Home » Incredible PBX (Page 37)

Category Archives: Incredible PBX

The Most Versatile VoIP Provider: FREE PORTING

Virtual Paradise: An Asterisk OVF Template for VMware and VirtualBox Fans

UPDATE: A newer Incredible PBX image for VMware is now available here.

Let’s face it. Virtual Machines are the future of server administration. Whether you prefer your own dedicated hardware or cloud-based resources managed by you or someone else, virtual platforms are the way to go. You get more bang for the buck out of your hardware by pooling resources for multiple tasks. Platforms such as VMware® and VirtualBox® make it easy.

What we were missing in the Asterisk® aggregation market was a simplified, open source installer that would let you deploy servers on the virtual platform of your choice without our having to maintain separate builds for each VM technology.

Today, we’re pleased to introduce the new Incredible PBX Unified Installer for VMware and VirtualBox with new OVF editions for Incredible PBX Full Enchilada as well as Lean & Mean. Download the OVF flavor of your choice to your desktop and fire up your favorite virtual machine GUI. With a few mouse clicks and a couple of minutes, you’ll have a Scientific Linux 6.7 platform in place with Incredible PBX just a single keystroke away. It doesn’t get any easier than that. And, unlike the static builds offered by the competition, with Incredible PBX you always get the very latest release of Asterisk 13 and the Incredible PBX GUI compiled on the fly from source code that you can actually examine, enhance, and share… just like the GPL license says. Feel free to compare our open source approach to Sangoma’s Gotcha Special. You have a very real choice!

July 20 NEWS FLASH: Google now has discontinued support of their XMPP interface to Google Voice so the latest CentOS/SL version of Incredible PBX (13-13.7) including the Incredible PBX ISO now incorporate NAF’s GVSIP interface to Google Voice. You can read all about it here. What has changed is you now add Google Voice trunks from the command line by running /root/gvsip-naf/install-gvsip. You can delete trunks by running /root/gvsip-naf/del-trunk. Once one or more trunks have been added, they are numbered GVSIP1 through GVSIPn. Using the GUI, you then add an Outbound Route and an Inbound Route for each trunk. You’ll need both your Google Voice 10-digit phone number and a Refresh Token to add a new trunk. This functionality is not yet available in the virtual machine builds, but you can easily add it. Once your virtual machine is up and running, head over to this GVSIP tutorial for step-by-step instructions. New virtual machine builds natively supporting GVSIP will be available soon.

Choosing a Virtual Machine Platform

Making the right deployment choice for your virtual machine platform depends upon a number of factors. We initially started out with Proxmox 4 which looked promising. After all, we had used and recommended earlier releases of Proxmox for many years until some security vulnerabilities caused us to look elsewhere. Those kernel issues are now a thing of the past, but Proxmox 4 introduced some new wrinkles. First, to stay current with software fixes and updates, you have to pay the piper by signing up for the annual support license. This turned out to be a deal breaker for a couple of reasons. It was expensive since it’s based upon the number of CPUs in your platform. In the case of the hardware shown below, that turned out to be 4 CPUs (by Proxmox’s calculation) which meant the annual support license would run nearly $400 per year. That buys an enormous number of virtual machines at Digital Ocean without having to babysit hardware at all. And, you get a $10 credit to try out the service just for signing up. We also ran into serious technical problems with Proxmox 4. While the server would run without hiccups for a day or so, connectivity failed regularly after that. A reboot would fix the problem for another day, and then it was more of the same. Whether this was a bug or a design choice to encourage paid software updates, we obviously don’t know. Regardless of the reason, we reluctantly concluded that Proxmox 4 wasn’t ready for production use.

That narrowed the selection to VMware or VirtualBox. VMware is rock-solid and has been for more than fifteen years. VirtualBox is equally good, but typically runs on a desktop computer rather than dedicated hardware. If you don’t have the funds for a hardware purchase to support your virtualization requirements, then VirtualBox is a no-brainer. For many, however, some separation of the virtualization environment from your desktop computing environment is desirable. And, again, the choice is a no-brainer. VMware wins that one, hands down.

Getting Started with VMware ESXi

Many of you have VMware platforms already in place at work. For you, installing Incredible PBX is as simple as downloading the OVF tarball to your desktop and importing it into your existing platform. If you’re new to VMware, here’s an easy way to get started, and the software won’t cost you a dime. VMware offers a couple of free products that will give you everything you need to run a robust VMware platform on relatively inexpensive hardware. Let’s start with the hardware.

A $500 VMware Platform for SOHO and Small Business Applications

blank

You’re looking at all the components that make up the $500 Intel® NUC D54250WYK with a Core i5 dual-core processor, a 250GB mSATA drive, and 16GB of RAM. While you install the RAM and disk drive yourself, if you can unscrew 5 screws and have 5 minutes to spare, you can handle this.

blank

Here’s how we started. Of course, you can adjust the components and the merchant to meet your own requirements. For us, Amazon1 works great, and the prices are competitive. Who else delivers on Sunday? Despite the notice that the computer would be here on Monday, we knew better. And sure enough it was in the box with the other Sunday goodies. We removed the four screws from the bottom feet of the computer, and the case opened easily. Next, we unscrewed the screw from the bottom of the motherboard that holds the SSD drive in place securely. Snap in the mSATA drive and the two memory sticks, replace the screws, and we were in business.

NEWS FLASH: The Intel NUC pictured above is the 4th Generation Core i5 device. Now the 5th Generation edition is an even better deal. See the sidebar for the NUC5i5RYK link.

A Free VMware Software Platform for SOHO and Small Business Applications

blank

Before you can download either of the components for the free VMware ESXi platform, you’ll need to sign up for a free account at my.vmware.com. Once you’re signed up, log in and go to the ESXi 6 Download Center and sign up for a free ESXi license key:

  1. Write down your assigned License Key
  2. Manually download the VMware vSphere Hypervisor 6.0 Update 1 ISO
  3. Manually download the VMware vSphere Client 6.0U1

Next, burn the ISO to a CD/DVD and boot your dedicated VM hardware platform with it. Follow the instructions to complete the install. Next install the vSphere Client on a Windows computer. Don’t forget to add your ESXi License Key when you complete the installation. Once the ESXi server is up and running, you can stick the hardware on a shelf somewhere out of the way. You will rarely interact with it. That’s all handled using the VMware vSphere Client on your Windows Desktop. Yes, there is a web client as well, but you’ll have to pay for that one.

Deploying Incredible PBX OVF Templates with VMware vSphere Client

blank

Deploying an Incredible PBX OVF template takes about two minutes, but first you need to download and unzip the desired Incredible PBX OVF templates from SourceForge onto your Windows Desktop.

Once you have the Incredible PBX OVF templates on your desktop, here are the deployment steps:

1. Login to the vSphere Client on your Windows Desktop using the root account you set up when you installed ESXi. Choose File, Deploy OVF Template.

2. Select the desired Incredible PBX .ovf template from your desktop PC after first unzipping the downloads.

3. Click Next.

4. Give the new Virtual Machine a name.

5. IMPORTANT: Choose Thin Provision option and click Next.

6. Review your entries and click Next to create the new Virtual Machine.

7. It takes about 2 minutes to create the new Virtual Machine.

8. The Main Client window will redisplay and your new VM should now be shown in the left panel. (1) Click on it. (2) Then click the Green start icon. (3) Click the Console Window icon.

9. When the VM’s Console Window opens, click in the window in the black area. Then press ENTER to kick off the Incredible PBX Phase 2 install. Review the Incredible PBX tutorial to get started.

Ctrl-Alt gets your mouse and keyboard out of the console window.

Installing the vSphere Web Client

If you’re lucky, you may not have a Windows machine. The downside is that the vSphere Client described above only works on the Windows platform. After hours of searching some of the most dreadful documentation on the planet, we finally uncovered a simple way to install the (experimental) vSphere Web Client. It is pure HTML5 with no Flash code! It’s also not ready for prime time. Most of the feature set looks pretty but doesn’t work if you have a free license. But it will give you an idea of where VMware is headed, and the bug reportedly will be fixed in the ESXi 6.0U2 release.

FYI: An easy way to apply License Key once it’s set up: Virtual Machines -> Licensing -> Apply License

1. Log into the console of your ESXi server as root using your root password.

2. Press F2 to Customized System.

3. Choose Troubleshooting Options.

4. Choose Enable SSH.

5. Using a Terminal window on a Mac or Linux machine or using Putty with Windows, log into the IP address of your ESXi server as root.

6. Issue the following command to install the vSphere Web Client vib:

esxcli software vib install -v http://download3.vmware.com/software/vmw-tools/esxui/esxui-2976804.vib

7. Using a web browser, login to the web client as root at https://ESXi-server-IP-address/ui

8. Should you ever wish to remove the web client from your server:

esxcli software vib remove -n esx-ui

9. Don’t forget to disable SSH access when you’re finished. Just repeat steps 1-4 above.

Installing Incredible PBX OVF Templates with VirtualBox

For those that opt for a desktop virtualization solution, there is no finer choice than VirtualBox. We’ve written about VirtualBox previously on Nerd Vittles so we won’t repeat the history here. If you need help setting it up, see this Nerd Vittles tutorial.

For today, we’ll show you how to take a VMware OVA template and build a VirtualBox VM:

1. Start up VirtualBox on your desktop.

2. Choose File, Import Appliance and select your Incredible PBX OVF template by clicking on the File Dialog icon. Click Continue when done.

3. In the Appliance Settings dialog, be sure "Reinitialize MAC Address of all network cards" is checked. Click Import.

4. Once the virtual machine is created, select it and click Settings. Name the VM in the General tab. Check Enable I/O APIC in the System tab. Set Video Memory to 16MB in the Display tab. Enable Audio and choose your sound card in the Audio tab. Enable Network and choose Bridged Network for Adapter 1 in the Network tab. Click OK to save your changes.

5. Click the Start icon to fire up your virtual machine. Press ENTER in the VM window to start Phase II of the Incredible PBX install.

6. Review the Incredible PBX tutorial to get started.

blank

Initial Configuration of Incredible PBX

To complete the install, use SSH or putty to log into your VM as root. Default password: password. Then…

  • Change your root password immediately: passwd
  • Set your FreePBX admin password: /root/admin-pw-change
  • Set your web apps admin password: htpasswd /etc/pbx/wwwpasswd admin
  • Set your correct time zone: /root/timezone-setup
  • Add WhiteList entries to firewall if needed: /root/add-ip or /root/add-fqdn
  • Store PortKnocker credentials in a safe place: cat /root/knock.FAQ
  • Login to your NeoRouter VPN server if desired: /root/nrclientcmd
  • Run the Incredible Fax installer, if desired: /root/incrediblefax11.sh
  • Set your admin password for AvantFax: /root/avantfax-pw-change
  • Enable Google Voice OAUTH authentication support, if desired: http://nerd.bz/1JaO4ij (section 1b.)

Originally published: Monday, December 14, 2015




blankSupport Issues. With any application as sophisticated as this one, you’re bound to have questions. Blog comments are a terrible place to handle support issues although we welcome general comments about our articles and software. If you have particular support issues, we encourage you to get actively involved in the PBX in a Flash Forums. It’s the best Asterisk tech support site in the business, and it’s all free! Please have a look and post your support questions there. Unlike some forums, ours is extremely friendly and is supported by literally hundreds of Asterisk gurus and thousands of users just like you. You won’t have to wait long for an answer to your question.


blank
Need help with Asterisk? Visit the PBX in a Flash Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

blankBOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

blankThe lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

blankVitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

blankSpecial Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Some Recent Nerd Vittles Articles of Interest…

  1. Some of our purchase links refer users to Amazon and other sites when we find their prices are competitive for the recommended products. Nerd Vittles receives a small referral fee from merchants to help cover the costs of our blog. We never recommend particular products solely to generate commissions. However, when pricing is comparable or availability is favorable, we support Amazon and other merchants because they support us. []

Rolling Your Own: Creating a Custom Incredible PBX ISO for Asterisk

We promised to provide the Incredible PBX 13.2 ISO build environment for those of you that wanted to learn how to roll your own ISO. Why would you want to do such thing? Well, we can think of a number of reasons. First, you may just want to learn how sh*t works. Or you may want to impress your boss by building a custom ISO with the corporate logo splattered all over the place. Then there are those that want to add a feature or function that we haven’t included yet so you can share your creation with your friends. For us, the motivation was to provide an Asterisk® aggregation that others could build upon without legal hassles about copyrights and trademarks… you know, a real open source project based upon the GPL license.

