Home » Incredible PBX » Raspberry Pi (Page 14)
Category Archives: Raspberry Pi
The Most Versatile VoIP Provider: FREE PORTING
JUST RELEASED: Visit the Incredible PBX Wiki300 New Wholesale Providers Make Asterisk Shine
For many years, we’ve offered Vitelity’s $3.99 Unlimited DID special with a DID, 4 channels, unlimited inbound calling, and free text messaging. It’s a deal no VoIP user should pass up. And today we have another revolutionary development for Asterisk® deployments. Once in a while we feature a carrier with great calling rates. Today we’re introducing a service providing access to 300+ wholesale carriers, all under one roof. Almost 30 BILLION billed minutes already have been logged through TCXC so you’re in good hands!1 You can choose from any or all of their 300 wholesale VoIP carriers worldwide to make outbound calls at the same wholesale rates offered to the very largest resellers. Simply pay a 13% surcharge in lieu of the $650 annual fee, and TelecomsXchange (TCXC) will provide you access to their entire suite of wholesale carriers together with state-of-the-art tools to manage all of the services.2 You’ll never have to haggle with individual carriers or provide funds on a piecemeal basis to use any of the services. TCXC already has done the negotiating for you and TCXC handles financial reimbursements to carriers based upon the services you use. There’s more good news. When compared to commercial providers, TCXC’s one-second billing increment on most routes will recoup a healthy portion of the 13% wholesale surcharge. Here are a few sample per minute wholesale rates (all with one-second billing) to whet your appetite:
- $.0000 – U.S. TollFree
- $.0009 – U.S.
- $.0010 – Cyprus
- $.0011 – Canada
- $.0019 – Germany
- $.0021 – U.K. (London)
- $.0042 – China
What does a penny buy? 11-minute call to U.S., 10-minute call to Cyprus, 9-minute call to Canada, 5-minute call to Germany, 5 minute call to England, or 2½-minute call to China.
If you’re new to wholesale terminations, be advised that carriers change their rates regularly and, from time to time, every carrier experiences outages. Not to worry. For a modest additional charge, TelecomsXchange will manage rates and provide automatic failover for carrier outages. Simply choose TelecomsXchange as your preferred provider to the outbound destinations desired.
Before we get into the nuts and bolts of configuring Asterisk to use TCXC carriers for wholesale call terminations, let’s spend a minute discussing the architecture of the FreePBX® trunk and outbound routes model. In this design which you will find in most Incredible PBX® implementations including Issabel 4, Incredible PBX for CentOS and Ubuntu, and Incredible PBX for the Raspberry Pi as well as in other Asterisk distributions including AsteriskNOW® and the FreePBX Distro®, the administrator specifies Trunks for each provider and then assigns Outbound Routes for calls using those providers. When calls are placed, FreePBX chooses an Outbound Route based upon the dial string match specified in the route. If you have a dozen outbound routes, dialed numbers are analyzed against dial strings specified in each Outbound Route, and the routes are examined from the top to the bottom of the list. Once FreePBX chooses an Outbound Route to process a call, that ends the Outbound Route selection process. No other Outbound Route is ever considered whether it has a matching dial string or not. And it doesn’t matter whether the call fails or not, no other Outbound Route is attempted. The good news is that, within every Outbound Route, you can specify multiple Trunks which will be used in the order you’ve chosen to complete the call. If the ninth trunk happens to be the first trunk that doesn’t experience congestion, then the call will be routed to carrier #9. Keep in mind that calls to the previous eight carriers have to be attempted before we ever get to carrier #9. For this reason, it is important to create a Trunk for every carrier and specify multiple Trunks in every Outbound Route to avoid failed calls. Or, as noted above, you can specify TelecomsXchange as your final Trunk in every Outbound Route and leave it to TCXC to identify a working carrier to complete your call. In this way, you never have to worry about failed calls even though some may cost a little more depending upon carrier outages. So that’s how VoIP terminations work. You’re now an expert!
Getting Started with TelecomsXchange
The first step in your wholesale VoIP adventure is to sign up for an account with TelecomsXchange. Unless you’re chomping at the bit to pay the $650 annual fee, use our referral link. Your PBX will need a public IP address but, if it happens to be a dynamic IP address assigned by your provider, don’t worry. It’s easy to change it down the road, and we’ll show you how. Obviously, a cloud-based PBX makes this easier since you get a dedicated IP address, and this Nerd Vittles article provides several options.
Once you receive your credentials, simply login to the TelecomsXchange web site. Just a few words about how the site is organized. Dashboard is where you’ll land when you login. Accounts let you specify more than one account to be associated with your credentials. If you manage multiple PBXs, this is where you set things up. Each account must have a unique IP address. This is also where you can change the IP address associated with your primary account if the need ever arises. My Interconnections displays each of your accounts and all of the carriers you’ve chosen to associate with each account. Market View is where you search for prices and choose carriers to associate with your account(s). We’ll cover this one in more detail a little later. Payment History tracks all of your payments to TelecomsXchange by date. Call Statistics lets you download CDR and Stats data by the day, week, or month. CDR gives you an instant snapshot of your calling history and the price of the calls based upon criteria you specify. It’s very similar to the same feature in the Incredible PBX or FreePBX GUI. Preferences let you change settings for your account.
The item you’ll need to use first is the plus sign (+) at the top of the form. This is how you fund your account. As noted previously, there is a 13% wholesale surcharge and this will be deducted from whatever amount you choose to add to your account. For example, if you add $100 using PayPal, the PayPal fee plus 13% will be deducted from the $100. So your account would show an available balance of approximately $84. Cash or bank wires also are accepted.
Finally, here’s a link to the TelecomsXchange Knowledge Base and Help Center. There’s lot of helpful information there to get you started.
Choosing a Carrier with TelecomsXchange
Let’s walk through the procedure to add new carriers to your account. This is the first thing you’ll want to do after you get your credentials and fund your account. Begin by making yourself a list of the countries or dialing prefixes you’d like to call using TCXC wholesale carriers. The easiest way to perform searches and find carriers is to decipher the dialing prefix for the calls you wish to make. For example, to call London, the Prefix would be the U.K. country code (44) plus the London city code (20).
Now open the Market View tab to get started. Here’s how we’d fill in the form to find London carriers and to order the first hundred matches from least costly to most expensive: Prefix (4420), Results (100), Order By (PRICE), and Route Type (CLI) which means you can specify your own CallerID for the outgoing calls. Click Search to proceed. The results look like this:
To add a carrier to your account, simply click on the plus sign (+) on the right side of the Action column beside the carrier of your choice. You then can choose whether to add it to all of your accounts, or you specify the account to which the carrier should be added. If you want to review the carrier’s history and ratings with TCXC, click on the Information icon in the Action column beside the carrier of your choice.
For NANPA call destinations, specify 1 plus the area code in the Prefix field. You can add the first 3 digits of the exchange to drill down further. Be advised that adding the 3-digit exchange may eliminate a number of carriers that only specify rates for an entire area code. For example, if a carrier specifies an area code rate for 1212 and no exchange limitations, then searching for 1212652 would not return that carrier.
If you already know which carriers you’d like to add, just search for them by specifying the carrier name in the Seller field and leaving the Prefix field blank. To get started, here are a few favorites for U.S./Int’l routes: IDT, LEXICO, TATA, VOXBEAM, and TELECOMSXCHANGE.
Placing Carrier-Specific Calls with TelecomsXchange
To set up the FreePBX Trunks and Outbound Routes, you first need to understand how calls are placed through TelecomsXchange carriers. In lieu of traditional trunk registrations on your PBX, TelecomsXchange uses the IP address that you registered for your account to determine whether SIP calls arriving at TCXC for routing to a carrier are authorized. Thus, it’s important that you keep your IP addresses updated whenever they change. Assuming your call passes the IP address check, the next hurdle is for TCXC to decipher which carrier should be used to route the call to its destination. This is handled by dialing prefixes which are unique to each TCXC carrier. For example, TATA has a dialing prefix of 32270#. To dial a U.S. call using the TATA carrier, the dial string would look like this: 32270#16785551212. A carrier must be assigned to your account before you can place calls from your PBX using that carrier’s dialing prefix. So there are two layers of protection on the TCXC side to prevent fraudulent calls. There must be both an IP address match and a carrier prefix match on your account before a call will be forwarded to a carrier.
Before we begin setting up your Trunks and Outbound Routes for Incredible PBX or one of the other Asterisk platforms, write down the names of each of the carriers you have chosen as well as their Dialing Prefixes. You’ll need them in the next steps. You can decipher carrier’s dialing prefixes assigned to your account under the My Interconnections tab in your TCXC Dashboard.
Setting Up TCXC Carrier Trunks in FreePBX
To begin, make certain that chan_SIP is assigned to UDP 5060 on your PBX. Particularly for trunks, there were just too many issues with PJsip in some releases of Asterisk so steer clear. With every TCXC carrier, the good news is the chan_SIP Trunk setup is virtually identical except for the carrier name and the carrier’s dialing prefix. For each carrier, start by adding a new chan_SIP Trunk in the Incredible PBX or FreePBX GUI. In the General tab, insert the carrier name in the Trunk Name field, e.g. TCXC. Leave the other default settings as they are.
Switch to the Dialed Number Manipulation Rules tab. Leave the Dialing Rules empty and insert the carrier’s dialing prefix in the Outbound Dial Prefix field, e.g. 77379#.
