Home » Posts tagged 'asterisk' (Page 63)

Tag Archives: asterisk

The Most Versatile VoIP Provider: FREE PORTING

Now It’s a No-Brainer: Free Skype Calling with Asterisk

Many of you may recall that last August we showed you an easy way to implement free calling to millions of cellphones using Gizmo5 and Asterisk®. Vaporware aside, it's been a quiet six months in the Skype for Asterisk department. But now the folks at Gizmo5 have outdone themselves once again. This time it's their new OpenSky service. Here's how it works. You can call as many Skype users as you like and talk for up to five minutes for free.

If there are people you frequently call and the time limit is a problem for you, then you can cough up $20 a year and make as many 2-hour Skype calls as you like to your ten best friends. If you've got more friends than that or if you plan to use this for something other than a home Asterisk system, then there are reasonably priced plans to accommodate you. $320 a year gets you 20 accounts to an unlimited number of Skype users with the same 2-hour per call limit. $800 buys you 50 accounts, and $1600 buys you 100 accounts per year.

Getting Started. The easiest way to integrate this into your existing Asterisk system is to sign up for a free Gizmo5 account and then follow our previous tutorial to set up your outbound trunk.

Once you have everything working, you're ready to add a few numbers on your Asterisk system for your Skype pals. Here's the easy way, and we'll cover some more sophisticated implementations in a subsequent article. Assuming you have a friend with a Skype username of joeschmo, here's what you need to do to call Joe by dialing 563 (J-O-E) from any extension on your Asterisk system.

Edit the /etc/asterisk/extensions_custom.conf file on your system and add the following line within the [from-internal-custom] context:

exten => 563,1,Dial(SIP/skype_joeschmo@proxy01.sipphone.com)

If you also use softphones which support SIP URI dialing, then you might want to add another entry like this in the same context:

exten => joeschmo,1,Dial(SIP/skype_joeschmo@proxy01.sipphone.com)

Now just reload your Asterisk dialplan, and you're ready to start calling your Skype buddies around the world from any Asterisk extension.

asterisk -rx "dialplan reload"

The FreePBX Alternative. As has been pointed out in a comment, you can accomplish much the same thing using newer versions of FreePBX without having to muck around in extensions_custom.conf. Just add an Extension, choose the Custom type, provide an Extension Number, a Display Name, and optional SIP Alias. Then insert the following in the dial field, save your entries, and reload the dialplan when prompted.

skype_joeschmo@proxy01.sipphone.com

$20 Buys You Skype Calling Aliases. One of the major drawbacks of Skype always has been the alphanumeric Skype names which make it next to impossible to place Skype calls using regular telephones. Well, Gizmo5 has solved that, too. With your $20 annual subscription which gets you 2-hour Skype calls to your 10 best friends for a year, you now can define new phone numbers to match against your 10 favorite Skype friends. For example, for a user named John Doe, you might choose 564-6363 (JOHN-DOE). Once you sign up for the $20 Skype subscription and configure this alias in your Gizmo account, you can reach John Doe on Skype by dialing 1-333-564-6363 through your Gizmo5 trunk from any Asterisk extension. In your Asterisk setup, just create an outbound route for Gizmo calls with the following dial strings, and you're all set.

1333NXXXXXX
333NXXXXXX

Special thanks to JPE on the PBX in a Flash Forum for the original tip and to Adrian at Gizmo5 Operations for the alias demo. Enjoy!


Want a Bootable PBX in a Flash Drive? Our Atomic Flash bootable USB flash installer for PBX in a Flash has been quite the hit this past week. Thank you to all of our generous contributors! Atomic Flash provides all of the goodies in the VPN in a Flash system featured last month on Nerd Vittles. You can build a complete turnkey system using almost any current generation PC with a SATA drive and this USB flash installer in less than 15 minutes!

If you'd like to put your name in the hat for a chance to win a free one delivered to your door, just post a comment with your best PBX in a Flash story.1

Be sure to include your real email address which will not be posted. The winner will be chosen by drawing an email address out of a hat (the old fashioned way!) from all of the comments posted over the next several weeks.

And it's still not too late to make a contribution of $50 or more to the PBX in a Flash project and get a free Atomic Flash installer delivered to your door as our special thank you gift. See this Nerd Vittles article for details.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 


Some Recent Nerd Vittles Articles of Interest...

  1. This offer does not extend to those in jurisdictions in which our offer or your participation may be regulated or prohibited by statute or regulation. []

Introducing Atomic Flash: 15-Minute Turnkey Asterisk Installs

PBX in a Flash offers a number of Asterisk- compatible PBX solutions to meet virtually every need. These range from base installs of Asterisk 1.4 and 1.6 in both 32-bit and 64-bit flavors. In addition, the Orgasmatron builds provide turnkey installs for Everex gPC systems and Dell PowerEdge SC440 and T100 servers. And our recent VPN in a Flash build for the Acer Aspire One NetBook introduced the ultimate portable, secure traveling communications server including the Hamachi VPN.

For 2009 we round out our offerings with the ultimate development tool, a bootable USB flash drive which can create turnkey, full-featured Asterisk PBX systems in 15 minutes or less. As its name suggests, this build was specially engineered for the new Atom-based motherboards found in most netbooks although it works just fine with Dell’s PowerEdge T100 servers as well. Many of the newer netbooks lack a CD/DVD drive so a bootable flash installer is ideal. In addition to a current generation computer, you’ll also need an 80GB or larger SATA disk drive which can be configured as sda1, sda2, and sda3. RAID setups are not yet supported unless you’re very familiar with reconfiguring Mondo Restores. With your new computer in hand, just plug in the Atomic Flash, and boot the computer from the flash drive. Type nuke and have a cup of coffee. When you return in 15 minutes and type a couple commands, your system will be ready for deployment. Add your trunk providers, match phones to the preconfigured extensions, secure passwords, and you’re all set. It’s that easy!

Make no mistake. This is a Bleeding Edge installer featuring a Fedora 10 Remix1 that’s less than a week old. It supports the latest and greatest motherboards, wired and WiFi networks, and it includes the KDE graphical user interface for those that love GUIs. Out of the box, it provides a functioning softphone as well as your own private Hamachi VPN connecting up to 15 additional systems so the entire setup can be deployed as a mobile communications hub in less time and for less money than most folks spend on their breakfast.

For those that demo systems for a living, no one will touch this presentation. Just show up at a customer site with a $300 Acer Aspire One NetBook and an Aastra 57i business phone. While the customer watches the Atomic Flash build a new PBX in a Flash server from the ruins of a Windows XP clunker, you can connect and configure the 57i and explain how simple VoIP networks can be.

When you finish your 10-minute slide show, your system will be operational. Dial any 800 number from your Aastra phone, and presto… instant, flawless communications! Now explain to the customer what the world of penny-a-minute communications is all about with every call between PBX in a Flash systems and other SIP phones absolutely free… worldwide.

Friends of PIAF. So how do you get one? If you don’t mind a preproduction version, which means we have to custom-build every flash drive, here’s how to get yours. First, this offer is for a limited time (until we get sick of cloning flash drives). And don’t expect to receive your unit overnight. In fact, it may be several weeks or more depending upon how busy we get with other Honey-Do’s. But we won’t forget you!

Now what? Just make a contribution of $50 or more to the PBX in a Flash project through PayPal, and we’ll give you one (as in gift for free), and we’ll even pay the shipping. Limit of one per contributor please! Keep in mind that $50 barely covers the cost of the 8GB flash drive, the shipping, the PayPal commission, and the labor (at 5¢ an hour) so your generosity is most appreciated. And when we get tired of working for 5¢ an hour, we’ll holler. 🙂

Once your Atomic Flash device arrives, please visit http://atomicflash.org or http://pbxonaflash.com for complete installation instructions.



The Perfect Complement. The stars have all lined up to provide a perfect opportunity for you to purchase a state-of-the-art NetBook. Click or hover on the image above for details. If you’d prefer a server, you now can grab a Dell Poweredge T100 server with dual 160GB SATA drives and 2GB of RAM saving $397 off the list price. Either hardware works great with Atomic Flash.

Are You Crazy? Why Are You Doing This? Well, yes and because it’s the First Anniversary of PBX in a Flash! We want everyone to experience PBX in a Flash in all its greatness now that we’ve got it down to a 15-minute walk in the park. These are tough economic times for many businesses around the world, and we want you to help us spread the word about the savings that can be realized through Voice Over IP. We also want to encourage those of you on the fence about a career to enter the Asterisk® reseller community, and we’re doing our part by providing the perfect sales and development tool.

So now’s your chance. We hope you’ll tell every business acquaintance and friend you have about PBX in a Flash. And you have our heartfelt thanks for your continuing support. It’s been a blast!


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 


Some Recent Nerd Vittles Articles of Interest…

  1. Fedora and the Infinity design logo are trademarks of Red Hat, Inc. Asterisk is a registered trademark of Digium, Inc. All other trademarks and registered trademarks are property of their respective owners. This software aggregation is neither provided nor supported by the Fedora Project and contains non-Fedora and modified Fedora content. Official Fedora software is available through the Fedora Project website []

Avoiding the $100,000 Phone Bill: A Primer on Asterisk Security

Here's a headline to wake up any CEO: "Small business gets $120,000 phone bill after hackers attack VoIP phone." News.com.au actually ran this story on January 20. "Criminals hacked into an Internet phone system and used it to make 11,000 international calls in just 46 hours... 115,000 international mobile calls were made using the small business's VoIP system over a six month period."

News Flash: Be sure to read our latest article introducing Travelin' Man 3, a completely new security methodology based upon FQDN Whitelists and DDNS. In a nutshell, you get set-it-and-forget-it convenience and rock-solid VoIP security for your Cloud-based PBX or any PBX in a Flash server that's lacking a hardware-based firewall and you get both transparent connectivity and security for your mobile or remote workforce.

For the latest Security Tips: See our most recent article.

Sad to say that folks install VoIP phone systems to save money and then completely ignore tried-and-true network security principles: hardening your system, regularly watching your logs, and periodically changing your passwords. If PBX in a Flash were a commercial offering, we'd probably keep much of what follows to ourselves and start touting our PBX systems as the only Asterisk® offering with Secure-Wrap™. That's not our world, of course, nor is it what open source is all about... which turns out to be both a blessing and a curse. We openly and jointly figure out ways to secure our Asterisk systems as well as those of our competitors. Then the bad guys get to read all about it and come up with new, more creative "solutions." The silver lining is there are millions of insecure Asterisk systems so the creeps typically move on to easier targets.

Today we'll walk you through our Top Ten Security Tips and Tricks. All of these can be implemented easily to harden your Asterisk PBX and lessen the chances of the bad guys transforming your VoIP system into a free, international payphone: you pay, they phone. In the process, we'll identify some common security blunders that accompany new system installs in hopes that you won't make the same mistakes. So let's start with the basics. If you plug your Asterisk PBX directly into the public Internet without carefully securing it, your chances of being hacked within the hour are pretty good.

Rule #1: Protect Your PBX With IPtables. PBX in a Flash systems are delivered with the IPtables firewall enabled. Leave it that way! If your Asterisk implementation doesn't have IPtables support, demand that it be added immediately or ask for assistance in adding it yourself. There is no reason not to use a freely available, open source firewall, period! And there are many good tools including WebMin (also included in PBX in a Flash distributions) to get it configured properly. With PBX in a Flash, all of the grunt work has been done for you.

