freepbx – Page 27 – Nerd Vittles

Take the XiVO Plunge: 4 Months of Free Cloud Hosting

Monday, August 15, 2016

Nobody has to tell us how painful change can be. We oversaw the deployment of over 30,000 IBM PCs only to switch horses and become a dedicated Mac lover. And we’ve invested almost 10 years in another Asterisk® GUI only to be disappointed by the direction of that project. That led to our New Year’s Resolution to find a better mousetrap for unified communications open source development. And, boy, did we find one. So here’s the deal. You either believe in the open source community and want to foster free and open development of software, or you don’t. And, if you don’t, that’s perfectly fine. There are lots of commercial PBX alternatives including the terrific 3CX products from our platinum sponsor. But don’t wrap yourself in the open source flag, brag about free and freedom, and then market a product that is none of the above. If your distro’s license agreement prohibits redistribution thereby discouraging sharing which is the lynchpin of the GPL, then the product has little if anything to do with free and freedom.

The good news is we’ve now found an awesome alternative that is pure open source code with an actual GPL3 license. So come join the party and lend a hand with your suggestions and/or your code contributions. We’ll put your name in bright lights, and the open source community will be forever in your debt. Our challenge is to get you as excited about XiVO as we are. There’s nothing with VoIP and Unified Communications that you can’t do better, cheaper, and faster using XiVO. And XiVO’s Asterisk RealTime implementation has no competition, period. Instead of lengthy delays to process changes, rewrite Asterisk config files, and reload the entire Asterisk dial plan, Asterisk RealTime brings instantaneous configuration updates.

We can think of no better way to introduce you to this terrific platform than offering up a free cloud platform until 2017 to let you kick the tires. It won’t impact your production servers while letting you explore the possibilities offered by a state-of-the-art Asterisk 13 platform with no equal. Believe me. We know every wart and pimple in the old GUI platform, and you won’t have to wrestle with any of the traditional problems that we all assumed were native to Asterisk. Guess what? They weren’t. No, your server won’t blow up when you add a new module. No, Asterisk won’t refuse to start because you chose to upgrade an existing component. No, you won’t be Nickle and Dimed into buying critical platform enhancements. And, no, you won’t be charged hundreds of dollars for "support" only to be told that you need to switch to a more proprietary platform. Yes, the XiVO development team releases seamless upgrades every three weeks at no cost. Yes, uncrippled endpoint provisioning for dozens of phones is provided in XiVO at no cost. Yes, powerful call center and High Availability technology is included at no cost. And, yes, backups of your server are made every night for free.

There’s more good news. VULTR is a relatively new cloud provider that now hosts virtual machines in over a dozen cities around the world. For new subscribers, they are offering a $20 credit when you sign up using our referral link. And, yes, your registration provides a few shekels to Nerd Vittles to keep the lights on. The great news is that $20 buys you a full four months of XiVO cloud hosting service, and you won’t find a better do-it-yourself platform at any price, let alone free.

Building the Debian 8 Platform at Vultr for XiVO

The first step in your XiVO adventure is to sign up for a Vultr account with your $20 credit using the Nerd Vittles referral link. Once you’ve done that, it’s time to build your Debian 8 virtual machine to host XiVO in the Cloud. (1) Choose your favorite city to host your server, (2) pick the Debian 8 64-bit platform, and (3) choose the $5/month server size.

IMPORTANT: Leave the Server Hostname & Label blank!

Once your virtual machine is up and running, log in with SSH or Putty using the root password provided. Do NOT install XiVO from the console, or the firewall will lock you out of your own machine! Change your root password immediately: passwd.