Switch to the SIP Settings tab. In the Outgoing tab, insert the carrier name in the Trunk Name field. Insert the following in the PEER Details field:
type=peer qualify=yes progressinband=never port=5060 nat=yes insecure=port,invite ignoresdpversion=yes host=sip01.telecomsxchange.com dtmfmode=rfc2833 disallow=all context=from-trunk allow=ulaw&alaw
While still in SIP Settings, switch to the Incoming tab, and clear out the default User Detail entries. Now click the Submit button and reload your dialplan when prompted.
Repeat this procedure for each of the carriers you set up in your TCXC profile.
Setting Up Outbound Routes for TCXC Calls
Setting Up Outbound Routes for TCXC Calls
Our preferred Outbound Route setup for TCXC carriers is to create a new Outbound Route for each destination (typically a country) to which you wish to enable calling. Be advised that setting up a dialing prefix of just the number 1 authorizes considerably more calls than just those to destinations in the United States. For foreign countries, if all of your calls to the U.K are to destinations in London, then don’t authorize country-wide calling. Narrow it down to the country code and city code for London. Remember, it’s your phone bill.
For international calls, we prefer that callers enter a dialing prefix that specifies that it’s a long distance call plus a two-digit prefix representing the country abbreviation, not the dial code of the country. For example, for the U.K., we use 085 where 0 specifies long distance call and 85 is the phone representation for UK. We’ll then use the Outbound Route to strip off the caller’s dialed prefix and to insert the proper country code to complete the call.
Within each Outbound Route, we recommend you specify one or more low-cost carriers and a final TCXC carrier to catch calls that fail to all of your designated carriers. Otherwise, the caller will get a failed call. And you will get the next call. 🙂
So here’s what our Outbound Route setup for London, England looks like. You only need entries in the Route Settings and Dial Patterns tabs. Be sure to put your desired CallerID in the Route CID field and set the Override Extension option to YES. Then add your preferred Trunks in the order in which you want the calls attempted:
In the Dial Patterns tab, we specify a Prefix of 4420 to tell Asterisk to add a dialing prefix to the call to get it to London. Then we enter 085 in the Prefix field to tell Asterisk to strip off those digits entered by the caller before sending the call to the designated Trunk for processing. The Match Pattern is 8 X’s which represents an 8-digit London telephone number. To get a match on this Outbound Route, Asterisk will be searching for a dial string that looks like this: 085 + XXXXXXXX
Here’s an example of the Asterisk call flow using IDT as the primary trunk with this Outbound Route.
Caller Dials: 085-7499-0888 Outbound Route finds match on 085 Prefix + 8 X's and discards Prefix Outbound Route sends 4420 (for London) + 74990888 to Trunk #1 (IDT) IDT Trunk adds IDT Dialing Prefix 10729# before sending call to TCXC TCXC receives: 10729#442074990888 TCXC strips IDT dialing prefix and sends call to IDT: 4420 + 74990888 IDT connects caller to Four Seasons Hotel in London
Adjustment with NAT-Based Implementations
Adjustment with NAT-Based Implementations
Keep in mind that TCXC was designed primarily for commercial resellers, not for PBX-level implementations. If your PBX is sitting in the cloud or is directly connected to the Internet rather than sitting behind a NAT-based router, then you’re good to go now. If, on the other hand, your PBX is sitting on a private LAN behind a NAT-based router, make certain that your router forwards all UDP 5060 traffic to the private LAN address of your PBX. Otherwise, you may experience disconnect anomalies where the called party hangs up a call before your callers since there will be no call path for TCXC to return the disconnect alert (BYE) when the call is completed. For Incredible PBX servers, this isn’t really a problem because Incredible PBX will disconnect the call automatically after detecting 30 seconds of RTP traffic inactivity anyway. But we wanted to make you aware of the potential issue. The good news is you won’t be billed for the extra connection time since TCXC already has dropped the call with the carrier and turned off the billing meter.
Adding Trunk Information to Incredible PBX
Adding Trunk Information to Incredible PBX
Some may wish to include Trunk information in the CDR listings of Incredible PBX or FreePBX. This makes it much easier to spot problems when calls aren’t routed to the Trunk destinations you expect. It also makes it easy to generate trunk-specific reports within the GUI. In the FreePBX 12 and 13 implementations, the trunk information can be added painlessly by revising the [macro-dialout-trunk] context. However, you cannot make these changes directly in /etc/asterisk/extensions_additional.conf because your modifications will be overwritten the next time your dialplan is reloaded. Instead, the modified context must be added to extensions_override_freepbx.conf. Here’s how:
cd /tmp wget http://incrediblepbx.com/cdr-trunk-info.tar.gz tar zxvf cdr-trunk-info.tar.gz rm -f cdr-trunk-info.tar.gz cat cdr-trunk-info.txt >> /etc/asterisk/extensions_override_freepbx.conf asterisk -rx "dialplan reload"
The modified CDR listing will look something like this:
We also developed a handy utility to make it easy to list out all of your trunks and their status. Here’s how:
cd /root wget http://incrediblepbx.com/list-trunks.tar.gz tar zxvf list-trunks.tar.gz rm -f list-trunks.tar.gz ./list-trunks
The listing will look something like this:
Rate Queries Using the TCXC API
Rate Queries Using the TCXC API
For those that want to query the TCXC rate tables locally, we’ve modified a TCXC sample JSON script slightly so that you can use Chrome (with JSONView) or FireFox (with JSON Lite viewer) to view JSON results. Using one of these browsers with the specified add-on, JSON results will be formatted automatically. The query results identity current providers and rates by entering a dialing prefix. The syntax for the web queries looks like the following where 192.168.0.224 is your server’s IP address and 357 is the dialing prefix rate table desired:
http://192.168.0.224/rates.php?prefix=357
The first 30 matching results will look something like this:
To use this script, you’ll need to insert your account name and API key (found in your TCXC Profile) into rates.php before first use. To install the script in the root folder of Apache, issue the following commands:
cd /var/www/html wget http://incrediblepbx.com/TCXC-rates.tar.gz tar zxvf TCXC-rates.tar.gz rm -f TCXC-rates.tar.gz
Published: Monday, February 12, 2018
NEW YEAR’S TREAT: If you could use one or more free DIDs in the U.S. with unlimited inbound calls and unlimited simultaneous channels, then today’s your lucky day. TelecomsXChange and Bluebird Communications have a few hundred thousand DIDs to give away so you better hurry. You have your choice of DID locations including New York, New Jersey, California, Texas, and Iowa. The DIDs support Voice, Fax, Video, and even Text Messaging (by request). The only requirement at your end is a dedicated IP address for your VoIP server. Once you receive your welcome email with your number, be sure to whitelist the provider’s IP address in your firewall. For Incredible PBX servers, use add-ip to whitelist the UDP SIP port, 5060, using the IP address provided in your welcoming email.
Here’s the link to order your DIDs.
Your DID Trunk Setup in your favorite GUI should look like this:
Trunk Name: IPC
Peer Details:
type=friend
qualify=yes
host={IP address provided in welcome email}
context=from-trunk
Your Inbound Route should specify the 10-digit DID. Enjoy!
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
- We obviously have not verified TCXC’s billed minutes counter. Don’t rely upon it in deciding whether to use the service. As with all VoIP providers, what matters is the quality and cost of the calls. [↩]
- Our special thanks to TelecomsXchange. They have generously offered to contribute a portion of the wholesale surcharge to support the Incredible PBX open source project. [↩]
Beginner’s Navigation Guide to VoIP PBXs and Nerd Vittles
Here at Nerd Vittles, we cover a lot of VoIP territory over the course of a year. To kick off the new year, we thought it might be helpful for those just beginning their VoIP adventure to sketch out the VoIP lay of the land for you. We’re assuming that you came to our site because you wanted a VoIP solution that gives you something to play with and to learn from. That’s not for everybody, and there are less flexible, turnkey VoIP solutions that function pretty much like a toaster. At the top of that short list would be the Ooma Telo and OBi200. Both offer (almost) free calling in the U.S. and Canada.
Keep in mind that all of us started as beginners so there’s no reason to be intimidated if you choose to deploy your own PBX. We’ve gotten a dozen years of enjoyment out of our adventures with VoIP telephony, and there’s no reason you can’t do the same. Let’s begin.
Choosing a Hardware Platform for Your VoIP PBX
First, you’ll need to choose a platform for your VoIP-based PBX: dedicated hardware, virtual machine, or cloud-based PBX. In no small part, this choice depends upon the target audience for your PBX. If it’s for home use or a SOHO business, a $35 Raspberry Pi may suffice. On the other hand, if your PBX will be supporting more than a dozen users or more than a handful of simultaneous calls, we’d look elsewhere. Many of Intel’s Atom-based PCs work very well. And a VirtualBox virtual PBX running atop an iMac or beefy Dell PC can support dozens of users if you have the necessary Internet bandwidth to handle your call volume. Cloud-based servers come in all shapes and sizes as well. As prices have plummeted, cloud solutions have become our favorite. For $3 to $6 a month, you now can host your PBX in the cloud with automatic image backups of your entire server every week. If you’re willing to forfeit backups, here is a cloud solution that will only set you back about a dollar a month. If your server is primarily for business use, we strongly recommend our Platinum Sponsor, RentPBX, that offers dozens of VoIP choices for $14.99 a month with coupon code: NOGOTCHAS.