Firewalls, of course, are only as good as the set of rules defined to secure your system. So only activate ports that are absolutely essential to run your PBX. For an excellent review of the ports that are opened by default in PBX in a Flash systems, see Joe Roper's summary. Think of an activated port as a hole in the dike. The more holes you add, the less secure your PBX will be. We'll leave it to you to count the holes in the dike if you choose to run your PBX without IPtables enabled. Our rule of thumb for PBX security goes something like this. If you don't need web access to your PBX, don't open ports 80 and 9080. If you don't need SSH, FTP, FOP, or WebMin access to your PBX, don't enable those ports. Better yet, don't even turn those services on unless there is a pressing need.

All of the IPtables rules are stored in /etc/sysconfig/iptables. Don't edit this file unless you know what you're doing. If you need help with the rules, post a question on the PBX in a Flash Forum. Typical response time on posted questions is under an hour on our forum. And don't forget to restart IPtables if you make changes to any of the rules: service iptables restart.

Rule #2: Protect Your PBX With A Hardware-Based Firewall. If one firewall is good protection, two firewalls are even better. As much as NAT-based firewall/routers get a bad rap, the extra layer of protection that a $50 hardware-based firewall/router delivers cannot be overstressed. Think of the software-based firewall as the tool of choice to secure your PBX on your internal LAN while the hardware-based firewall secures your system on the public Internet. We recommend the dLink WBR-2310 for home and SOHO use. It provides a reliable NAT-based router, a firewall, and excellent WiFi capability for under $50. If you've got some spare change, step up to one of dLink's Gaming Routers which we happen to use. They provide all the tools you'll need to prioritize your VoIP traffic. As with Rule #1, only open and redirect ports that are absolutely essential to use your PBX.

Rule #3: Safeguard Against Random Password Hacks. There is no better tool to protect your PBX from random password attacks than Fail2Ban 0.8.3. Fail2ban scans log files and bans IP addresses that make repeated, unsuccessful password attempts. It updates IPtables rules to reject those IP addresses for a period of time that you can set in /etc/fail2ban/jail.conf. Originally PBX in a Flash systems were shipped with an earlier version of Fail2Ban that provided only minimal protection. If your system doesn't include the jail.conf file above, you still have the older version. Simply run our update script to get the current release:

cd /root
mkdir fail2ban
cd fail2ban
wget http://pbxinaflash.net/source/fail2ban/fail2ban-update
chmod +x fail2ban-update
./fail2ban-update
service fail2ban restart

As was true with IPtables, Fail2Ban is only as good as the rules which are defined to identify failed password attempts on your system. On PBX in a Flash systems, we now protect against web, FTP, SSH, SIP, and IAX password attempts.

If your particular Asterisk implementation lacks Fail2Ban support, you're missing a critically important (free) tool to safeguard your system from random password attacks against SSH and your protected web sites as well as your SIP and IAX extension passwords. For tips on installation, review our script that is available on this thread in the PBX in a Flash Forum.

Rule #4: Narrow Access With IP Address Restrictions. Security privileges in the U.S. government are based upon a "need to know." It's pretty simple. If you don't have a need to know the information to perform your duties, you don't get the privilege. You can use a similar technique to secure your PBX by implementing IP address restrictions. For example, if all of your extensions are housed on a private subnet of your internal LAN, then there is no reason to allow Internet access to those extensions. Similarly, for extensions outside your local network, you now can hardcode the IP address into the extension to restrict access. To implement this with Asterisk and FreePBX-based systems, you'll first need to upgrade FreePBX to at least version 2.5.1.1. Once you've upgraded, go into each extension and enter either an IP address or an IP subnet for that extension in the permit field. For an IP address, the syntax is 192.168.0.44/255.255.255.255. For an IP subnet, the syntax would look like this: 192.168.0.0/255.255.255.0. This one tip would have been worth $120,000 to the Australian company referenced above. Yes, consultants can be worth their weight in gold. 🙂

If you're as absent-minded as we are, you don't want to have to worry about remembering this each time you add a new extension to your system. So it's quite simple to change the default permit entry from 0.0.0.0/0.0.0.0 to the subnet mask of your LAN. Then you only have to adjust this entry whenever you add an extension which is not on your internal LAN. For example, if your LAN subnet is 192.168.0, then we want to replace the default entry with 192.168.0.0/255.255.255.0. The file to edit is /var/www/html/admin/modules/core/functions.inc.php. Just search for $tmparr['permit'] in BOTH the iax2 and sip sections of the file and make the value substitution preserving the single quotes on both sides of your new entries.

You also can implement both password and IP address restrictions to limit web access to your server. With Apache web servers, this is done through .htaccess files and directory restrictions in your Apache config files. On PBX in a Flash systems, htaccess password restrictions now are the default setup in all of our builds. Suffice it to say, if you can access the /admin directory on your web site from the Internet without being prompted for a password, your site probably has been compromised. Keep in mind that these passwords get cached so be sure you have cleaned out your browser cache before having a heart attack. Better yet, try this from a browser you don't ordinarily use (such as the one on your cellphone).

For additional security, you can further restrict access to your web directories by adding a list of authorized IP addresses to the .htaccess file in each subdirectory. Here's what an .htaccess file with IP address restrictions might look like. The first Allow entry is the private LAN subnet, the second is a remote site, and the third is the Hamachi VPN subnet mask:

Deny from All
Allow from 192.168.0
Allow from 68.218.222.70
Allow from 5.67

Rule #5: Don't Use 'Normal Ports' for Internet Access. Think of network and PBX security as a shell game. You want to do as many things differently as possible to make it as difficult as possible for the bad guys to figure out what you've done. Read that last sentence again. It's important! With a hardware-based firewall such as the WBR-2310, this is incredibly easy. dLink calls them Virtual Servers. Here is a typical entry:

HTTP   192.168.0.150   TCP 80/2319   Allow All   Always

You can simply redirect common ports to different ports for Internet access. Don't do this for SIP and IAX ports, but it works great for HTTP, FTP, and SSH access. For example, port 80 typically is the default web server port on Asterisk aggregations, and this port normally can be used on your internal LAN assuming you know and trust your users. For external (aka Internet) web access, simply remap TCP port 80 to some obscure port and change it periodically. For example, you might redirect TCP port 80 to port 2319. Once the setting is saved, you access the web site with a browser entry like this: http://pbx.mydomain.com:2319/. Then (and just as important!) next month, change the port to 4382, then 6109, and so on. Don't use these numbers obviously! Make up your own. The key here is that 5 minutes work every month will keep web access to your PBX much more secure than letting every Tom, Dick, and Ivan hammer away at port 80 every night while you're sleeping. Incidentally, most of these routers also will let you block access to certain ports during certain hours of the day. If you're sleeping, there's really not much need to provide SSH and web access to your Asterisk server. At the risk of being labeled xenophobic, keep in mind that many of the world's best crackers reside in countries where daytime happens to be nighttime in the United States.

Rule #6: Really Secure Passwords Really Do Matter. While we have no hard evidence to back this up, our wild-assed guess (WAG) is that 90% of the security breaches in Asterisk systems have been the direct result of folks using passwords that matched the extension numbers on their phone systems. Since most Asterisk PBX systems are configured with extension numbers beginning in the 200, 700, or 800 range of numbers, it really wasn't Rocket Science to remotely log into these servers and make unlimited SIP telephone calls. The first five rules would have protected most Asterisk systems. But our WAG on the number of Asterisk PBX's that have implemented all five rules above would be less than one in a thousand. Part of that is because some of these tools weren't readily available until recently. But part of it is because most of us are just plain L-A-Z-Y.

Really secure passwords really do matter. And it's more than having a secure root password. All of your passwords need to be secure including those on your phone extensions and voicemail accounts unless you are absolutely certain that you have blocked all access to your system from everyone except trusted users. If you use DISA, make certain it has a really, really secure password. Part of having really secure passwords is regularly changing them. And our rule of thumb on Asterisk system passwords goes one step further. Never, ever use passwords on your PBX that you use for other important personal information (such as financial accounts). You've been warned. It's your phone bill and bank account!
<end of sermon>

Rule #7: Minimize Web Access To Your PBX. Most of the Asterisk aggregations utilize FreePBX as the graphical user interface to configure your Asterisk PBX. Because FreePBX is web-based, it is extremely dangerous to leave it exposed on the Internet. As much as we love FreePBX, keep in mind that it was written by dozens and dozens of contributors of various skill levels over a very long period of time. Spaghetti code doesn't begin to describe some of what lies under the FreePBX covers. Make absolutely certain that you have .htaccess password protection in place for all web directories in at least these directory trees: admin, maint, meetme, and panel.

Our rule of thumb on Internet web accessibility to an Asterisk PBX goes like this. Don't! But, if you must, build as many layers of protection as possible to assure that your system is not compromised. If the bad guys get into FreePBX, the security of your PBX has been compromised... permanently! This means you need to start over with all-new passwords by installing a fresh system. You simply cannot fix every possible hole that has been opened on a FreePBX-compromised system!

Rule #8: Implement VPNs for PBX Systems. PBX in a Flash has provided simple install scripts to deploy Hamachi VPNs on all of our current systems. Hopefully, the other aggregations will do likewise. In addition, we offer turnkey VPN in a Flash systems which provide this functionality out of the box. VPNs provide an incredibly simple way to interconnect PBX systems worldwide and assure secure communications between these interconnected systems. We now are exploring other VPN solutions which would facilitate the use of VPN-enabled telephones such as the new offerings from SNOM.

Rule #9: Check Your Logs Every Day. We're still dumbfounded by the following quote from the article above: "115,000 international mobile calls were made using the small business's VoIP system over a six month period." Six months and they never checked their call logs? Sounds like they earned this phone bill. FreePBX provides an incredibly simple way to review your call logs. Click the Reports tab at the top of the screen and look at the bar graph showing the number of calls each day and the combined length of those calls. Nothing could be easier. Do it every single day! It also should be noted that Ethan Schroeder has released a beta of some new monitoring software which will provide more granular monitoring of daily call volumes. For additional information or to participate in the beta, visit this link.

Rule #10: Do Some Reading... Regularly. No security implementation is complete without a little regular effort on your part: reading. If you're going to manage your own network or PBX, then you need to keep abreast of what's happening in the business. There are any number of ways to do this, none of which take much time. The simplest approach is just to scan the Open Discussion, Add-Ons, and Bug Reporting topics on the PBX in a Flash Forum, the trixbox Forum, and the FreePBX Forum. Aside from reviewing your call logs, it's the best 15 minutes you could spend to safeguard your system. We also have an RSS Feed which includes security alerts.

Update #1: Be sure to read this great new article. It has two fresh ideas for securing your system!

Update #2: Please also read this Nerd Vittles Alert about FreePBX backdoors and default passwords that was published on April 15, 2011.

Some Other Suggestions. A couple other suggestions come to mind that don't involve securing your PBX per se but nevertheless will lessen your exposure in the event of a security breach. First, if your usual calling patterns don't involve international calling or if they're limited to one or two countries, tighten up your outbound dialplan and restrict calling to countries that you actually need. It can always be changed when the need to call elsewhere arises. Second, if you use pay-as-you-go providers, never use credit card auto-replenishment. Instead, add funds periodically using the provider's web interface. The advantage of this is that, if someone does manage to break into your system, your loss will be limited to the current balance in your provider account. You'll not only save a lot of money, but you'll also get a notification that something has gone horribly wrong. Finally, a forum user mentioned one we had overlooked. If you have a mix of POTS and VoIP lines, don't put the POTS lines in the default outbound pool for toll calls. This could potentially save you lots of money.