Regardless of your motivation, today’s your lucky day. We’re providing an exact duplicate of the build environment that was used to create the Incredible PBX 13.2 ISO. It’s released under the same GPL license that applies to the ISO itself. Copy it, enhance it, give it to your friends, and share your additions so that all of us can learn from you. In addition to the code, we’re actually going to document how to modify it and use it… you know, real instructions.


The Schmoozers were back in full force last week with one accusing us of "stealing" their code and another with this gem:


https://twitter.com/JamesFreePBX/status/672883656310972422

For the record, we use GPL code of others with full credit to the authors. That’s what the GPL and Asterisk aggregations have always been about. Let’s compare that to our Sangoma® friends who rip the covers off RedHat’s GPL ISO, brand it as their own, and then have the balls to distribute it as closed source code. Repeating a lie over and over doesn’t make it come true!

blank


Getting Started. Before you can use today’s code, you’ll need a suitable platform on which to play. You’ve got a couple of choices. First, you can actually install Incredible PBX 13.2 using last week’s ISO. A second option is to build yourself a virtual machine or a cloud-based server with Scientific Linux 6.7 or even CentOS 6.7 minimal. We recommend 32-bit architecture because the Incredible PBX 3.2 ISO build environment as configured is 32-bit to assure maximum hardware compatibility. The server hardware platform doesn’t really matter. Cheaper means it takes a little longer, but you’ll get the same results.

Installing the Incredible PBX 13.2 ISO Build Environment. Once you have your server up and running, log in as root. This usually isn’t a good idea for a build environment, by the way. We’re doing it because we’re assuming you have a machine dedicated to just building ISOs on which to experiment. Issue these commands to put the ISO build platform in place:

cd /root
setenforce 0
yum -y install wget nano
wget http://incrediblepbx.com/create-ISO-new.tar.gz
tar zxvf create-ISO-new.tar.gz
rm -f create-ISO-new.tar.gz

Creating Your First ISO. Why waste time? Let’s actually build an Incredible PBX ISO to show you how easy it is. Issue the following command to kick off the process: /root/create-ISO-new. Depending upon your server’s specs, the whole build procedure should take a minute or two to complete. When it’s finished, you’ll have a shiny new ISO that can be burned to a DVD or USB thumb drive following the steps documented in our previous tutorial:

ls -all /root/kickstart_build/*.iso

-rw-r--r-- 1 root root 890241024 Nov 24 12:45 /root/kickstart_build/IncrediblePBX13.2.iso

ISO Design Overview. There are lots of ways to design an ISO architecture. We’ve chosen a hybrid approach with a two-phase install. When you first boot from the ISO installer, you get the operating system platform. The server then reboots, and Phase II downloads and then runs the latest Incredible PBX installer. Our main reason for choosing this design is that you don’t have to create a new ISO every time you make changes in the Incredible PBX installer. For those of you that remember the Asterisk@Home and trixbox days, this was a major shortcoming. The ISOs were released about every three to six months, and invariably a major glitch was discovered about a week after the new ISO was introduced. With our two-phase installer, slipstream changes are easy to implement by simply adding a line to the Incredible PBX install script. The ISO itself never has to be updated until a major operating system refresh is necessary.

Adding Packages to Your ISO. With Incredible PBX, RHEL 6.7-compatible packages are added to new servers in a couple of ways. First, there are packages actually included within the ISO itself that are loaded during Phase I of the install, i.e. when Scientific Linux 6.7 platform is installed. These packages must include all necessary dependencies. The kickstart process actually resolves and loads package dependencies as part of the Phase I ISO install procedure. Once the base install is completed, the end-user’s server reboots and then the Phase II install kicks off by downloading and running the Incredible PBX 13-12R installer. Additional RPM packages and a number of other applications in tarball format are downloaded and installed during this Phase II process. Today, we’ll show you how to modify both pieces of the ISO install procedure.

To add RPMs to the ISO itself, keep in mind that the new RPMs must match the architecture of the default build environment. In the case of Incredible PBX, it’s a 32-bit architecture which means you’ll need 32-bit versions of RPMs you wish to add. Otherwise, you will need to replace all of the packages in the build environment with their 64-bit cousins.

There are 3 steps to adding new packages to the ISO build environment.

First, create a temporary directory (/tmp/packages) to use for gathering up the RPMs to be added. This is so you can check your work without screwing up your build environment. To add an RPM, you first need to download it from a repository to your temporary directory. The syntax looks like this where NetworkManager is the name of the RPM you wish to install:

yum -y install --downloadonly --downloaddir=/tmp/packages NetworkManager

Second, move the RPMs from /tmp/packages into your build environment. This must include RPM package dependencies (as was the case when adding NetworkManager):

mv /tmp/packages/*.rpm /root/kickstart_build/isolinux/Packages/.

Third, add the names of your new RPMs to the kickstart config files (ks*.cfg) in /root/kickstart_build/isolinux. The package names go in the section of each kickstart file labeled %packages.

NOTE: You do not have to add the names of RPMs being added because of dependencies in step 3. You DO have to add the actual RPMs and RPM dependencies in step 2. For example, with NetworkManager, only NetworkManager itself needed to be added to the %packages list in the ks*.cfg config files. But the collection of NetworkManager RPMs and its dependencies for step 2 looked like this:

avahi-autoipd-0.6.25-15.el6.i686.rpm
dnsmasq-2.48-14.el6.i686.rpm
libdaemon-0.14-1.el6.i686.rpm
mobile-broadband-provider-info-1.20100122-4.el6.noarch.rpm
ModemManager-0.4.0-5.git20100628.el6.i686.rpm
NetworkManager-0.8.1-99.el6.i686.rpm
NetworkManager-glib-0.8.1-99.el6.i686.rpm
ppp-2.4.5-10.el6.i686.rpm
rp-pppoe-3.10-11.el6.i686.rpm
wpa_supplicant-0.7.3-6.el6.i686.rpm

Changing the ISO Default Boot Menu. Once you have burned the ISO to a DVD-ROM or USB flash drive and booted your server-to-be, a default kickstart menu will be presented: /root/kickstart_build/isolinux/isolinux.cfg. Edit it to customize the splash screen and make any desired changes in the screen title and options displayed to those using your ISO. WARNING: If you modify the ks*.cfg options in the file, you also will need to make similar modifications in the create-ISO-new build script as well as adding new matching ks config files in /root/kickstart_build/isolinux.

Modifying the Phase II ISO Install Procedure. The Phase I install setup already provided in the Incredible PBX ISO will work for any number of ISO requirements you might have because it provides a robust Scientific Linux 6.7 base platform. Now for the fun part. You can modify the Phase II install in any way you like by simply adjusting the download script and hosting it on your own public server.

The Phase II magic is housed in the %post section of the kickstart config files (ks*.cfg). The initial setup in this section will work for almost any setup. It addresses the quirks of getting a working network connection functioning on most server platforms. This got much more complicated with the introduction of UEFI on newer Intel-based servers. But we’ve addressed all of that. To customize the install to run your own Phase II script, you need only modify the last few lines of the %post section:

/bin/echo "cd /root" >> /tmp/firstboot
/bin/echo "/usr/bin/wget http://incrediblepbx.com/incrediblepbx13-12.2-centos.tar.gz" >> /tmp/firstboot
/bin/echo "/bin/tar zxvf incrediblepbx13-12.2-centos.tar.gz" >> /tmp/firstboot
/bin/echo "/bin/rm -f incrediblepbx13-12.2-centos.tar.gz" >> /tmp/firstboot
/bin/echo "./Inc*" >> /tmp/firstboot
/bin/chmod +x /tmp/firstboot
eject
%end

These last few lines tell the ISO installer where to find your Phase II script and manage the procedure for downloading it, untarring it, and then running it. To deploy your own Phase II install script, simply modify lines 2, 3, 4, and 5 above. In line 2, provide the public server location of your script in .tar.gz format. In line 3, untar the script in the /root folder of the new server. In line 4, remove the .tar.gz file after it’s been decompressed. In line 5, run the shell script included in your tarball. The remaining lines shown above should be preserved as shown. Once you finish making changes in ks.cfg, copy the %post section to your other kickstart config files and then rerun /root/create-ISO-new to build your new ISO. Enjoy!

Originally published: Friday, December 11, 2015


blankSupport Issues. With any application as sophisticated as this one, you’re bound to have questions. Blog comments are a terrible place to handle support issues although we welcome general comments about our articles and software. If you have particular support issues, we encourage you to get actively involved in the PBX in a Flash Forums. It’s the best Asterisk tech support site in the business, and it’s all free! Please have a look and post your support questions there. Unlike some forums, ours is extremely friendly and is supported by literally hundreds of Asterisk gurus and thousands of users just like you. You won’t have to wait long for an answer to your question.


blank
Need help with Asterisk? Visit the PBX in a Flash Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

blankBOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

blankThe lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

blankVitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

blankSpecial Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Some Recent Nerd Vittles Articles of Interest…

Cyber Monday 2016: The Return of the Lean, Mean Asterisk Machine


We promised to deliver the Incredible PBX™ ISO build environment this week, but that didn’t really have much sex appeal for Cyber Monday. Instead, today we’re introducing the product that tops the 2016 Wish List from Nerd Vittles readers: a stripped down, lean and mean version of Incredible PBX 13 with just the operating system platform, the latest version of Asterisk® 13, and an uncluttered Incredible GUI with the basic collection of FreePBX® GPL modules… and No Gotchas.

Who would want such a thing? Well, lots of folks apparently. Developers and system integrators prefer a clean slate when they’re rolling out systems for new customers. And we want to provide a mix of solutions that meet everyone’s requirements. The three dozen Incredible PBX applications for Asterisk still can be added on an as needed basis. Or, if you change your mind and decide you’re missing all of those preconfigured, free applications, just run the Incredible PBX installer again and switch tutorials. As they say in the hood, "Different strokes for different folks."

The silver lining in the one week delay of the ISO Build Environment rollout means that next week you’ll have all the pieces as well as the templates needed to create two versions of Incredible PBX instead of one… plus some important bug fixes. And speaking of bugs, there was a Big One in the 11/29/2015 ISO that prevented installation of Incredible PBX Full Enchilada. This has been fixed in the 12/01/2015 release:

blank

Initially, we had planned to roll out a separate ISO for Incredible PBX Lean. But that seemed kind of silly. After all, the beauty of an ISO is being able to present a menu of choices and then let the person installing the software make a selection that best meets their needs. So there’s an updated ISO on SourceForge that now lets you choose between the Full Enchilada and the Lean & Mean version of Incredible PBX 13. Last week’s tutorial will walk you through the Full Enchilada setup. Today we’ll cover what’s necessary to install and deploy the Lean & Mean version. And, yes, you can burn the new ISO to either a DVD-ROM or a 1GB or larger USB thumb drive.

Introducing the Incredible PBX 13.2 Lean Platform

Overview. The Incredible PBX Lean installation process couldn’t be easier. Download IncrediblePBX13.2.iso from SourceForge. Burn the ISO to a DVD-ROM or USB thumb drive. Four different methods are outlined below. Need some great hardware for under $200? Read our tutorial. Or, if you have an old PC lying around, that’ll work, too. Boot up the dedicated machine on which you want to install Incredible PBX. Highlight the Lean & Mean option on the ISO installation menu and press the ENTER key. Choose your time zone, create a really secure root password, and have a coffee break. When Scientific Linux 6.7 has been installed, your server will reboot. Accept the Incredible PBX license agreement and press the ENTER key. Go to lunch and, when you return, you should be good to go. Finish reading this tutorial to add the finishing touches and secure your server.

Let us take a moment to explain the Incredible PBX installation process using this ISO. We don’t hide stuff in our ISO or play games with your security. We don’t give ourselves or our application any secret permissions. There are just two steps to an Incredible PBX ISO install. When the install begins, it loads pure Scientific Linux 6.7 onto your server,1 not some homegrown concoction using proprietary repositories. Your server then reboots. After restarting, the very latest copy of the Incredible PBX 13-12 installer is downloaded and run. You’ll find the source code for the Incredible PBX installer in your /root directory after the install is completed: IncrediblePBX13-12L.sh. You’ll also find some other helpful scripts in /root including the optional (free) Incredible Fax installer. If you ever have a question about what was installed on your server, feel free to examine the source code of our installers or post a note on the PIAF Forum. It’s unencrypted GPL2 code. You’re free to use it, enhance it, and share it. Try that with Sangoma. It’s your choice!

