every function you’re accustomed to on a top-of-the-line desktop SIP phone works exactly the same on the 3CX clients: phonebook, hold, transfer, voicemail, chat, conferencing, and WebMeeting. It’s what every Unified Communications system should deliver. The silver lining is you can kiss all of your Asterisk NAT woes goodbye! If you ever travel or if you need remote phone access to your PBX infrastructure, you owe it to yourself to try a 3CX Client. We promise. You’ll never go back!
Building Your Wazo and 3CX Server Platforms
The prerequisite for interconnecting Wazo and 3CX servers is, of course, to install the two PBXs on platforms of your choice. Our preference is cloud-based servers because it avoids many of the stumbling blocks with NAT-based routers. If you know what you’re doing, you obviously can deploy the PBXs in any way you like. For the Wazo PBX, start with our latest Wazo tutorial. For 3CX, start with our introductory tutorial which includes a link to obtain a free perpetual license supporting 4 simultaneous calls and unlimited trunks. Then secure your server by adding the Travelin’ Man 3 firewall for 3CX. Once both servers are up and running, whitelist the IP address or FQDN of the Wazo PBX on the 3CX server and vice versa. You’ll find the add-ip and add-fqdn utilities in /root of each server.
Overview of Interconnection Methodology
If you’re new to all of this, suffice it to say that 3CX is a powerful, commercial PBX while Wazo provides a robust Asterisk RealTime implementation for basic telephony operation. The two systems are quite different in terms of their approaches to interconnectivity. While you can transparently interconnect one 3CX server to another one, you cannot accomplish the same thing when the second PBX is Asterisk-based. Instead, Wazo is configured as a SIP trunk on the 3CX platform. The limitation this causes is that extensions on the Wazo PBX can only direct dial extensions on the 3CX platform. Wazo-based extensions cannot utilize 3CX trunks to place outbound calls. There’s more flexibility on the 3CX side of things. 3CX extensions can place direct calls to Wazo extensions. They also can take advantage of Wazo’s trunks to place outbound calls. Additionally, as we noted above, 3CX extensions can take advantage of every Asterisk application hosted on the Wazo platform including all of the Incredible PBX® enhancements. This actually works out perfectly because you can deploy 3CX Clients for your end-users, and they can take advantage of all the extension and trunk resources on both the 3CX and Wazo platforms. It also greatly simplifies remote deployment by removing NAT one-way audio hassles while allowing almost instantaneous setup of remote 3CX Clients, even by end-users.
For our setup today, we’re assuming you have elected to use 3-digit extensions on both the Wazo and 3CX platforms. To call extensions connected directly to the alternate server, we will simply dial 8 + the extension number on the remote PBX. To make external calls from 3CX extensions using Wazo trunks, we will dial 8 + a 10-digit number. For international users, you can adjust the dialplan on both PBXs accordingly.
By default, SIP trunks are associated with a DID on the 3CX platform. We will register the 3CX DID trunk with Wazo to maintain connectivity; however, we will not register the corresponding trunk on the Wazo side with the 3CX server. Keep in mind that you can only route a 3CX DID to a single destination, i.e. an extension, a ring group, or an IVR. But we can use 3CX’s CallerID routing feature to send calls to specific 3CX extensions from Wazo extensions even using a single 3CX trunk. For each 3CX extension, we’ll create an Outbound Route on the Wazo side with a CallerID number that matches the 3CX extension number we wish to reach. On the 3CX side, we’ll create an Inbound CID Rule that specifies the extension number to which each matching CallerID number should be routed. This sounds harder than it actually is. So keep reading, and it’ll all make sense momentarily. Once you’ve set all of this up, we think you’ll agree that it makes sense to create the bulk of your extensions exclusively on the 3CX side.
Configuring Wazo for Interconnection to 3CX
Let’s begin by creating a Trunk on the Wazo side to connect to your 3CX server. In the Wazo GUI, choose IPBX:Trunk Management:SIP Protocol and + Add SIP Trunk.
In the General tab, fill in the blanks as shown below. Make up a very secure Password:
In the Signalling tab, fill in the blanks identified by arrows as shown below:
In the Advanced tab, fill in the blanks as shown below. Then SAVE the trunk settings.
Because we set up the Wazo trunk with a Default destination context, we don’t need an Incoming Route for the 3CX calls since they will be processed exactly as if they were dialed from a local extension on the Wazo PBX, i.e. local calls will be routed to extensions and outgoing calls through trunks will be routed using your existing Outbound Routes.
Finally, we need to create the Outbound Routes for calls originating from Wazo extensions that should be directed to specific extensions on the 3CX platform. You’ll need a list of the 3CX extension numbers you wish to enable on the Wazo platform, and we’ll need to create a separate Outbound Route for each 3CX extension to be enabled. Create the Outbound Routes using the template below after accessing Call Management:Outgoing Calls:+ Add Route.
In the General tab, we recommend including the 3CX extension in the Name field. The Context should be Outcalls, and the Trunk should be the 3CX001 trunk we created above.
In the Exten tab, specify the dialing prefix (9) followed by the 3CX extension number in the Exten field. Then choose 1 in the Stripnum field to tell Wazo to strip off the dialing prefix before sending the call to the 3CX PBX. Click SAVE to save your new outbound route settings. Repeat for each 3CX extension that should be accessible from the Wazo PBX.
Configuring 3CX for Interconnection to Issabel PBX
Now we’re ready to set up the 3CX side to interconnect with your Wazo PBX. Start by creating a SIP Trunk and fill out the template as shown below using one of the phone numbers associated with your Wazo PBX as the Main Trunk No.
Fill in the Trunk Details using the example below. Be sure to specify the actual IP address or FQDN of your Wazo server as well as the SIP credentials of 3CX for username and the actual password you set up on the Wazo side of things. The Main Trunk No will be the same as you entered in the previous step. Choose a Default Destination for the Trunk.
When the SIP Trunks listing redisplays, highlight your new Asterisk trunk and click Refresh Registration. The icon beside the Trunk should turn green. If not, be sure your IP address and password match the settings on the Wazo side. Remember to also whitelist the IP address of your 3CX server on the Wazo PBX using /root/add-ip and do the same for the Wazo PBX on the 3CX side. Don’t proceed until you get a green light!
Now we need two Outbound Routes for calls placed from 3CX extensions. One will handle calls destined for Local Extensions on the Wazo side. Our design is to place calls to Wazo extensions by dialing 8 + the 3-digit extension number. Adjust this to meet your own requirements. Be sure to set the Route as Wazo with a value of 1 for Strip Digits.
The other Outbound Route will handle calls destined for external calling with a Wazo trunk using a similar methodology. 3CX users will dial 8 + 10-digit number for calls to be processed by Trunks on the Wazo server.