Continue Reading Part II: The VoIP WhiteList for IPtables...

Got Some Other Ideas? 50,000 heads always are better than one when it comes to network security. If there are things we've missed, take a minute to post a comment. It'll help all of us keep our systems more secure. Good luck!

Digium® Weighs In. Since this article first appeared, Digium has released its own set of tips on SIP security. By all means, have a look!


Security Alert of the Week. A trixbox user yesterday reported that he had discovered a rootkit exploit on his server. You can could read all about it here. The 6:03 a.m. (California time) post mysteriously disappeared a few hours later... soon after the trixbox staff got to work. Another darn computer failure according to Fonality staff. 😕 We've attempted to recreate the information from Google snippets. And here's a simple test to see if you have a similar rootkit problem:

ls -all /sbin/init.zk


Want a Bootable PBX in a Flash Drive? Our bootable USB flash installer for PBX in a Flash will provide all of the goodies in the VPN in a Flash system featured last month on Nerd Vittles. You can build a complete turnkey system using almost any current generation PC with a SATA drive and our flash installer in less than 15 minutes!

If you'd like to put your name in the hat for a chance to win a free one delivered to your door, just post a comment with your best PBX in a Flash story.1

Be sure to include your real email address which will not be posted. The winner will be chosen by drawing an email address out of a hat (the old fashioned way!) from all of the comments posted over the next couple weeks. All of the individuals whose comments were used in today's story will automatically be included in the drawing as well. Good luck to everyone and Happy New Year!!


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 


Some Recent Nerd Vittles Articles of Interest...

  1. This offer does not extend to those in jurisdictions in which our offer or your participation may be regulated or prohibited by statute or regulation. []

The Ultimate Asterisk Telephony Appliance

gPC miniWe’ve been quietly waiting for Everex to finally get its act together and deliver the Ultimate Asterisk® Telephony Appliance for SOHO users and organizations. Truth be told, it’s the reason we shelved our original VPN in a Flash desktop unit from last August. Thanks to NewEgg, it’s now available and it’s dirt cheap… if you hurry. Would you believe $339 for the gPC mini ET2400. And with this coupon link, you can knock off another $11 and some change. Just sign up for a free eBates account and follow the eBates link to NewEgg to save 2% on your total order plus another $5 for signing up. We, of course, get five dollars wealthier in the process as well.

In addition to a fantastic-looking, small-footprint mini knockoff of your favorite fruit-inspired hardware, here’s what $339 buys you if you act quickly:

  • 2.0GHz Intel® Pentium® Dual-Core Mobile Processor T2450
  • 2MB L2 Cache
  • 160GB SATA Hard Drive
  • 2GB DDR2 667 SDRAM
  • Slot-In DVD-ROM/DVD-RAM/DVD±RW Drive (Double Layer support)
  • Intel® Graphics Media Accelerator GMA950
  • Realtek ALC268 High-Definition Audio
  • 10/100/1000 Ethernet Port
  • 802.11 b/g Wireless LAN
  • Bluetooth Wireless
  • DVI-I Port with DVI to VGA/D-sub Adapter
  • S-Video Port
  • IEEE 1394 Firewire Port
  • (4) USB 2.0 Ports
  • 4-in1 Media Card Reader (SD, MMC, MS, MS Pro)
  • Headphone/Line-Out Port
  • Microphone/Line-In Port
  • Windows Vista Home Premium (for your nearest trash can)

gPC miniYes, you won’t be needing Windows for your new Ultimate Asterisk Telephony Appliance. Very shortly, Nerd Vittles will introduce its turnkey USB flash installer which brings you every Asterisk bell and whistle on the planet in under 15 minutes. We had hoped to introduce the new flash drives this week to celebrate the beginning of Nerd Vittles Fifth Year. But the pricing on 8GB flash drives that provide the compatibility we need to facilitate duplication just weren’t there so we’ll just wait a few weeks until they are. In the meantime, you can order up your new system and enjoy Windows at its very worst for a week or two while realizing a substantial $150 savings on your system. Enjoy!


Want a Bootable PBX in a Flash Drive? Our bootable USB flash installer for PBX in a Flash will provide all of the goodies in the VPN in a Flash system featured last month on Nerd Vittles. You can build a complete turnkey system using almost any current generation PC with a SATA drive and our flash installer in less than 15 minutes!

If you’d like to put your name in the hat for a chance to win a free one delivered to your door, just post a comment below with your best PBX in a Flash story.1

Be sure to include your real email address which will not be posted. The winner will be chosen by drawing an email address out of a hat (the old fashioned way!) from all of the comments posted over the next couple weeks. All of the individuals whose comments were used in today’s story will automatically be included in the drawing as well. Good luck to everyone and Happy New Year!!


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 


Some Recent Nerd Vittles Articles of Interest…

  1. This offer does not extend to those in jurisdictions in which our offer or your participation may be regulated or prohibited by statute or regulation. []

Free At Last: The Emancipation of the Apple TV

We’ve never quite forgiven Apple1 for bricking some of the original iPhones because some owners chose to jailbreak their private property to learn how it worked or to add additional functionality. It may turn out to be Steve Jobs’ billion dollar blunder! The stunt was especially egregious when one considers that both the iPhone and much of Mac OS X are based upon open source software for which Apple didn’t pay a nickel. Apple certainly added a pretty wrapper, but the internals of both the iPhone and Mac OS X contain loads of pure open source code including dozens of Mach 3.0 and FreeBSD 5 applications. Destroying people’s cellular phones for accessing soft- ware that was licensed to Apple as open source code just doesn’t pass the smell test.

Courtesy of Apple, Inc.

Thus it was with mixed emotions that we unwrapped our Apple TV during Christmas 2007. Like the iPhone, it was locked up tighter than a drum even though the internals of the product read like a Who’s Who of the Open Source Movement: awk, bzip, cut, grep, find, ftp, finger, gzip, more, nano, openssl, perl, sed, tail, tar, touch, uname, whois, zip, and on and on. In fact, Mac OS X arguably is a better Linux than Linux. Suffice it to say, we read numerous articles outlining the lengths to which some talented users were going to unlock their Apple TVs. The process required disassembly of the unit, removal of the hard disk, and then a tedious unlocking scenario that was akin to breaking into Fort Knox. We chose to leave our Apple TV in its shrink wrap.

So what’s wrong with the Apple TV? Well, nothing… if you don’t mind paying Apple over and over again to reacquire media content which you already have licensed and if you don’t mind jumping through the iTunes hoops to transfer that content to a device which is perfectly capable of being self-sufficient. Let’s see. $1.99 to watch a TV show or play a music video that’s already sitting on your TIVO machine or that’s already freely (and legally) available from numerous sources on the Internet. Apple has added YouTube access, but the design really limits you to the most popular content. That makes it unsuitable (or worse) for anyone under the age of 13… or over the age of about 25. 🙄

Fast forward to 2009, and we decided it was time to take another look at the Apple TV landscape. WOW! What a difference a year makes. You now can create a bootable USB flash drive in a couple minutes, plug it into your Apple TV, and have a perfectly functioning, (true) open source appliance with DIVX and AVI support in less than 15 minutes. The FrontRow-enhanced Apple TV provides access to virtually all media content in every format imaginable with incredibly slick user interfaces thanks to the XBMC Media Center, Boxee Social Media Center, Nito TV, and Hulu. Most were originally designed for Microsoft’s Xbox. Uploads and downloads of media content can be performed using either your Apple TV controller and a television, or a web browser, or SAMBA networking, or SSH. So thanks to a resourceful bunch of talented, open source developers, we finally have an Apple TV worth owning that also happens to be fun to use. Incidentally, this whole metamorphosis can be accomplished without damaging the Apple TV’s existing user interface or its out-of-the-box functionality… at least until the next update from Apple. 🙂
So proceed at your own risk!

Freeing Your Apple TV. Since October, 2008, the emancipation of the Apple TV has become a simple, 5-minute exercise. What you’ll need to get started is an Apple TV2 with version 2 software, a 1GB USB Flash Drive, and ATVUSB-creator which is free. The drill here is to create a bootable flash drive that can be used to reboot the Apple TV and transform its closed and proprietary shell into an open source platform. The preferred machine for creating your bootable flash drive is a Mac running Tiger or Leopard although a Windows XP/Vista solution is also available now. The only precaution we would add is to unplug all of the USB drives connected to your PC before creating the bootable flash drive. Then you won’t accidentally reformat the wrong USB drive. The one-minute CNET tutorial is here. A better one is here.

Once you have your bootable USB flash drive in hand, unplug your Apple TV and plug the USB drive into the unit. Now connect your Apple TV to a television. Power up your Apple TV and marvel at the installation process which takes under a minute. Whatever you do, don’t boot your Apple TV with the flash drive more than once! When the install completes, you should see a message indicating that your Apple TV can be accessed with SSH within a few minutes at frontrow@appletv.local. The password is frontrow. The IP address for your Apple TV also can be used for SSH access as well. Remove the flash drive and reboot. You’ll see a new menu option for XBMC/Boxee. Just follow the menu items to install both applications. After another reboot, you’ll be all set. Click on the CNET video above to watch a demo.

After installing the apps, launch and then configure XBMC. If you get an error that reads "Cannot launch XBMC/Boxee from path," it means you forgot to install the software through your TV menu. If you enable the web interface, you’ll be able to go to any browser on your LAN and manage XBMC through the following link using the IP address of your Apple TV: http://192.168.0.180:8080. For complete documentation, check out the XBMC Wiki.


Before you can use Boxee, you’ll need to visit their web site and sign up for an account. A tutorial on the application is available at UberGizmo. As luck would have it, this application only became publicly available in Alpha last week so we’re just in time. Don’t sweat the Alpha status too much, it previously ran on the XBox platform as well as Windows, Macs, and Linux. There’s social networking support via Twitter, FriendFeed, Tumblr, and NetFlix. While it’s running on your Apple TV, you can access the interface remotely with a browser from anywhere on your LAN at http://ipaddress:8800 assuming you have enabled the web server interface.

Hulu is another terrific resource for movies, TV shows and music videos. It is available through Boxee. There are a few ads but not many. For a lot of the movies, you’ll also need to set yourself up an account there and configure your uncrippled Apple TV accordingly.

But What About Asterisk®? We knew someone would ask. Sure. An Asterisk for Mac solution should work on the Apple TV if you don’t plan to use it as a media center. For best results, compile everything on a separate Tiger Mac, and then move it over. Keep in mind that the device is limited to 256MB of RAM so simultaneously using the Apple TV as both an Asterisk PBX and a media center more than likely will cause unacceptable performance degradation in both your phone calls and your music and video streams. Someday perhaps we’ll give it a try. In the meantime, enjoy your new open source media center!


Want a Bootable PBX in a Flash Drive? Next week to celebrate the beginning of Nerd Vittles’ Fifth Year, we’ll be introducing our bootable USB flash installer for PBX in a Flash with all of the goodies in the VPN in a Flash system featured a few weeks ago on Nerd Vittles. You can build a complete turnkey system using almost any current generation PC with a SATA drive and our flash installer in less than 15 minutes!