Next, set up a swap file on your virtual machine, or the XiVO install will fail on the $5 platform:

dd if=/dev/zero of=/swapfile bs=1024 count=1024k
chown root:root /swapfile
chmod 0600 /swapfile
mkswap /swapfile
swapon /swapfile
echo "/swapfile swap swap defaults 0 0" >> /etc/fstab
sysctl vm.swappiness=10
echo vm.swappiness=10 >> /etc/sysctl.conf
free -h
cat /proc/sys/vm/swappiness

Installing Incredible PBX for XiVO in the Vultr Cloud

While still logged into your server as root using SSH/Putty, issue the following commands to kick off the install:

cd /root
wget http://incrediblepbx.com/IncrediblePBX13-XiVO.sh
chmod +x IncrediblePBX13-XiVO.sh
./IncrediblePBX13-XiVO.sh

The initial setup brings your Debian 8 server up to current specs, and then the virtual machine will reboot. After rebooting, log into your server again as root with your new root password. Issue the following command to complete the XiVO and Incredible PBX installation and configuration:

./IncrediblePBX13-XiVO.sh

You’ll be prompted to set your time zone, passwords, and choose the optional features of Incredible PBX you wish to install. We strongly recommend you install ALL of the Incredible PBX feature set. Many cannot be added later.

Verify that the XiVO install completed successfully when prompted. Then verify that the XiVO initial configuration completed successfully by once again pressing ENTER. The firewall and Incredible PBX install will then proceed without further prompting. Total setup time: under 10 minutes.

There still are some setup steps required, and these are performed within the XiVO GUI using a web browser. For step-by-step instructions on the Incredible PBX Initial Configuration Procedure, click here. Enjoy your adventure!

Originally published: Monday, July 25, 2016

Need help with Asterisk? Visit the PBX in a Flash Forum.

Special Thanks to Our Generous Sponsors

FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.

Some Recent Nerd Vittles Articles of Interest…

Security 101: A Fresh Look at Incredible PBX Security Audit Methodology

Tuesday, August 9, 2016

Embed from Getty Images

Incredible PBX remains one of the most secure VoIP server platforms on the planet for one simple reason. We always deploy a preconfigured Linux IPtables firewall with a whitelist that hides your server from everyone except you and trusted VoIP providers. IPtables is automatically configured and deployed as part of every initial install of Incredible PBX regardless of your platform. This includes XiVO with Debian 8 as well as CentOS 6 and 7, Ubuntu 14.04, Raspbian 7 and 8, and even SHMZ OS (not recommended). If your server happens to be housed behind a hardware-based firewall as well, then so much the better. That obviously isn’t possible with most Cloud-based servers so IPtables firewall security is a must.

Unlike most other VoIP server platforms, we don’t leave firewall configuration to chance. Nor do we assume you’re a firewall expert. It really doesn’t matter whether you are or not, you still need a server platform that is secure and protected. So we do it for you initially and, if you are a firewall expert or study to become one, you then can modify the default settings to meet your own requirements down the road. In the meantime, you and your server are protected.

As you probably have surmised, we conduct periodic security audits of our servers testing for vulnerabilities. And we perform these audits locally as well as remotely using servers we’ve deployed throughout the world. We also deploy honeypot servers from time to time in order to gather important information about what the bad guys are up to. With as many platforms as Incredible PBX now supports, just conducting local and remote security audits is no small feat.

Today we want to share some of the methodology we use in conducting our audits, and we’ll provide the results of our most recent remote security audit. We encourage everyone with a VoIP server, whether it’s Incredible PBX or some other platform, to periodically test your server(s) for vulnerabilities AND access. It not only could save you thousands of dollars, but it also protects the rest of us by assuring that you haven’t inadvertently provided malicious individuals with a zombie platform from which to launch denial of service and spam attacks against the Internet community. So let’s get started.

The first step in testing your server is to log into your server as root using SSH or Putty from multiple IP addresses. These sites should include logins from the home base of your server if it’s a dedicated machine, from your home PC, from a neighbor’s PC, from a public WiFi hotspot, and from your smartphone as well as someone else’s. If you gain access from all of these sites, you’ve got a problem. It means SSH access is not protected in any way on your server. While SSH is relatively secure, it has had its share of problems. And zero day vulnerabilities are regularly discovered in various Linux utilities so exposing all of your server’s important resources to the Internet is a very bad idea.

The second test deciphers the existing firewall rules that have been activated on your server: iptables -nL. If the results look like the following, you’ve got a major problem. It means there are no firewall rules blocking any access to your server:

root@incrediblepbx:~ $ iptables -nL

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Next, reboot your server and repeat the first two tests to make certain that your firewall still is activated properly whenever your server experiences a power outage and comes back on line.