Finally, we need an Inbound Rule for every 3CX extension that you wish to enable for remote calling from Wazo extensions. Use the Add CID Rule option to create each Inbound Rule using the sample below. In our example, we’re authorizing incoming calls to 3CX extension 003 where the CallerID number of the incoming call is 003. This template is exactly the same as what we used with the 3CX-Issabel setup previously.
Test Drive Your Interconnected Servers
Now we’re ready to try things out. From an extension on the 3CX server, dial 8 plus any 3-digit extension that exists on the Wazo server. Next, dial 8 plus a 10-digit number such as your smartphone. The call should be routed out of your Wazo server using the Trunk associated with the NXXNXXXXXX rule in your Wazo Outbound Routes. Finally, from an extension on your Wazo PBX, dial 9 plus 000 which should route the call to extension 000 on your 3CX server. Enjoy!
Published: Tuesday, September 5, 2017
Support Issues. With any application as sophisticated as this one, you’re bound to have questions. Blog comments are a difficult place to address support issues although we welcome general comments about our articles and software. If you have particular support issues, we encourage you to get actively involved in the PBX in a Flash Forum. It’s the best Asterisk tech support site in the business, and it’s all free! Please have a look and post your support questions there. Unlike some forums, the PIAF Forum is extremely friendly and is supported by literally hundreds of Asterisk gurus and thousands of users just like you. You won’t have to wait long for an answer to your question.
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
Free Worldwide VoIP Calling with iNum and Issabel 4
In our last article, we documented how to implement free, safe SIP URI worldwide calling with an almost-free Issabel™ server in the Cloud. Today we’ll add another free worldwide calling option using iNum™. As with SIP URIs, iNum provides a way for anyone in the world to reach you by phone without paying a nickel. And iNum adds the same functionality for Issabel PBX users to reach anyone else in the world with an iNum phone number. The iNum project was started almost a decade ago by Voxbone to create a free global phone network for IP communications. The International Telecommunication Union allocated a portion of its non-geographic country code +883 to the initiative. iNums are 15-digit telephone numbers in the +883 5100 area code. You can keep yours for life at no cost.
Let’s begin by obtaining an iNum telephone number for your Issabel PBX. Every PBX should have at least one. There are a number of iNum providers throughout the world that will give you an iNum telephone number at no cost. For our purposes today, we’ll document the procedure for CallCentric. Assuming you have 911 service with another provider, it won’t cost you anything to set up a CallCentric account and obtain a working iNum telephone number. Other providers (e.g. LocalPhone) typically require a modest deposit just to set up an account which is perfectly understandable. However, CallCentric doesn’t require a credit card up front. If you already have a VoIP.ms account from our tutorial last week, they also offer free iNum phone numbers: Order DIDs:iNum (limited to one per account).
Obtaining an iNum Phone Number from CallCentric
Navigate to the CallCentric web site and click Sign Up. Once your account is activated, login using your new credentials. Jot down your Username, CallCentric #, and Password for future access to the web site. From the main Dashboard, click View/Modify Extensions. Extension 100 should already be set up. Just create a SIP password and jot it down with your SIP username which is the same as your CallCentric #. Click Apply and then SAVE.
Next, let’s order the CallCentric freebies which include BOTH an iNum phone number and a traditional DID. Neither one costs you money, but you do have to use the DID once a month to keep it. The iNum phone number never expires. Under Products, click Order. Under Make Calls, choose the IP Freedom Plan unless you want to use CallCentric to make commercial calls. Under Receive Calls, choose Free Phone Number and Get a Number. Write down your 10-digit number. To obtain an iNum phone number, click here and then click Order an iNum Number. Write down your iNum phone number. UPDATE: CallCentric now will let you order multiple iNum phone numbers at no cost. Each supports two simultaneous calls and unlimited incoming minutes.
With CallCentric, you have two options in routing incoming calls. You can use the Default routing setup which will send the calls to your CallCentric registered trunk (which we will set up below) on your Issabel PBX. Or you can customize the routing and forward the calls for each DID and iNum number to a SIP URI. From the Dashboard, choose Phone Number Forwarding. If you simply want to forward both your DID and iNum numbers to the SIP URI that you set up last week with VoIP.ms, then no trunk registration (below) is required at all. However, you would lose the ability to use CallCentric to place outbound iNum calls from your Issabel extensions.
Integrating iNum Support into Your Issabel PBX
In the Issabel web GUI, we need to configure the trunk for CallCentric. The template already is included with Incredible PBX® for Issabel. Then we need to set up an Inbound Route for CallCentric as well as an outbound route to process iNum calls originating from Issabel extensions.
To configure the CallCentric trunk, navigate to PBX:PBX Config:Trunks:CallCentric. First, uncheck the Disable Trunk field. In Outgoing Settings, insert your SIP username (1777XXXXXXX) in the fromuser and defaultuser fields as well as in the initial field (before colon) and last field (after /) of the Registration String. Insert your SIP password in the secret field and the second field (after the colon) in the Registration String. Submit Changes and Reload Dialplan when prompted.
Next create an Outbound Route for iNum calls using your CallCentric trunk. Navigate to PBX:PBX Config:Outbound Routes. Click Add Route. For Route Name, use Out-CallCentric-iNum. For Dial Pattern, insert 008835100 in the Prepend field and XXXXXXXX in the Match Pattern field. For Trunk Sequence, choose CallCentric. Click Submit Changes and Reload Dialplan when prompted.
Next create an Inbound Route for calls coming from your CallCentric trunk. This will include BOTH your iNum calls and calls from your free CallCentric DID. Navigate to PBX:PBX Config:Inbound Routes. Click Add Incoming Route. For Description, use CallCentric-Incoming. For DID Number, use your SIP username (1777XXXXXXX). For CID Lookup Source, choose OpenCNAM. Then pick a Destination for the incoming calls, e.g. an extension, ring group, or IVR. Click Submit Changes and Reload Dialplan when prompted.
Placing iNum Calls from Issabel Extensions
With our simplified outbound route, users of Issabel extensions can dial iNum phone numbers by simply dialing the last 8 digits of the number, i.e. all of the numbers following 8835100. Most abbreviated numbers start with a zero. For example, to reach Lenny, simply dial 01198938.
Placing iNum Calls from SIP Phones
If you want to reach an iNum number and only have a SIP phone, you can dial any iNum phone number in SIP URI format. Use this syntax: sip:8835100xxxxxxxx@sip.inum.net. Note that the full iNum phone number is required.