If you’d like to put your name in the hat for a chance to win a free one delivered to your door, just post a comment at this link with your best PBX in a Flash story.3

Be sure to include your real email address which will not be posted. The winner will be chosen by drawing an email address out of a hat (the old fashioned way!) from all of the comments posted over the next couple weeks. Good luck to everyone!


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 


Some Recent Nerd Vittles Articles of Interest…

  1. Disgruntled customers reportedly have filed over a billion dollars’ worth of lawsuits over their bricked iPhones claiming Apple did it intentionally. Great PR move there, Steve! []
  2. The Apple TV actually runs a modified version of Tiger (aka Mac OS X 10.4). []
  3. This offer does not extend to those in jurisdictions in which our offer or your participation may be regulated or prohibited by statute or regulation. []

Remotely Managing Your Asterisk Server with WebDAV

Got DAV?It's been quite a while since we last explored WebDAV, and that was in the context of turning a Mac into an ISP-in-a-Box in 2005. Today we want to do much the same thing with your PBX in a Flash server, and the drill is quite similar. Over the course of the last four years, the uses of WebDAV have grown geometrically.

Overview. As you probably know, WebDAV is an acronym for Web-based Distributed Authoring and Versioning. Simply put, it is an HTTP protocol extension that allows people anywhere on the Internet to collaboratively edit and manage documents and other files using the same protocol and port used for surfing the web. In the Mac world, WebDAV provides a Disk Volume on your Desktop that “looks and feels” like any other networked hard disk. In the Windows world, WebDAV is called Web Folders. They can be used like any other mapped drive in Network Neighborhood. If you’re still a little fuzzy about the WebDAV concept, think of how you link to another drive on your local area network. WebDAV gives you the same functionality across the entire Internet with virtually the same ease of use. Depending upon user privileges, of course, you can copy files to and from a WebDAV volume, and the protocol imposes versioning control through file locking to assure that multiple people with access rights don’t change the same file at the same time.

For openers, WebDAV provides a simple vehicle to manage your PBX in a Flash web site by letting you create a file-sharing link to your server which is read and write-accessible (with a password) from almost anywhere. It also could be used to upload and/or download sensitive corporate data, or it could serve as a backup repository for your portable or desktop PC. Think of it as a Poor Man's Cloud Computing alternative. Install a couple of terabyte drives on a Dell T100 or SC440, and you've got a secure environment for storing all of your data on a single server.

Initial Setup of WebDAV. For today, we're assuming you already have a functioning PBX in a Flash server. It includes most of the WebDAV components necessary to get WebDAV working. If you're using some other Asterisk® platform, then take a look at our previous articles for some hints on the basic setup keeping in mind that most Asterisk distributions use asterisk as the web user account rather than apache. To keep things simple, we're going to set up a separate dav directory within your existing PBX in a Flash web server to use for WebDAV access. This means files and folders managed with WebDAV will appear in /var/www/html/dav on your server.

To complete the WebDAV setup on PBX in a Flash systems, log into your server as root and issue the following commands:

mkdir /var/www/html/dav
chown asterisk:asterisk /var/www/html/dav
chown asterisk:asterisk /var/lib/dav
cd /etc/pbx/httpdconf
wget http://pbxinaflash.net/source/webdav/dav.conf
apachectl restart

Configuring WebDAV. As installed, you'll need your username (maint) and your password to access your WebDAV server from either a browser (for read access) or via network access (for read and write access). You have several choices in how to reconfigure this setup to meet your own requirements. If you want to upload and manage files in this directory with a password and then allow anyone to access the files with a web browser with no password, you can simply uncomment the two Limit lines in the Apache dav.conf file in /etc/pbx/httpdconf. Just remove the leading # characters from both the lines in the configuration file. If you want to restrict network and web access to WebDAV to certain IP addresses, you can remove the Allow from all line in dav.conf and add lines that look like the following:

Allow from 192.168.0
Allow from 68.218.222.170

Remember to give yourself access on the private LAN as well as the public side if you plan to use WebDAV from outside your firewall. Our strongest recommendation remains to not expose your server to public web access without restricting access with either passwords or IP restrictions in .htaccess files for each directory as shown above.

Accessing WebDAV. To access your WebDAV folder with a browser for read-only access, point your browser to the IP address of your server and then the /dav subdirectory. For example, on your private LAN, the link might look like this: http://192.168.0.123/dav. On the public Internet, the link might look like this: http://pbx.dyndns.org/dav.

On a Windows machine, you can create a Web Folder for access to your new WebDAV directory like this:

My Network Places
Add a network place
Choose network location
http://192.168.0.123/dav (with no trailing slash!)
username: maint password: yoursecretpassword
Name the link: PiaF WebDAV

Update: There is a glitch with Web Folder access with some Windows XP and Vista systems. Here's a link to the Microsoft Patch that addressed the problem.

On a Mac, click on your Desktop to open Finder and do the following:

Go
Connect to Server
http://192.168.0.123/dav (with no trailing slash!)
Connect
username: maint password: yoursecretpassword
OK

Using WebDAV for Total Web Site Management. There may be some who actually want to use WebDAV to manage your entire PBX in a Flash web site. This means all directories from /var/www/html down. This WebDAV management need not be exclusive. In other words, you still can retain the WebDAV setup for the dav directory outlined above. To add an additional WebDAV service for your entire web site, you will need to edit /etc/httpd/conf/httpd.conf. Then search for this text:

<Directory "/var/www/html">

Once you find that line of code, scroll down to just above the </Directory> entry and insert the following lines of code. Save your additions and then restart Apache: apachectl restart.

DAV on
<Limit PUT POST DELETE PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
AuthType Basic
AuthName "WebDAV Web Server Access"
AuthUserFile /usr/local/apache/passwd/wwwpasswd
Require valid-user
Order allow,deny
Allow from all
</Limit>

If you haven't also implemented the dav solution above, then make certain you issue the following command while logged into your server as root:

chown asterisk:asterisk /var/lib/dav

Now that you have your own WebDAV server, take a look at this terrific web site for some great ideas on what's possible in the open source and commercial world of WebDAV. Enjoy!


It's Time For That New Dell, Dude. If you've been holding off until Dell put the PowerEdge T100 on sale again, then today's your lucky day. With a dual Core Intel® Pentium®E2180, 2.0GHz processor with 1MB Cache, an 800MHz FSB, an 80GB 7.2K RPM Serial ATA 3Gbps 3.5-in Cabled Hard Drive connected to the onboard SATA controller, 512MB of 667MHz DDR2 RAM, a DVD-ROM Drive, and an On-Board Single Gigabit Network Adapter, the T100 is on sale for $329. It's not as great a deal as sometimes, but it's still a steal. Be sure to upgrade to 2GB of RAM for $19! Once you have your system, just load our Orgasmatron III build and you'll be off to the races in under 15 minutes!

If you want a cash rebate on your Dell purchase, use our eBates link to Dell or click on the coupon image in the right column of this article. It takes less than 30 seconds to sign up, and you get $5 (and so do we!) plus you receive 2% cash back on your Dell small business purchases which can be deposited directly into your PayPal account.


Want a Bootable PBX in a Flash Drive? In a few weeks to celebrate the beginning of Nerd Vittles' Fifth Year, we'll be introducing our bootable USB flash installer for PBX in a Flash with all of the goodies in the VPN in a Flash system featured a few weeks ago on Nerd Vittles. You can build a complete turnkey system using almost any current generation PC with a SATA drive and our flash installer in less than 15 minutes!

If you'd like to put your name in the hat for a chance to win a free one delivered to your door, just post a comment at this link with your best PBX in a Flash story.1

Be sure to include your real email address which will not be posted. The winner will be chosen by drawing an email address out of a hat (the old fashioned way!) from all of the comments posted over the next couple weeks. Good luck to everyone and Happy New Year!!


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 


Some Recent Nerd Vittles Articles of Interest...

  1. This offer does not extend to those in jurisdictions in which our offer or your participation may be regulated or prohibited by statute or regulation. []

What PBX in a Flash Brings to the Asterisk Table

As 2008 comes to a close, PBX in a Flash celebrates its First Anniversary and continues to be the only Asterisk® distro that offers users a choice of Asterisk 1.4 or 1.6 in either 32-bit or 64-bit flavors. In addition, you can choose our Lean, Mean Asterisk Machine or a preconfigured turnkey implementation with every VoIP bell and whistle on the planet. It’s all about choice and flexibility, and we offer both. For a preview of coming attractions, see the end of this article or take a look at the screen capture below. But today we hand over the editorial reins to some of our PBX in a Flash users to express in their own words why they chose PBX in a Flash and what their return on investment has been. We think you’ll be surprised by some of the responses. We certainly were.

You Never Know How Things Will Work Out

During the time of PBXIAF 1.0, I had been working with Trixbox for about 6 months. By the time PBXIAF 1.1 came out, I had learned enough about the way Trixbox can’t be updated to develop a healthy appreciation for the PBXIAF “compile on site, update as prudent” approach.

I happen to be a techno-nut -– but that notwithstanding, our small business was experiencing telephonic growing pains. After 7 years in business, an opportunity to expand our private label help desk product was easily ready to overrun the terrible copper lines we had for telephone service.

Since it was obvious VoIP was the only way to go – we began to explore what was out there. Vonage was riding high, Packet8 and many other competitors all got us around the limited copper into the office, each one we looked at had their own special quirks. All of them were using analog telephone adapters (ATAs) and either regular or slightly customized Analog phones.

We began a year of exploration that started with the BigGreenBox – hoping to learn enough about VoIP and this strange creature called FreePBX to be able to use it. But, with time marching on, Packet8’s Virtual Office product was selected, and put into use in a 10-phone system.

Although pretty much always under development, the web application that was provided was a little twisted, but worked once you got over its way of looking at call flow – rudimentary ring groups could be arranged in such a way as to simulate queues provided nor more than 8-10 callers were on hold. And so it went for a good year. We definitely used all our creativity to connect various IVR’s ($15/month each) to give the caller a good experience, but we were already clearly operating at the very limits of flexibility and capacity for the Packet8 system.

The average telephone bill during this period was approximately $380 per month (about 1/3 of what copper lines had cost) and almost nothing in hardware ($1,000 in proprietary telephones and ATAs).

Then the balance was broken when Packet8 rather arbitrarily stopped supporting a type of IVR transfer that was crucial to our work flow. At the same moment, the unthinkable happened. The help desk grew a little more. Less flexibility + even more demands for non-achievable call flow changes was the death knell for Packet8 at our office.

During this same time we had deployed several ISOs of the GreenBox in the lab and with field technicians….Several ISO’s! In a very short time. So many ISO’s, so fast – and a complete reinstall to go with each one. Yikes. It had become apparent to me that my career would suddenly change from network engineering to “PBX Upgrade and Reconfigure Monkey” if we deployed that distribution. Also – the forums were unproductive and negative much of the time. There are ways to disagree and still remain civil. Then, I rediscovered Nerd Vittles. This was about the time PBXIAF 1.1 was released.

The difference in the environment and team spirit – even when disagreements occurred – is very palatable. The community is full of people who are so wonderfully giving of their experience. The difference in the distributions – well- they can be summed up in about 6 words. Ward Mundy, Tom King, and Joe Roper.

This trio has brought together a remarkable set of skills and disciplines that produced a really, really good distribution, not solely RPM-based so knuckleheads like me can follow simpler instructions. [Asterisk code is] updated and compiled right on the box – and fully scripted. Security flaws get fixed in hours – sometimes minutes (when they find them – there’s been so FEW), not DAYS like the other guys. And all of it is based on FreePBX, arguably the most evolved UI for managing Asterisk.