If your firewall is not running, try issuing the command, iptables-restart, and then retest: iptables -nL. If you get the same results shown above, then something has come unglued. Here’s how to easily fix things up. First, move to the directory where the iptables rules are stored on your server. For CentOS/SL/RHEL, it’s /etc/sysconfig. For Debian/Ubuntu/Raspbian, it’s /etc/iptables.

Next, copy the default Incredible PBX firewall settings to the proper file location.

For CentOS/SL/RHEL platforms:

cp -p /etc/sysconfig/rules.v4.ubuntu14 /etc/sysconfig/iptables
cp -p /etc/sysconfig/rules.v6.ubuntu14 /etc/sysconfig/ip6tables

For Debian/Ubuntu/Raspbian platforms:

cp -p /etc/iptables/rules.v4.ubuntu14 /etc/iptables/rules.v4
cp -p /etc/iptables/rules.v6.ubuntu14 /etc/iptables/rules.v6

Next, edit iptables (CentOS/SL/RHEL) or rules.v4 (Debian/Ubuntu/Raspbian) and move to the bottom of the file where you’ll find a section that looks like this:

# The IP addresses are your server, user, and public addresses respectively
-A INPUT -s 8.8.4.4 -j ACCEPT
-A INPUT -s 8.8.8.8 -j ACCEPT
-A INPUT -s 74.86.213.25 -j ACCEPT

Replace the existing IP addresses with the actual IP addresses of your server, user workstation, and public IP address. Be very careful here. If you don’t whitelist the IP address of the machine on which you are performing these tasks, you will lock yourself out when you restart your firewall. Once you’ve made the changes, save the file.

Finally, restart IPtables using the following command: iptables-restart. Then retest: iptables -nL.

We’re not going to spend a lot of time addressing what the proper firewall rules for your VoIP server should be. If you’re interested, you can take a look at the IPtables firewall setup that is deployed with Incredible PBX. On RHEL/CentOS/SL servers, you’ll find the firewall rules in /etc/sysconfig/iptables. On Debian/Ubuntu/Raspbian servers, the rules are in /etc/iptables/rules.v4. Suffice it to say that, if the only remote access required with your server is to connect to VoIP service providers, there is no reason to expose your web server or your SIP ports to the Internet, period. And this is true whether your server is sitting behind a hardware-based firewall or not.

The Incredible PBX security design uses a whitelist to provide access to most network services other than those that are absolutely essential to the operation of your server. The reason we use a whitelist is because blacklists don’t work. Those interested in doing harm to your server are perfectly capable of altering their IP addresses until they find one that isn’t blacklisted. And they also are adept at poisoning blacklists with IP addresses that are absolutely essential to the operation of your server, e.g. DNS servers and NTP servers.

As part of every Incredible PBX firewall install, we provide SIP and IAX access to many of the major VoIP providers around the globe. You may be wondering why we use IP addresses for providers rather than fully-qualified domain names. The reason is that IPtables doesn’t directly support FQDNs. Instead, when IPtables starts up, it looks up every FQDN and converts it into an IP address. If a server matching the FQDN happens to be off line, IPtables crashes and burns. The same is true if the lookup is attempted before DNS services are running on your server. So, the short answer to why we use IP addresses is because it is safer. The downside, of course, is you can’t eyeball the IP address and decipher to whom it belongs. If you ever have any doubt about the identity of the provider associated with any specific IP address, there’s a simple utility you can run to identify its owner: nslookup 178.63.143.236.

Here is a list of the providers included in the default Incredible PBX whitelist. Others can be added using the add-ip and add-fqdn utilities in /root. If you use FQDNs, be sure to add the entries to /root/ipchecker so that your IP addresses are periodically checked and updated when necessary. This is especially important for dynamic IP addresses at remote locations.