Choosing the Best PBX to Meet Your Requirements
Once you’ve nailed down your hardware platform, the next step is choosing an operating system and PBX to support your individual requirements. As you might have guessed, there are dozens from which to choose. In both the open source and commercial PBX world, most systems require a specific version of Linux so your operating system choice typically is dependent upon the PBX you choose. In the open source world, the PBX learning curve is often related to the feature set being offered. More sophisticated feature sets typically have a steeper learning curve. If you’re just getting started with VoIP and you want a platform for learning, experimenting, or home use, you can’t beat Incredible PBX 13-13 Whole Enchilada. It was designed by us to be a turnkey PBX for first-time users with rock-solid security and all of the features you will ever need. It includes 31 applications for Asterisk® that cover every imaginable function that can be performed with a telephone including faxing, voice dialing, SMS messaging, wakeup calls and telephone reminders, free calling, conferencing, text-to-speech applications such as News Headlines and Weather Forecasts, Wolfram Alpha for Siri-like queries, plus all the usual PBX features: blacklists, call forwarding, call waiting, call transfer, call parking, call recording, intercom, voicemail including voicemail transcription with email delivery, IVRs, paging, AutoAttendants, DISA, and many more.
If you’re an experienced Asterisk developer that just wants a lean PBX where you can customize it to meet individual customer’s requirements, then Incredible PBX 13-13 Lean should be just the ticket. All of its components are configurable including Asterisk which can be recompiled from the included source code.
At the sophisticated end of the spectrum is Incredible PBX for Wazo which is based upon the Wazo PBX, an Asterisk 15 realtime implementation with full support for High Availability redundancy, multi-party videoconferencing, WebRTC, and automatic nightly backups. It includes API libraries from which you literally can build your own customized PBX from the ground up. The Incredible PBX feature set provides a platform with virtually identical applications to those found in Incredible PBX 13-13.
Sandwiched in between Incredible PBX 13-13 and Incredible PBX for Wazo is Incredible PBX 13 for Issabel. Issabel is an enhanced fork of the previous Elastix 4.0 PBX. The 2018 release includes Asterisk 13, the LTS version of the Asterisk platform. With the new Incredible PBX 13 add-on, you get the best of all worlds with Google Voice support and dozens of applications for Asterisk. Issabel provides a Unified Communications platform that is second to none in the open source world.
Thus far, all of our recommendations have been to open source, GPL-licensed PBX platforms. But you’d be making a mistake to limit your search for business telephony platforms to open source offerings. Our corporate sponsor, 3CX, offers a full year of their commercial PBX running in the Google Cloud at no cost. It’s incredibly simple to install and configure. And the beauty of the 3CX commercial platform is it can scale to any size as your business grows. And the 3CX feature set can be expanded geometrically as your business requirements mature. We added free text-to-speech applications for News and Weather reports just last week. Our favorite open source deployment strategy is to install a 3CX PBX alongside Incredible PBX which yields literally the best of both worlds. The 3CX clients for Windows and Macs, Android, and iOS make VoIP telephony available from anywhere with a couple of button clicks, and 3CX users experience none of the traditional communications problems that invariably crop up on platforms deployed by novice VoIP users running Asterisk.
Getting Started with Extensions, Trunks, and Routes
The Big 3 when it comes to PBX configuration are extensions, trunks, and routes. Extensions carry calls between phones on the PBX and other phones either inside or outside your home or office. Trunks actually provide the links between your PBX and the outside telephony world. Inbound routes tell your PBX where to send incoming calls while Outbound routes tell your PBX which trunk to use when calls are made to numbers outside your PBX. We’ve covered this in more detail including dozens of trunk setups in this Nerd Vittles tutorial.
Making Free U.S./Canada Calls within the United States
There are three ways to make free calls using your PBX. If you’re in the United States, you can use Google Voice to make free calls to the U.S. and Canada if your PBX supports Google Voice trunks, e.g. Incredible PBX 13-13 Whole Enchilada and Incredible PBX for Issabel. An alternative, if your PBX does not directly support Google Voice trunks, e.g. Incredible PBX for Wazo and 3CX, is to use the Simonics SIP to Google Voice Gateway service. For Nerd Vittles users, there is a one-time $4.99 signup fee with no additional charges ever. Whether you live in the U.S or not, all the PBXs we’ve covered today can make free SIP calls to anyone in the world that has a SIP URI address and a SIP phone. Most SIP softphones are free.
Mastering the Incredible PBX Feature Set
Configuring the Travelin’ Man 3 Firewall
All Incredible PBX servers include a firewall that is configured automatically as part of the installation process. On the 3CX platform, you’ll need to add the Travelin’ Man 3 firewall after installing your 3CX PBX. Here’s how:
Configuring a Firewall WhiteList:
WhiteListing Users with Travelin’ Man 3 and IPtables Firewall
Learning to Build Effective IVRs
Interactive Voice Response (IVR) systems and AutoAttendants are the bread-and-butter applications for businesses. If you’ve ever called a business and actually spoken to a live person without encountering an IVR, lucky you! But, believe it or not, IVRs can actually be a useful tool including our Stealth AutoAttendant which lets you intercept incoming calls with a greeting which provides a slight delay to allow the caller (or you) to reroute the call to a specific destination before the default destination kicks in. Nerd Vittles and the Incredible PBX offerings provide all of the tools you’ll need to build any type of IVR imaginable. Mastering Allison Smith’s Top 15 is an excellent starting point.
Harnessing Nerd Vittles Resources
Google is your friend when it comes to finding tutorials of interest in the VoIP world. To narrow searches to just Nerd Vittles, use the following syntax:
stealth autoattendant site:nerdvittles.com
And the Nerd Vittles site itself provides several powerful ways to drill down into topics of interest. In the upper right column of any article, you’ll find a search function which will return a list of matching articles to peruse. At the bottom of every article, check out the all-new Articles of Interest section of Nerd Vittles arranged by topic. Also in the right column of Nerd Vittles, you’ll find a listing of Categories with Nerd Vittles articles conveniently grouped by topic. And, finally, you can quickly jump to the lead article on every major Incredible PBX implementation in the color-coded tabs labeled: GPL VOIP SOLUTIONS FOR ALL.
Happy New Year!
Originally published: Monday, January 1, 2018
Support Issues. With any application as sophisticated as a VoIP PBX, you’re bound to have questions. Blog comments are a terrible place to handle support issues although we welcome general comments about our articles and software. If you have particular support issues, we encourage you to get actively involved in the PBX in a Flash Forums. It’s the best Asterisk tech support site in the business, and it’s all free! Please have a look and post your support questions there. Unlike some forums, ours is extremely friendly and is supported by literally hundreds of Asterisk and 3CX gurus and thousands of users just like you. You won’t have to wait long for an answer to your question.
NEW YEAR’S TREAT: If you could use one or more free DIDs in the U.S. with unlimited inbound calls and unlimited simultaneous channels, then today’s your lucky day. TelecomsXChange and Bluebird Communications have a few hundred thousand DIDs to give away so you better hurry. You have your choice of DID locations including New York, New Jersey, California, Texas, and Iowa. The DIDs support Voice, Fax, Video, and even Text Messaging (by request). The only requirement at your end is a dedicated IP address for your VoIP server. Once you receive your welcome email with your number, be sure to whitelist the provider’s IP address in your firewall. For Incredible PBX servers, use add-ip to whitelist the UDP SIP port, 5060, using the IP address provided in your welcoming email.
Here’s the link to order your DIDs.
Your DID Trunk Setup in your favorite GUI should look like this:
Trunk Name: IPC
Peer Details:
type=friend
qualify=yes
host={IP address provided in welcome email}
context=from-trunk
Your Inbound Route should specify the 11-digit DID beginning with a 1. Enjoy!
Need help with Asterisk or 3CX? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
The New Hybrid PBX: Why Settle for a One Trick Pony?
Let’s face it. It’s hard not to like the application development flexibility that Asterisk® offers, especially if you’re part of an organization that has very specific telephony needs. But the price you pay for "free" and putting all of your eggs in the Asterisk basket is painful. Here are a few of the hurdles that come to mind: security, NAT, one-way audio, remote users, CRM support, conferencing, painful upgrades to address frequent bug fixes, and, more generally, telephone management and support. We love Asterisk, but…
Most folks don’t buy all of their cars or groceries or computer software from a single company. So why do it with your phone system when you can take advantage of the best of all worlds, open source and commercial? To us, that’s the compelling case for integrating a 3CX commercial PBX into your Asterisk infrastructure. It’s a new iteration of what we used to call a hybrid PBX. And you can do it without cost for a full year to kick the 3CX tires and provide your mobile users with transparent phone service regardless of where they are roaming. Using the special Nerd Vittles signup link, you get a custom version of 3CX that supports 4 simultaneous calls, 10-user web meetings, unlimited trunks, and 10 or more extensions. After the first year, you can either spring for less than $100 a year to maintain the 3CX free PBX platform and mobile clients with pain-free updates, or you can upgrade to a more robust 3CX Pro commercial offering with a much expanded feature set including call center technology and seamless CRM integration with MS Exchange, Salesforce, Microsoft Dynamics, Microsoft Outlook, Office 365, Google Contacts, Exact Online, Freshdesk, Datev, Zendesk, Nutshell, vtiger, EBP, Insightly, amoCRM, Bitrix24 and Act. What’s not to like?