Together – they got stability, reliability, and repeatability, and decorated it with enough solid features and functions to be a platform whose feature-function-benefit points are all top notch. Linux, Asterisk, Mysql, Apache, Text to Speech (2 different flavors), Voice Reminders, Wake Up Calls, Weather Reports, Tide Reports, Email by Phone, Headline News by Phone, and scripts that make it all go together just the way it needs to be: “stable and reliable”.

PBX In a Flash is a gift – an opportunity for our technical staff to learn a new area of our field, with the camaraderie of some genuine experts in the arena. We are 8 people, doing the work of 12 – just like a million small businesses. As an old network guy – learning a new skill has been tremendously exhilarating. And this technology is so flexible that I’m continually exhilarated learning new things… and for a long time to come! The professional growth has been great for all of us.

Now, the money. Way back up in the top of this [post], I told you the phone bill with Packet8 was on a good month $380 with barely the [functionality] needed to do our professional best.

Today, thanks to PBXIAF, we run 6 queues every day, with tremendous customer and client satisfaction. We use every part of the system to provide our customers with the best telephone interaction experience they could get anywhere. While handling about 10% more traffic, and with far superior call handling and work flow support, our average phone bill is $120 month.

Here’s the good part. With the $260 a month being saved, the company was able to afford to bring in group medical insurance for all our employees. How’s that for positively impacting 8 people every single day of their lives?

Ward, Tom, Joe – I could never have done it without you.

–tshif

And then there was this testimonial from a venue that all of us are thinking about these days:

Our small public middle school in Washington, DC has to make every penny count. I’m in charge of our technology and its meager budget. This past summer we moved to a new and bigger building and needed to migrate our phone system. We had an existing NEC Aspire system with 15 extensions that worked just fine – nothing fancy – and it hooked up to a single POTS line.

At the new building we needed to double the size to 30 extensions. As the Aspire system used VOIP, it should just be a matter of buying the handsets and a little labor to configure them. Right? [Wrong!] $17,000 is what they wanted to hook up the existing equipment that we moved over and add the 15 new extensions. My response: "Hell no!"

I’d wanted an excuse to setup an Asterisk server for a while, but I had heard how complicated it was. School was close to opening. I had a lot of other things to take care of. And I needed a solution that would most likely work the first time. I found PiaF then read up on the wiki and Nerd Vittles. I ordered a set of Aastra 57i’s and a used Dell PowerEdge 2650. We decided to go "pure VOIP" for flexibility and signed up with Vitelity.com.

I followed the great step-by-step directions for PiaF. I wanted to set mine up inside a Virtual Machine which added some complexity, but I found lots of helpful users in the forums that had documented their experiences before me.

Now we’re 5 months in. The system has more capabilities than our old NECs. The sound quality is better, and it’s easier to use. I had some problems with my server crashing, but I was able to rebuild it on different hardware and transfer our entire configuration in about an hour. Now everything is great. I love that we’re implementing more open source tools, open standards, and aren’t limited to vendor BS when we’re ready to expand. Other schools thought we were "crazy" to setup our own system. Now they want all the details to try and do it themselves.

The best part, of course, is that our whole setup was under $7K. That’s a $10,000 savings. To translate that with regards to the school, that savings allowed us to buy and set up four desktop machines in each of ten classrooms. Now THAT is making a difference.

Thanks to the PiaF team and community!

–jcasimir

And then there’s this one:

TODAY I TOOK CONTROL OF MY VOIP…..

I’ve been a happy VOIP user for 4 years running on Vonage. Even got my son hooked up on Vonage while he was in the Army stationed in Japan. But, when the lawsuits loomed over Vonage’s head, I started looking for something else, and I found Nerd Vittles. WOW! Being kind of a gadget junkie to start with and always looking for something interesting to do with my PCs, I started with Trixbox from Ward’s "build" and fumbled along. When PIAF came along I naturally followed.

I have two important successes that have made me love this VOIP/PIAF stuff.

1) When my grandson was diagnosed with a heart condition my daughter and her husband were stuck in hospital emergency rooms for hours at a time. Being about 500 miles from both our family and the other grandparents, they had a very difficult time getting news out to us since hospitals usually restrict the use of cell phones and don’t allow long distance calls from their phones. That only leaves (yuck!) pay phones. In just a few minutes time, I was able to buy a local DID to the hospital and connect it to my PIAF. I then set up an IVR that gave them access to a DISA. That way they could call us using a local number or call through the DISA to contact the other grandparents. Keeping everyone informed really eases your mind when the grandkids are ill!

2) When I got tired of my wife continuing to ask me for phone numbers when calling our family and friends, I finally decided to set up an IVR for her. So far, both of our kids’ home and cell numbers (as well as my cell number) have kept her happy. When she asks for more I’ll just add them. So far the "Wife Acceptance Factor" is high and I’m having great fun. Hanging up on recognized telemarketers is great, the Callerid Superfecta works great, and I like getting the Weather Forecast from Allison.

The port from Vonage was completed today. I’m using Future-Nine as my primary provider. So, like I said, today is the day I took control of my VOIP.

–jeffmac

And, speaking of role reversal…

PIAF to the Rescue!!

Here is a twist for you.

First, the problem:

My company has a ShoreTel system in place, 48 extensions. They have 2 PRI’s bonded together with dynamic channel allocation. Eight channels are dedicated to the phones, the rest to the Internet. When we have more calls than 8, the system robs channels from the Internet, up to 23 channels max, and returns them as the call volume drops. This all works well.

Monday, a pole a few blocks from our office had the transformer catch fire, and the provider’s equipment was affected. We lost both Internet and phones for several hours. Much of our business is time critical. With no incoming phone calls and no email, we almost lost out on a chance to bid on a VERY large deal. Fortunately, the customer knew the L.A. branch number and after being unable to get in touch with us, he called L.A.

Anyway, now it is critical to management that this NEVER happen again.

The Solution:

Tuesday: I studied the issue and wrote a proposal.

Wednesday: I fired up a PIAF box, established a 10 channel SIP trunk group to the ShoreTel system, and got everything setup for intersystem routing, etc.

Thursday: I am picking up a pay-as-you-go service with 10 channels from a VOIP provider with a single DID and setting our Telco service for failover/rollover to the VOIP DID. I am then ordering a second Internet circuit, 2meg x 2meg, to bring in the SIP trunks from the provider. As soon as that is done, I will dual-home the mail server so that we can get and send email via both Internet providers.

The End Result:

If the primary connection fails, phone service rolls over to the DID from the VOIP provider, rolls into PIAF, and cross trunks to the ShoreTel – AUTOMATICALLY!! Email switches to the secondary MX record and keeps right on rolling. One change in the firewall for the public NAT address and gateway and Internet [and phone service] is back up and running.

THANK YOU Ward, Tom, Joe and gang for making this possible.

–Greg Keys

And, last but not least…

You made my Grandma Cry!

My wife and I are currently living in Germany, and we’ve been using a Skype-In number so our friends and family can call us. For my wife it is important that the solution just works like a regular phone and so I had setup a Siemens M34 to interface with our DECT phone and it worked, mostly, for a few days until the entire system needed to be restarted. For most of our family, this solution works. But my grandmother is living in a different area code and can’t afford to call us as often as she would like.

I stumbled upon the PBX in a Flash project a few weeks ago and, after I found two old Grandstream GXP-2000 in the company junk closet (we are an Internet startup – someone is always buying new toys), I installed PiaF 1.2 using VMWare. I set up a Vitelity DID, the CallerID Superfecta, the Callerid Creep Detector, experimented with ring groups, routing, IVRs and was so impressed that I knew our Skype-solution days were numbered.

Last night, I took the plunge, reformatted the Skype system, and deployed PiaF 1.3. The install was so fast and painless. I copied the old configuration information into the new system. And, my new PBX was up and running in under and hour.

I had so much time left on my hands that I figured I might as well experiment. I followed another Nerd Vittles tutorial and created a few cell phone extensions for my family back in the states. I went to Vitelity and purchased another DID. I recorded a quick message, setup an IVR, and a new corresponding route. That’s when the fun started.

I called my grandmother and told her: "Grandma, we’ve got a new telephone number. Will you please call me right back at…". She was a little surprised when I told her that the number was now going to be a local call for her. The real surprise came when she called the number and heard, "Hi Grandma, welcome to your phone system. For Martin and Ashlee, please press 1, for Rachel please press 2,…". By the time she pressed 1 and Asterisk was ringing our home ring group, she was in tears.

We talked for quite a while about our lives, the Olympics, the hurricane, and everything else. This morning when I got up, I checked the call logs and saw that she had systematically called every single IVR point after we got off the phone.

I didn’t deploy PiaF as a mission-critical business application yesterday–though that day will come for me, but I did what the open-source Internet ideology is all about in my mind. I used the knowledge and experience others have gifted the community to create a solution that fit my situation.

Thanks Again, PiaF Team, from the bottom of my heart!

–Martin Modahl

For those of you that still need a New Year’s Resolution, we hope our fans have given you some ideas. And, when my wife again asks why I continue to work for 5¢ an hour, I’ve got something great for her to read.

Thanks, everybody. You’ve made it all worthwhile.


Want a Bootable PBX in a Flash Drive? Early in 2009 to celebrate the beginning of Nerd Vittles’ Fifth Year, we’ll be introducing our bootable USB flash installer for PBX in a Flash with all of the goodies in the VPN in a Flash system featured a few weeks ago on Nerd Vittles. You can build a complete turnkey system using almost any current generation PC with a SATA drive and our flash installer in less than 15 minutes!

If you’d like to put your name in the hat for a chance to win a free one delivered to your door, just post a comment below with your best PBX in a Flash story.1

Be sure to include your real email address which will not be posted. The winner will be chosen by drawing an email address out of a hat (the old fashioned way!) from all of the comments posted over the next couple weeks. All of the individuals whose comments were used in today’s story will automatically be included in the drawing as well. Good luck to everyone and Happy New Year!!


Nerd Vittles Fan Club Map. We hope you’ll take a second and add yourself to our Frappr World Map. In making your entry, you can choose an icon: guy, gal, nerd, or geek. For those that don’t know the difference in the last two, here’s the best definition we’ve found: "a nerd is very similar to a geek, but with more RAM and a faster modem." We’re always looking for the best BBQ joints on the planet. So, if you know of one, add it to the map while you’re visiting.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 


Some Recent Nerd Vittles Articles of Interest…

  1. This offer does not extend to those in jurisdictions in which our offer or your participation may be regulated or prohibited by statute or regulation. []

Another Dell with Asterisk, Dude: Introducing the Orgasmatron III for Dell’s New PowerEdge T100

Dell finally kissed its SC440 server goodbye last week so we've been scrambling for a replacement VoIP candidate for Asterisk® that has performance sufficient to serve as a 50 to 100-user small business PBX without breaking the bank. It turns out Dell's PowerEdge T100 introduced in September is strikingly similar to the SC440 both in performance, design, and even price, but it scales a bit better. If it walks like a duck, quacks like a duck, and is priced like chicken feed, that's good enough for us.