outbound1.vitelity.net
inbound1.vitelity.net
atlanta.voip.ms
chicago.voip.ms
dallas.voip.ms
houston.voip.ms
losangeles.voip.ms
newyork.voip.ms
seattle.voip.ms
tampa.voip.ms
montreal.voip.ms
montreal2.voip.ms
toronto.voip.ms
toronto2.voip.ms
london.voip.ms
didforsale.com
callcentric.com
sipgate.com
chi-in.voipstreet.com
did.voip.les.net
magnum.axvoice.com
proxy.sipthor.net
sip.voipwelcome.com
incoming.future-nine.com
outgoing.future-nine.com
DEN.teliax.net
LAX.teliax.net
NYC.teliax.net
ATL.teliax.net
IPkall (defunct) used two IP addresses: 66.54.140.46 and 66.54.140.47
gvgw1.simonics.com
sip2sip.info
googlelabs.com
talk.google.com
gmail.com

The major drawbacks to firewall whitelists are (1) you can inadvertently lock yourself out of your own server and (2) someone that needs access to your server from remote locations may have more difficulty connecting without intervention by a network administrator to authorize remote access. With Incredible PBX, we’ve provided some tools to ease the pain. First, Incredible PBX is deployed with both the PPTP and NeoRouter VPN platforms already in place. With a VPN IP address, remote logins are minimized because they work from almost anywhere. Second, Incredible PBX includes the PortKnocker utility which lets a remote user "knock" on the server using three randomly assigned port numbers to gain temporary access. Many Incredible PBX platforms also support Travelin’ Man 4 which lets you authorize remote access by telephone. You also need to test remote VPN, PortKnocker, and Travelin’ Man 4 access as part of your security audits.

Testing for vulnerabilities is only half of the puzzle. Also make certain that your server has the proper Linux tools in place to allow you to whitelist additional IP addresses so that remote users can deploy phones or gain access to your server when necessary. Try to run the nslookup and dig utilities to verify that they are installed on your server. If not, install them with yum install bind-utils (CentOS/SL/RHEL) or apt-get install dnsutils (Debian/Ubuntu/Raspbian).

Security Audit Results. We’re pleased to report that no vulnerabilities were identified in any of the Incredible PBX platforms; however, good security practices dictate that the IPkall IP addresses should probably be removed from the whitelist now that the company has ceased providing VoIP services.

For CentOS/SL/RHEL platforms:

sed -i '/66.54.140.46/d' /etc/sysconfig/iptables
sed -i '/66.54.140.47/d' /etc/sysconfig/iptables
sed -i '/66.54.140.46/d' /etc/sysconfig/rules.v4.ubuntu14
sed -i '/66.54.140.47/d' /etc/sysconfig/rules.v4.ubuntu14
iptables-restart

For Debian/Ubuntu/Raspbian platforms:

sed -i '/66.54.140.46/d' /etc/iptables/rules.v4
sed -i '/66.54.140.47/d' /etc/iptables/rules.v4
sed -i '/66.54.140.46/d' /etc/iptables/rules.v4.ubuntu14
sed -i '/66.54.140.47/d' /etc/iptables/rules.v4.ubuntu14
iptables-restart

We did identify a couple of access anomalies that kept the add-ip and add-fqdn utilities in /root from functioning properly. These glitches meant that a few administrators could not easily add remote IP addresses to their whitelists. Three fixes are recommended. First, be sure the utilities documented in the previous paragraph are installed on your server. Second, on CentOS/SL/RHEL platforms or servers installed using the Incredible PBX ISO, issue the following commands after logging into your server as root:

sed -i 's|/etc/iptables/rules.v4|/etc/sysconfig/iptables|' /root/add-ip
sed -i 's|/etc/iptables/rules.v4|/etc/sysconfig/iptables|' /root/add-fqdn

Third, for Incredible PBX deployments on the CentOS 7 platform, issue these commands while logged in as root:

 chattr -i /root/add-ip
 sed -i 's|iptables-persistent|iptables|' /root/add-ip
 chattr +i /root/add-ip

Be safe!

Originally published: Tuesday, August 9, 2016

Need help with Asterisk? Visit the PBX in a Flash Forum.

Special Thanks to Our Generous Sponsors

FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.