Incredible PBX 13.2 ISO Installation Guide

Downloading the Incredible PBX 13.2 ISO. On the machine you’ll be using to create your installation media, download IncrediblePBX13.2.iso from SourceForge.

Burning a DVD-ROM from the ISO. If your server platform doesn’t have USB support, then burn the ISO to a DVD using a Mac or Windows machine.

Creating a USB Flash Drive Installer. If your server platform has USB ports, you have three ways to move the Incredible PBX 13.2 ISO to a 1GB or larger flash drive. You can use a Windows PC, a Mac, or a Linux machine to create the USB thumb drive installer.

blank

Creating a USB Flash Drive Installer with a Windows PC. In order to create a USB thumb drive using an ISO image, you’ll first need to install Rufus. It’s free. Once you’ve installed it, insert a blank USB thumb drive and run Rufus. Make your settings look like what’s shown above. Be very careful in choosing your Device. You don’t want to accidentally erase the wrong drive on your Windows machine. The correct choice is the USB thumb drive you just inserted. Don’t guess!! Step 2 is choosing the IncrediblePBX13.2.iso file that you downloaded from SourceForge. Step 3 is clicking Start. The ISOHybrid Window will be presented. Step 4 is changing the default setting to "Write in DD image mode." Step 5 is pressing OK. In a few minutes, your ISO image transfer to the USB flash drive will be finished. Give it 15 seconds just to be safe. Then remove the USB thumb drive and you’re ready to begin the install on your dedicated Incredible PBX server.

Creating a USB Flash Drive Installer with a Mac. To create a USB thumb drive using an ISO image on a Mac, first insert the USB thumb drive and partition it with a single MS-DOS partition using Disk Utility. Next, open a Terminal window and issue the command: diskutil list. Review the device names and find the one that matches the size of your thumb drive. It will be something like /dev/disk9. Again, be careful. You don’t want to accidentally erase the wrong drive on your Mac! Next, change to the directory into which you downloaded IncrediblePBX13.2.iso, e.g. cd Desktop. Now issue the following commands substituting the actual device name for /dev/disk9 below:

diskutil unmountDisk /dev/disk9
sudo dd if=IncrediblePBX13.2.iso bs=1m of=/dev/disk9
sudo sync
diskutil eject /dev/disk9

When the install completes, remove the USB thumb drive and you’re ready to begin the install on your dedicated Incredible PBX server. NOTE: There will be no feedback during the dd step above. It can take 15 minutes or more depending upon the horsepower of your Mac. Be patient!

Creating a USB Flash Drive Installer on a Linux machine. To create a USB thumb drive using an ISO image on a Linux machine, first log into your server as root. Insert a blank USB thumb drive. From the CLI, decipher the device name of your thumb drive: fdisk -l. The device name will be something like /dev/sdb. Be careful. You don’t want to accidentally erase the wrong drive on your Linux server! Change to the directory into which you downloaded IncrediblePBX13.2.iso, e.g. cd /root. To transfer the ISO to your thumb drive, issue the following commands replacing /dev/sdb with the actual device name for your thumb drive in lines 1 and 3 below:

dd if=IncrediblePBX13.2.iso bs=4M of=/dev/sdb
sync
udisks --detach /dev/sdb

When the install completes, remove the USB thumb drive and you’re ready to begin the install on your dedicated Incredible PBX server. NOTE: There will be no feedback during the dd step above. It can take 5 to 15 minutes depending upon the horsepower of your Linux machine.

blank

Kicking Off the Incredible PBX 13 Lean Install. Now we’re ready to install Incredible PBX 13 Lean on your dedicated server platform. Simply insert the DVD-ROM or USB thumb drive in your server-to-be and boot. During the POST boot process, press the function key that displays a Boot Device Menu and choose your DVD-ROM drive or USB device. When the Incredible PBX 13 installation menu displays, choose the second option for the Lean & Mean Install and press ENTER. Choose your time zone, create a really secure root password, and have a coffee break. When Scientific Linux 6.7 has been installed, your server will reboot. Accept the Incredible PBX license agreement and press the ENTER key. Go to lunch and, when you return, you should be good to go. When the installation finishes, reboot your server and log in as root to apply the last minute updates for Incredible PBX.

blank

To complete the install, perform the following from the Linux CLI while logged in as root:

  • Change your root password if it’s insecure: passwd
  • Set your Incredible GUI admin password: /root/admin-pw-change
  • Set your web apps admin password: htpasswd /etc/pbx/wwwpasswd admin
  • Set your correct time zone: /root/timezone-setup
  • Add WhiteList entries to firewall if needed: /root/add-ip or /root/add-fqdn
  • Store PortKnocker credentials in a safe place: cat /root/knock.FAQ
  • *** THE REMAINING FEATURES ARE OPTIONAL ADDITIONS ***
  • Login to your NeoRouter VPN server: /root/nrclientcmd
  • To enable free faxing: /root/incrediblefax11.sh
  • Set admin password for AvantFax: /root/avantfax-pw-change
  • To enable PPTP VPN: /root/pptp-install
  • To enable Google Voice OAUTH authentication: http://nerd.bz/1JaO4ij (1b.)
  • To install FCC RoboCall BlackList: http://nerdvittles.com/?p=15412

Managing Your Server with Incredible PBX Web-Based Tools

Most of your time initially configuring and managing your server will be spent using the web-based tools provided with Incredible PBX. Because most of the apps have been removed in the Lean version of Incredible PBX, the Kennonsoft Menu layer has been removed from the install. Using any modern browser, go to the IP address of your server as shown in the status display above. Choose Incredible GUI Administration. The default username is admin and the password is what you set during the final installation steps above. The Incredible PBX GUI’s Status will display with a clean slate. The only additions to the base install of the FreePBX GPL modules are a dozen preconfigured (but disabled) trunks from the leading trunk providers. This will save you some time, but you can delete any or all of them with a few mouse clicks. We’ve also removed module signature checking to streamline the addition of GPL modules from providers other than Sangoma®. We strongly recommend that you log into the Incredible GUI at least once a week and check the PBX in a Flash RSS News Feed for security alerts and bulletins.

blank

Configuring Google Voice

If you want to use Google Voice, you’ll need a dedicated Google Voice account to support Incredible PBX. If you want to use the inbound fax capabilities of Incredible Fax, then you’ll need an additional Google Voice line that can be routed to the FAX custom destination using the GUI. The more obscure the username (with some embedded numbers), the better off you will be. This will keep folks from bombarding you with unsolicited Gtalk chat messages, and who knows what nefarious scheme will be discovered using Google messaging six months from now. So keep this account a secret!

We’ve tested this extensively using an existing Gmail account, and inbound calling is just not reliable. The reason seems to be that Google always chooses Gmail chat as the inbound call destination if there are multiple registrations from the same IP address. So, be reasonable. Do it our way! Set up a dedicated Gmail and Google Voice account, and use it exclusively with Incredible PBX. It’s free at least through 2013. Google Voice no longer is by invitation only so, if you’re in the U.S. or have a friend that is, head over to the Google Voice site and register.

You must choose a telephone number (aka DID) for your new account, or Google Voice calling will not work… in either direction. Google used to permit outbound Gtalk calls using a fake CallerID, but that obviously led to abuse so it’s over! You also have to tie your Google Voice account to at least one working phone number as part of the initial setup process. Your cellphone number will work just fine. Don’t skip this step either. Just enter the provided 2-digit confirmation code when you tell Google to place the test call to the phone number you entered. Once the number is registered, you can disable it if you’d like in Settings, Voice Setting, Phones. But…

IMPORTANT: Be sure to enable the Google Chat option as one of your phone destinations in Settings, Voice Setting, Phones. That’s the destination we need for The Incredible PBX to work its magic! Otherwise, all inbound and outbound calls will fail. If you don’t see this option, you may need to call up Gmail and enable Google Chat there first. Then go back to the Google Voice Settings.

While you’re still in Google Voice Settings, click on the Calls tab. Make sure your settings match these:

  • Call ScreeningOFF
  • Call PresentationOFF
  • Caller ID (In)Display Caller’s Number
  • Caller ID (Out)Don’t Change Anything
  • Do Not DisturbOFF
  • Call Options (Enable Recording)OFF
  • Global Spam FilteringON

Click Save Changes once you adjust your settings. Under the Voicemail tab, plug in your email address so you get notified of new voicemails. Down the road, receipt of a Google Voice voicemail will be a big hint that something has come unglued on your PBX.

One final word of caution is in order regardless of your choice of providers: Do NOT use special characters in any provider passwords, or nothing will work!

Now you’re ready to set up your Google Voice trunk in the GUI. After logging in with your browser, click the Connectivity tab and choose Google Voice/Motif. To Add a new Google Voice account, just fill out the form. Do NOT check the third box or incoming calls will never ring!

blank

IMPORTANT LAST STEP: Google Voice will not work unless you restart Asterisk from the Linux command line at this juncture. Using SSH, log into your server as root and issue the following command: amportal restart.

If you have trouble getting Google Voice to work (especially if you have previously used your Google Voice account from a different IP address), try this Google Voice Reset Procedure. It usually fixes connectivity problems. If it still doesn’t work, enable Less Secure Apps using this Google tool.

Troubleshooting Audio and DTMF Problems

You can avoid one-way audio on calls and touchtones that don’t work with these simple settings in the GUI: Settings -> Asterisk SIP Settings. Just plug in your public IP address and your private IP subnet. Then set ULAW as the only Audio Codec.

blank

A Few Words about the Incredible PBX Security Model for SL 6.7

Incredible PBX for Scientific Linux joins our previous builds as our most secure turnkey PBX implementation. As configured, it is protected by both Fail2Ban and a hardened configuration of the IPtables Linux firewall. The latest release also includes Port Knocker for simple, secure access from any remote computer or smartphone. You can get up to speed on how the technology works by reading the Nerd Vittles tutorial. Your Port Knocker credentials are stored in /root/knock.FAQ together with activation instructions for your server and mobile devices. The NeoRouter VPN client also is included for rock-solid, secure connectivity to remote users. Read our previous tutorial for setup instructions. As configured, nobody can access your PBX without blank your credentials AND blank an IP address that is either on your private network or that matches the IP address of your server or the PC from which you installed Incredible PBX. You can whitelist additional IP addresses by running the command-line utility /root/add-ip. You can remove whitelisted IP addresses by running /root/del-acct. Incredible PBX is preconfigured to let you connect to many of the leading SIP hosting providers without additional firewall tweaking. We always recommend you also add an extra layer of protection by running your server behind a hardware-based firewall with no Internet port exposure, but that’s your call. And it’s your phone bill. 😉

The IPtables firewall is a complex piece of software. If you need assistance with configuring it, visit the PIAF Forum for some friendly assistance.

Incredible Backup and Restore

We’re pleased to introduce our latest backup and restore utilities for Incredible PBX. Running /root/incrediblebackup will create a backup image of your server in /tmp. This backup image then can be copied to any other medium desired for storage. To restore it to another Incredible PBX server, simply copy the image to a server running Asterisk 13 and the same version of the Incredible PBX GUI. Then run /root/incrediblerestore. Doesn’t get much simpler than that.

Incredible PBX Automatic Update Utility

Every time you log into your server as root, Incredible PBX will ping the IncrediblePBX.com web site to determine whether one or more updates are available to bring your server up to current specs. We recommend you log in at least once a week just in case some new security vulnerability should come along. We originally had planned to make our fortune off update fees, but we changed our mind. So… contrary to the language in some of our builds, contributions to our projects are PURELY VOLUNTARY. You’ll get every update as it’s released whether you financially support our projects or not. Why haven’t we fixed the language? Good question. The short answer is it’s buried deep in the GUI image that would have to be regenerated from scratch. We’ll get to it one of these days. In the meantime, sleep soundly. No one will be breaking down your door for a donation.

We also encourage you to sign up for an account on the PIAF Forum and join the discussion. In addition to providing first-class, free support, we think you’ll enjoy the camaraderie. Enjoy!