If you’re a frequent Nerd Vittles visitor, you already know that the 3CX clients for iOS, Android, Windows, and Macs are one of our favorite telephony apps of all time. The ease with which the 3CX client can be configured with a single click on an email attachment is revolutionary. And, once configured, the fact that you never again experience a NAT problem with a SIP call is nothing short of miraculous. As we’ve previously mentioned, the 3CX Client provides a nearly perfect mobile client for those that rely upon Asterisk. Now 3CX is poised to release an even easier configuration procedure for their mobile clients in update 2 for version 15.5. Simply log into your 3CX web client on a PC or Mac and choose the Settings:QR Code option from the menu bar. 3CX will present a QR code to activate the 3CX Client for your smartphone. Scan it using the 3CX Client app on your smartphone and, presto, your phone is instantly provisioned. It doesn’t get any easier than this…
Let’s spend a little time reviewing our favorite Hybrid PBX setup. In this scenario which is perfect for small businesses with a mobile workforce, the setup looks like this. An Asterisk server is deployed to manage company trunks including Google Voice, voicemail, IVRs, custom apps, and extensions for every employee. Then we add a 3CX free PBX, interconnect it with the Asterisk PBX, and assign a 3CX extension for every employee. The 3CX extensions will all tie back to the employee extensions on the Asterisk PBX. It obviously simplifies things if you keep your number schemes consistent. For example, extension 7000 on the Asterisk PBX could be matched to extension 000 on the 3CX PBX. Then we set up outbound trunks on both the Asterisk PBX and 3CX to dial a 9 prefix to reach extensions on the other PBX. So dialing 9000 on the Asterisk PBX would connect the caller to extension 000 on the 3CX PBX. On the 3CX side, dialing 9000 would connect the caller to extension 7000 on the Asterisk PBX in our example. And, of course, 3CX Clients can reach any number worldwide using Asterisk outbound trunks by dialing a 9 prefix and then the long distance number. Our previous tutorials will walk you through setting this up with Incredible PBX® 13, Issabel™, any FreePBX®-based PBX, or even Wazo. Once you complete the 5-minute setup, mobile users can take advantage of all the powerful features on any 3CX Client platform while still receiving their incoming calls from the Asterisk-based office PBX by simply forwarding their extension to their matching 9XXX destination on the 3CX platform. This will ring their 3CX Client anywhere in the world with nothing but a Wi-Fi connection! And it’s a free call.
Published: Monday, October 16, 2017
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
The Ultimate Voice Dialer for Asterisk and Incredible PBX
Let’s face it. Voice recognition with Google has been hit and miss, and that’s on a good day. So we’re delighted to shift gears and introduce a new platform powered by IBM Watson’s Speech-to-Text (STT) engine. While it’s not free, that’s really theoretical for most of our readers. Your first month on the platform is entirely free. And, after that, you get 1,000 minutes a month of free voice recognition services. If you still want more, it’s 2¢ a minute.
We first introduced IBM’s STT platform back in March when we documented how to use the service to transcribe voicemails and deliver them via email. Today, we’re introducing the Incredible Voice Dialer for Asterisk. It runs on all of the major Incredible PBX platforms: CentOS, Wazo, and Issabel. It’s married to our AsteriDex phonebook application that is deployed with Incredible PBX using MySQL, MariaDB, or SQLite3 depending upon platform.
The way it works is a user picks up an extension on your PBX and dials 411. The caller will be prompted for the name of the person or company to call. Once the caller says the name, the Incredible Voice Dialer will send the recording to IBM’s Watson STT engine for transcription. The result is then passed to AsteriDex where the text will be matched against the phone number saved for that person or company. The number is then passed to your default outbound trunk to place the call. All of the magic happens in less than two seconds, and the call begins ringing at your destination. You can try it out for yourself on our demo server this week. Just dial: 
, choose option 1 when the IVR answers, and then say "Delta Airlines" or "American Airlines" when prompted for a name. The queries support wildcard matching. If you say "Delta", you’ll still be connected to Delta Airlines.
What About the Quality? Here’s the bottom line. Speech recognition isn’t all that useful if it fails miserably in recognizing everyday speech. The good news is that IBM Watson’s speech recognition engine is now the best in the business. If you want more details, read the article below which will walk you through IBM’s latest speech recognition breakthrough:
Why IBM's speech recognition breakthrough matters for AI and IoT. Via @techrepublic https://t.co/AJi8MA3E20
— IBM Developer (@IBMDeveloper) March 15, 2017
Creating an IBM Bluemix Speech to Text Account
NOV. 1 UPDATE: IBM has moved the goal posts effective December 1, 2018:
1. Create Bluemix account here.
2. Confirm your registration by replying to email from IBM.
3. Login to Bluemix using your new credentials.
4. Agree to terms and conditions, name your organization, and name your space (STT).
5. Choose Watson Speech to Text service and click Create.
6. When Speech to Text-kb opens, click Service Credentials tab (on the left).
7. In Actions column, click View Credentials. Write down your username and password.
8. Logout by clicking on image icon in upper right corner of dialog window.
Install Voice Dialer with Incredible PBX for Wazo
1. Login to your server as root using SSH/Putty and issue the following commands:
cd / wget http://incrediblepbx.com/ibmstt-411-wazo.tar.gz tar zxvf ibmstt-411-wazo.tar.gz rm -f ibmstt-411-wazo.tar.gz sed -i '\\:// BEGIN Call by Name:,\\:// END Call by Name:d' /etc/asterisk/extensions_extra.d/xivo-extrafeatures.conf sed -i '/\\[xivo-extrafeatures\\]/r /tmp/411.txt' /etc/asterisk/extensions_extra.d/xivo-extrafeatures.conf asterisk -rx "dialplan reload"
2. Edit /var/lib/asterisk/agi-bin/getnumber.sh and insert your IBM credentials from step #7 above into these variables:
API_USERNAME="XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX" API_PASSWORD="XXXXXXXXXXXX"
3. Save the file.
Install Voice Dialer on Other Incredible PBX Platforms
1. Login to your server as root using SSH/Putty and issue the following commands:
cd / wget http://incrediblepbx.com/ibmstt-411.tar.gz tar zxvf ibmstt-411.tar.gz rm -f ibmstt-411.tar.gz sed -i '\\:// BEGIN Call by Name:,\\:// END Call by Name:d' /etc/asterisk/extensions_custom.conf sed -i '/\\[from-internal-custom\\]/r /tmp/411.txt' /etc/asterisk/extensions_custom.conf asterisk -rx "dialplan reload"
2. Edit /var/lib/asterisk/agi-bin/getnumber.sh and insert your IBM credentials from step #7 above into these variables:
API_USERNAME="XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX" API_PASSWORD="XXXXXXXXXXXX"
3. Save the file.
Take Incredible Voice Dialer for a Test Drive
1. From an extension connected to your PBX, dial 411. When prompted for the name to call, say "Delta Airlines" or "American Airlines."
2. Quicker than you could actually dial the number, you’ll be connected.
Building Voice-Enabled Applications with Asterisk
All of our code is open source, GPL2 code so you’re more than welcome to use it, learn from it, and then build your own voice-enabled applications. Just abide by the terms of the license and share. When you review /var/lib/asterisk/agi-bin/getnumber.sh, you’ll see that it’s incredibly easy to change the backend database. Here’s the Wazo flavor of the script:
API_USERNAME="XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX" API_PASSWORD="XXXXXXXXXXXX" thisfile="$1" # sending the recording to IBM Watson for transcription curl -k -u $API_USERNAME:$API_PASSWORD -X POST --limit-rate 40000 --header "Content-Type: audio/wav" --data-binary @/tmp/$thisfile.wav "https://stream.watsonplatform.net/speech-to-text/api/v1/recognize?continuous=true&model=en-US_NarrowbandModel" 1>/tmp/$thisfile.txt # grabbing the text out of the IBM Watson response msg=`cat /tmp/$thisfile.txt | grep transcript | cut -f 2 -d ":" | cut -f 2 -d '"' | sed 's| *$||' | sed -e "s/\b\(.\)/\u\1/g"`% # passing text to MySQL (1st line) or SQLite3 (2nd line) for name lookup. answer is num2call. #num2call=$(mysql -uroot -ppassw0rd asteridex -ss -N -e "SELECT user1.out FROM user1 where name LIKE '$msg'"); num2call=`/usr/bin/sqlite3 /var/lib/asterisk/agi-bin/asteridex.sqlite "select out from user1 where name LIKE '$msg'"` # clearing out our temporary files rm -f /tmp/$thisfile.* # passing the results to the Asterisk dialplan echo "SET VARIABLE PTY2CALL "\""$msg"\""" echo "SET VARIABLE NUM2CALL "\""$num2call"\""" # we're done with the AGI bash script so let's exit gracefully exit 0
The Asterisk dialplan code could be modified for any number of applications. Here’s what it looks like on the Incredible PBX 13 platform. It’s slightly different with Wazo to accomodate their dialplan syntax.