Some Recent Nerd Vittles Articles of Interest…

Incredible PBX for CentOS 7: A Free Cloud Server for 4 Months

Tuesday, August 2, 2016

[iframe-popup id="4″]
We don’t want anyone to think Incredible PBX is a one-trick pony. 2016 is all about choices and Gotcha-Free VoIP alternatives. We spent last week in the mountains taking a careful look at Ubuntu 16.04 and CentOS 7. Despite the promises that LTS releases of Ubuntu wouldn’t break things that used to work, Ubuntu 16.04 breaks things. Specifically, ODBC as we know it is non-existent. And MySQL is a very different beast with InnoDB now a mandatory component. Those were deal-breakers for us because we no longer could load Incredible PBX database snapshots and because current ODBC code won’t work at all. We had much better luck with CentOS 7, and today we’re pleased to introduce Incredible PBX for CentOS 7.

Some still consider CentOS 7 to be an experimental platform, and we want to take the guesswork out of the equation. So we’re offering up a free cloud platform until December to let you kick the tires. It won’t impact your production servers while letting you explore the possibilities offered by another state-of-the-art Asterisk 13 platform. No, your server won’t blow up when you add a new module. No, Asterisk won’t refuse to start because you chose to upgrade an existing component. No, you won’t be Nickle and Dimed into buying critical platform enhancements. And, no, you won’t be charged hundreds of dollars for "support" only to be told that you need to switch to a more proprietary platform. XiVO remains our platform of choice, but to each his own. You can’t teach some old dogs new tricks so today’s Incredible PBX release is for you. 🙂

There’s more good news. VULTR is a relatively new cloud provider that now hosts virtual machines in over a dozen cities around the world. For new subscribers, they are offering a $20 credit when you sign up using our referral link. And, yes, your registration provides a few shekels to Nerd Vittles to keep the lights on. The great news is that $20 buys you a full four months of Incredible PBX cloud hosting service. You won’t find a better do-it-yourself platform at any price, let alone free.

Building the CentOS 7 Platform at Vultr for Incredible PBX

The first step in your CentOS 7 adventure is to sign up for a Vultr account with your $20 credit using the Nerd Vittles referral link. Once you’ve done that, it’s time to build your CentOS 7 virtual machine to host Incredible PBX in the Cloud. (1) Choose your favorite city to host your server, (2) pick the CentOS 7 64-bit platform (only!), and (3) choose the $5/month server size. Feel free to leave the Server Hostname & Label blank.

Once your virtual machine is up and running, log in with SSH or Putty using the IP address and root password provided. Do NOT install Incredible PBX from the console, or you will lock yourself out of your own server! Change your root password immediately: passwd.

Installing Incredible PBX for CentOS 7 in the Vultr Cloud

While still logged into your server as root using SSH/Putty, issue the following commands to get started. This will set up a swap file and then kick off the Incredible PBX installer:

cd /root
wget http://incrediblepbx.com/incrediblepbx13-12.2-centos.tar.gz
tar zxvf incrediblepbx*
./create-swapfile-DO
./IncrediblePBX*

The initial setup brings your CentOS 7 server up to current specs, and then the virtual machine will reboot at about the 10 minute mark. After rebooting, log into your server again as root with your new root password. Issue the following command to complete the Incredible PBX installation:

./IncrediblePBX*

Along the way, you may be prompted once or twice to enter information. Just press the ENTER key to accept the defaults. When the installation finishes in about 20 minutes, press the ENTER key to reboot your server and activate the Travelin’ Man 3 firewall. Then log back in as root. Perform the following steps to finish things up and set your passwords:

Now you’re ready to switch to a web browser to finish the setup. Complete the steps using our brief tutorial. Enjoy!

Originally published: Tuesday, August 2, 2016

Need help with Asterisk? Visit the PBX in a Flash Forum.

Special Thanks to Our Generous Sponsors

FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.

Some Recent Nerd Vittles Articles of Interest…

Tempus Fugit: Introducing Incredible PBX Alarm Clock for Asterisk and XiVO

Monday, July 18, 2016

So you’re in a hurry and need a quick way to remind yourself of an upcoming appointment. With Siri or your Apple Watch, you can say "Hey Siri, set an alarm for 9 a.m." On an Android phone, just say "OK Google, set an alarm for 9 a.m." And with the Amazon Echo, shout out "Alexa, set an alarm for 9 a.m." But, hey, everyone doesn’t have a fancy smartphone or an Echo. Besides that, they’re not always convenient.