Originally published: Monday, November 30, 2015


blankSupport Issues. With any application as sophisticated as this one, you’re bound to have questions. Blog comments are a terrible place to handle support issues although we welcome general comments about our articles and software. If you have particular support issues, we encourage you to get actively involved in the PBX in a Flash Forums. It’s the best Asterisk tech support site in the business, and it’s all free! Please have a look and post your support questions there. Unlike some forums, ours is extremely friendly and is supported by literally hundreds of Asterisk gurus and thousands of users just like you. You won’t have to wait long for an answer to your question.


blank
Need help with Asterisk? Visit the PBX in a Flash Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

blankBOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

blankThe lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

blankVitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

blankSpecial Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Some Recent Nerd Vittles Articles of Interest…

  1. If you’re wondering what packages are installed with Scientific Linux 6.7, come back next week and download the entire Incredible PBX ISO build environment. All of the packages installed on your server are included in the build platform itself. Feel free to add to them or change them to your heart’s content. We don’t have a million dollar staff. That’s why we depend upon folks like you to offer suggestions and enhancements. In short, we treat Incredible PBX like a real open source project. Come join the fun! []

Free at Last: Incredible PBX 13.2 ISO Supporting Bootable DVD-ROM and USB Flash Drives

blank

[iframe-popup id="5″]
The Incredible PBX 13 ISO was getting long in the tooth. It’s been on the street almost two months. So we’re pleased to accept the Sangoma challenge and introduce the second-generation Incredible PBX 13.2 ISO. Like its predecessor, it’s 100% open source and GPL code. Perhaps now Sangoma will follow suit with their closed source ISO.

The new Incredible PBX 13.2 ISO can be burned to either a DVD-ROM or a 1GB or larger USB flash drive using a Mac, a Windows PC, or almost any Linux machine. And, unlike the FreePBX Distro, you’re more than welcome to share our code and the ISO with all of your friends and business associates. In fact, next week we’re releasing the entire Incredible PBX build platform for those of you that want to roll your own ISO. Share your enhancements and tweaks or make a customized ISO for just your company and pass it around. We’d be delighted. And our previous tutorial will even show you how to set up and maintain your own Cloud Repository for Incredible PBX. FREEDOM: THAT’S WHAT OPEN SOURCE IS ALL ABOUT!

blank

NEWS FLASH: Check out the new Incredible PBX 13-13 ISO. Complete tutorial available here.

Introducing the Incredible PBX 13.2 ISO

Overview. The Incredible PBX installation process couldn’t be easier. Download IncrediblePBX13.2.iso from SourceForge. Burn the ISO to a DVD-ROM or USB thumb drive. Four different methods are outlined below. Need some great hardware for under $200? Read our tutorial. Or, if you have an old PC lying around, that’ll work, too. Boot up the dedicated machine on which you want to install Incredible PBX. Choose whether you prefer the Incredible PBX Whole Enchilada with 30+ applications for Asterisk or the Lean & Mean version which has its own separate tutorial here. Press the ENTER key. Choose your time zone, create a really secure root password, and have a coffee break. When Scientific Linux 6.7 has been installed, your server will reboot. Accept the Incredible PBX license agreement and press the ENTER key. Go to lunch and, when you return, you should be good to go. Finish reading this tutorial to add the finishing touches and secure your server. Then read the Incredible PBX Application Users Guide to learn all about the three dozen FREE applications for Asterisk® that are included in the build. DONE!

Let us take a moment to explain the Incredible PBX installation process using this ISO. We don’t hide stuff in our ISO or play games with your security. We don’t give ourselves or our application any secret permissions. There are just two steps to an Incredible PBX ISO install. When the install begins, it loads pure Scientific Linux onto your server,1 not some homegrown concoction using proprietary repositories. Your server then reboots. After restarting, the very latest copy of the Incredible PBX 13-12 installer is downloaded and run (see the actual source code of the script below). You’ll find the source code for the Incredible PBX installer in your /root directory after the install is completed: IncrediblePBX13-12R.sh. You’ll also find some other helpful scripts in /root including the optional (free) Incredible Fax installer. If you ever have a question about what was installed on your server, feel free to examine the source code of our installers or post a note on the PIAF Forum. It’s unencrypted GPL2 code. You’re free to use it, enhance it, and share it. Try that with Sangoma. It’s your choice!

%post
###############################################################
#
# Post Script - this script runs on Incredible PBX server
# immediately after Scientific Linux 6.7 install finishes
#
###############################################################
/usr/sbin/ntpdate -su pool.ntp.org
rpm -e readahead
/bin/sed -i 's|rhgb quiet||' /boot/grub/grub.conf
/bin/echo "/tmp/firstboot" >> /etc/rc.d/rc.local
/bin/echo "#!/bin/bash" > /tmp/firstboot
/bin/echo " " >> /tmp/firstboot
/bin/echo "NETDN=\`/bin/ping -c 1 incrediblepbx.com | /bin/grep incrediblepbx.com\`" >> /tmp/firstboot
/bin/echo "if [[ -z $NETDN ]]; then" >> /tmp/firstboot
/bin/echo " read -p 'Network is down. Please fix. Then press RETURN to reboot and retry.'" >> /tmp/firstboot
/bin/echo " /sbin/reboot" >> /tmp/firstboot
/bin/echo " exit" >> /tmp/firstboot
/bin/echo "fi" >> /tmp/firstboot
/bin/echo "sed -i '/firstboot/d' /etc/rc.d/rc.local" >> /tmp/firstboot
/bin/echo "sed -i 's|NO_DM |NO_DM rhgb quiet|' /boot/grub/grub.conf" >> /tmp/firstboot
/bin/echo "cd /root" >> /tmp/firstboot
/bin/echo "wget http://incrediblepbx.com/incrediblepbx13-12.2-centos.tar.gz" >> /tmp/firstboot
/bin/echo "tar zxvf incrediblepbx13-12.2-centos.tar.gz" >> /tmp/firstboot
/bin/echo "rm -f incrediblepbx13-12.2-centos.tar.gz" >> /tmp/firstboot
/bin/echo "./Inc*" >> /tmp/firstboot
/bin/chmod +x /tmp/firstboot
eject
%end

Incredible PBX 13.2 ISO Installation Guide

Downloading the Incredible PBX 13.2 ISO. On the machine you’ll be using to create your installation media, download IncrediblePBX13.2.iso from SourceForge. Update: The 11/29/2015 version of the ISO had a bug that prevented proper installation of Incredible PBX Full Enchilada. The 12/01/2015 release fixed the problem.

Burning a DVD-ROM from the ISO. If your server platform doesn’t have USB support, then burn the ISO to a DVD using a Mac or Windows machine.

Creating a USB Flash Drive Installer. If your server platform has USB ports, you have three ways to move the Incredible PBX 13.2 ISO to a 1GB or larger flash drive. You can use a Windows PC, a Mac, or a Linux machine to create the USB thumb drive installer.

blank

Creating a USB Flash Drive Installer with a Windows PC. In order to create a USB thumb drive using an ISO image, you’ll first need to install Rufus. It’s free. Once you’ve installed it, insert a blank USB thumb drive and run Rufus. Make your settings look like what’s shown above. Be very careful in choosing your Device. You don’t want to accidentally erase the wrong drive on your Windows machine. The correct choice is the USB thumb drive you just inserted. Don’t guess!! Step 2 is choosing the IncrediblePBX13.2.iso file that you downloaded from SourceForge. Step 3 is clicking Start. The ISOHybrid Window will be presented. Step 4 is changing the default setting to "Write in DD image mode." Step 5 is pressing OK. In a few minutes, your ISO image transfer to the USB flash drive will be finished. Give it 15 seconds just to be safe. Then remove the USB thumb drive and you’re ready to begin the install on your dedicated Incredible PBX server.

Creating a USB Flash Drive Installer with a Mac. To create a USB thumb drive using an ISO image on a Mac, first insert the USB thumb drive and partition it with a single MS-DOS partition using Disk Utility. Next, open a Terminal window and issue the command: diskutil list. Review the device names and find the one that matches the size of your thumb drive. It will be something like /dev/disk9. Again, be careful. You don’t want to accidentally erase the wrong drive on your Mac! Next, change to the directory into which you downloaded IncrediblePBX13.2.iso, e.g. cd Desktop. Now issue the following commands substituting the actual device name for /dev/disk9 below:

diskutil unmountDisk /dev/disk9
sudo dd if=IncrediblePBX13.2.iso bs=1m of=/dev/disk9
sudo sync
diskutil eject /dev/disk9

When the install completes, remove the USB thumb drive and you’re ready to begin the install on your dedicated Incredible PBX server. NOTE: There will be no feedback during the dd step above. It can take 15 minutes or more depending upon the horsepower of your Mac. Be patient!

Creating a USB Flash Drive Installer on a Linux machine. To create a USB thumb drive using an ISO image on a Linux machine, first log into your server as root. Insert a blank USB thumb drive. From the CLI, decipher the device name of your thumb drive: fdisk -l. The device name will be something like /dev/sdb. Be careful. You don’t want to accidentally erase the wrong drive on your Linux server! Change to the directory into which you downloaded IncrediblePBX13.2.iso, e.g. cd /root. To transfer the ISO to your thumb drive, issue the following commands replacing /dev/sdb with the actual device name for your thumb drive in lines 1 and 3 below:

dd if=IncrediblePBX13.2.iso bs=4M of=/dev/sdb
sync
udisks --detach /dev/sdb

When the install completes, remove the USB thumb drive and you’re ready to begin the install on your dedicated Incredible PBX server. NOTE: There will be no feedback during the dd step above. It can take 5 to 15 minutes depending upon the horsepower of your Linux machine.

Kicking Off the Incredible PBX 13 Install. Now we’re ready to install Incredible PBX 13 on your dedicated server platform. Simply insert the DVD-ROM or USB thumb drive in your server-to-be and boot. During the POST boot process, press the function key that displays a Boot Device Menu and choose your DVD-ROM drive or USB device. When the Incredible PBX 13 installation menu displays, choose Basic Install and press ENTER. Choose your time zone, create a really secure root password, and have a coffee break. When Scientific Linux 6.7 has been installed, your server will reboot. Accept the Incredible PBX license agreement and press the ENTER key. Go to lunch and, when you return, you should be good to go. When the installation finishes, reboot your server and log in as root to apply the last minute updates for Incredible PBX.

blank

To complete the install, perform the following from the Linux CLI while logged in as root:

  • Change your root password if it’s insecure: passwd
  • Set your Incredible GUI admin password: /root/admin-pw-change
  • Set your web apps admin password: htpasswd /etc/pbx/wwwpasswd admin
  • Set your correct time zone: /root/timezone-setup
  • Add WhiteList entries to firewall if needed: /root/add-ip or /root/add-fqdn
  • Store PortKnocker credentials in a safe place: cat /root/knock.FAQ
  • *** THE REMAINING FEATURES ARE OPTIONAL ADDITIONS ***
  • Login to your NeoRouter VPN server: /root/nrclientcmd
  • Download latest Incredible Fax installer: http://nerd.bz/2nSeHKs
  • To enable free faxing: /root/incrediblefax11.sh
  • Set admin password for AvantFax: /root/avantfax-pw-change
  • To enable PPTP VPN: /root/pptp-install
  • To enable Google Voice OAUTH authentication: http://nerd.bz/1JaO4ij (1b.)
  • To remove GPL Module Signature Checking in GUI: http://nerd.bz/1fpwZJL
  • To install FCC RoboCall BlackList: http://nerdvittles.com/?p=15412
  • To upgrade Asterisk to current release2: /root/upgrade-asterisk-to-current
  • To upgrade all FreePBX GPL Modules: /var/lib/asterisk/bin/module_admin upgradeall && rm -f /tmp/* && amportal a r

Managing Your Server with Incredible PBX Web-Based Tools

Most of your time initially configuring and managing your server will be spent using the web-based tools provided with Incredible PBX. Using any modern browser, go to the IP address of your server as shown in the status display above. This will bring up the Kennonsoft GUI that provides access to all of the web-based applications. Toggle between User and Admin apps by clicking on the blue tab in the lower left section of the display. This GUI also displays the latest security alerts and bug fixes from the PIAF RSS Feed. We recommend you check it at least once a week.

blank

The other GUI to configure the FreePBX® GPL modules is accessed from the Admin menu in the Kennonsoft menus. Choose Incredible GUI Administration. The default username is admin and the password is what you set during the final installation steps above. Once the Incredible PBX GUI appears, edit extension 701 so you can figure out (or change) the randomized passwords that were set up for your 701 extension and voicemail account: Applications -> Extensions -> 701. If you’re behind a hardware-based firewall, verify the NAT setting is set to YES.