;# // BEGIN Call by Name
exten => 411,1,Answer
exten => 411,n,Playback(custom/411)
exten => 411,n,Set(RANDFILE=${RAND(8000,8599)})
exten => 411,n,Record(/tmp/${RANDFILE}.wav,3,10)
exten => 411,n,Playback(/tmp/${RANDFILE})
exten => 411,n,AGI(getnumber.sh,${RANDFILE})
exten => 411,n,NoOp(Party to call : ${PTY2CALL})
exten => 411,n,NoOp(Number to call: ${NUM2CALL})
exten => 411,n,Goto(outbound-allroutes,${NUM2CALL},1)
exten => 411,n,Hangup()
;# // END Call by Name
There’s nothing magical about it. (1) It answers the call to 411. (2) It plays back a recording that prompts the user to say the name of the person or company to call. (3) It generates a random number to use for the filenames associated with the STT process. (4) It records the caller’s speech and saves it to the random filename as a .wav file which IBM STT can understand. (5) It passes the call to the AGI bash script to send the recording to IBM Watson and obtain the transcription and to pass the text to MySQL or SQLite3 to lookup the text in the AsteriDex database. (6) We display the called party’s name on the Asterisk CLI. (7) We display the called party’s phone number on the Asterisk CLI. (8) We place the call using the PBX’s default outbound route. (9) We hangup the call when it’s completed.
Published: Monday, October 9, 2017
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
RTPbleed Security Alert: Asterisk Calls Can Be Intercepted
If you’ve installed Asterisk® during the past 4½ years, your server has a MAJOR security problem. If you didn’t already know, with Asterisk, your VoIP conversations actually are carried over a random UDP port using the Real Time Protocol (RTP), not the SIP port (UDP 5060) which handles the setup and teardown of your VoIP connections. It turns out that, since March 2013, all of that RTP traffic and thus your conversations could be intercepted and redirected by anyone on the Internet. As this recent article in The Register noted:
The problem occurs when [communications] systems like IP telephony have to get past network address translation (NAT) firewalls. The traffic has to find its way from the firewall’s public IP address to the internal address of the device or server, and to do that, RTP learns the IP and port addresses to associate with a call.
The problem is, the process doesn’t use any kind of authentication.
This is exacerbated by the fact that, by default, Asterisk and FreePBX® traditionally use the NAT=yes setting (whether needed or not) to enable this navigational magic just in case your calls need it. Without it, you may end up with no audio or one-way audio on your calls. Traditional wisdom was that an attacker needed to be positioned between the caller and the Asterisk server in order to intercept this media stream. As luck would have it, it turns out the man in the middle didn’t need to be in the middle after all. He could be anywhere on the Internet. The old adage to talk on the phone as if someone else were listening turns out to have been pretty good advice in the case of Asterisk communications. Even if you had a firewall, chances are you protected UDP port 5060 while exposing and forwarding UDP 10000-20000 to Asterisk without any safeguards.
According to last week’s Asterisk advisory, “To exploit this issue, an attacker needs to send RTP packets to the Asterisk server on one of the ports allocated to receive RTP. When the target is vulnerable, the RTP proxy responds back to the attacker with RTP packets relayed from the other party. The payload of the RTP packets can then be decoded into audio.” Specifically, if UDP ports 10000-20000 are publicly exposed to the Internet, anybody and everybody can intercept your communications without credentials of any kind. WOW!
So, there’s a patch to fix this, right? Well, not exactly:
Note that as for the time of writing, the official Asterisk fix is vulnerable to a race condition. An attacker may continuously spray an Asterisk server with RTP packets. This allows the attacker to send RTP within those first few packets and still exploit this vulnerability.
The other recommended "solutions" aren’t much better:
- When possible the nat=yes option should be avoided
- To protect against RTP injection, encrypt media streams with SRTP
- Add config option for SIP peers to prioritize RTP packets
The nat=no option doesn’t work if you or your provider employs NAT-based routers. The SRTP option only works on more recent releases of Asterisk, and it also requires SRTP support on every SIP phone. Prioritizing RTP packets is not a task for mere mortals.
Surprisingly, the one solution that is not even mentioned is hardening your firewall to block incoming UDP 10000-20000 traffic that originates outside your server. Our recognized SIP expert on the PIAF Forum had the simple solution. Bill Simon observed:
If the SDP in the INVITE or subsequent re-INVITE contains routable IP addresses, then use them for media. If the SDP contains non-routable IP addresses, then the client is behind a NAT and not using any NAT traversal techniques like SIP ALG, ICE/STUN, so send to the originating IP. Why are we making allowances here for media to come from anywhere? I think you can probably clamp down your firewall as much as you want, because symmetric RTP should allow media to get through by way of establishing an outbound stream (inbound stream comes back on the same path).
Our testing confirms that simply blocking incoming RTP traffic on your firewall solves the problem without any Asterisk patch. In short, RTP traffic cannot originate from anonymous sources on the Internet.
For those using Incredible PBX® or Travelin’ Man 3 or an IPtables firewall, the fix is easy. Simply remove or comment out the INPUT rule that looks like this and restart IPtables:
-A INPUT -p udp -m udp --dport 10000:20000 -j ACCEPT
On RedHat/CentOS servers, the rule is in /etc/sysconfig/iptables. On Debian/Ubuntu and Raspbian servers, you’ll find the rule in /etc/iptables/rules.v4. On Incredible PBX for Issabel servers, you’ll find the rule in /usr/local/sbin/iptables-custom. On all Incredible PBX platforms, remember to restart IPtables using only this command: iptables-restart.
Published: Friday, September 8, 2017
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
A VPN for All Seasons: Introducing NeoRouter v2
Today, we want to revisit our favorite client-server VPN, NeoRouter. It’s included with all versions of Incredible PBX® and eases the pain of setting up air-tight firewalls as well as High Availability (HA) redundant servers with VoIP. NeoRouter relies upon a central server and uses a star topology to connect remote nodes. The major difference between NeoRouter and PPTP VPNs is that only registered devices participate in the virtual private network so there is no direct access to other machines on the LANs of the registered devices. If you have servers or users scattered all over the countryside, NeoRouter is an excellent (and free) way to manage and interconnect them. All data and communications between the nodes can then be routed through the encrypted VPN tunnel for rock-solid security.
With NeoRouter’s latest 2.3 (free) software, you can set up your VPN server using a PC, a Mac, a Linux or FreeBSD machine, OpenWrt Backfire, Tomato, or even a Raspberry Pi. With all versions of Incredible PBX, the NeoRouter Free Client is automatically installed. To bring up NeoRouter, all you need to do is install the NeoRouter Free Server on one of your machines and then login to the server from each NeoRouter Client using your server credentials. VPN clients also are available for PCs, Macs, Linux and FreeBSD machines, Raspberry Pi, OpenWrt, Tomato as well as Android and iOS phones and tablets. There’s even an HTML5 web application in addition to a Chrome browser plug-in. With the OpenWrt and Tomato devices or if you’re an extreme techie, you can broaden your NeoRouter star configuration and bridge remote LANs. See pp. 58-63 of the NeoRouter User’s Manual.
You can interconnect up to 256 devices to the NeoRouter Free Server at no cost. For $999, you can enlarge your VPN to support 1,000 devices. Screen sharing, remote desktop connections, HTTP, and SSH access all work transparently using private IP addresses of the VPN nodes which are automatically assigned in the 10.0.0.0 private network.
Today we are introducing the second generation of the NeoRouter VPN solution. It’s suitable for use on a dedicated server or running as a virtual machine. Whether to run NeoRouter Free server on a dedicated machine is your call. We never do. And NeoRouter never requires exposure of your entire server to the Internet. Only a single TCP port needs to be opened in your hardware-based firewall or IPtables Linux firewall. The only real requirement is a dedicated IP address for your server so that the client nodes can always find the mothership. We typically run the NeoRouter server component on our failover VoIP server with Wazo HA. We’ll finish up today by showing you how to back up the critical components of NeoRouter Server so that, if your server platform ever should fail, it only takes a few minutes to get back in business on a new server platform. Let’s get started.
Creating Your NeoRouter Server Platform
We’re assuming you already have an Incredible PBX server of some flavor running on a dedicated IP address with the IPtables firewall. If not, start there.
First, on your IPtables firewall, make certain that TCP port 32976 has been whitelisted for public access. On Incredible PBX platforms, this is automatic. You can double-check by running iptables -nL and searching for an entry that looks like this:
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:32976
Second, we need to download and install the NeoRouter Free Server for your platform. Be sure you choose the version that matches your operating system, CPU architecture, and type. Debian and Ubuntu servers use the same code. We do not recommend Raspberry Pi as a suitable platform for your NeoRouter server!
For RedHat/CentOS 64-bit platforms, here’s the download link. While logged into your server as root, issue the following command using the downloaded 64-bit RPM:
rpm -Uvh nrserver-2.3.1.4360-free-centos-x86_64.rpm
For Ubuntu/Debian 64-bit platforms, use this link. While logged into your server as root, issue the following command using the downloaded 64-bit .deb image:
dpkg -i nrserver-2.3.1.4360-free-ubuntu-amd64.deb
Third, each administrator (admin) and user is going to need a username to access your NeoRouter VPN. You can use the same credentials to log in from multiple client machines, something you may or may not want to do. Here are the commands to create admin and user accounts. Don’t use any special characters in the username and password!
nrserver -adduser username password admin
nrserver -adduser username password user
You’re done. Now let’s register your NeoRouter server with the mothership.
After your NeoRouter Free Server is installed, you can optionally go to the NeoRouter web site and register your new VPN by clicking Create Standalone Domain. Make up a name you can easily remember with no periods or spaces. You’ll be prompted for the IP address of your server in the second screen. FQDNs are NOT permitted.