If you have Incredible PBX™ for Asterisk® or XiVO® running in your home or office, it’s even easier. Just pick up any phone and dial *88 plus the time for the alarm using "military time." Dialing *880900 will set an alarm for 9 a.m. and *882100 will set an alarm for 9 p.m. If it’s already later than 9 a.m. when you dial *880900, then the alarm will be set for the following morning at 9 a.m. Doesn’t get any easier than that.

As we mentioned, this new application is primarily for Incredible PBX users, but it will work with any Asterisk server if you have previously installed Telephone Reminders. The Telephone Reminders app is included in all previous releases of Incredible PBX for XiVO, PBX in a Flash, Elastix, CentOS, Scientific Linux, Ubuntu, Debian, and even the Raspberry Pi.

Installing Incredible PBX Alarm Clock on the XiVO Platform

If you’re already using our latest Incredible PBX creation for the XiVO platform, then installation of the Alarm Clock application is a one-minute procedure. If you downloaded Incredible PBX for XiVO after July 13, the Alarm Clock application already is included. Otherwise, log into your server as root and issue the following commands:

cd /root
wget http://incrediblepbx.com/alarms-xivo.sh
chmod +x alarms-xivo.sh
./alarms-xivo.sh

Installing Incredible PBX Alarm Clock on the Other Platforms

As we mentioned, the Alarm Clock application requires an existing setup of Incredible PBX with Telephone Reminders on any of the following platforms: PBX in a Flash, Elastix, CentOS, Scientific Linux, Ubuntu, Debian, or Raspbian for the Raspberry Pi. If you’re using any of these Incredible PBX platforms, simply log into your server as root and issue the following commands to get the Alarm Clock application installed and configured:

cd /
wget http://incrediblepbx.com/alarms4incredible.tar.gz
tar zxvf alarms4incredible.tar.gz
rm -f alarms4incredible.tar.gz
cd /root
./alarms4incredible.sh

A Quick Introduction to Military Time for All of Our Civilian Friends

Embed from Getty Images

"Military time" means the day begins at 0001 for 12:01 a.m. The morning ends at 1159 for 11:59 a.m. For P.M. times, they start at 1200 for noon and end at 2359 for 11:59 p.m. Now’s your chance to play soldier in case you missed the draft. Enjoy!

Taking the Incredible PBX Alarm Clock for a Spin

Once you’ve got the Alarm Clock application in place, it’s time for a test drive. Check your watch for the current time and add 2 minutes. Convert the time to military time. Then pick up any phone connected to your PBX and dial *88 plus the four-digit number for the alarm time you calculated. Remember, if you choose a time that has already come and gone for today, your alarm will be scheduled for the corresponding time tomorrow so don’t cut it too close if your watch doesn’t keep perfect time.

For those wanting to learn how to write Asterisk dialplan code, now is a perfect time. The Alarm Clock application was written without a single line of code from any high-level language including PHP. On the XiVO platform, you’ll find the code at the bottom of /etc/asterisk/extensions_extra.d/xivo-extrafeatures.conf.

On the other Incredible PBX platforms, you’ll find the code at the top of /etc/asterisk/extensions_custom.conf. Just search for *88 in the dialplan.

Reviewing Scheduled Alarms with a Web Browser

You can use the Telephone Reminders web application at http://IPaddress/reminders to review alarms which you have scheduled using *88. With Incredible PBX, they look just like other Telephone Reminders which you may have scheduled either using a phone by dialing 123 or using the Telephone Reminders web application.

Originally published: Monday, July 18, 2016

Need help with Asterisk? Visit the PBX in a Flash Forum.

Special Thanks to Our Generous Sponsors

FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.

Some Recent Nerd Vittles Articles of Interest…

2016: The Year of the May Bromance with XiVO, Asterisk 13, and the GPL

Tuesday, May 31, 2016 / 1 Comment on 2016: The Year of the May Bromance with XiVO, Asterisk 13, and the GPL

Remember that girl that you never much noticed in high school that happened to cross your path years later and there was that instant attraction. It’s one of our favorite country songs.