In early December, we got our first new T100: a Dual Core Intel® Pentium®E2180, 2.0GHz processor with 1MB Cache, an 800MHz FSB, two 80GB 7.2K RPM Serial ATA 3Gbps 3.5-in Cabled Hard Drives connected to the onboard SATA controller, 512MB of 667MHz DDR2 RAM, a DVD-ROM Drive, and an On-Board Single Gigabit Network Adapter for $299. Sound familiar? It should. The T100 special pricing was virtually identical to the $299 special on the SC440 except Dell now has thrown in a DVD-ROM drive in lieu of the SC440's CD-ROM drive. For $19 more, you can bring the system up to 2GB of RAM which is an excellent idea. If you missed out, don't fret. There will be another deal in a week or two. Even the regular pricing on this unit with a Celeron 1.8GHz processor, 2 gigs of RAM, and two 80GB drives is only $339. And international pricing is equally competitive. We haven't yet seen the $199 single-drive U.S. price that appeared regularly with the SC440, but it shouldn't be too long given the current economy.

As for scaling, if you're interested in a growth path, you'll love the T100 compared to the SC440. It supports numerous processors up to the Quad Core Xeon 2.83GHz with 2x6M Cache and 1333MHz FSB as well as two one-terabyte SATA drives (just don't buy them from Dell 😯 ). And, unlike the SC440, the T100 accepts up to 8GB of RAM. So the remaining question: "Will the SC440 Orgasmatron II build work with the T100?" And the answer is "sort of." But have no fear, we've put Humpty back together again and have added even more bells and whistles to the new Orgasmatron III custom-designed for the T100 today. It now includes your own, free and private Hamachi VPN cloud for up to 16 computers.

To get email alerts when the T100 again goes on sale, go to techbargains.com. Then click on Send Email Deal Alert and fill out the form entering T100 as your search term. Be sure to confirm the alert by replying to the email.

If you want a cash rebate on your Dell purchase, use our eBates link to Dell or click on the coupon image in the right column of this article. It takes less than 30 seconds to sign up, and you get $5 (and so do we!) plus you receive 2% cash back on your Dell small business purchases which can be deposited directly into your PayPal account.

We expect these units will follow in the footsteps of their SC440 cousin and go on sale roughly every two weeks... so be ready! The T100 also is good news for our international friends because Dell now markets this machine virtually everywhere in the world at very competitive prices. It's selling for 40% off in the U.K. and 299€ in many European countries as we speak.

For long-time readers, you already know that we've identified what we believe to be the perfect Asterisk SIP phone, the Aastra 57i. But both of our previously anointed small business/home servers on which to run a production Asterisk system for 50-100 employees, the Everex gPC2 (aka "The WalMart Special") and the Dell SC440, are no more. So this build brings us current with Dell's very latest offering in the low-cost, high-performance server category and builds on the SC440 tradition of providing a quantum leap in performance and reliability compared with traditional home PCs. The ISO images you'll be downloading were captured as a backup on the flash drive of our new T100 lab machine. You can expect at least twice the performance on the PowerEdge T100 compared to the WalMart Special. Today's Orgasmatron III Build provides a preconfigured T100 installation on a 2-disk ISO image backup of the whole system using Mondo. And, NO, it won't work with any other hardware! Once you download the ISO images and burn your CDs, it's a 15-minute No-Brainer to install the entire image onto your own T100. Wait to install any add-on cards until after you complete the Orgasmatron install. You must have a T100 configured as above, or this Mondo restore may not work. So accept no substitutes, or you may end up with an Electronic Brick instead of an Orgasmatron.

We've preconfigured some extensions on your new system as well as outbound and incoming trunks from some terrific providers including our second homegrown entry for VoIP terminations. Joe Roper and his business partner in Spain now offer a terrific IAX VoIP termination service. You can choose penny a minute service in the U.S. and most of Canada, or you can opt for premium VoIP service at about 2¢ a minute in the U.S. International rates also are VERY reasonable! You literally can sign up for service, plug in your phones, and have a system in full operation in under an hour.

If you've missed our previous Orgasmatron articles, suffice it to say this is the Ultimate Kitchen Sink for Asterisk. From the time you insert the CD 'til you have a functioning Asterisk PBX with all the bells and whistles imaginable... just 15 minutes! In fact, it will take less time to create your new system than it will take you to finish reading this article. Please do BOTH! The Orgasmatron III includes PBX in a Flash 1.3 in all its glory including Asterisk 1.4.21.2 running under CentOS 5.2 with a version of Zaptel that actually works with legacy cards, plus the newly released FreePBX 2.5, a full-function fax server, a full-disk backup and restore solution (that actually works!), the latest Hamachi VPN software, every imaginable Nerd Vittles text-to-speech application for Asterisk, and so much more. Complete documentation for the TTS apps is available here.

  • Inbound and Outbound VoIP Faxing Using nvFax... finally!
  • FONmail for Asterisk to send voice messages to any email address on the planet
  • AsteriDex RoboDialer and Telephone Directory
  • Telephone Reminders with Support for Recurring Reminders and Web-based TTS Reminder Messages
  • NewsClips for Asterisk featuring Dozens of Yahoo News Feeds (TTS)
  • Weather Reports by Airport Code (TTS)
  • Weather Reports by ZIP Code (TTS)
  • Worldwide Weather Forecasts (TTS)
  • xTide for Asterisk (TTS)
  • MailCall for Asterisk: Get Your Email By Telephone (TTS)
  • TeleYapper 4.0 Message Broadcasting System
  • CallWho for Phone Lookup and Dialing of Entries in the AsteriDex Database (TTS)
  • TFTP Server with preconfigured setups for 10 Aastra 57i SIP telephones

In addition, you get dozens of preconfigured telephony applications and functions that would take even an expert the better part of a year or two to build independently. And, unlike all of the other distributions, we build Asterisk from source so it's simple to modify and upgrade whenever you feel the need. Here's a short list of what you have to look forward to:

  • Stealth AutoAttendant with Welcome and Application IVRs
  • Key Telephone Support Using Park and Parking Lot
  • Intercom/Paging Support
  • Bluetooth Proximity Detection with Automatic Call Forwarding to Cell Phone
  • DISA
  • Blacklisting with Web and Telephony Interfaces
  • CallerID Name Lookups from Numerous Providers
  • Weekly Automated System Backups to a Flash Drive
  • One Touch Day/Night Service
  • Music on Hold
  • Voicemail with Email Delivery of Messages and Pager Notification
  • Voicemail Blasting
  • Cell Phone Direct Dial
  • Call Forward: All, Busy, No Answer
  • Call Waiting
  • Call Pickup
  • Zap Barge
  • Call Transfer: Attended and Blind
  • Dictation Service with Email Delivery
  • Do Not Disturb
  • Gabcast
  • Phonebook Dial by Name
  • Speed Dial
  • Flite Text to Speech (TTS)
  • Windows Networking with SAMBA
  • Linux Firewall and Fail2Ban with SSH, HTTP, and SIP/IAX login protection
  • PBX in a Flash Software Update Service To Keep Your System Current
  • One-Click Cepstral TTS Install with Allison... Just Type install-cepstral

Prerequisites. As mentioned, you'll need a T100 configured with the specs outlined above including the 2GB RAM upgrade. We also recommend an 8GB USB flash drive on which to store automatic weekly backups of your new system. Just plug it into your new machine, and follow the simple steps below to activate Mondo. Every Sunday night, you'll get a new backup in ISO format on your flash drive. If something goes wrong on your system, copy the ISOs to CDs and reboot with Disk 1. It doesn't get any easier than that. And you can always check on the latest backup by issuing the command: usbcheck

Pay to Play. Greed has finally set in at Nerd Vittles. After all, Christmas is just around the corner! The download of this two-disk ISO image will set you back a whopping $10. In addition to covering the bandwidth and storage costs for the builds themselves, it also seems only fair that those using the builds help cover the hardware costs associated with these technology refreshes. When you compare our pricing to the Lime Green PBX offering from Dell... well, you don't really wanna know! There's one other little difference. Once you download our image from DreamHost, you are more than welcome to pass it along to as many of your friends and business acquaintances as you like. You can even do it electronically through the DreamHost Files Forever program. And, if you're inclined to host this image for your fellow man at no cost, be our guest... and thank you!

Bottom line: With a little patience waiting on Dell's next special, for about $300 and some lunch money, you'll have the slickest, newest, fastest, most reliable PBX and fax machine on the planet with rock-solid weekly backups and, of course, the availability of our one-of-a-kind PBX in a Flash Software Update Service! In fact, this may very well be The PerfectPBX™ even if we do say so.

Getting Started. Once you have your T100 in hand, take it out of the box, plug it into your LAN with DHCP and DNS support and Internet connectivity. You'll need a USB keyboard for typing temporarily. We also strongly recommend that you always keep your system running behind a NAT-based firewall/router. We strongly recommend the dirt-cheap dLink WBR-2310 WiFi router which handles NAT issues with VoIP masterfully. Don't redirect any ports to the machine and don't turn the PC on just yet.

Download the two ISO images for the T100 from here. Unzip the file and create two CDs from the ISO images. If you don't know how to create a CD from an ISO image, read that section from our previous article. In fact, read the whole article. It'll help you immensely down the road.

Once you've created your two CDs, turn on the T100 and quickly insert Disk 1 into the DVD drive and close the drive. When prompted, press F11 to choose the boot device and select the DVD-ROM drive. You'll note that the default T100 setup now apparently looks for a network boot device so you'll need to do a little BIOS reconfiguring, but you can do that at your convenience. F2 gets you into the T100 BIOS setup. Then choose Integrated Devices and, using the space bar, change Embedded Gb NIC from Enabled with PXE to simply Enabled. Press the escape key twice and then choose Save and Exit.

For now, choose the DVD-ROM drive as the boot device and proceed with the Mondo restore. If you don't see a Mondo Rescue screen within a minute or less, turn the machine off and then back on again. At the Mondo Rescue main screen, type nuke and press the Enter key. This will erase, repartition, and reformat your hard disk in case you didn't know. This is normal. If you get any kind of errors about incorrect drive or partition names and you really do have a T100, ignore them. Otherwise, halt the install by pressing CTL-ALT-DEL and remove the CD. You'll need to install PBX in a Flash using our standard ISO which is available here. Otherwise, go have a cup of coffee and come back in about 10 minutes. You'll be prompted to insert Disk 2 and press Enter to finish the install. When the second CD finishes, eject it and wait for the prompt. Then type "exit" and press Enter. Your T100 will reboot, and you're ready to go.

After the reboot finishes, type root at the login prompt for your username and password for your password. The IP address assigned by your DHCP server should appear on the status screen. Write it down. If there is no IP address, your machine does not have network connectivity or access to a DHCP server with an available IP address. Correct the problem and reboot.

Securing Passwords. We're going to change five passwords now. For the time being (until you've done some reading), think up one really difficult password (that you won't forget) and use it for all five passwords. At the root@pbx:~ $ command prompt, type the following commands and type in your new password when prompted. Don't forget your password or you'll get to put in your two CDs and start over.

passwd
passwd-maint
passwd-wwwadmin
passwd-meetme
/usr/libexec/webmin/changepass.pl /etc/webmin root yournewpasswordhere

Now, using a web browser, go to the IP address of your new PBX in a Flash server. Click the Admin tab, the password is password. Then choose the FreePBX Administration button. Log in as maint with your new maint password. Before you do anything else, change ALL of the 10 extension passwords to something very secure... as if your phone bill depended upon it! Click Setup, Extensions and then choose each extension, modify BOTH the device secret and Voicemail Password, and click Submit. When you finish all the extensions, then reload the dialplan to save your changes. Finally, change your DISA password to something very, very secure: Setup, DISA, DISAmain, PIN. Reload your dialplan once again to save your changes.