When a VPN client attempts to login to your server, the server address is always checked against this NeoRouter database first before any attempt is made to resolve an IP address or FQDN using DNS. If no matching entry is found, it will register directly to your server using a DNS lookup of the FQDN. Whether to register your VPN is totally up to you. Logins obviously occur quicker using this registered VPN name, but logins won’t happen at all if your server’s dynamic IP address changes and you’ve hard-coded a different IP address into your registration at neorouter.com.
Configuring and Connecting Your NeoRouter Client
As mentioned previously, there are NeoRouter clients available for almost every platform imaginable, including iPhones, iPads, and our beloved Raspberry Pi. NeoRouter Client software is included in all Incredible PBX builds. If you’re using some other platform, Step #1 is to download whatever client is appropriate to meet your requirements. Here’s the NeoRouter Download Link. Make sure you choose a client for the Free version of NeoRouter. Obviously, the computing platform needs to match your client device. The clients can be installed in the traditional way with Windows machines, Macs, etc. Once enabled, you can use your NeoRouter Client to create a VPN tunnel to connect to any other resource in your virtual private network using SSH, VoIP clients, and web browsers.
To activate the NeoRouter client while logged in as root, type: nrclientcmd. You’ll be prompted for your Domain, Username, and Password. You can use the registered domain name from neorouter.com if you completed that step above. Otherwise, be sure to use the FQDN assigned to your NeoRouter Server. Once you’re logged in, you will be presented with the names and private IP addresses of all of your connected nodes.
To exit from NeoRouter Explorer, type: quit. The NeoRouter client will continue to run so you can use the displayed private IP addresses to connect to any other online devices in your NeoRouter VPN. All traffic from connections to devices in the 10.0.0.0 network will flow through NeoRouter’s encrypted VPN tunnel. This includes inter-office SIP and IAX communications between Asterisk® endpoints. These private IP addresses can also be used to create a High Availability (HA) platform with Wazo even if the servers are not colocated.
Admininistrative Tools to Manage NeoRouter
Here are a few helpful commands for monitoring and managing your NeoRouter VPN.
Browser access to NeoRouter Configuration Explorer (requires user with Admin privileges)
Browser access to NeoRouter Remote Access Client (user with Admin or User privileges)
Manage your account on line at this link
To access your NeoRouter Linux client: nrclientcmd
To restart NeoRouter Linux client: /etc/rc.d/init.d/nrservice.sh restart
To restart NeoRouter Linux server: /etc/rc.d/init.d/nrserver.sh restart
To set domain: nrserver -setdomain YOUR-VPN-NAME domainpassword
For a list of client devices: nrserver -showcomputers
For a list of existing user accounts: nrserver -showusers
For the settings of your NeoRouter VPN: nrserver -showsettings
To add a user account: nrserver -adduser username password user
To add admin account: nrserver -adduser username password admin
Test VPN access: http://www.neorouter.com/checkport.php
For a complete list of commands: nrserver –help
To change client name from default pbx.local: rename-server OR…
- Edit /etc/hosts
- Edit /etc/sysconfig/network
- Edit /etc/sysconfig/network-scripts/ifcfg-eth0
- Edit /etc/asterisk/vm_general.inc
- reboot
For the latest NeoRouter happenings, visit the NeoRouter blog and forum.
Backing Up NeoRouter Server for That Rainy Day
Yes, servers fail sooner or later. So it’s best to plan ahead and avoid having to recreate your NeoRouter VPN from scratch. Backing up your server is easy. Log into your server as root and issue the following command:
tar cvzf nr-server-db.tar.gz /usr/local/ZebraNetworkSystems/NeoRouter/NeoRouter_0_0_1.db /usr/local/ZebraNetworkSystems/NeoRouter/Feature.ini
Copy nr-server-db.tar.gz and your NeoRouter Server installer to a safe place!
When that sad day arrives, be sure that your original NeoRouter Server is off line. Then reinstall NeoRouter Server on a new server platform using your original NeoRouter Server installer. If necessary, change the DNS entry for your original NeoRouter server to the new IP address. Then shut down new NeoRouter Server, load your backup, and restart server:
/etc/rc.d/init.d/nrserver.sh stop cd / tar zxvf nr-server-db.tar.gz /etc/rc.d/init.d/nrserver.sh start
Published: Monday, August 21, 2017
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
Meet the New Incredible Fax: A $10 Fax Machine for Asterisk
Every year, technology gets better and cheaper. And, believe it or not, that even includes faxing especially with Asterisk® and Incredible PBX™. Today we take another giant leap forward by introducing fax technology with the $10 Raspberry Pi Zero W. Adding a free Google Voice trunk provides not only free calling in the U.S. and Canada, but now you also get free faxing as well. And the latest release of Incredible PBX lets your RasPi determine whether incoming calls are humans or faxes, and it’ll route them accordingly. To send faxes, you can use the bundled AvantFax GUI client which lets you send PDF documents as faxes with a couple button clicks.
Overview. Once you’ve downloaded the Incredible PBX for RasPi image and made yourself a microSD card for your RasPi, the setup goes like this. First, we’ll configure a WiFi connection to support your server. Then we’ll install a Google Voice trunk. Next, we’ll use the included Incredible Fax installer to put the HylaFax and AvantFax components in place and to set up an email address for delivery of incoming faxes in PDF format. And finally we’ll use the GUI to configure your Google Voice trunk to manage incoming calls from both fax machines and individuals that actually want to talk to you. Faxes will be delivered to your email address, and traditional calls will be routed to a SIP phone or smartphone of your choice. In under 30 minutes, you’ll have a plug-and-play computer that’s about the size of a couple sticks of chewing gum.
Raspberry Pi Zero W Shopping List
Before you can install Incredible PBX, you’ll need a compatible Raspberry Pi Zero W platform. Unless you already have some of the components, the easiest way to begin is to purchase a bundle that includes all the components you’ll need. Here’s your best bet. It’s $35 and includes everything except a USB keyboard and an HDMI monitor and cable. Click on the image for ordering info:
Incredible PBX Installation Tutorial
Here’s everything you need to know about installation and setup. Just follow the links.
- Download and unzip Incredible PBX image from SourceForge (with GV OAuth support!)
- Transfer Incredible PBX image to microSD card
- Boot Raspberry Pi Zero W from new microSD card
- Login to RasPi console as pi:raspberry to initialize your server and configure WiFi
- Reboot after writing down your server IP address
- Login via SSH as root:password to secure your passwords & configure firewall
- Download latest Incredible Fax installer: http://nerd.bz/2nSeHKs
- Install Incredible Fax: /root/incrediblefax13_raspi3.sh (Credentials: admin:password)
Once everything is set up and working, you can remove the keyboard and monitor and put the Raspberry Pi Zero W on a shelf and run it with nothing more than a power adapter. Each time you reboot Incredible PBX, you’ll get an email with the IP address of your server. The recommended setup is to reserve the IP address assigned by your DHCP server in your router’s configuration. Then you have the equivalent of a static IP address while preserving the flexibility to move your RasPi to another network if the need ever presents itself.
Incredible PBX Initialization Steps
With a USB keyboard and HDMI monitor attached to your RasPi, power up the device. Login as pi with the password: raspberry. Incredible PBX first will whir through a few initialization steps. As part of the Raspbian OS, the Raspberry Pi Foundation includes a handy utility called raspi-config. This gets run automatically as part of the initial setup procedure in Step #4. At a minimum, you should configure the following options:
- Expand Filesystem (to use your entire microSD card)
- Wait for Network at Boot (choose Slow to Enable)
- International Options (configure all four options)
- Advanced Options – HostName (name your server)
- Finish (Save your settings but Delay reboot)
Incredible PBX WiFi Setup
The Raspberry Pi Zero W has WiFi-only networking. To get Internet connectivity, you’ll need to configure your server in Step #4 so that it can find your WiFi Access Point. Edit /etc/wpa_supplicant/wpa_supplicant.conf and insert the SSID and password (psk) for your WiFi network. Then save the file. Finally, stop and restart the wlan0 interface on your RasPi device, count to 15, and check the status of your server to decipher the new IP address for your WiFi connection. If no WiFi address, rinse and repeat.
ifdown wlan0 ifup wlan0 pbxstatus
Incredible PBX Phase 2 Configuration
Once you have your network IP address in hand, reboot your RasPi: reboot. Then use SSH or Putty to login to your RasPi from your desktop computer. The credentials are root:password. Complete the setup process by answering the prompts and be sure to set up a very secure root password and GUI admin password for your server.
Configuring a Gmail SmartHost for SendMail
Because of spammers, most Internet service providers now block mail from downstream mail servers. Your RasPi qualifies. There’s an easy way to determine if email service from your server is blocked. Just run the following command substituting your email address. Be sure to check your inbox and spam folder to determine whether you received the email.
echo "This is a test message." | mail -s testmessage yourname@youremaildomain.com
If you flunked the test, here’s what to do next. Modify SendMail to use an existing Gmail account as a SmartHost for email delivery. This means Gmail will actually send the messages rather than your server. Log into your RasPi as root and issue these commands:
cd /etc/mail hostname -f > genericsdomain touch genericstable makemap -r hash genericstable.db < genericstable mv sendmail.mc sendmail.mc.original wget http://incrediblepbx.com/sendmail.mc.gmail cp sendmail.mc.gmail sendmail.mc mkdir -p auth chmod 700 auth cd auth echo AuthInfo:smtp.gmail.com \\"U:smmsp\\" \\"I:user_id\\" \\"P:password\\" \\"M:PLAIN\\" > client-info echo AuthInfo:smtp.gmail.com:587 \\"U:smmsp\\" \\"I:user_id\\" \\"P:password\\" \\"M:PLAIN\\" >> client-info echo AuthInfo:smtp.gmail.com:465 \\"U:smmsp\\" \\"I:user_id\\" \\"P:password\\" \\"M:PLAIN\\" >> client-info nano -w client-info
When the nano editor opens the client-info file, change the 3 user_id entries to your Gmail account name without @gmail.com and change the 3 password entries to your actual Gmail password. Save the file: Ctrl-X, Y, then ENTER.