Placing iNum Calls from Standard Phones
As part of the iNum initiative, local access numbers have been established in more than 50 countries around the globe. By placing a local call from any telephone to one of these local access numbers, any individual with an iNum phone number anywhere in the world can be reached without further cost. Here is a current list of the local access numbers. Once your call is answered, simply enter the 15-digit iNum phone number you wish to reach, and you will be connected. Here is the latest iNUM listing from DSL Reports:
Country City Access Number ------------------- ------------------------ --------------- Argentina Buenos Aires +54 1159839500 Australia Sydney +61 280148200 Austria +43 720880500 Bahrain +973 16199200 Belgium Brussels +32 28081771 Brazil Brasilia +556135500791 Brazil Florianopolis +554840420809 Brazil Rio De Janeiro +552135006959 Brazil Sao Paulo +551146803621 Bulgaria Sofia +359 24917555 Canada Calgary (403) 775-1446 Canada Edmonton (780) 669-9257 Canada Halifax (902) 982-6937 Canada London (519) 488-9336 Canada Montreal (514) 907-7500 Canada Ottawa (613) 686-4519 Canada Quebec City (418) 800-0384 Canada St. Johns, Newfoundland (709) 757-0060 Canada Regina (306) 988-1600 Canada Toronto (416) 800-4303 Canada Toronto (647) 724-8777 Canada Vancouver (778) 786-3497 Canada Winnipeg (204) 272-8182 Chile Santiago +56 25813444 Croatia Zagreb +385 17776363 Cyprus Nicosia +357 22030500 Czech Republic Prague +420 246019777 Denmark +45 69918686 Dominican Republic Santiago (829) 947-9610 El Salvador +503 21131899 Estonia +372 6681881 Finland Helsinki +358 942419200 France Paris +33 170619800 Germany Frankfurt +4969257385876 Germany Frankfurt +4969257380439 Greece Athens +30 2111768444 Hungary Budapest +36 14088951 Ireland Dublin +353 15262600 Israel Tel Aviv +972 37219555 Italy Rome +39 0662207777 Japan Tokyo +81 345209777 Latvia Vilnius +370 52059090 Lithuania +371 67652500 Luxembourg +352 20880108 Malta +35627780107 Mexico Guadalajara +52 3346242977 Mexico Mexico City +52 5511678222 Mexico Monterrey +52 8141703540 Netherlands Amsterdam +31 208080808 New Zealand Auckland +64 99250499 Norway Oslo +47 21031306 Panama +507 8322488 Peru Lima +51 17085500 Poland Warsaw +48 223982688 Portugal Lisbon +351 308803219 Puerto Rico Bayamon Norte (787) 395-7140 Romania +40 318103500 Singapore +65 31581212 Slovakia Bratislava +421 233002555 Slovenia Ljubljana +386 16001422 South Africa Johannesburg +27105002854 South Africa Pretoria +27120042701 Spain Barcelona +34 931815653 Spain Madrid +34 911883777 Sweden Stockholm +46 852500111 Switzerland Zurich +41 435006262 United Kingdom London +44 2033556363 United States Albuquerque, NM (505) 225-8243 United States Charlotte, NC (980) 202-0283 United States Charlotte, NC (980) 236-0398 United States Chicago, IL (312) 253-4880 United States Houston, TX (713) 474-2323 United States Kansas City, MO (913) 951-0932 United States Los Angeles, CA (213) 221-3799 United States New York, NY (646) 843-6969 United States Phoenix, AZ (602) 354-9444 United States San Diego, CA (619) 330-9640 United States San Francisco, CA (650) 360-0999 United States Santa Barbara, CA (805) 308-9649 United States Seattle, WA (206) 420-5904 United States Spokane, WA (509) 931-0459 United States Tacoma, WA (253) 343-1529
We’ve barely scratched the surface of what you can do with Incredible PBX for Issabel. Head over to our introductory article where we’ve documented dozens of Asterisk® applications that await your exploration. Enjoy!
Published: Tuesday, August 29, 2017
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
Free Worldwide VoIP Calling with SIP URIs and Issabel 4
SIP URIs make the VoIP World go ’round. They’re the email-like addresses that carry VoIP calls between SIP servers to reach their destination. But there’s gold in them hills if you know how to use SIP URIs because SIP URI calls are free even if the calls travel all the way around the world. We previously documented how to deploy SIP URI calling with PIAF5 and 3CX, and today we’ll show you how to make SIP URI calls from and to your Issabel™ server using Incredible PBX®. More importantly, we’ll show you how to do it safely without opening up the anonymous calling floodgates and compromising your Asterisk® server.
Now that we’ve gotten the price of cloud-based servers down to a respectable $1.50 to $2.50 per month, it’s time to cut the cord and kiss your home-grown server goodbye. The babysitting headaches and maintenance costs of running your own server and paying for electricity simply aren’t worth it. There’s another reason. NAT-based routers and firewalls complicate things when it comes to VoIP. Not only do you have to wrestle with SIP headers and ALG, but you also have to troubleshoot thorny one-way audio issues with VoIP calling. So bite the bullet and play along today. Skip that Starbucks coffee this week and you’ve all but paid for a full year’s worth of VoIP server hosting in the Cloud.
Getting Started with Vultr
If you just want to experiment in a cloud-based sandbox, then there’s no better option than Vultr. For less than a penny an hour, you can build a VoIP platform, tear it down, and build another one for less than the cost of a nickel candy bar. You remember those, don’t you? I actually tried to think of something that still costs a nickel, but that was the best I could do… and that was 50+ years ago.
After you’ve created an account on Vultr with our referral link, the first step is to create your new cloud instance. Choose New York or Miami as your desired hosting site (they both have $2.50/month availability) and select 64-bit CentOS 7 as your server platform. An additional 50¢ a month buys you automatic daily, weekly, or monthly backups to a separate, fault tolerant storage system in the same data center. HINT!
(1) Once you’ve built and started your new virtual machine, log into your server as root using SSH/Putty and immediately change your root password: passwd.
(2) With the $2.50 size VULTR virtual machine, you must create a swapfile before beginning the Issabel installation. Here are the commands:
dd if=/dev/zero of=/swapfile bs=1024 count=1024k chown root:root /swapfile chmod 0600 /swapfile mkswap /swapfile swapon /swapfile echo "/swapfile swap swap defaults 0 0">>/etc/fstab sysctl vm.swappiness=10 echo vm.swappiness=10>>/etc/sysctl.conf free -h cat /proc/sys/vm/swappiness
(3) Now skip down to the Issabel installation section to continue.
Getting Started with WootHosting
If $2.50 a month is too rich for your blood, there actually are two $1.50 a month options at WootHosting if you sign up for a year. With the New York special, you get a single VPS platform. With the twofer special, you actually get two VPS platforms in your choice of cities. WootHosting also offers considerably more horsepower with quadruple the RAM and more storage space. You can read our review of WootHosting here.