Setting Up a Soft Phone to Use with Incredible PBX

Now you’re ready to set up a telephone so that you can play with Incredible PBX. We recommend YateClient which is free. Download it from here. Run YateClient once you’ve installed it and enter the credentials for the 701 extension on Incredible PBX. You’ll need the IP address of your server plus your extension 701 password. Choose Settings -> Accounts and click the New button. Fill in the blanks using the IP address of your server, 701 for your account name, and whatever password you created for the extension. Click OK.

blank

Once you are registered to extension 701, close the Account window. Then click on YATE’s Telephony Tab and place some test calls to the numerous apps that are preconfigured on Incredible PBX. Dial a few of these to get started:


DEMO - Allison's IVR Demo
947 - Weather by ZIP Code
951 - Yahoo News
*61 - Time of Day
*68 - Wakeup Call
TODAY - Today in History

Now you’re ready to connect to the telephones in the rest of the world. If you live in the U.S., the easiest way (at least for now) is to set up a free Google Voice account. Google has threatened to shut this down but as this is written, it still works. Upgrading your server for OAUTH authentication is covered here. Start at step #1b. The safer long-term solution is to choose several SIP providers and set up redundant trunks for your incoming and outbound calls. The PIAF Forum includes dozens of recommendations to get you started.

blank

Configuring Google Voice

If you want to use Google Voice, you’ll need a dedicated Google Voice account to support Incredible PBX. If you want to use the inbound fax capabilities of Incredible Fax, then you’ll need an additional Google Voice line that can be routed to the FAX custom destination using the GUI. The more obscure the username (with some embedded numbers), the better off you will be. This will keep folks from bombarding you with unsolicited Gtalk chat messages, and who knows what nefarious scheme will be discovered using Google messaging six months from now. So keep this account a secret!

We’ve tested this extensively using an existing Gmail account, and inbound calling is just not reliable. The reason seems to be that Google always chooses Gmail chat as the inbound call destination if there are multiple registrations from the same IP address. So, be reasonable. Do it our way! Set up a dedicated Gmail and Google Voice account, and use it exclusively with Incredible PBX. It’s free at least through 2013. Google Voice no longer is by invitation only so, if you’re in the U.S. or have a friend that is, head over to the Google Voice site and register.

You must choose a telephone number (aka DID) for your new account, or Google Voice calling will not work… in either direction. Google used to permit outbound Gtalk calls using a fake CallerID, but that obviously led to abuse so it’s over! You also have to tie your Google Voice account to at least one working phone number as part of the initial setup process. Your cellphone number will work just fine. Don’t skip this step either. Just enter the provided 2-digit confirmation code when you tell Google to place the test call to the phone number you entered. Once the number is registered, you can disable it if you’d like in Settings, Voice Setting, Phones. But…

IMPORTANT: Be sure to enable the Google Chat option as one of your phone destinations in Settings, Voice Setting, Phones. That’s the destination we need for The Incredible PBX to work its magic! Otherwise, all inbound and outbound calls will fail. If you don’t see this option, you may need to call up Gmail and enable Google Chat there first. Then go back to the Google Voice Settings.

While you’re still in Google Voice Settings, click on the Calls tab. Make sure your settings match these:

  • Call ScreeningOFF
  • Call PresentationOFF
  • Caller ID (In)Display Caller’s Number
  • Caller ID (Out)Don’t Change Anything
  • Do Not DisturbOFF
  • Call Options (Enable Recording)OFF
  • Global Spam FilteringON

Click Save Changes once you adjust your settings. Under the Voicemail tab, plug in your email address so you get notified of new voicemails. Down the road, receipt of a Google Voice voicemail will be a big hint that something has come unglued on your PBX.

UPDATE: Google has improved things… again. You may not see the options documented above at all. Instead, you may be presented with the new Google Voice interface which does not include the Google Chat option. But fear not. At least for now there’s still a way to get there. After you have set up your new phone number, click on (1) Settings -> Phone Numbers and then click (2) Transfer (as shown below). That returned the old UI. Make sure the Google Chat option is selected and disable forwarding calls to default phone number.


blank

One final word of caution is in order regardless of your choice of providers: Do NOT use special characters in any provider passwords, or nothing will work!

Now you’re ready to set up your Google Voice trunk in the GUI. After logging in with your browser, click the Connectivity tab and choose Google Voice/Motif. To Add a new Google Voice account, just fill out the form. Do NOT check the third box or incoming calls will never ring!

blank

IMPORTANT LAST STEP: Google Voice will not work unless you restart Asterisk from the Linux command line at this juncture. Using SSH, log into your server as root and issue the following command: amportal restart.

If you have trouble getting Google Voice to work (especially if you have previously used your Google Voice account from a different IP address), try this Google Voice Reset Procedure. It usually fixes connectivity problems. If it still doesn’t work, enable Less Secure Apps using this Google tool.

Troubleshooting Audio and DTMF Problems

You can avoid one-way audio on calls and touchtones that don’t work with these simple settings in the GUI: Settings -> Asterisk SIP Settings. Just plug in your public IP address and your private IP subnet. Then set ULAW as the only Audio Codec.

blank

A Few Words About Our Security Model

Incredible PBX for Scientific Linux joins our previous builds as our most secure turnkey PBX implementation. As configured, it is protected by both Fail2Ban and a hardened configuration of the IPtables Linux firewall. The latest release also includes Port Knocker for simple, secure access from any remote computer or smartphone. You can get up to speed on how the technology works by reading the Nerd Vittles tutorial. Your Port Knocker credentials are stored in /root/knock.FAQ together with activation instructions for your server and mobile devices. The NeoRouter VPN client also is included for rock-solid, secure connectivity to remote users. Read our previous tutorial for setup instructions. As configured, nobody can access your PBX without blank your credentials AND blank an IP address that is either on your private network or that matches the IP address of your server or the PC from which you installed Incredible PBX. You can whitelist additional IP addresses by running the command-line utility /root/add-ip. You can remove whitelisted IP addresses by running /root/del-acct. Incredible PBX is preconfigured to let you connect to many of the leading SIP hosting providers without additional firewall tweaking. We always recommend you also add an extra layer of protection by running your server behind a hardware-based firewall with no Internet port exposure, but that’s your call. And it’s your phone bill. 😉

The IPtables firewall is a complex piece of software. If you need assistance with configuring it, visit the PIAF Forum for some friendly assistance.

Incredible Backup and Restore

We’re pleased to introduce our latest backup and restore utilities for Incredible PBX. Running /root/incrediblebackup will create a backup image of your server in /tmp. This backup image then can be copied to any other medium desired for storage. To restore it to another Incredible PBX server, simply copy the image to a server running Asterisk 13 and the same version of the Incredible PBX GUI. Then run /root/incrediblerestore. Doesn’t get much simpler than that.

Incredible PBX Automatic Update Utility

Every time you log into your server as root, Incredible PBX will ping the IncrediblePBX.com web site to determine whether one or more updates are available to bring your server up to current specs. We recommend you log in at least once a week just in case some new security vulnerability should come along. We originally had planned to make our fortune off update fees, but we changed our mind. So… contrary to the language in some of our builds, contributions to our projects are PURELY VOLUNTARY. You’ll get every update as it’s released whether you financially support our projects or not. Why haven’t we fixed the language? Good question. The short answer is it’s buried deep in the GUI image that would have to be regenerated from scratch. We’ll get to it one of these days. In the meantime, sleep soundly. No one will be breaking down your door for a donation.

We also encourage you to sign up for an account on the PIAF Forum and join the discussion. In addition to providing first-class, free support, we think you’ll enjoy the camaraderie.

Incredible PBX Application Users Guide

Your next stop ought to be learning about the three dozen applications included in Incredible PBX. We’ve put together this tutorial to get you started. Enjoy!

Originally published: Sunday, November 22, 2015


blankSupport Issues. With any application as sophisticated as this one, you’re bound to have questions. Blog comments are a terrible place to handle support issues although we welcome general comments about our articles and software. If you have particular support issues, we encourage you to get actively involved in the PBX in a Flash Forums. It’s the best Asterisk tech support site in the business, and it’s all free! Please have a look and post your support questions there. Unlike some forums, ours is extremely friendly and is supported by literally hundreds of Asterisk gurus and thousands of users just like you. You won’t have to wait long for an answer to your question.





 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

blankBOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

blankThe lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

blankVitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

blankSpecial Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Some Recent Nerd Vittles Articles of Interest…

  1. If you’re wondering what packages are installed with Scientific Linux, come back next week and download the entire Incredible PBX ISO build environment. All of the packages installed on your server are included in the build platform itself. Feel free to add to them or change them to your heart’s content. We don’t have a million dollar staff. That’s why we depend upon folks like you to offer suggestions and enhancements. In short, we treat Incredible PBX like a real open source project. Come join the fun! []
  2. This is unnecessary when you first install Incredible PBX because it automatically installs the latest version of Asterisk 13. []

The FUD Factor: Why Does the Asterisk Community Shoot Itself in the Foot?


blank

2015 has been quite the year for the Asterisk® VoIP community. First came the surprise announcement that Sangoma® had acquired FreePBX®. Next, Digium® caved on Asterisk-GUI and adopted FreePBX as their "free" distribution giving Sangoma a virtual monopoly in the Asterisk graphical user interface and aggregation market. And then the fireworks began. There were only two open source and GPL-compliant Asterisk aggregations left: Elastix® and PBX in a Flash™.

We had been on a downhill slide with the Schmoozers for quite a while after their "commercial tech support" for PBX in a Flash morphed into a sales pitch to switch users to the FreePBX Distro. What they left out of the narrative was the fact that the FreePBX Distro is neither open source nor a GPL product. Not only is it laced with NagWare and CrippleWare, but you are prohibited from redistributing or reusing the code. While it’s copyrighted and trademarked up the ying yang, it’s also full of "trade secrets" and GPL code obtained for free from the open source community. So much for the GPL. The Free Software Foundation has long since lost its appetite for lawsuits. Digium has kept a low profile through all of this. That’s probably because they’re now 100% dependent upon FreePBX, an integral component in their morphed AsteriskNOW® product.

If you’ve been involved in the technology business, you already know that the marketing strategy for many companies is full of examples of the traditional Good Cop/Bad Cop routine: beat you up with the bad guy and then let the good guy swoop in to close the deal. With free software, there’s another hurdle. You’ve first got to persuade customers that they really don’t want something for nothing. They’ll be much better off paying for everything: software, add-ons, updates/upgrades, and support. Remember the old adage: "Nobody ever got fired for choosing IBM®." Same song, different verse!

In the Asterisk VoIP community, there’s been another secret ingredient: fear, uncertainty, and doubt. Yes, good old FUD. This strategy relies upon confusing everybody to the point that they throw up their hands and stop believing anything anybody says. Then the good guy swoops in to close the commercial deal for the "safe company." Classic IBM!

With a legal background, we’d be the first to admit that the FUD strategy is difficult to deal with. You’re trying to explain fairly complex technical material in a logical way and all of a sudden you’re bombarded with completely off-the-wall comments that have no basis in fact. If you love Fox News, you’re accustomed to this already. Never mind the images on the screen don’t match the story that’s being told. The point is to make things look worse than they are so that the blonde bombshell can swoop in and say literally anything… and you’ll believe it.

If you watched Tag Team Wrestling as a kid, you’ll appreciate this sales strategy. Here we use one of our employees to publish a position on social media such as Twitter or one of the forums. Then other employees chime in with how brilliant the first employee’s idea really was. Better yet, get a handful of anonymous resellers to join in. This is especially effective when the general public has no clue that these folks are affiliated with the company and its marketing strategy.

If all else fails, bring on the personal attacks. Anyone that doesn’t agree with your position is labeled a troll and the piling on begins from other employees and resellers. Of course, there are always a few that stay above the fray urging everyone to "just get along" for the sake of the Asterisk "community." Classic Rodney King.

In the meantime, we’re watching an already fractured VoIP market that seems headed for oblivion. Have you watched how your kids communicate lately? Do you really think they’re going to be relying on PBXs ten or fifteen years down the road when all of their smartphone calls and messaging are basically free? Did we mention the other elephants in the room: Skype, Hangouts, and FaceTime? America’s Big 3 already provide free worldwide telecommunications and video conferencing with any smartphone or desktop computer. And TV support is becoming commonplace. So… Party On, FUD Masters.