Now issue the following commands. In the last step, press ENTER to accept all of the default prompts:
chmod 600 client-info makemap -r hash client-info.db < client-info cd .. make sed -i 's|sendmail-cf|sendmail\/cf' /etc/mail/sendmail.mc sed -i 's|sendmail-cf|sendmail\/cf|' /etc/mail/sendmail.mc sed -i 's|sendmail-cf|sendmail\/cf|' /etc/mail/Makefile sed -i 's|sendmail-cf|sendmail\/cf|' /etc/mail/sendmail.cf sed -i 's|sendmail-cf|sendmail\/cf|' /etc/mail/databases sed -i 's|sendmail-cf|sendmail\/cf|' /etc/mail/sendmail.mc.gmail sed -i 's|sendmail-cf|sendmail\/cf|' /etc/mail/sendmail.cf.errors sendmailconfig
Finally, stop and restart SendMail and then send yourself a test message. Be sure to check your spam folder!
/etc/init.d/sendmail stop /etc/init.d/sendmail start apt-get install mailutils -y echo "test" | mail -s testmessage yourname@yourdomain.com
Check mail success with: tail /var/log/mail.log. If you have trouble getting a successful Gmail registration (especially if you have previously used this Google account from a different IP address), try this Google Voice Reset Procedure. It usually fixes connectivity problems. If it still doesn’t work, enable Less Secure Apps using this Google tool.
The last step is to add the following command to /etc/rc.local to send you an email with your IP address and SSID whenever the RasPi is rebooted. Insert the following commands just above the exit 0 line at the end of the file. Use an email address to which you have access on the road!
echo "IP address for your Raspberry Pi: $(hostname -I) plus wireless network, if any: `iwconfig`" | mail -s "Raspberry Pi IP Address" yourname@yourdomain.com
Installing a Google Voice Trunk for Free Calling
If you want to use Google Voice, you'll need a dedicated Google Voice account to support Incredible PBX. The more obscure the username (with some embedded numbers), the better off you will be. This will keep folks from bombarding you with unsolicited Gtalk chat messages, and who knows what nefarious scheme will be discovered using Google messaging six months from now. So keep this account a secret!
IMPORTANT: Do NOT under any circumstances take Google’s bait to switch from Google Chat to Hangouts, or you may forever lose the ability to use Google Chat with Incredible PBX. Also be sure to enable the Google Chat option as one of your phone destinations in Settings, Voice Setting, Phones. That's the destination we need for The Incredible PBX to work its magic! Otherwise, all inbound and outbound calls will fail. Good News! You're in luck. Google has apparently had a change of heart on discontinuing Google Chat support so it's enabled by default in all new Google Voice accounts. Once you've created a Gmail and Google Voice account, go to Google Voice Settings and click on the Calls tab. Make sure your settings match these:
- Call Screening - OFF
- Call Presentation - OFF
- Caller ID (In) - Display Caller's Number
- Caller ID (Out) - Don't Change Anything
- Do Not Disturb - OFF
- Call Options (Enable Recording) - OFF
- Global Spam Filtering - ON
Click Save Changes once you've adjusted your settings. Under the Voicemail tab, plug in your email address so you get notified of new voicemails. Down the road, receipt of a Google Voice voicemail will be a big hint that something has come unglued on your PBX.
UPDATE: Google has improved things... again. You may not see the options documented above at all. Instead, you may be presented with the new Google Voice interface which does not include the Google Chat option. But fear not. At least for now there's still a way to get there. After you have set up your new phone number, click on (1) Settings -> Phone Numbers and then click (2) Transfer (as shown below). That returned the old UI. Make sure the Google Chat option is selected and disable forwarding calls to default phone number.
One final word of caution is in order regardless of your choice of providers: Do NOT use special characters in any provider passwords, or nothing will work!
Now you're ready to configure your Google Voice account in Incredible PBX. First, you'll need to obtain an OAuth 2 token for your Google Voice account. For a complete Google Voice OAuth tutorial, follow steps 8-10 in this Nerd Vittles tutorial. Once you have your credentials, you can do the rest of the Google Voice setup from within the Incredible PBX GUI. Choose Connectivity -> Google Voice. Once you've entered your credentials, you MUST restart Asterisk from the command line, or Google Voice calls will fail: amportal restart
If you have trouble getting Google Voice to work (especially if you have previously used your Google Voice account from a different IP address), try this Google Voice Reset Procedure. It usually fixes connectivity problems. If it still doesn’t work, enable Less Secure Apps using this Google tool.
Another option is to use an inexpensive SIP Gateway to Google Voice. The Simonics trunk in the Incredible PBX GUI is preconfigured for this purpose. All you'll need is your Google Voice credentials. Get started with this tutorial.
Installing Incredible Fax with HylaFax & AvantFax
Once you complete the initial configuration and get your mail server and Google Voice trunk squared away, it's time to run the Incredible Fax installer: ./incrediblefax13_raspi3.sh. You'll be prompted for an email address to which to deliver incoming faxes. After that, everything is pretty much automatic. A few prompts will appear during the installation process. Just press the ENTER key each time and ignore any errors you might see scrolling across your screen. They're harmless. When the HylaFax and AvantFax installs finish, reboot your server. Faxing won't work until you do!
Next, you need to change the default password for AvantFax which is a web-based interface to send faxes and read incoming faxes. From a browser, log into the IP address of your server. When the Incredible PBX menu appears, click the Users tab to display the Administrator menu. Then click on the AvantFax icon to load AvantFax. When prompted for credentials, enter admin:password for your username and password. You'll be prompted to change your password. Make it secure!
Finally, we need to configure your PBX to properly answer calls from fax machines as well as humans. Return to the Incredible PBX Admin menu and click the Incredible GUI icon. Then click the Server Administration icon. When prompted for your username and password, enter admin and the password you configured when you set up your server above. When the System Status screen displays, choose Connectivity -> Inbound Routes -> Default. Make the bottom section of the template look like this substituting your desired Destination for voice calls if you don't want them sent to the Incredible PBX IVR. Click Submit to save your changes and then reload your dialplan when prompted.
The best way to test things out is to send yourself a test fax. FaxZERO lets you send 5 free faxes of up to 3 pages every day. Give it a whirl. When you're ready to send a fax from Incredible PBX, log back into AvantFax, click on the Send Fax icon, and follow your nose.
Mastering the Incredible PBX Feature Set
Now would be a good time to explore the Incredible PBX applications. Continue reading there. If you have questions, join the PBX in a Flash Forums and take advantage of our awesome collection of gurus. There's an expert available on virtually any topic, and the price is right. As with Incredible PBX, it's absolutely free. Enjoy!
Originally published: Monday, March 27, 2017 Updated: Friday, May 12, 2017
Support Issues. With any application as sophisticated as this one, you're bound to have questions. Blog comments are a difficult place to address support issues although we welcome general comments about our articles and software. If you have particular support issues, we encourage you to get actively involved in the PBX in a Flash Forum. It's the best Asterisk tech support site in the business, and it's all free! Please have a look and post your support questions there. Unlike some forums, the PIAF Forum is extremely friendly and is supported by literally hundreds of Asterisk gurus and thousands of users just like you. You won't have to wait long for an answer to your question.
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest...
Choosing the Best (free) PBX for SOHO Deployments
[iframe-popup id="6″]
When it comes to choices in free PBXs, times have indeed changed. A decade ago your options went something like this. There was Asterisk@Home or Asterisk@Home. Then along came trixbox® and Elastix® and PBX in a Flash™ and AsteriskNOW®. What remained constant throughout this evolution was the underlying Asterisk® platform. With the exception of Digium’s offering, the remaining products all included the FreePBX® GUI. Then came a whole new way of looking at things with FreeSWITCH®. Another morphing occurred when the FreePBX developers introduced their own distribution which bundled free software with a collection of commercial demoware, better known as NagWare. Along the way we introduced Incredible PBX™ which let you choose an underlying platform and then an installer preconfigured the entire PBX together with dozens of applications. We also discovered an open source sleeper called XiVO that morphed into Wazo. It wasn’t long until commercial companies discovered that there might be gold in them hills. Sangoma® purchased FreePBX and 3CX acquired PBX in a Flash and Elastix. Digium’s AsteriskNOW product morphed into a rebranded FreePBX Distro®. Another popular commercial company that had been around the Asterisk community for more than a decade was Xorcom, and in 2016, they introduced their own freeware PBX called Ombutel. Another well-respected commercial provider, 3CX, quickly followed suit and introduced a collection of freeware PBXs1 including PBX in a Flash 5, Elastix 5, and a free edition of its popular 3CX UC platform running under Debian. Whew! What a ride it has been. But now what?