(1) Start by creating a CentOS 7 Minimal VPS platform in New York, Miami, or Los Angeles. If you opted for the WootHosting twofer special, then you’ll need to create a user and then a virtual server platform that looks something like this:
(2) Set a root password in the Root/Admin Password tab and enable TUN/TAP (needed for NeoRouter) in the Settings tab.
(3) Login to your server as root using SSH Terminal or Putty.
(4) Now continue with the Issabel installation as documented below.
Installing Issabel on Your VPS Platform
Issue the following commands to install Issabel. When prompted for a MariaDB (MySQL) and admin password, make certain to use passw0rd (with a zero) for your MariaDB password and a very secure password for your admin password, the one you’ll use to login as admin to Issabel’s web interface.
yum -y update yum -y install wget nano wget -O - http://repo.issabel.org/issabel4-netinstall.sh | bash
When the Issabel install is complete, your server will automatically reboot.
Installing Incredible PBX for Issabel on Your VPS
After the reboot, log back into your server as root and issue the following commands to install Incredible PBX for Issabel. You will again be prompted for MariaDB and admin passwords. Do exactly as you did above using passw0rd as your MariaDB password. At the conclusion of the install, you will again be prompted for the same admin password you used above. This is actually used for Apache web security and will be the first prompt you see when you attempt to login to any web application including Issabel, AsteriDex, and Reminders.
wget http://incrediblepbx.com/IncrediblePBX11-Issabel4.sh chmod +x IncrediblePBX11-Issabel4.sh ./IncrediblePBX11-Issabel4.sh
When the installation finishes, reboot your server once again and then log back in as root. The Automatic Update Utility will load current patches and then display pbxstatus.
Using a browser, login to the Issabel web client at the IP address shown in pbxstatus. You’ll be prompted twice (http and https) for your Apache admin credentials which should be the same as your Issabel GUI admin credentials. Save your Apache credentials in your browser when prompted to do so. Then you won’t have to provide Apache credentials again. Next, login to the Issabel GUI with admin and your admin password.
That completes the basic install of Incredible PBX and Issabel. Our previous tutorial will walk you through the basics of setting up your trunks, extensions, and routes in Issabel.
Overview of SIP URI Implementation with Issabel
There are any number of ways to implement incoming SIP URI support on Asterisk-based servers. Most are terribly insecure and provide an easy target for the bad guys to make free calls using your paid VoIP provider accounts. The traditional method to permit SIP URI access to your server would require poking a hole in your firewall to allow unrestricted access to the SIP port of your server, UDP 5060. In addition, it would require enabling unrestricted anonymous calling access to Asterisk via FreePBX®. After all, that’s similar to the way the Ma Bell telephone system operated. Anyone in the world could call you provided they had your number. The major deterrent was that most of the calls incurred costs to the caller with no monetary benefits being derived. VoIP changed all of that. Using a SIP client and SIP URIs, anonymous individuals now can place unlimited calls to unlimited VoIP servers at no cost. And, if they get lucky, they can decipher a way to call into your PBX via SIP URI and then call out using phone trunks that you actually have to pay for. Bad idea!
We have a better way that’s entirely secure and won’t incur calling charges for incoming anonymous SIP URI calls. The solution is to set up a trunk with a hosting provider that supports anonymous SIP URI access and then leave it to the VoIP provider to manage the thorny SIP security problems which is not Asterisk’s strong suit. Once we’ve set up the SIP URI with the provider, we will register a trunk with that provider on our Issabel server. Then all of the anonymous SIP URI calls will come into the SIP provider and be rerouted to Issabel through our registered trunk with that provider. No firewall puncturing is required because we will be using a registered trunk and tunnel between our server and the provider.
Implementing SIP URI Support with VoIP.ms
Our favorite VoIP provider to implement this is VoIP.ms in Canada. They have POP servers throughout the world so you can pick a server that is close to your cloud-based Issabel server. VoIP.ms POPs are available in Tampa, New York, and Los Angeles among others worldwide. Step one is to set up an account at VoIP.ms if you don’t already have one. Step two is to set up a SubAccount with a difficult-to-guess VoIP.ms Internal Extension Number. Be sure to jot down the Username and Password you set up for your SubAccount. You’ll need them in a minute. In our example today, we’re using 4772235642 as the internal extension number. This means other VoIP.ms account holders can reach this account by dialing 10+ 4772235642. And anyone on the Internet can reach this account by dialing your VoIP.ms account number + 4772235642 at the POP to which you are registering a VoIP.ms DID associated with this SubAccount. Clear as mud? Hang in there a bit longer.
Step three is to sign up for a VoIP.ms DID. This could be a free iNUM DID or a commercial DID (traditional 10-digit NANPA number) that your PBX could actually use to receive traditional calls. Commercial DIDs range in price from under $1 a month with incoming calls costing under a penny a minute to $4.25 a month with unlimited incoming (residential) calls. For our purposes today, the type of DID and its commercial cost really don’t matter. When any of these DIDs are connected to a SubAccount with an associated Internal Extension Number, SIP URI calls to that DID’s internal extension number are free! So… the cheaper, the better.
The final step on the VoIP.ms side of things is to associate your DID with a SubAccount and choose a POP server to process the calls coming to you. This is done under the Manage DIDs tab in the VoIP.ms web interface.
So let’s review what we’ve done. We set up a VoIP.ms account. We created a SubAccount in their web interface and created an internal extension number for that subaccount. Next, we ordered a DID. And finally, we associated that DID with the subaccount we created and chose a POP server to deliver the inbound calls to our server.
Now we’re ready to set up a VoIP.ms trunk on our Issabel server and test things out.
Implementing SIP URI Support with Issabel
Incredible PBX makes setting up a VoIP.ms trunk easy. The template is already in place in the Issabel GUI. All you’ll need are your VoIP.ms credentials (SubAccount Username and Password), your DID number that you ordered from VoIP.ms, and the name of the VoIP.ms POP server (from Manage DIDs) that will be delivering the incoming calls. You’ll also want to jot down your Internal Extension Number (without leading 10) that you set up in your VoIP.ms SubAccount. You’ll need that and the FQDN of the VoIP.ms POP in order to decipher the SIP URI (phone number) to reach your server.
While logged into the Issabel GUI, navigate to PBX:PBX Config:Trunks:VoIPms. Insert your DID in the Outbound CallerID field. Uncheck the Disable Trunk box. Under PEER Details, insert your VoIP.ms username in the username and fromuser fields. Insert your VoIP.ms password in the password field. Insert the FQDN of the VoIP.ms POP server in the host field. Under Register String, insert your username, followed by a colon, your password, followed by @, your POP FQDN, followed by /DID, e.g. johndoe:secret@tampa.voip.ms/8005551212.