Let’s look at a few examples of how this has played out. The best example is security. No sane IT guy would ever run a VoIP server fully exposed to the Internet without several layers of security including either a hardware or software-based firewall. That’s Networking 101. Yet there was a group of folks in the Asterisk community that, over the course of 10 years, never mentioned firewalls at all… until a few months ago. Guess who? And guess who’s server platform consistently got hacked? The response: FUD, and lots of it. When users began reporting totally compromised servers, "the team" response was disbelief and, of course, a post documenting a vulnerability in PBX in a Flash. The difference? The PBX in a Flash vulnerability still required administrator permission and an admin password for access. But, hey, it was a vulnerability and all vulnerabilities are alike, right? Wrong. Pure FUD but the equal billing of both vulnerabilities on their forum for months presumably achieved the goal of demonstrating that all software has "issues" from time to time.


And then there was the FreePBX Firewall, a recent creation that runs within the FreePBX GUI and is accessible within a web browser without root user permissions. There’s only one catch. A vulnerability in the firewall gave the intruder root access to the server without ever obtaining root user credentials. It doesn’t get much more dangerous than that. And, sure enough, while the developer was at AstriCon crowing about his awards and firewall accomplishments, a root exploit was identified less than a week after the product hit the market. The response? We fixed the only known vulnerability. Well, not so fast. The problem with the design is that users were continually locking themselves out of their own servers because they didn’t quite know what they were doing in implementing the new firewall rules. After bad-mouthing PortKnocker as an overly complex magic incantation, the developer couldn’t quite bring himself to go that route to get users back into their servers. After all, firewalls are supposed to be easy. Instead, he chose to disable the firewall entirely during the first 5 minutes after a server was rebooted. Sounds great, right? Wrong again. Almost any DDOS attack has the potential to crash a server and force a reboot. Guess who gets the easy pass to hack your server after the server comes crashing down? You may be wondering how a root vulnerability occurs when FreePBX runs as the asterisk user. Good question. And the answer is you have to load the encrypted SysAdmin module which reportedly gives itself root permissions to servers. In response… FUD and more FUD.


https://twitter.com/JamesFreePBX/status/666666463126687744

The latest FUD involves the so-called Module Signature Checking mechanism in FreePBX 12. Sangoma claims it was to protect end-users by throwing up glaring error messages whenever you install or use a FreePBX module that wasn’t produced by (you guessed it!) Sangoma. Our take is it was a not-so-subtle attempt to freeze everyone else out of the FreePBX module development market where Sangoma hopes to make a fortune in license fees and renewal contracts. Dream on. The downside is that, with the exception of a single module to support Digium® phones, there hasn’t been a non-Sangoma module for FreePBX produced in years! The FUD hit the fan when we published (OPTIONAL) code to let administrators remove the module signature checking mechanism if they chose to do so. This meant FreePBX 12 GPL modules worked exactly like those in every previous version of FreePBX. Suddenly, lack of module signatures became a security issue… except in earlier FreePBX releases, of course. What’s particularly disingenuous about this latest FUD attack is that FreePBX 2.11 and prior releases are still in active use. None of those releases even had the option to enable module signature checking whether an administrator wanted it or not. And, of course, all Incredible PBX builds include a preconfigured firewall that blocks all of the bad guys from even seeing your server much less attacking it. But suddenly our giving the administrator the option to use module signature checking has become a critical "security issue" that will cause users to "get hacked and lose money." That’s the Sangoma FUD mentality we’re dealing with folks.

Finally, let’s talk about hardware. Sangoma loves hardware. It is or, more accurately, was their bread and butter. First, they touted their Session Border Controller as the only way to protect an Asterisk server. For the FUD scorecard on SBCs, read our SBC article. And then there are the Asterisk appliances, preconfigured FreePBX Distro boxes running on generic (overpriced) computer platforms. In a recent article, we noted that a $200 Intel® NUC could run circles around the entry-level $579 FreePBX Phone System 50. And, for $500, a high performance Intel NUC could actually run a half-dozen or more Asterisk servers. Didn’t take long for a FreePBX cheerleader to crank up the FUD proclaiming that Intel NUC’s won’t boot:


Of course, if Mr. Messano had bothered to read the Nerd Vittles article, he would have learned that it only took about 10 seconds to apply a BIOS tweak that solved the booting problem forever. But, again, the damage was done. Believe it or not, many casual observers derive much of their technical expertise from 140-character tweets. And some will no doubt conclude that there must be a problem with the Intel hardware. Otherwise, why would some stranger suggest such a thing.

The point of all this is to document why those relying upon Asterisk for their bread and butter would do well to start devising a backup plan. Many in the business, medical, and government communities are reluctant to touch Asterisk with a 10-foot pole and now you know why. Over 500,000 people read Nerd Vittles each year. That’s not to suggest that they all agree with everything we suggest. But you can rest assured that they will continue to hear both sides when these hit-and-run attacks occur. As a CEO in the Asterisk "community," we’d be asking whether this approach is really worth the cost to the shareholders? While the derisive comments of some employees may play well to backslapping coworkers, the long-term consequence of alienating actual decision-makers reading this misleading FUD will be to drive serious customers to other platforms permanently. "Where there’s smoke, there’s probably fire" goes the old saying. And, while Asterisk 13 has proven itself to be a good platform for a business phone system, the end-user alienation and disingenuous FUD ultimately are going to have repercussions for businesses that have chosen to earn a living using Asterisk. As an Asterisk evangelist and a shareholder of Sangoma, we view these developments as unfortunate because the wounds are mostly self-inflicted.

For the rest of the story…

Originally published: Wednesday, November 18, 2015


blank
Need help with Asterisk? Come join the PBX in a Flash Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

blankBOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

blankThe lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

blankVitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

blankSpecial Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Some Recent Nerd Vittles Articles of Interest…

FCC and Asterisk Now Provide The Tools Needed to Put an End to Robocalls

One of the biggest jokes in the U.S. telecommunications industry has been the FCC’s Do Not Call List, a convenient source of working phone numbers for all the spammers on Planet Earth to use. Despite the threat of heavy fines, the FCC received 215,000 complaints in 2014 regarding unwanted robocalls and spam texts. In June, the FCC promulgated new rules clarifying that service providers could offer robocall-blocking technologies to consumers and implement market-based solutions that consumers could use to stop unwanted robocalls. Ten days ago, the FCC began publishing a weekly spreadsheet of 10-digit numbers associated with robocallers. And today we are pleased to do our part and provide a simple script which lets you deploy and periodically update the FCC’s RoboCall Blacklist on any Asterisk® 11 or 13 server platform.


Overview. Asterisk 11 and 13 already include a Blacklist feature to block unwanted callers. This functionality also has been integrated into the FreePBX® GUI for many years. Because of the size of the FCC RoboCall Blacklist, however, an indexed, robust database will be necessary to manage this on a busy PBX. With Asterisk 11 and 13, the integrated Asterisk Database now relies upon SQLite 3 with awesome performance. We need a simple way to distinguish FCC RoboCall Blacklist entries from other Blacklist entries that your PBX users have added either by phone using *30 and *32 or using the Blacklist feature in the GUI. In this way, the FCC entries can be replaced each week with a newer list while preserving any user-created Blacklist entries. There were several approaches to implementation discussed, and you can read all about them on the PIAF Forum. We’ve cherrypicked what we think are the best of all worlds employing a single script with some really elegant additions provided by Adam Goldberg and Dick Ollett. We have chosen a methodology that does not require Asterisk to be offline when the script is run so you can run it at any time. The script always makes a backup copy of the last FCC Blacklist just in case the FCC "improves things" and blows the current approach out of the water. You can recover by loading the previous week’s entries using the import-last-fcc-blacklist script. Only when you run the script the first time will you be asked to agree to the license agreement. After that you can incorporate the script into weekly cron jobs and forget about it.

WARNING: The FCC Blacklist now exceeds 200,000 numbers and is no longer recommended for Asterisk implementations!

Installation. Installing the software is easy. Log into your Asterisk server as root and issue the following commands:

cd /root
wget http://incrediblepbx.com/fcc-blacklist.tar.gz
tar zxvf fcc-blacklist.tar.gz
rm -f fcc-blacklist.tar.gz

Update: There’s good news. This software now works with XiVO! Tutorial here.

Operation. After installation, you’ll end up with a copy of the GPL2 license (COPYING) and 2 scripts: import-fcc-blacklist and import-last-fcc-blacklist (described above). Each week, simply run import-fcc-blacklist. After running it once, if you want to add it to /etc/crontab, here’s the command that will do it for you and spread the load on the FCC download site:

echo "$(($RANDOM%60)) $(($RANDOM%24)) * * $(($RANDOM%2 +6 )) root /root/import-fcc-blacklist > /dev/null" >> /etc/crontab

NOTE: For each FCC Blacklist entry that’s added, you’ll get an "Updated database successfully" message. Be patient. It takes about a minute to gobble all of them up. This week Asterisk shows there are 11.597 unique entries: database show blacklist

Redirecting Blacklisted Callers. Some may prefer to redirect blacklisted callers to a destination other than the default "the number is not in service" announcement. You can do this easily by installing the Lenny Blacklist Mod for FreePBX. Download the module from the link provided to your desktop. In the GUI, choose Admin -> Module Admin -> Upload Module. Choose the file you downloaded and click Upload from Hard Disk. Then enable the module and select the Lenny Blacklist Mod button from the GUI’s main status menu. You do NOT have to redirect callers to Lenny although that’s an option worth considering. A working version of Lenny is available at this SIP URI: SIP/2233435945@sip2sip.info

Blocking Anonymous Callers. By default, both scripts block anonymous callers by adding them to your Asterisk Blacklist. If you want to disable this feature, comment out line 37 in both of the scripts before running them.

Another View. Fred Posner’s blog has proffered a different view on the FCC RoboCall BlackList, and it’s something you should consider. We have responded to his article with a few comments that seek to lay out the factors everyone should individually evaluate before implementing anyone else’s blacklist. We also are sympathetic with Fred’s observation that the FCC should take proactive steps to notify affected violators that their number has been placed on the blacklist and provide an opportunity to respond. That’s nothing Allison + Asterisk couldn’t handle with ease. We’d be happy to donate the IVR code.


[soundcloud url="https://api.soundcloud.com/tracks/231404538″ params="auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&visual=true" width="450″ height="340″ iframe="true" /]

Other Helpful Hints. For other tips on getting the most out of this new software, we have a section on the PIAF Forum just for you. It addresses issues such as how to implement a BlackList with providers that deliver calls with 11 digits or that deliver NANPA calls with a +1 prefix. HINT: For providers such as CallCentric and Anveo that deliver calls in these formats, use context=from-pstn-e164-us. Come join the discussion. Enjoy!

11/11 Update. We’re now into the third iteration of the FCC RoboCall Blacklist, and there still appear to be a few problematic entries. For example, the main FedEx Customer Service number (800-Go-FedEx) remains in the blacklist.

To check whether a number is in the list, use this command:

asterisk -rx "database show blacklist/8004633339"

To manually delete an unwanted entry from the list after a database update:

asterisk -rx "database deltree blacklist 8004633339"

Originally published: Monday, November 2, 2015


blank
Don’t forget to List Yourself in Directory Assistance so everyone can find you by dialing 411. And add your numbers to the Do Not Call Registry. Or just call 888-382-1222 from your new number.
 

 


blank
Need help with Asterisk? Come join the PBX in a Flash Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

blankBOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

blankThe lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

blankVitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

blankSpecial Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Some Recent Nerd Vittles Articles of Interest…

Sleep Well: Deploy Certified Incredible PBX Builds for Mission Critical Systems

2015 marks the year we finally settled upon an Asterisk® platform that was not only feature rich but also easy to deploy and maintain. Incredible PBX™ began as an add-on feature set for PBX in a Flash™. But we really wanted a pure open source platform that was built from the ground up. So we introduced a number of stand-alone installers that could be deployed using existing Linux platforms: CentOS, Ubuntu, Debian, Raspbian, and even FreePBX® Distro’s SHMZ. These continue to be our "best sellers" even though we give them away. With the exception of SHMZ, the beauty of the other stand-alone installers is you can use them anywhere whether it’s a Raspberry Pi® or in the Cloud1 with RentPBX or Digital Ocean. But there were some that preferred either dedicated hardware or in-house virtual machine platforms such as VirtualBox and Proxmox. For these platforms, a two-step OS and Incredible PBX install procedure was a hassle. So we introduced an ISO build of Incredible PBX with a superset of Scientific Linux 6.7 preconfigured. And finally we added snapshot images for VirtualBox and Proxmox. What used to take hours has been reduced to less than 30 seconds on the Proxmox 4 KVM platform. With Incredible PBX, it’s all about choice and the FREEDOM to choose with NoGotchas!