Regardless of what you may read elsewhere, the Orgasmatron III has all the very latest security patches as of today. If you want more security, take our advice and add a hardware-based firewall/router between your Internet connection and your new Orgasmatron III and don't expose port 80 (the web interface) to the Internet!

Permanently Setting the IP Address. There are different schools of thought on whether to use a fixed or dynamic IP address. Most hardware-based routers support DHCP IP address reservations. The simplest way to permanently secure the existing IP address for your server is to reserve it on your router. If you'd prefer to assign your own IP address, we have included the deprecated netconfig utility which can be run after logging into your server as root. Sometimes you will need to run it once, enter your settings, reboot, and then repeat the drill. Then you should be all set. Either way, you need a permanent IP address for your machine when all is said and done. Once you have a permanent IP address, hop on over to dyndns.org and sign up for your own fully-qualified domain name (FQDN), e.g. mypbx.dyndns.org. You're going to need it for a whole host of things with your new PBX, and dyndns.org is about the easiest way to do it. Once you have your FQDN and DynDNS username and password, log in as root and edit: /etc/ddclient/ddclient.conf. Search (Ctl-W) for ***. Fill in your username and password and uncomment those two lines. Then search for *** again, uncomment the next three lines and fill in your fully-qualified domain name. Save the file and service ddclient restart. To make sure everything worked, issue the following command: ddclient -force. Assuming there are no errors, issue the following command to start ddclient each time your server reboots: /sbin/chkconfig --add ddclient. Now the IP address of your Asterisk server will always resolve to your FQDN from DynDNS. And anyone can call you via SIP for free using the following SIP URI: mothership@yourFQDN.dyndns.org. You can take this a step further and sign up for a free incoming phone number at ipkall.com. For your account type, choose SIP. For your SIP phone number, enter: mothership. For your SIP proxy, enter the fully-qualified domain name (FQDN) for your server, e.g. mypbx.dyndns.org. Choose a password and enter your real email address, and they will beam you a Washington state phone number within a day or so. You can't beat the price!

Getting Phones to Work Reliably. If you or the the person at the other end of your calls only hears half the conversation or if your calls get abruptly disconnected after a few minutes, it's probably because you forgot to add IP addresses to tell SIP how to communicate with your Asterisk server sitting behind a firewall. Edit /etc/asterisk/sip_custom.conf and add an entry for your external IP address and also for your local (internal) subnet where Asterisk resides. Then restart Asterisk: amportal restart.

externip=68.28.142.83
localnet=192.168.0.0/255.255.255.0

If you have a dynamic IP address and you set up ddclient above with your fully-qualified domain name, we've created a little script to keep these entries up to date automatically. Just edit the following file:

/var/lib/asterisk/agi-bin/ip.sh

Fill in the correct entries for your fqdn and localnet. Then uncomment the last line in /etc/crontab which runs ip.sh once every 5 minutes.

Adding Plain Old Phones. Before your new PBX will be of much use, you're going to need something to make and receive calls, i.e. a telephone. For today, you've got several choices: a POTS phone, a softphone, or a SIP phone (highly recommended). Option #1 and the best home solution is to use a Plain Old Telephone or your favorite cordless phone set (with 8-10 extensions) if you purchase a little device (the size of a pack of cigs) known as an SPA-2102. It's under $70. Be sure you specify that you want an unlocked device, meaning it doesn't force you to use a particular service provider. Once you get it, plug the device into your LAN, and then plug your phone instrument into the SPA-2102. Note that this adapter supports two-line cordless phones! Your router will hand out a private IP address for the SPA-2102 to talk on your network. You'll need the IP address of the SPA-2102 in order to configure it to work with Asterisk. After you connect the device to your network and a phone to the device, pick up the phone and dial ****. At the voice prompt, dial 110#. The device will tell you its DHCP-assigned IP address. Write it down and then access the configuration utility by pointing your web browser to that IP address.

Once the configuration utility displays in your web browser, click Admin Login and then Advanced in the upper right corner of the web page. When the page reloads, click the Line1 tab and then repeat this drill for the Line2 tab if you want to connect the device to two extensions on your Asterisk system. Scroll down the screen to the Proxy field in the Proxy and Registration section of the form. Type in the private IP address of your Asterisk system which you wrote down previously. Be sure the Register field is set to Yes and then move to the Subscriber Information section of the form. Assuming you're using the preconfigured extensions starting with 701, do the following. Enter House Phone as the Display Name. Enter 701 as the User ID. Enter your actual password for this extension in the Password field, and set Use Auth ID to No. Click the Submit All Changes button and wait for your Sipura to reset. In the Line 1 Status section of the Info tab, your device should show that it's Registered. You're done. Now repeat the drill for Line2 using extension 702. Pick up a phone and dial 1234# to test out BOTH extensions.

Downloading a Free Softphone. Unless you already have an IP phone, the easiest way to get started and make sure everything is working is to install an IP softphone. You can download a softphone for Windows, Mac, or Linux from CounterPath. Or download the pulver.Communicator. Here's another great SIP/IAX softphone for all platforms that's great, too, and it requires no installation: Zoiper 2.0 (formerly IDEfisk). All are free! Just install and then configure with the IP address of your PBX in a Flash server. For username and password, use one of the extension numbers and passwords which you set up with FreePBX. Once you make a few test calls, don't waste any more time. Buy a decent SIP telephone. We think the best phone out there is the Aastra 57i for under $200. Another $100 buys you the Aastra 57i CT with a cordless DECT phone.


Configuring Aastra 57i SIP Phones. Your new system comes preconfigured to automatically configure up to 15 Aastra 57i phones. Plug each phone into your network and wait for it to boot. Once it boots, press the Option button, then Phone Status (3), then IP & MAC Address (1). Write down each phone's IP address and MAC address. Then press Done to exit from the menus.

Next, we need to tell your phone to use your new Asterisk server as the TFTP server to obtain its setup. Press the Option button again, then Admin Menu (5). Type 22222 for the admin password and press Enter. Then choose Config Server (1), then TFTP Settings (2), then Primary TFTP (1), enter the IP address of your new server, and press Done a half dozen times.

Log back into your server as root. Switch to the TFTP directory: cd /tftpboot. You'll notice that there are config files for up to 15 phones. Simply choose the extension number you wish to use for each phone AND rename each file (filenames are 701.cfg to 715.cfg) to the MAC address of each phone.cfg. Do NOT use hyphens or colons in the MAC address. Edit each of the .cfg files and replace the SIP line1 password with the new password you created for the extension using FreePBX. One final step and you'll be ready to load up your phones. We need to set the correct IP address to tell each phone where your server is located. So... issue the following command using the IP address of your new server instead of 192.168.0.123. Leave the rest of the command as it is!

sed -i 's|192.168.0.0|192.168.0.123|g' /tftpboot/aastra.cfg

Now restart each phone by pressing the Option button and then Restart Phone (6) and then the Restart button. Once the phone reboots, you can make a test call by dialing 1-2-3-4. You can get the latest news by dialing 5-1-1. Or get a weather forecast by airport code (6-1-1) or zip code (Z-I-P).

A Word About Ports. For the techies out there that want to configure remote telephones or link to a server in another town, you'll need to know the ports to remap to your new server from your firewall. Here's a list of the ports available and used by PBX in a Flash. We don't recommend exposing UDP 5038 which is used to communicate with Asterisk via the Asterisk Manager.

TCP 80 - HTTP (needed to access the web sites on your server from the Net)
TCP 22 - SSH (needed if you want remote SSH access)
TCP 9001 - WebMin (needed if you want remote WebMin access... not recommended!!!)
UDP 10000-62000 - RTP (needed for SIP communications)
UDP 5004-5037 - SIP (ditto)
UDP 5039-5082 - SIP (ditto)
UDP 4569 - IAX2 (needed for IAX connection between Asterisk servers)

Setting Up Trunks for Outgoing and Incoming Calls. If you want to communicate with the rest of the telephones in the world, then you'll need a way to route outbound calls (terminations) to their destination. And you'll need a phone number (DIDs) so that folks can call you. Unlike the Ma Bell world, you need not rely upon the same provider for both. And nothing prevents you from having multiple outbound and incoming trunks to your new PBX. At a minimum, however, you do need one outbound trunk and one inbound phone number unless you're merely planning to talk to other extensions set up on your system. We've actually put all the hooks in place to make it easy for you to interconnect to other Asterisk servers, but we'll save that for another day. For today, we want to get you a functioning system so that you can place outbound calls to anywhere in the world and can receive incoming calls from anywhere in the world.

For outbound calling, we recommend you establish accounts with several providers. We've included the necessary setups for Joe Roper's new service for PBX in a Flash as well as Vitelity and AOL. To register for the service, just visit the web site and register. To sign up to the service in the USA and be charged in US Dollars, please sign up here. To sign up for the European Service and be charged in Euros, sign up here.

In addition to being one of the least expensive providers, there's also the premium service option. You can prefix any number with 000 to try it out. Give it a try. We think you'll be pleased with the service AND the pricing. DIDs for inbound service are not yet available, but Vitelity has lots of them, and there's a link below to get you started.

Vitelity: One of the Best Providers on the Planet. If you're seeking the best flexibility in choosing an area code and phone number plus reasonable entry level pricing plus high quality calls, then Vitelity is a winner. Vitelity provides Tier A DID inbound service in over 3,000 rate centers throughout the US and Canada. And, when you use our special link to sign up, the Nerd Vittles and PBX in a Flash projects get a few shekels down the road while you get an incredible signup deal as well. The going rate for Vitelity's DID service is $7.95 a month which includes up to 4,000 incoming minutes on two simultaneous channels with terminations priced at 1.45¢ per minute. For PBX in a Flash users, sign up now, and you can purchase a Tier A DID with unlimited incoming calls for just $3.99 a month and you get a free hour of outbound calling to test out their call quality. To check availability of local numbers and tiers of service from Vitelity, click here. Do not use this link to order your DIDs, or you won't get the special pricing! After the free hour of outbound calling, Vitelity's rate is just 1.44¢ per minute for outbound calls in the U.S. You can't beat the price (except with us) and the call quality is excellent as well. We've tried just about everybody.

To sweeten the pot a bit more, we've preconfigured both inbound and outbound Vitelity trunks for you. For the vitel-inbound trunk, all you'll need to do is plug in your username, password, and host assigned by Vitelity and adjust the registration string to match your assigned username and password. In FreePBX, click Setup, Trunks, SIP/vitel-inbound and make the changes. Then adjust the vitel-outbound trunk to reflect your actual username in the fromuser and username entries, your real password in the secret entry, and the correct host provided by Vitelity for your outbound calls, and you're all set. In FreePBX, click Setup, Trunks, SIP/vitel-outbound and make the changes. The same setup drill will get you going the the PIAF VoIP service as well.

To test things out, pick up a phone configured on your system and dial an area code and number of someone in the United States or Canada. Now get someone to call you using your new number. Presto! You have inbound and outbound phone service. And, if you'd like to see just how good SIP service can be, pick up a phone on your system and dial D-E-M-O. This will connect you to the PBX in a Flash hosted demo applications server at Aretta Communications.