Next, we need to create an Inbound Route to process the incoming calls from VoIP.ms. Navigate to PBX:PBX Config:Inbound Routes. Click Add Incoming Route. In the Description field, enter VoIPms-Incoming. In the DID Number field, insert your DID number. In the Source field, choose OpenCNAM. In the Set Destination dialog, choose a destination for the incoming calls, e.g. an extension, ring group, or IVR. Then click Submit and reload dialplan.
Finally, we need to adjust a SIP setting to support SIP URI calls from VoIP.ms. Navigate to Security:Advanced Settings. Set Enable Direct Access ON. Set Allow Anonymous Calls OFF. Enter your admin password twice. Click SAVE.
Next, navigate to PBX:PBX Config:Unembedded IssabelPBX. When the new window opens, navigate to Settings:Asterisk SIP Settings. In the External IP field, insert the IP address of your Issabel server. Click Auto Configure button immediately below that. Scroll to the bottom and, in Other SIP Settings, insert match_auth_username = yes in the two fields provided. Click Submit Changes and reload dialplan. Click Logout: Admin at the top of the browser window and then close the browser tab to return to the main Issabel GUI.
Deciphering the SIP URI for Your Issabel PBX
From the information you wrote down above, here’s how to assemble the SIP URI for your Issabel PBX. Start with your VoIP.ms account number, e.g. 101595. Add your Internal Extension Number, e.g. 4772235642. Add the @ symbol followed by the VoIP.ms POP routing calls to Issabel, e.g. tampa.voip.ms. You can give ours a try if you’d like to interact with Allison’s Demo IVR: 1015954772235642@tampa.voip.ms. Most SIP clients support SIP URI calling including Zoiper (PCs) and Telephone (Macs).
Placing Outbound SIP URI Calls from Issabel PBX
The easiest way to place outbound SIP URI calls from your Issabel PBX is to set up Custom Extensions for the destinations you wish to reach.
Navigate to PBX:PBX Config:Extensions:Other (Custom) Device. Assign an extension number and display name to the extension and insert the SIP URI in the dial field using the syntax shown below. Then click Submit and reload your dialplan.
We’ve barely scratched the surface of what you can do with Incredible PBX for Issabel. Head over to our introductory article where we’ve documented dozens of Asterisk® applications that await your exploration. Enjoy!
Published: Thursday, August 24, 2017
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
A VPN for All Seasons: Introducing NeoRouter v2
Today, we want to revisit our favorite client-server VPN, NeoRouter. It’s included with all versions of Incredible PBX® and eases the pain of setting up air-tight firewalls as well as High Availability (HA) redundant servers with VoIP. NeoRouter relies upon a central server and uses a star topology to connect remote nodes. The major difference between NeoRouter and PPTP VPNs is that only registered devices participate in the virtual private network so there is no direct access to other machines on the LANs of the registered devices. If you have servers or users scattered all over the countryside, NeoRouter is an excellent (and free) way to manage and interconnect them. All data and communications between the nodes can then be routed through the encrypted VPN tunnel for rock-solid security.
With NeoRouter’s latest 2.3 (free) software, you can set up your VPN server using a PC, a Mac, a Linux or FreeBSD machine, OpenWrt Backfire, Tomato, or even a Raspberry Pi. With all versions of Incredible PBX, the NeoRouter Free Client is automatically installed. To bring up NeoRouter, all you need to do is install the NeoRouter Free Server on one of your machines and then login to the server from each NeoRouter Client using your server credentials. VPN clients also are available for PCs, Macs, Linux and FreeBSD machines, Raspberry Pi, OpenWrt, Tomato as well as Android and iOS phones and tablets. There’s even an HTML5 web application in addition to a Chrome browser plug-in. With the OpenWrt and Tomato devices or if you’re an extreme techie, you can broaden your NeoRouter star configuration and bridge remote LANs. See pp. 58-63 of the NeoRouter User’s Manual.
You can interconnect up to 256 devices to the NeoRouter Free Server at no cost. For $999, you can enlarge your VPN to support 1,000 devices. Screen sharing, remote desktop connections, HTTP, and SSH access all work transparently using private IP addresses of the VPN nodes which are automatically assigned in the 10.0.0.0 private network.
Today we are introducing the second generation of the NeoRouter VPN solution. It’s suitable for use on a dedicated server or running as a virtual machine. Whether to run NeoRouter Free server on a dedicated machine is your call. We never do. And NeoRouter never requires exposure of your entire server to the Internet. Only a single TCP port needs to be opened in your hardware-based firewall or IPtables Linux firewall. The only real requirement is a dedicated IP address for your server so that the client nodes can always find the mothership. We typically run the NeoRouter server component on our failover VoIP server with Wazo HA. We’ll finish up today by showing you how to back up the critical components of NeoRouter Server so that, if your server platform ever should fail, it only takes a few minutes to get back in business on a new server platform. Let’s get started.
Creating Your NeoRouter Server Platform
We’re assuming you already have an Incredible PBX server of some flavor running on a dedicated IP address with the IPtables firewall. If not, start there.
First, on your IPtables firewall, make certain that TCP port 32976 has been whitelisted for public access. On Incredible PBX platforms, this is automatic. You can double-check by running iptables -nL and searching for an entry that looks like this:
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:32976
Second, we need to download and install the NeoRouter Free Server for your platform. Be sure you choose the version that matches your operating system, CPU architecture, and type. Debian and Ubuntu servers use the same code. We do not recommend Raspberry Pi as a suitable platform for your NeoRouter server!
For RedHat/CentOS 64-bit platforms, here’s the download link. While logged into your server as root, issue the following command using the downloaded 64-bit RPM:
rpm -Uvh nrserver-2.3.1.4360-free-centos-x86_64.rpm
For Ubuntu/Debian 64-bit platforms, use this link. While logged into your server as root, issue the following command using the downloaded 64-bit .deb image:
dpkg -i nrserver-2.3.1.4360-free-ubuntu-amd64.deb
Third, each administrator (admin) and user is going to need a username to access your NeoRouter VPN. You can use the same credentials to log in from multiple client machines, something you may or may not want to do. Here are the commands to create admin and user accounts. Don’t use any special characters in the username and password!
nrserver -adduser username password admin
nrserver -adduser username password user
You’re done. Now let’s register your NeoRouter server with the mothership.
After your NeoRouter Free Server is installed, you can optionally go to the NeoRouter web site and register your new VPN by clicking Create Standalone Domain. Make up a name you can easily remember with no periods or spaces. You’ll be prompted for the IP address of your server in the second screen. FQDNs are NOT permitted.