We’ve gone from rags to riches, but how do you sort out which solution is best for you? I’m reminded of some advice my dad gave me when I was trying to choose a college to attend. He said, "Make yourself a list of what’s important to you, and then rank each school from 1 to 10 on each of those criteria. Add up the columns, and there’s your answer." I would offer you the same advice in choosing a PBX. So let’s start with our list of 10 criteria in no particular order that should be considered in choosing a PBX. Then we’ll drill down on each of these and provide some tips on what to consider when you develop your own scorecard.
- Reputation of the Provider
- Reliability of the Product
- Feature Set
- Security
- Performance
- Redundancy
- Ease of Deployment
- Ease of Use
- Support Availability
- Long-Term Cost
A couple other factors will weigh into your ratings. First, your own level of expertise matters. And, second, the intended use for your PBX is critically important. If you’re deploying a PBX in your home where the only Happy Campers have to be you and the Little Mrs., that’s obviously a different use case than a business that relies upon telephones for its livelihood. If you have 30 years of telephony and networking experience, that makes some of these criteria less important than others. You can adjust your ratings scale accordingly or simply remove the criteria that don’t matter in your particular situation.
1. Reputation of the Provider
Depending upon whether you’ve chosen an open source PBX and your own level of expertise, the reputation of the provider matters. And, for those that aren’t do-it-yourselfers, the reputation of the installer or reseller is also important. There’s a reason that people pay big bucks for Cisco phone systems. Provider reputation becomes even more significant if you’re installing a closed source system and there’s a risk that the vendor won’t be around in a couple of years. If, on the other hand, you’re choosing a free PBX as a sandbox to learn about telephony, then provider reputation is obviously less important than some of the other factors. One of the real beauties of the Internet is that it’s easy to obtain information on and customer ratings of providers. So do your homework!
2. Reliability of the Product
Forums such as the PIAF Forum and DSL Reports provide a limitless supply of information about PBX offerings. Take the time to read user comments about their experience with the various offerings. Most of the free PBX products we’ve listed above have been around for many years, but that doesn’t always tell you everything you need to know. Visit the provider’s own forum so you can see for yourself what problems are being reported by their own users. If there are dozens of postings about bugs and non-working components with no proffered solutions, that’s usually a pretty good hint to start looking elsewhere.
3. Feature Set
Whenever we provide consulting services to companies, the first thing we do is ask everyone in the organization to provide a list of the top 10 features they need in an ideal phone system. You then can take that survey and match it against available offerings for free and commercial PBXs. If 90% of your users travel and need their smartphones integrated into the company’s PBX, that’s important. If your organization depends upon incoming phone calls for 90% of your new business, then deployment of a PBX that never hands out busy signals is critical. If IVRs need to be integrated into your existing corporate databases to check availability of product without employee intervention, then write it down as a "must have." You get the idea. Figure out what really matters to everyone that will actually be using phones connected to your PBX. Then find the offerings that are the best fit insofar as features are concerned.
4. Security
The last thing anyone wants to see is a whopping phone bill because some creep on the other side of the globe managed to make expensive calls on your nickel. Do all the research that time permits to discover which phone systems have a history of security breaches. Does the phone system you are considering have its own firewall? Is it self-configured or are you on your own? Will you need to hire a consultant just to keep your phone system secure? What’s your budget for security mistakes? A PBX isn’t free if you get an unexpected $100,000 phone bill. Visit the forums including the forums of the providers you are considering and look for any mentions of security breaches, hacking, and bugs related to software vulnerabilities. Google is your friend as well. Search for the name of the PBX you’re considering together with the word "vulnerability" and see how long a list you receive. Last, but not least, visit CVE Details and look up the scorecard of your vendor and product. One final consideration worth mentioning is the procedure required to update the PBX when security vulnerabilities are discovered. Is it a manual upgrade process or is it automatic when you log into your server? Do you have to keep abreast of security developments by regularly visiting some web site or are the alerts prominently displayed on the admin interface whenever you log into your PBX? Are you responsible for keeping the underlying operating system vulnerabilities patched or does your vendor handle that as well? Suffice it to say, you get what you pay for when it comes to a secure PBX. Do your homework and decide whether a free PBX really is the best choice for your situation.
5. Performance
There’s a big difference in a phone system for a home or SOHO deployment with a handful of phones versus a small business PBX with dozens of phones and hundreds or thousands of calls every day. Lots of external factors weigh into the actual performance you will see with any given phone system. For VoIP-based PBXs, your calls are only as good as your Internet connection and the ability of your server to handle the workload. Whether you plan to deploy your PBX on local hardware or in the Cloud also impacts performance. There are cloud providers and cloud providers. Some put you on an overloaded shared server to maximize profits while others (such as our own advertiser, RentPBX) carefully monitor the time slice that every PBX receives to assure reliable PBX performance all the time. As we’ve previously noted, you get what you pay for. Don’t expect a Cloud at Cost server for which you paid a one-time fee to provide the same level of performance and phone quality as a dedicated server or a provider such as RentPBX. Our best advice is to try your desired platform with your desired PBX. You’ll know quickly whether the combination will meet your performance requirements.
6. Redundancy
If your business depends upon reliable telephone calls, redundancy would be a requirement at the top of our list. How long can your business go without incoming or outgoing phone service? Do you have a dedicated administrator on staff? Does your support provider offer 24/7 assistance? Answers to those questions will narrow down your options. With a dedicated administrator on site and a hot standby server, you probably have all the redundancy you need unless criticality is judged in minutes. In the latter case, a High Availability failover system may be what you need. You can spend thousands of dollars on software and hardware to achieve an acceptable level of High Availability. What is your budget? Luckily, Wazo is a free alternative that also includes free HA support. All you need is a second server which could be a second hardware device on site or a Cloud-based server at minimal cost. We’ve documented the Wazo HA setup procedure here if you want to evaluate whether it will meet your requirements.
7. Ease of Deployment
Determining the ease with which you can deploy a new server is obviously subjective and depends upon your skill set, the expertise of others in your organization, and the complexity of the system you will be deploying. Bringing up and configuring the various systems is the only way you’re going to get an accurate picture of what’s involved. If you will be relying upon a vendor to perform the heavy lifting, then get some references and start making calls to judge the satisfaction level of similarly situated customers. Then ask yourself what the likelihood is that your vendor will still be around five years down the road. Is there a competitor that could step in and perform the same tasks? Are your available choices limited to telephone support or are on site services available to assist with or perform setup and configuration tasks? Be sure to get an accurate estimate of the overall cost of deployment including server and telephone configuration as well as staff training.
8. Ease of Use
Nothing holds a candle to letting employees at all levels in your organization actually use the system you’ve chosen before you purchase it. Particularly with a phone system, a free evaluation period is worth its weight in gold. The beauty of a free PBX is you can install it and kick the tires to your heart’s content. To end users, the ease of use determination is pretty simple. There’s a phone sitting on the desk. Does it do what I need it to do to get my job done?
9. Support Availability
There are three kinds of support: in-house, free, and paid. If you have in-house staff to manage and support your PBX, this criteria may be less important to you. If not, then the free and paid options are important. We have tens of thousands of administrators who have relied upon the PIAF Forum for support over the years. With the latest PBXs that have been around for a very long time, that’s probably all you need if you have made backups and have a recovery plan or a redundant system. As for paid support, the sky’s the limit quite literally. Telephone support does not equal on site support. If your business demands 24×7 phone service, then choose a support option that can make that happen.
10. Long-Term Cost
Last, but not least, is factoring in the overall cost of your phone system. Just because your PBX may be free, it doesn’t mean that add-ons and software maintenance and support are. Do the math and figure out what the long-term cost actually is to get the feature set and support level that your business requires. It may very well turn out that $395 a year for a fully-supported commercial PBX such as our corporate sponsor’s 3CX PBX may be a downright bargain compared to a free PBX for which you’d easily spend that much with a single call for commercial support. Do the math before you jump feet first into the free fire.
Originally published: Monday, May 8, 2017
|
SECURITY ALERT: The Sangoma® Portal reportedly has been compromised. According to Sangoma’s Chief Operating Officer, customers’ root passwords were stored on Sangoma servers as a favor to customers to facilitate future support access by Sangoma staff. That procedure now has been discontinued. Although not acknowledged, the root passwords were apparently stored in unencrypted format unbeknownst to customers. More than a dozen customers have since reported their servers were compromised using their own root credentials. Sangoma maintains there is a "theoretical possibility" that their portal was the culprit although the COO indicates that they have been unable to find any evidence of an intrusion. Rootkit appears to be a word missing from the Sangoma lexicon. If you do business with Sangoma through their web portal, you are well advised to check your server immediately to determine if your PBX also has been compromised. Full details regarding breach detection and a link to Sangoma’s response are available on the PIAF Forum. If your server has been hacked, prudence would dictate rebuilding your server from the ground up. There was no mention whether Sangoma did the same after a previous unauthorized intrusion. As this incident reinforces, attempting to patch a compromised server is extremely risky. |
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
- Don’t confuse a free PBX with Sangoma’s FreePBX® GUI. The former means a truly free PBX. The latter is a code generator for Asterisk that commingles free components with commercial nagware for which you have to pay registration fees before use and maintenance fees annually after purchase. [↩]
Free Asterisk Solutions