Along the way, we experimented with a number of other hardware platforms, and we even tried several other management GUI’s for Asterisk. But there comes a time when you have to sharpen your focus and produce a product that is something other than experimental. And that’s why we are pleased to introduce the new Certified Incredible PBX Builds. These are robust unified communications solutions that we not only test regularly but also use ourselves. Yes, we eat our own dog food.

So where do you begin? We documented a simple, 3-Step Decision Tree to guide you through the process of choosing a GPL platform and VoIP communications solution that’s right for you. You can take it for a spin here or read the complete tutorial.

The more difficult question is deciding how to host your Unified Communications server. Do you want to maintain it yourself, or do you prefer that someone else maintain either the hardware or software or both? We can’t really answer that for you without a great deal of additional information. What we can tell you is that experimentation is a wonderful thing, and you’ll learn an awful lot in the process. Take advantage of the PIAF Forum. There are hundreds of VoIP experts and 10,000+ members to help with your new adventure. Building systems with Incredible PBX is a process that, in the worst case, takes under an hour. And, in the best case, it takes under 30 seconds. So our advice is try several Cloud approaches and, if you have some old hardware lying around the house, try that option as well. We would hasten to add that we don’t recommend running your phone system on old hardware permanently. If you choose the stand-alone server route, invest $200 and get our recommended Intel® NUC or invest $100 and put a Raspberry Pi 2 platform into production. Both are easy to back up and restore. If you’re a dedicated iMac user with processing power and RAM to spare, then the VirtualBox solution really is a no-brainer. It doesn’t cost you a dime, and you’ll never know your phone system is operating as a virtual machine.

The Incredible PBX Gold Standard

We get emails all the time that go something like this. "Cut the crap. You’re the expert. Just tell me the platform that you use and would recommend." Fair enough. Here you go. We experiment on Cloud-based servers almost daily. We have a virtual machine at RentPBX that has run non-stop for years without a hiccup. Use our $15/month coupon code if you sign up: NOGOTCHAS. We build and tear down systems at Digital Ocean and CloudAtCost and Wable almost daily. These three have the added advantage of letting you take snapshots of your virtual machines. Snapshots can be restored in minutes. While CloudAtCost is a good sandbox, don’t even think about using it in production!

The system we recommend for SOHO and small businesses is $200 dedicated hardware, an Intel NUC. The software is Incredible PBX 13 ISO. The server is powerful, quiet, tiny, and easy to back up using Clonezilla and an external USB drive. Our production machine doesn’t change much for months at a time. Once configured, yours probably won’t either. Don’t go update crazy! Apply updates and upgrades only when something doesn’t work or you need a new feature. If it ain’t broke…

A Few Words About Incredible PBX Applications for Asterisk

Asterisk is a complex telephony platform. Don’t expect to learn it all in a day. We’ve been at it for 10 years, and there’s still much that we don’t know. On top of Asterisk, we’ve added over three dozen Asterisk applications. And, yes, there is documentation. Spend a little time with the tutorial, and it will improve your appreciation for Asterisk 1000%.

A Few Words About Google Voice OAUTH Authentication

We have been a strong proponent of Google Voice for many years. Why? Because in the United States, you can make limitless calls to the U.S. and Canada for free. Faxes work, too. Just don’t put all of your eggs in the Google Voice basket. It does break, and Google regularly "improves" things. Thus far, we’ve always managed to get things going again thanks to some very talented telephony gurus around the globe. The one component of Google Voice that Google continues to threaten to shut down is the use of plain text passwords for authentication. With Incredible PBX, you can do something about that by implementing OAUTH authentication on your server. We’ve written a simple tutorial to guide you through implementation and use of OAUTH 2.0 with Google Voice. Please read it before your Google Voice trunks suddenly drop dead.

A Few Words About Security and Firewalls

If you have a phone system that is exposed to the Internet, the bad guys are going to attempt to make calls on your nickel forever. No firewall means sooner or later you’re going to get hit with a very expensive phone bill. Some of the horror stories include charges of over $100,000 in a single month.

Incredible PBX includes a sophisticated firewall that is locked down to private networks, preferred (by us) VoIP providers, and the IP addresses of your desktop computer and your server. Don’t disable it!

We do not recommend using Incredible PBX on the Amazon EC2 platform for the simple reason that Amazon treats all customers as part of the same private LAN. This defeats the security provided by the Incredible PBX firewall and leaves your extension and trunk passwords as your only line of defense. Yes, there are bad guys using Amazon. You’ve been warned.

If you opt to host your own dedicated server for Incredible PBX, we strongly recommend that you place the server behind a hardware-based firewall in addition to the IPtables firewall provided as part of every Incredible PBX build. Two firewalls are almost always better than one. It’s one more nut to crack for the bad guys.

Finally, a word about the new FreePBX Firewall. Don’t. Good network practices suggest that a firewall should be as separated from your applications as possible. The IPtables firewall used by Incredible PBX is only accessible through SSH or the console with root login. It also requires root permissions for any type of modification to its setup. The FreePBX firewall is an integral component of FreePBX and is accessible through the FreePBX GUI itself using the standard FreePBX admin credentials. In addition, during the first week, a vulnerability was reported which resulted in a root vulnerability. What’s puzzling about that is the fact that FreePBX itself traditionally has not operated with root permissions which suggests that other changes have been made in the GUI so that the user account separation between the asterisk user account and the root user account has now been compromised, a very dangerous new development. If this is ever explained, we will pass it on.


https://twitter.com/0x00string/status/655513518578339841

A Few Words About Module Repositories

FreePBX 12 GPL modules are an integral component of Incredible PBX. Why don’t we use "pure" FreePBX 12? The short answer is Sangoma® has integrated a hidden module repository into FreePBX 12. It is comprised of modified FreePBX 12 modules that are not provided on any publicly-accessible web site. Yes, FreePBX 12 GPL modules are available through their GIT repository, but these modules differ from the ones that actually make FreePBX 12 work properly (see next section). As a result, we have chosen to build and use a public module repository for FreePBX 12 GPL modules included in Incredible PBX. For further details, see this Nerd Vittles article. To access our public repository of FreePBX 12 GPL modules, go here.

A Few Words About Module Signatures

With FreePBX 12, Sangoma also has chosen to bar use of competitor’s commercial modules within the product. In addition, Sangoma has implemented a module signature scheme which results in nasty security alerts whenever a compatible FreePBX module is included in the GUI that was not produced or approved for inclusion by Sangoma giving the impression that your server has been compromised. As a result, we have chosen to disable module signature checking by default with Incredible PBX. As changes are made within the GUI, the nasty warnings reappear. We have included the gui-fix script to again disable signature checking. A permanent fix which eliminates signature checking permanently is available here.

A Few Words About Asterisk Upgrades

When you install Incredible PBX, you automatically get the latest and greatest version of Asterisk. Depending upon the installer used, you get either Asterisk 11 or 13. Both versions of Asterisk get regular upgrades provided by Digium®. As with updates, our recommendation is to not apply upgrades unless you actually need a new feature or your existing server is experiencing problems related to the version of Asterisk you are running. We have provided an upgrade utility to make the upgrade process painless. It will NOT move you from Asterisk 11 to 13. It only moves you to the latest release in the version of Asterisk you already have installed.2 In the case of Asterisk 13, the upgrade utility will preserve Google Voice OAUTH authentication if you have previously applied the Asterisk 13 patch as documented above. To upgrade your server, log in as root and issue the following commands:

cd /root
wget http://incrediblepbx.com/upgrade-asterisk-to-current.tar.gz
tar zxvf upgrade-asterisk-to-current.tar.gz
rm -f upgrade-asterisk-to-current.tar.gz
./upgrade-asterisk-to-current

A Few Words About Backups

There are two kinds of administrators in the world: those that make regular backups and those that don’t. Only the first category of administrators generally keep their jobs. Whether you do this for a living or for fun, you are strongly encouraged to make regular backups of your server. There are two types of backups: full system backups and incremental backups using the incrediblebackup script. You need both. For dedicated servers, we recommend you obtain the free Clonezilla application for full system backups. Used in conjunction with an external USB drive, it provides excellent results. For those using Incredible PBX in a virtualized environment, we recommend you use the snapshot utility included on your platform to make periodic backups. Backups should always be stored in a location separate from that of your server or virtual machine.

Originally published: Monday, October 26, 2015


blankSupport Issues. With any application as sophisticated as this one, you’re bound to have questions. Blog comments are a terrible place to handle support issues although we welcome general comments about our articles and software. If you have particular support issues, we encourage you to get actively involved in the PBX in a Flash Forums. It’s the best Asterisk tech support site in the business, and it’s all free! Please have a look and post your support questions there. Unlike some forums, ours is extremely friendly and is supported by literally hundreds of Asterisk gurus and thousands of users just like you. You won’t have to wait long for an answer to your question.


blank
Need help with Asterisk? Visit the PBX in a Flash Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

blankBOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

blankThe lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

blankVitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

blankSpecial Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Some Recent Nerd Vittles Articles of Interest…

  1. Some of our links refer users to service providers when we find their prices are competitive for the recommended products. Nerd Vittles receives a small referral fee or advertising revenue from some of these providers to help cover the costs of our blog. We never recommend particular products solely to generate commissions. However, when pricing is comparable or availability is favorable, we support these providers because they support us. []
  2. Some of the FreePBX Distro cheerleaders have touted the beauty of their NagWare noting that you can move back and forth between Asterisk 11 and 13. The question is why would anyone ever want to move back to Asterisk 11 after migrating to Asterisk 13. So we’re talking about a one-time reinstall followed by a restore using Incredible Backup and Restore from your Asterisk 11 server. Can you say lunch break? []

The 30-Second PBX: Introducing Proxmox 4 for the Intel NUC and Asterisk 13

blank

With the advent of cloud-based computing and desktop virtual machine platforms like VirtualBox, we haven’t played with dedicated hardware for Asterisk® in a couple of years. WOW! It’s just amazing the quantum leaps in miniaturization, price, and performance that have transpired during our absence. Last week, we introduced a dedicated server platform for under $200 that could serve as a small business PBX for almost any 20-30 person organization. Today, meet Big Brother. You’re looking at all the components that make up the $500 Intel® NUC D54250WYK with a Core i5 dual-core processor, a 250GB mSATA drive, and 16GB of RAM. While you install the RAM and disk drive yourself, if you can unscrew 5 screws and have 5 minutes to spare, you can handle this. With the addition of the just released (free) Proxmox 4 virtualization platform, it can run a half dozen powerful stand-alone applications without ever breaking a sweat. Little wonder that Digital Ocean and CloudAtCost are all but giving away server resources. They almost have to given the developments in stand-alone hardware.

Buying Your Hardware

blank

So here’s how we started. Of course, you can adjust the components and the merchant to meet your own requirements. For us, Amazon1 works great, and the prices are competitive. Who else delivers on Sunday? Despite the notice that the computer would be here on Monday, we knew better. And sure enough it was in the box with the other Sunday goodies. Remove the four screws from the bottom feet of the computer, and the case opens easily. Next, unscrew the screw from the bottom of the motherboard that holds the SSD drive in place securely. Snap in the mSATA drive and the two memory sticks, replace the screws, and you’re in business.

Initial Setup of the Intel NUC Platform

Our unit actually came with the latest BIOS preinstalled, but you’ll want to always upgrade the BIOS on any Intel motherboard. Everything generally gets better with each new upgrade. The rest of the firmware is fine as is unless you plan to use the computer as a Windows machine. You’ll find all the downloads here. The firmware you want is version 0041, and the file you want is WY0041.BIO. Copy it to the top level directory of a DOS-formatted USB flash drive using any desktop computer. On the Intel NUC, plug in a USB keyboard and mouse as well as the USB flash drive and a USB CD/DVD drive. Then connect a network cable. Finally, connect a monitor using a microHDMI to HDMI cable, and you’re all set. Once we’re finished configuring the Intel NUC, you can stick it on a shelf that has power and a network connection. No other peripherals are necessary as everything can be managed through SSH or a web browser.

To upgrade the BIOS, boot the computer by plugging it in and pressing the power button on top. Press F7 during the initial POST, choose the USB flash drive, select the .BIO file, and press ENTER. Once the BIOS is loaded, the machine will reboot.