When a VPN client attempts to login to your server, the server address is always checked against this NeoRouter database first before any attempt is made to resolve an IP address or FQDN using DNS. If no matching entry is found, it will register directly to your server using a DNS lookup of the FQDN. Whether to register your VPN is totally up to you. Logins obviously occur quicker using this registered VPN name, but logins won’t happen at all if your server’s dynamic IP address changes and you’ve hard-coded a different IP address into your registration at neorouter.com.
Configuring and Connecting Your NeoRouter Client
As mentioned previously, there are NeoRouter clients available for almost every platform imaginable, including iPhones, iPads, and our beloved Raspberry Pi. NeoRouter Client software is included in all Incredible PBX builds. If you’re using some other platform, Step #1 is to download whatever client is appropriate to meet your requirements. Here’s the NeoRouter Download Link. Make sure you choose a client for the Free version of NeoRouter. Obviously, the computing platform needs to match your client device. The clients can be installed in the traditional way with Windows machines, Macs, etc. Once enabled, you can use your NeoRouter Client to create a VPN tunnel to connect to any other resource in your virtual private network using SSH, VoIP clients, and web browsers.
To activate the NeoRouter client while logged in as root, type: nrclientcmd. You’ll be prompted for your Domain, Username, and Password. You can use the registered domain name from neorouter.com if you completed that step above. Otherwise, be sure to use the FQDN assigned to your NeoRouter Server. Once you’re logged in, you will be presented with the names and private IP addresses of all of your connected nodes.
To exit from NeoRouter Explorer, type: quit. The NeoRouter client will continue to run so you can use the displayed private IP addresses to connect to any other online devices in your NeoRouter VPN. All traffic from connections to devices in the 10.0.0.0 network will flow through NeoRouter’s encrypted VPN tunnel. This includes inter-office SIP and IAX communications between Asterisk® endpoints. These private IP addresses can also be used to create a High Availability (HA) platform with Wazo even if the servers are not colocated.
Admininistrative Tools to Manage NeoRouter
Here are a few helpful commands for monitoring and managing your NeoRouter VPN.
Browser access to NeoRouter Configuration Explorer (requires user with Admin privileges)
Browser access to NeoRouter Remote Access Client (user with Admin or User privileges)
Manage your account on line at this link
To access your NeoRouter Linux client: nrclientcmd
To restart NeoRouter Linux client: /etc/rc.d/init.d/nrservice.sh restart
To restart NeoRouter Linux server: /etc/rc.d/init.d/nrserver.sh restart
To set domain: nrserver -setdomain YOUR-VPN-NAME domainpassword
For a list of client devices: nrserver -showcomputers
For a list of existing user accounts: nrserver -showusers
For the settings of your NeoRouter VPN: nrserver -showsettings
To add a user account: nrserver -adduser username password user
To add admin account: nrserver -adduser username password admin
Test VPN access: http://www.neorouter.com/checkport.php
For a complete list of commands: nrserver –help
To change client name from default pbx.local: rename-server OR…
- Edit /etc/hosts
- Edit /etc/sysconfig/network
- Edit /etc/sysconfig/network-scripts/ifcfg-eth0
- Edit /etc/asterisk/vm_general.inc
- reboot
For the latest NeoRouter happenings, visit the NeoRouter blog and forum.
Backing Up NeoRouter Server for That Rainy Day
Yes, servers fail sooner or later. So it’s best to plan ahead and avoid having to recreate your NeoRouter VPN from scratch. Backing up your server is easy. Log into your server as root and issue the following command:
tar cvzf nr-server-db.tar.gz /usr/local/ZebraNetworkSystems/NeoRouter/NeoRouter_0_0_1.db /usr/local/ZebraNetworkSystems/NeoRouter/Feature.ini
Copy nr-server-db.tar.gz and your NeoRouter Server installer to a safe place!
When that sad day arrives, be sure that your original NeoRouter Server is off line. Then reinstall NeoRouter Server on a new server platform using your original NeoRouter Server installer. If necessary, change the DNS entry for your original NeoRouter server to the new IP address. Then shut down new NeoRouter Server, load your backup, and restart server:
/etc/rc.d/init.d/nrserver.sh stop cd / tar zxvf nr-server-db.tar.gz /etc/rc.d/init.d/nrserver.sh start
Published: Monday, August 21, 2017
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
Twofer Tuesday: $1.50 Cloud Bargains for VoIP Deployments
We’ve been big fans of $5/month VPS offerings of Digital Ocean and Vultr for many years. When Vultr reduced their lowest tier to $2.50/month, we were ecstatic. These weren’t ideal VoIP platforms because of their 512MB memory constraint, but they were perfectly suitable as a sandbox for experimentation. And then along came OVH with a 2GB VPS that was nearly perfect for VoIP at $3.49/month. As we all know, the Earth does not stand still, and WootHosting now has once again changed the landscape with two different $1.50/month offerings that include 2GB of RAM. That’s cheaper than the cost of electricity to run a server in your home or office. Never mind that you also have to purchase a server.
As most of you know, we eat our own dog food before recommending products, and we’ve deployed both the Wazo and Issabel PBXs on the WootHosting platform being reviewed today. In addition, we’ve deployed a multi-purpose web server to host more than a dozen of our personal sites using an even better second offering that we also will cover today.
The first offering (pictured above) actually provides a platform for two separate VoIP servers. For each of the servers, you have a choice of sites: New York, Miami, or Los Angeles. Why would you want two servers? The most obvious answer is redundancy. Wazo already offers High Availability (HA) redundant servers with the click of a button. Our deployment tutorial is available here. By deploying identical servers in two cities, you have a failsafe VoIP platform that can survive almost any natural or man-made disaster. And the total cost for both cloud servers is just $3 a month. A similar implementation for other Incredible PBX platforms is now under development on the PIAF Forum. Compare these free options to HA solutions from other VoIP providers costing $3,000 plus maintenance.
If a New York-based cloud offering will meet your needs, the second WootHosting offer is even more impressive with 4 CPU core allocations, 2GB RAM and swap space, a whopping 150GB of storage, 3TB of monthly bandwidth, and advanced DDOS protection for $1.50/mo.:
As we mentioned, we actually use this second VPS offering to host more than a dozen of our personal web sites without a hiccup. But it is sufficiently robust to host very large VoIP implementations with support for dozens of simultaneous calls. A deployment guide for Wazo is available here. As with all cloud-based servers, we strongly recommend redundant system deployments in separate locations. Additional WootHosting specials in their various locations are documented on the New York ordering page. Enjoy!