An Alternate Outbound Calling Solution. As we said, it costs you almost nothing to add an alternate outbound calling solution to your new system. As luck would have it, adding a third outbound calling provider is now a breeze because AOL just entered the SIP terminations market with a product called AIM Call Out. We wrote about it recently, and you can read the article here. All you need is an AOL or AIM account name and $5 to get you started. The system you've just installed is preconfigured to use AIM Call Out. All you have to do is plug in your username and password, and you can immediately make calls to anywhere in the United States for under 2¢ per minute. Adding international calling is as easy as inserting the correct dial string. If you never use it, it doesn't cost you a dime. So $5 is mighty cheap insurance in our book.

First things first. Sign up for the service at this link. Your username will look something like this: johndoe@aim.com. You also will be assigned a password. Using your web browser, open FreePBX by pointing to the IP address of your new server and choosing Administration, then FreePBX. Type in admin as your username and the password you assigned to your system. From the main FreePBX menu, choose Setup, Trunks, and click on SIP/AIM in the far right column. Scroll down to the Peer Details section of the form and replace yourAIMpassword with your new password. Then replace yourAIMaccountname with your actual AIM account name. Now click the Submit Changes button and then Apply Configuration Changes and Continue with Reload.

Setting Up an Alternate DID for Incoming Calls. You also may want to consider a second phone number where people can call you. For example, if Grandma and Grandpa happen to be in another state and still have an old fashioned telephone, you might consider adding an additional DID to your system in their area code. They then can make a local call to reach you by dialing the local DID. On the les.net pay-as-you-go plan, it costs less than a dollar a month plus a penny a minute for the calls. Money well spent if we do say so... and you'll sleep better.

If this setup looks a bit complicated, don't be intimidated. Remember, we're connecting your PBX to the rest of the world so people can call you! With les.net, you have a choice of rate plans for most DIDs. You either can pay $3.99 a month for unlimited inbound calls with two concurrent channels or 99¢ per month and 1.1¢ per minute with four concurrent channels. Just visit their site and click Signup to register. Once you are registered, click Login and then Order DIDs. Pick a phone number. Then click Peers/Trunks and Create New Peer. Write down the Peer Name as you will need it in a minute to set up your connection. Choose SIP for Peer Technology, RFC2833 for DTMF Mode, G.711 for Codecs, Registration for Peer Type, enter the public IP address of your server for Peer Address, make up a secure password and write it down also, specify an Outbound CallerID for your calls, and check the 10-digit dialing box. Leave voicemail unchecked since you'll handle this on your end. Save your changes.

Now choose Your DIDs and click on the one you just ordered. We now need to tie the phone number to the Peer setup you just created above. Click on the DID and select the Route to Peer which you just created. Check the Send DID Prefix box and leave everything else blank. Click Save Changes and you're finished at the les.net end. Now let's set up your inbound DID trunk in Asterisk using FreePBX.

Log into FreePBX using a web browser. Click Setup, Trunks and then Add SIP Trunk. Fill in the CallerID and then drop down to the Outgoing Settings section of the form. For Trunk Name, use the Peer Name that you created above and wrote down. It ought to look something like this: 1092832198. For Peer Details, enter the following using the Peer Name and Password you assigned at les.net:

canreinvite=no
context=from-trunk
fromuser=1092832198
host=did.voip.les.net
insecure=port,invite
nat=yes
secret=yourpassword
type=peer
username=1092832198

For Incoming Settings, use from-pstn for the User Context and enter the following User Details:

canreinvite=no
context=from-pstn
dtmfmode=rfc2833
insecure=port,invite
nat=yes
type=user

For the registration string, enter a string like the following using your Peer Name and Password:

1092832198:yourpassword@did.voip.les.net/1092832198

Now click the Submit Changes button and then Apply Configuration Changes and Continue with Reload.

Choosing a VoIP Provider That Supports Faxing. We've included a reliable fax solution in this build. You can review the details in this Nerd Vittles article. To test your machine, you can connect a real fax machine to one of the extensions using an SPA-2102. Then send a fax to extension 329 (F-A-X). But first you must configure your email address in two places using FreePBX: Setup, General Settings, Email address to have faxes emailed to AND Setup, Inbound Routes, any DID / any CID, fax Email. Once you've saved your settings, send the fax and see if it's delivered to your email address. If it works reliably, then the fax and email applications on your machine are configured correctly. Unfortunately, that's only half the battle. To receive faxes from outside your system, you'll also need a DID from a provider that supports faxing. And then it's still only about a 90% proposition... on a good day. We've tested this with many, many VoIP providers. Some work. Many don't. Some, such as Vitelity, offer a faxing service for a fee. Guess what? Their regular VoIP setup doesn't support faxing. Our old friends at Telasip.com still support faxing. We've also had good luck with Future-Nine and Teliax. You can read our fax dissertation here for more details. With the exception of the trunk setup covered in the article, all of the remaining setup steps already have been completed on your new server!

Interconnecting Two Asterisk Servers. We've preconfigured this build to support an IAX interconnect to a second PBX in a Flash system. The trunk setup for the second machine to match the setup on this build can be printed out. The filename is /root/MainPeerTrunkSetup.gif.

Choosing a Preferred Provider. Finally, you'll need to decide whether to use PIAF-USA or AOL or Vitelity as your primary terminations provider. HINT: Joe's new service is the cheapest! So we've set things up this way. This is handled in FreePBX in the Outbound Routes tab under the Default entry. You can adjust easily these in any way you like by adding trunks or moving entries up and down the list to change their priority. Just be sure to leave ENUM at the top of the list since ENUM calls are always free. If a free call isn't possible, your server will automatically drop down to the next trunk in the priority list. Don't add Vitelity to the list unless you have actually created a Vitelity account since they handle unsuccessful connections in a non-standard way which will cause FreePBX not to drop down to the next trunk to attempt a connection.

Activating the Stealth AutoAttendant for Inbound Calls. By default, all incoming calls are routed to the Day/Night Code 1 context which allows you to toggle calls between a Day setting and a Night setting by pressing *281. The Day setting for Code 1 is set to our Stealth Autoattendant which plays a brief greeting during which you can choose other options or direct dial extensions on your system before the call is passed to Ring Group 700. To change the options, edit MainIVR.

Activating Mondo Backups. We would be remiss if we didn't mention what a fantastic open source product Mondo Rescue is. It's the sole reason that today's build was possible. Our special thanks go to the development team: Bruno Cornec, Andree Leidenfrost, and Hugo Rabson. It is the first (and only) backup software for Linux builds that actually works reliably. The best way to prove that for yourself is to download the Orgasmatron III and try it for yourself. It has much more flexibility than what you will experience, but that would take another dozen pages to explain. We'll save that for another day. In the meantime, if you'd like more information, visit the Mondo Rescue web site.

WARNINGS: If you update the version of Mondo shipped with this distribution to the current version using either yum or a standalone RPM, you will break your backup system. The advantage of the newer version is that it can create bootable flash drives with your backup image. The disadvantage is that the restore process croaks and locks up your machine. So don't update for the time being. We'll let you know when it's safe to upgrade.

Particularly if you have more than one drive in your system, be aware that the device name for your USB flash drive may differ from the setting of /dev/sdb1 that is preconfigured in this backup. This depends upon the number of internal hard disks and the Dude that built your Dell.

To safely activate backups on a stock T100 configured as we've outlined above, here are the mandatory steps:

1. Format every USB stick you plan to use for backups. Insert the USB flash drive into the right USB slot on the front of your Dell T100. Log into your server as root and type: /root/usbformat.sh. Your USB flash drive is now formatted. Repeat the process for any additional USB flash drives. WARNING: Do not use this script if you have added additional drives on your system as it may inadvertently reformat the wrong drive! The script assumes you have one or two internal SATA drives and one USB stick inserted in the right USB slot on the front of your Dell T100.

2. Assign the proper device name to Mondo and activate it: With a formatted USB flash drive in place, log into your server as root and type: /root/usbdevice.sh. You're all set. A backup will be made each Sunday night. If no flash drive is present, the backup will be saved in /etc/usbmondo.

3. Run a test backup: With a USB flash drive in place, log in as root, and type: /etc/cron.weekly/disk-backup.cron. To be sure it worked, see #4.

4. Check the contents of your USB stick regularly! Plug it into the front right USB port, log in as root, and type usbcheck. It's a good practice to check this on Mondays to be sure you got a fresh backup on Sunday night!!

Other Backup Options. Of course, there are some other backup options. FreePBX is preconfigured to make an automatic backup of your FreePBX data once a week. This is controlled by the settings in Tools, Backup and Restore, WeeklyBackup. It currently is set to make a backup every Wednesday morning. You also may want to consider off-site backups. Amazon's S3 service is preconfigured including all necessary software and scripts. All you need is an account and password. For detailed instructions, see this Nerd Vittles' article.

Installing Cepstral on Your New Server. If you want real text-to-speech with Allison's familiar voice, then you'll need to buy Cepstral. It's dirt cheap for single, non-commercial use. To install it, run install-cepstral from the command prompt while logged in as root. At one point you'll be asked whether to create a missing directory for the Cepstral installation. Be sure to type y at the prompt rather than just pressing the Enter key. Instructions for registering your copy of Cepstral are displayed when the install completes. For complete documentation, read our previous tutorial.

Creating Your Own Hamachi VPN Network. We've saved the best for last today. This latest Orgasmatron III build includes the Hamachi VPN network software. All you have to do is initialize it. Once configured, you can add as many as 16 computers (including Windows, Mac, and Linux machines) to your own private virtual private network. Communications between all of your systems then will be encrypted by simply connecting to the other systems using their VPN network addresses (5.x.x.x). For complete setup instructions, take a look at our VPN in a Flash knol on Google. The entire setup takes less than 5 minutes.

News Flash: As we put this article to bed last night, we tried one final experiment. We took the bootable USB flash drive from our VPN in a Flash build for the Aspire One NetBook that was featured last week and plugged it into the Dell T100. Guess what, Dude? Twelve minutes later we had a perfect clone of the Aspire One build on our new Dell T100. So, if you're looking for a state-of-the-art operating system with a fantastic GUI interface to pair up with Asterisk and PBX in a Flash, we may have another surprise for you to ring in the new year with your new T100. And it should work splendidly on the older SC440 as well as other machines with any industry-standard SATA drive. For 2009, PBX in a Flash perhaps should be renamed PBX on a Flash. Imagine carrying a full-featured, preconfigured PBX around on your keychain. Now that should impress even your nerdiest friends. There still are a few kinks with the latest version of Mondo which have forced us to build our own custom patches to get a successful restore, but we're oh so close... Stay tuned!


Special Thanks. As another year comes to a close, we want to take a moment to thank all of you for reading Nerd Vittles. About 50,000 folks from 137 countries around the globe read Nerd Vittles every week. The Nerd Vittles Official Flag above shows all of your home towns. Incidentally, the countries are ordered by the number of actual visitors from each country.

Where To Go From Here. We've covered a good bit of territory today. When you're ready, move on to the second part of this article at the link below. In the meantime, you have a new phone system that works. And there are a number of PDF documents in the /root folder on your new system which are worth a read. Better yet, you can browse through all of the documentation which is available for PBX in a Flash by going here. You also can dial D-E-M-O on your new system and see just how powerful direct SIP connections can be to other Asterisk hosts (in this case, ours!)... at no cost. Finally, you can log into your server and type help-pbx for access to a treasure trove of additional features. Enjoy and have a Merry Christmas!

Continue reading Part II...


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 


Some Recent Nerd Vittles Articles of Interest...