Introducing Proxmox 4.0 Virtual Environment

When it comes to virtualization, we’ve been big fans of Proxmox for a very long time. We introduced Proxmox for VoIP virtualization over six years ago. Things have come a long way since then. And Proxmox VE 4.0 is the culmination of years of hard work by a very talented development team. You can read all about the new feature set and support for KVM and Linux Containers here. Our own take on virtualization is that OpenVZ templates were appealing because they installed and loaded quickly. The downside was they shared a single (proprietary) kernel which often led to security issues and made firewall implementation at the virtual machine level difficult. Of course, any applications such as DAHDI that required kernel implementation were extremely complex to implement and use. Now that almost all of Intel’s and AMD’s processors support virtualization extensions (Intel VT or AMD-V), we were not one to shed tears when Proxmox dropped support for OpenVZ and replaced it with Linux Containers. In fact, for our purposes, they could have left out Linux Containers as well. They suffer from some of the same quirks that made OpenVZ implementations problematic. The platform we’ve chosen for VoIP implementation has full support for virtualization extensions which means you can load and run complex applications such as Windows and Incredible PBX just as if you were using standalone hardware. The only real difference is we’re going to provide a template for building KVM-based Incredible PBX virtual machines in under 30 seconds. So you’ll get the best of both worlds, standalone computer functionality coupled with jaw-dropping implementation speed. For those that train or support multiple independent organizations as well as those that love to tinker and experiment, our solution has no equal.

To begin, download the Proxmox VE 4.0 ISO and burn it to a CD or DVD.

As we mentioned last week, if you don’t happen to have one, LG’s tiny USB-powered DVD Writer is the best $25 you will ever spend. And they keep getting cheaper!

blank

Installing Proxmox VE 4.0 on the Intel NUC

Now we’re ready to get started. Insert the Proxmox VE 4.0 CD into the drive connected to your Intel NUC and boot the machine. Press F10 during POST and choose the CD/DVD drive to start the Proxmox install. Accept the license agreement and fill in the blanks. The important piece is to give your server a hostname. Just be sure it starts with proxmox4, e.g. proxmox4.incrediblepbx.com or use your own domain: proxmox4.yourdomain.com. The actual domain becomes important only if your server will be directly connected to the Internet in which case the FQDN obviously matters. Otherwise, Proxmox needs the hostname to manage things internally. Assign a permanent IP address for your server or use DHCP to obtain an IP address and then reserve that IP address for use by Proxmox in your router’s settings. Either way works fine, but you don’t want the IP address changing down the road.

BIOS Adjustments to Support Proxmox VE 4.0

Once the Proxmox install completes, it’s time to reboot. During the POST, press F2 to access Intel’s Visual BIOS. If you followed along last week, you’ll recall that we made some changes to accommodate Legacy booting of the server in lieu of UEFI. This week we need a different approach because of some quirks in the Proxmox server implementation procedure. We pulled our hair out (what little is left) for a couple days wrestling with this because the server wouldn’t automatically boot in either Legacy boot mode OR UEFI mode. The reason is because Proxmox puts a GPT label on the drive signifying that it’s a UEFI-compatible device whether UEFI is disabled in the BIOS or not. This confuses the Intel NUC bootloader. So you end up with a boot failure and the cryptic message "No boot device found." Proxmox blames Intel for a buggy BIOS even though Intel developed the GPT specification. If you enjoy food fights, break out the popcorn and enjoy the dialog on the Proxmox Forum. Suffice it to say, there’s a difference of opinion about who should fix this. Here’s the easy way to resolve the impasse.

In Visual BIOS, click Advanced tab. Click Boot tab. Click Boot Priority. Make it look like this:

blank

If the BuiltIn EFI Shell option doesn’t appear, don’t worry about it. Just press F10 to save your changes anyway. When your server reboots, it will drop into the EFI shell. Type the following commands pressing ENTER after each entry:

fs0:
echo "fs0:\EFI\proxmox\grubx64.efi" > fs0:\startup.nsh
startup.nsh

At this point, your server should boot into Proxmox. On reboot, the EFI shell will appear momentarily followed by an automatic boot into Proxmox. Solved!

Using Incredible PBX with Proxmox 4.0

You now have a functioning Proxmox server. When you reboot and login as root, the server will tell you how to access the Proxmox GUI with your browser. Before we put the necessary pieces in place to support Incredible PBX, we want to provide a very brief technical overview of how best to use Proxmox virtualization based upon our testing. Using a methodology similar to that demonstrated by AVOXI using Docker at this year’s AstriCon meeting, we use a backup image to instantiate "KVM containers." We hear some of you saying, "There’s no such animal." And right you are. The nomenclature is different, but the concept is similar. In fact, our simulated KVM Containers work exactly like OpenVZ and Linux Containers with none of the drawbacks of a shared kernel. And the good news is Proxmox 4 implements this perfectly through its backup and restore mechanisms. New kernel-based virtual machines can be created in under 30 seconds. Following initial login to a new KVM as root from the console, we individualize the KVM by randomizing passwords, creating new SSH credentials, and setting up a custom whitelist for the Incredible PBX IPtables firewall. The initialization procedure takes less than a minute and is only run the first time you log into your new KVM as root. The bash init script is here: /etc/profile.d/helloworld.sh.

Preliminary Setup Steps with Proxmox 4.0

The most important setup step is to put your Proxmox server behind a hardware-based firewall or configure the built-in firewall to keep out the bad guys. Proxmox has had their share of security vulnerabilities over the years so this is really critical. It’s beyond the scope of this article to walk through the entire firewall setup process, but you’ll find plenty of literature on the Proxmox Wiki and Forum as well as on the Internet. Each of your KVMs will have its own preconfigured whitelist using the IPtables firewall, and any of the Incredible PBX tutorials can walk you through adding and changing entries in those whitelists.

To use the backup and restore functionality of Proxmox, you’ll need to create a backup storage directory in the Proxmox GUI. After logging in as root, click Datacenter in the Server View, click the Storage tab, click the Add button, and choose Directory from the pulldown list. Fill in the blanks like this using VZDump Backup File for the Content type:

blank

If you have access to a Cloud-based or local NFS device, it’s just as easy to create an additional backup directory on your NFS server. Follow the same steps and choose NFS from the Storage pulldown. With NFS, you must first set up a storage directory with NFS permissions for the IP address of your Proxmox server.

blank

Last, but not least, you need to learn your way around in the GUI. proxmox4 is the name of your server if you followed our recommended setup for your hostname. Under the server, you will find entries for each of your KVM, Linux Containers (LXC), and other drives, e.g. local, backup, and synology.

To add a new LXC image to your server, choose local -> Content -> Templates, pick the desired LXC image, and click Download.

To add new ISO images to your server for building KVMs, choose local -> Content -> Upload, pick ISO Image as the Content type, choose the ISO from your desktop by pressing Select File, then click Upload button.

To start up Virtual Machines once you have created them, click on the VM number under proxmox and click Start. To access the virtual machine once it has begun booting, click Console.

To shutdown a KVM, click on the VM number under proxmox and click Shutdown. Or you can type halt after logging into the KVM as root from the KVM’s Console.

For a list of all available content, choose proxmox4 -> local -> Content.

Loading the Incredible PBX 13 Components into Proxmox 4.0

We need to put two pieces into place to get things rolling with Incredible PBX 13. There are two ways to create Incredible PBX 13 KVMs. You can do it manually from the IncrediblePBX13.iso just as you would on a stand-alone machine. Or you can restore from the IncrediblePBX13 KVM backup image to create a new KVM. The first method takes about 30 minutes. The second method takes less than 30 seconds. The choice is all yours. The results are exactly the same.

Before you can create KVMs, we need to put the Incredible PBX 13 backup image and the Incredible PBX 13 ISO in their proper places. To save some time and steps, we’re going to load the backup image by logging into the Proxmox server as root. For the ISO image, we’ll use the GUI.

To install the Incredible PBX 13 backup image, log into your server as root using SSH and issue these commands:

cd /
wget 'http://downloads.sourceforge.net/project/pbxinaflash/IncrediblePBX13-12 with Incredible PBX GUI/IncrediblePBX13-KVM.tar.gz'
tar zxvf IncrediblePBX13-KVM.tar.gz
rm IncrediblePBX13-KVM.tar.gz

To install the Incredible PBX 13 ISO image, first use a web browser to download IncrediblePBX13.iso to your desktop from SourceForge. Next, login to your Proxmox GUI and choose proxmox4 -> local -> Content -> Upload, pick ISO Image as the Content type, choose IncrediblePBX13.iso from your desktop by pressing Select File, then click the Upload button.

Your Incredible PBX 13 backup image should now appear under proxmox4 -> backup -> Content.

Your Incredible PBX 13 ISO image should now appear under proxmox4 -> local -> Content.

Building Your First Incredible PBX 13 Virtual Machine

blank

To create a new Incredible PBX Virtual Machine, click the options in the order shown on the image above. Use any VM number desired. In less than 30 seconds, you’ll have your first 10GB Incredible PBX 13 Virtual Machine in place:

blank

Initializing KVM Network Device MAC Address. If you ever create more than one KVM from the same backup image, you must initialize the network device’s MAC address before starting the KVM. Otherwise, you will get a conflicting network connection and a mess. Best practice: ALWAYS initialize the network device MAC address when you first create a new KVM from a backup. Click on the VM number in the left column under proxmox4. Then click the Hardware tab, click Network Device, and Edit. Erase the existing MAC address and click OK. Now it’s safe to start the KVM. The telltale sign that you forgot to do this will be a flaky network connection on one or more of your KVMs. If it happens, just delete the offending KVM and create a new one. You won’t forget but once. 😉

To start your new Incredible PBX Virtual Machine, click on the VM number in the left column under proxmox4. Then click the Start button on the right side of the Proxmox GUI header. The Tasks list at the bottom of the GUI will show it loading. Now click on the Console button at the top of the GUI to open a QEMU console session with your virtual machine. At the login prompt, login in as root with the default password: password. The startup script will complete the customization of your server in less than a minute. Then you’re ready to go. Complete the same configuration steps that you would on any new Incredible PBX server:

Change your root password and make it very secure: passwd
Create admin PW to access Incredible GUI and FreePBX® GPL modules: /root/admin-pw-change
Set your correct time zone: /root/timezone-setup
Create admin PW for web apps: htpasswd /etc/pbx/wwwpasswd admin
Make a copy of your Knock codes: cat /root/knock.FAQ
Decipher IP address and other info about your server: status

Now it’s time to pick up the Incredible PBX 13 tutorial for CentOS and continue on with your adventure if you’ve never done this before. Then take a good look at the Incredible PBX Application User’s Guide to get the most out of your new server.

Building a second, third, and fourth KVM is just as easy as building the first one.

Backing Up Incredible PBX 13 Virtual Machines

The real beauty of virtualization and Proxmox in particular is that you can make instantaneous backups of your virtual machine at any time whether the virtual machine is running or not. Those backups can be copied to off-site storage for safe keeping. The critical component of any server is the reliability of and ease with which you can recover from a catastrophic failure. It doesn’t get any easier than this.

blank

To make a backup of your virtual machine to your backup directory, click on the VM ID number in the left column. Then click Backup -> Backup Now. Fill in the blanks of the backup template.

blank

To make a backup of your virtual machine to a local or off-site NFS device, it’s just as easy. Click on the VM ID number in the left column. Then click Backup -> Backup Now. Fill in the blanks of the backup template. Makes you want to run right out and buy a Synology NAS/NFS device, doesn’t it?

Restoring a virtual machine from a backup is just as easy as it was to create the virtual machine image from our backup above. Just choose your backup image instead of the one we provided.

Backing up your virtual machines is only half the story, of course. It also is important to get a backup of the whole enchilada, i.e. the entire Proxmox server. Luckily, the latest version of Clonezilla works perfectly after you have applied the UEFI BIOS patch as documented above. Enjoy!

Originally published: Monday, October 19, 2015




blank
Need help with Asterisk? Visit the PBX in a Flash Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

blankBOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

blankThe lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

blankVitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

blankSpecial Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Some Recent Nerd Vittles Articles of Interest…

  1. Some of our purchase links refer users to Amazon and other sites when we find their prices are competitive for the recommended products. Nerd Vittles receives a small referral fee from merchants to help cover the costs of our blog. We never recommend particular products solely to generate commissions. However, when pricing is comparable or availability is favorable, we support Amazon and other merchants because they support us. []