Published: Tuesday, August 15, 2017
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
Finding the Perfect Phone Solution for Small Organizations
Many of us wear several hats during our business careers. One of those invariably is managing a community organization of some flavor. We frequently are asked for advice on what the ideal telephony solution would be for such an organization. The reason for the inquiries typically is because the Bell Sisters have now jacked up the cost of a single, business phone line to well over $100 a month. And that gets you local calls only unless you sign up for exorbitant additional charges for long distance calling. It’s worth noting that most of the individuals making these inquiries stress that they do not want to get in the business of managing a phone system. They’re looking for a plug-and-play, set-it-and-forget-it setup that will require minimal tweaking. My first question is always: "What’s your budget?" Then we explore (1) how many phones, (2) the frequency of calls, (3) the number of simultaneous calls, (4) the mix of local and long distance calling, and, last but not least, (5) the must-have feature set. No shocker: the budget is always near zero.
Today, we’re going to start on the bottom rung and work our way up the technology ladder. If you never thought smartphones and cellular would be part of this equation, guess again. $60 will now buy you a 4G LTE smartphone at WalMart, and monthly plans with unlimited calling in the U.S. start at $25 for Walmart’s Family Mobile plan, a far cry from the Ma Bell business phone rates. And you can keep your number! If you need multiple phones but only a single line, that’s not a problem either. Add a Link2Cell digital cordless phone system from Panasonic and now you have as many as 5 phones that can make and receive calls using your cellular connection via Bluetooth®. Some even support a second cellphone connection. With many you can build a phonebook on your cellphone and import it into all of your cordless phones. And, of course, voicemail is included as part of your cell plan. For those with poor cellular service, the Family Calling Plan supports free WiFi calling on many cellphones. And $10 extra buys you rollover international calling funds with 5¢/min. rates to Canada and Mexico. Calling rates to other countries are less than impressive and do not compare favorably with typical VoIP rates.
Cellular phone service isn’t for everyone, and there are considerably more choices in the Land of VoIP. The wrinkle with all of the VoIP solutions is that now you need internet service at the site of your organization. To say there is minimal competition in the internet service provider market is an understatement. If you’re lucky, you’ll have a choice between AT&T and one of the cable companies: Comcast, Charter, or Time Warner/Spectrum. The downside is it adds an additional $25 to $75+ to your monthly costs unless the organization already has Internet service that is used for purposes other than telephony. What won’t work for VoIP is satellite internet service because of latency issues.
Once you’re over the internet service hurdle, there are numerous VoIP choices for phone service depending upon your skillset. Again, let’s start on the bottom rung. If you can make it with one phone and one call at a time, it’s hard to beat Ooma Telo. $100 buys you a device that delivers landline-like phone service at a monthly cost of $4 (you only pay communications taxes and fees) to $10 depending upon the feature set you choose. The basic, fees-only plan gets you toll-free nationwide calling in the U.S., call waiting, caller ID, 911 service, a call log history and voicemail through Ooma’s online dashboard. The premium $10 a month plan adds a second line, free calling to Canada and Mexico, voicemail via email, call screening, do not disturb and call forwarding to an Android phone or iPhone. As with cellular service, you can keep your existing phone number. If you need WiFi connectivity or cellphone Bluetooth connectivity for your Ooma device, add $50. Otherwise, just plug a standard telephone into the Ooma hardware, and you’re good to go. You also could use a wireless phone system such as the ones described in the previous section to add up to five extensions.
If you need additional lines or phones, the $200 Ooma Office offering is worth considering. You can add as many users as desired for $19.95/month/each with every user getting unlimited U.S./Canada calling, CallerID service, and an impressive collection of business phone features (shown above). The cost of the VoIP phones for each user are not included. While the monthly service charges are pricey, you’re paying for the simplicity of never having to deal with the intricacies of configuring and managing a business phone system. However, you do have to purchase and configure a SIP phone for each user.
When you get beyond the single user, single line requirement, the sky opens up in the VoIP market. The savings go from getting part of your hundred dollars back each month to saving several hundred or thousands of dollars every month. What becomes important is how much of the deployment work you’re willing to undertake yourself. If the answer is not much, then the phone systems from one of our corporate sponsors, 3CX or RentPBX, are probably your best bets. Both offer turnkey VoIP solutions, and 3CX also has a worldwide dealer network to handle all of the deployment chores for you as well. While the front end costs with the 3CX commercial solution must be considered, the long-term savings more than cover these costs in your first year.
If you’re capable of making your own dinner by reading the directions off the side of a box, then you can probably handle many VoIP deployments yourself. The list of tasks goes something like this. You’ll either need a computer or cloud provider for a computing platform. Then you need a Linux operating system for that platform. Next, you need VoIP software to serve as your PBX. Services such as RentPBX handle setup of all three of these tasks for a monthly cost of $15. Or you can do it yourself and reduce the cost to $5 or less per month. We have dozens of tutorials to show you how.
At this juncture, you’re pretty much on your own except for our tutorials. The remaining tasks include purchasing and configuring phones for your users and configuring trunks from one or more VoIP providers, the folks that interconnect your phone calls to the people you are calling. Then you configure your PBX to route calls in and out of your PBX, and you’re in business. All of these tasks are managed using web-based GUI software, and there are plenty of tutorials to hold your hand every step of the way.
We’ll finish up today by walking you through one of our favorite open source VOIP setups. It provides free calling and faxing in the United States. Typical setup takes less than an hour, and the monthly cost is $3 which includes nightly backups of your entire PBX. These backups can be restored with a single button click.
FULL DISCLOSURE: 3CX, RentPBX, Amazon, Vitelity, and Vultr all provide financial support to Nerd Vittles and our open source projects. We’ve chosen these providers not the other way around. Our decisions were based upon their corporate reputation and the quality of their offerings and their pricing,
The Vultr/VoIP Open Source Solution
Begin by setting up an account at Vultr using our referral link. Then create a new instance choosing the smallest Server Size and CentOS 7/64-bit as the Server Type. Pick a Server Location that supports the $2.50 server size. Currently, Miami and New York are available. Once your virtual machine is running, you can activate automatic backups under the Server Information:Backups tab in the Vultr Control Panel.
(1) Once you’ve built and started your new virtual machine, log into your server as root using SSH/Putty and immediately change your root password: passwd.
(2) With the $2.50 size VULTR virtual machine, you must create a swapfile before proceeding. Here are the commands:
dd if=/dev/zero of=/swapfile bs=1024 count=1024k chown root:root /swapfile chmod 0600 /swapfile mkswap /swapfile swapon /swapfile echo "/swapfile swap swap defaults 0 0">>/etc/fstab sysctl vm.swappiness=10 echo vm.swappiness=10>>/etc/sysctl.conf free -h cat /proc/sys/vm/swappiness
(3) Now you’re ready to kick off the Issabel 4 install. Here are the commands:
cd /root yum -y install wget nano dialog wget -O - http://repo.issabel.org/issabel4-netinstall.sh | bash
When prompted for a MySQL password, use: passw0rd (with a zero). Choose a secure Issabel admin password for the GUI.
(4) After the reboot, log back in as root and install Incredible PBX for Issabel:
cd /root wget http://incrediblepbx.com/IncrediblePBX11-Issabel4.sh chmod +x IncrediblePBX11-Issabel4.sh ./IncrediblePBX11-Issabel4.sh
When prompted for a MySQL password, use: passw0rd (with a zero). Choose a secure Issabel admin password for the GUI.
(5) After the reboot, configure your correct timezone: /root/timezone-setup
Be advised that, when you log into the Issabel web interface, you will be prompted (three times) for your admin credentials. You can save these entries to avoid having to repeat it in the future. Now you can jump over to the Incredible PBX for Issabel tutorial to complete your installation. Within a couple minutes, your PBX will be ready to accept calls. Enjoy!
Published: Monday, August 7, 2017
Support Issues. With any application as sophisticated as this one, you’re bound to have questions. Blog comments are a difficult place to address support issues although we welcome general comments about our articles and software. If you have particular support issues, we encourage you to get actively involved in the PBX in a Flash Forum. It’s the best Asterisk tech support site in the business, and it’s all free! Please have a look and post your support questions there. Unlike some forums, the PIAF Forum is extremely friendly and is supported by literally hundreds of Asterisk gurus and thousands of users just like you. You won’t have to wait long for an answer to your question.
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
Almost Free: Professional Grade TTS Comes to Issabel 4
There’s no need to be chained to your TV for breaking news and weather forecasts when they can be as close as the nearest VoIP phone. Today we’re elevating text to speech with Issabel to commercial-quality. We’re wrapping up our month-long romance with Issabel 4 by introducing IBM’s Bluemix TTS service for Incredible PBX®. It’s surprisingly affordable. The first million characters of text-to-speech synthesis are FREE every month so, for most users, upgrading to commercial quality speech synthesis is a no-brainer. Try out our 10-second demo and prepare to be amazed. We provided a plain text demo (without any voice transformation SSML) to show how incredibly accurate IBM’s basic voice synthesis engine is. With additional tweaking using IBM’s SSML functions, any voice nuances can be quickly corrected or enhanced. Feel free to build a few samples on your own at IBM’s demo site.
[soundcloud url="https://api.soundcloud.com/tracks/335398310″ params="auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&visual=true" width="80%" height="414″ iframe="true" /]
An awesome text-to-speech engine, of course, is only half of the story. You still need application software to bring TTS to life on your PBX. Nerd Vittles tried and true news and weather applications for Incredible PBX provide the glue that binds news and weather updates to your phone by simply dialing a 3-digit extension on your PBX. 951 gets you the latest breaking news from Yahoo, and 947 gets you current weather conditions and a weather forecast for any zip code in the United States. It’s pure, open source GPL code so feel free to modify it to meet your needs. Additional weather data is available from IBM Bluemix at modest cost for our international friends. Make that your weekend project!
Getting Started with IBM Bluemix TTS Service
NOV. 1 UPDATE: IBM has moved the goal posts effective December 1, 2018:
You can start your free, 30-day trial of IBM Bluemix services without providing a credit card. Just sign up here. Once your account is activated, here’s how to obtain credentials for the TTS service to use with Incredible PBX for Issabel. Start by logging in to your IBM Bluemix account. Once you’re logged in, click on your account name (1) in the upper right corner of your web page to reveal the pull-down to select your Region, Organization, and Space. Follow the blue links at the bottom of the pull-down menu to create an Organization and Space for your TTS service.
Next, click the Menu icon which is displayed as three horizontal bars on the left side of the web page. Choose Watson. Click Create Watson Service and select Text to Speech from the applications listing. Watson will generate a new TTS service template and display it. Make certain that your Region, Organization, and Space are shown correctly. Then verify that the Standard Pricing Plan is selected. When everything is correct, click the Create button.
When your Text to Speech application displays, click Service Credentials and then click New Credential (+). When the Add New Credential dialog appears, leave the default settings as they are and click Add. Your Credentials Listing then will appear. Click View Credentials beside the new entry you just created. Write down your URL, username, and password. You’ll need these to configure the IBM Bluemix TTS service in Issabel momentarily. Logout of the IBM Cloud by clicking on the little face in the upper right corner of your browser window and choose Log Out. Confirm that you do, indeed, wish to log out. NOTE: For new implementations, you will have an APIkey instead of a username and password.
Implementing IBM Bluemix TTS Service with Issabel
Now for the fun part. We’ve built all the pieces you’ll need to deploy IBM’s TTS service and to reconfigure the Incredible PBX news and weather applications to take advantage of IBM’s new text synthesis engine. There are 5 Simple Steps to put all the pieces in place for this. Begin by (1) installing Issabel 4 on your favorite platform. Next, (2) install Incredible PBX for Issabel by following our tutorial. Now (3) log into your Issabel PBX as root using SSH or Putty and issue the following commands:
cd /var/lib/asterisk/agi-bin wget http://incrediblepbx.com/ibmtts-issabel.tar.gz tar zxvf ibmtts-issabel.tar.gz nano -w /var/lib/asterisk/agi-bin/ibmtts.php
When the installation finishes, (4) an editor will open to let you insert your IBM Bluemix TTS credentials. Do so and then press Ctrl-X, Y, and Enter to save your entries. For new deployments, your API Username will be apikey, and your API Password will be your actual APIkey. Finally, while still in the agi-bin directory, (5) run the following script to update your Asterisk dialplan: ./install-ibmtts-dialplan.sh.
Now you’re ready to take IBM’s Bluemix TTS for a test drive. Pick up any phone connected to your PBX and dial 951 for the latest Yahoo news. Then dial 947 and enter a 5-digit zip code to retrieve the latest weather conditions and weather forecast for your zip code. Enjoy!
If you’d like to try out the News application with IBM Bluemix, feel free call our Demo PBX and choose option 5:
Published: Monday, July 31, 2017
Support Issues. With any application as sophisticated as this one, you’re bound to have questions. Blog comments are a difficult place to address support issues although we welcome general comments about our articles and software. If you have particular support issues, we encourage you to get actively involved in the PBX in a Flash Forum. It’s the best Asterisk tech support site in the business, and it’s all free! Please have a look and post your support questions there. Unlike some forums, the PIAF Forum is extremely friendly and is supported by literally hundreds of Asterisk gurus and thousands of users just like you. You won’t have to wait long for an answer to your question.
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
Free Asterisk Solutions