What a month it has been. 30 days ago we’d never met. And then it happened. We were introduced to XiVO by a single post on the PIAF Forum. It’s difficult to choose a single adjective that describes how feature-rich XiVO is as a real-time Asterisk platform. Ten years of development coupled with some really talented Canadian developers puts XiVO in a league of its own. Pure GPL code. No gotchas. No hidden agenda. Incredible documentation. No snake oil salesmen trying to peddle add-ons for money. And, thanks to the endless patience of Sylvain Boily and Pascal Cadotte Michaud, two of the key XiVO developers, we’ve had quite a joy ride this month. Today we want to share what we’ve learned and provide everything you need step-by-step to hit the ground running with XiVO. In less than an hour, you’ll be sitting in front of your own XiVO server, and you can judge for yourself. All we can ask is "Where have you been all these years?" XiVO really is THAT GOOD!

UPDATE: The first release of Incredible PBX for XiVO is now available here. Please consider this article superseded by the new release.

Let’s Start with the Features. If you make frequent changes to your Asterisk platform, then you’ll really appreciate XiVO’s realtime implementation. Changes are loaded almost instantaneously. Contrast that with some other platforms with hundreds of users where simple changes require several minutes or more to reload the Asterisk dialplan. Here’s an example:

Speaking of hundreds of users, consider the time required to generate accounts and phone configurations for hundreds of users. With XiVO, a simple spreadsheet can be used to build all the user accounts in seconds. And XiVO’s Endpoint Manager supports all of the major phone manufacturers and configures your phones in seconds. With other solutions, you’ve got a fee for the Endpoint Manager add-on itself and then another annual maintenance fee to assure that the software will continue to work. Contrast that with XIVO’s GPL alternative. Choosing Configuration:Provisioning:Plugins:Update generates templates for dozens of great SIP phones in seconds with just four button clicks. Adding your own new models is a breeze.

We’ve already written about XiVO upgrades and backups, the twin-edged sword with most Asterisk implementations. Yes, you can go the proprietary route and stumble through dozens of menus and arcane commands to load upgrades and create backups. With XiVO, backups are automatic and the updates are fast and furious. Every morning a new backup arrives in /var/backups/xivo, and a new version of XiVO is released every three weeks. You can upgrade your server in under a minute with one simple command. Did we mention reported bugs are addressed in under 30 days!

One of the real failures of the other GUI offerings is their lack of tools to perform most tasks in any way other than using the GUI. For developers and those that maintain numerous phone systems from afar, this becomes a nightmare. XiVO offers a better alternative. Yes, there’s an incredible GUI. But there’s also a robust collection of APIs that provide programmatic access to manage and query virtually every piece of the XiVO puzzle. As if that weren’t enough, there’s also real documentation and samples to show you how to use each piece.

Have we got your attention yet? We haven’t even touched upon Call Centers and High Availability (HA) server deployments, but they’re included at zero cost. For today and just getting started, suffice it to say that XiVO covers all the bases with open source code. And all of these features already are incorporated into the product you’re about to install. So, if those two items have been on your Wish List and you’d prefer to avoid paying an arm and a leg for proprietary, commercial add-ons with recurring annual fees, today’s your lucky day. Break open the latest XiVO documentation, all 479 pages of it and enjoy!

We’ve barely scratched the surface of what you can do with XiVO. Simply stated, anything you can do with the other GUI offerings, you can do better, quicker, and cheaper with XiVO. And, if there are features you need that aren’t there, all you have to do is ask. We’re porting applications to XiVO at the rate of about one new application a day. You can do the math on feature sets and measure where we’ll be when the summer is over.

Getting Started with XiVO. Jump to the latest tutorial to install XiVO.

Bookmark Getting Started with XiVO and you can follow our progress in coming months. Enjoy!

For additional tips & tricks with XiVO, take a look at our previous articles:

Choosing a XiVO Hardware Platform

XIVO Initial Setup Tutorial

XiVO Initial Setup Tutorial: Getting Started with XiVO

XIVO Trunk Implementation Tutorials

XIVO Call Routing Tutorials

Taking Nerd Vittles’ XiVO IVR for a Test Drive

There’s a Demo IVR running at www.pacificnx.com on their XenServer virtualization platform. Scott McCarthy, a leading outside XiVO developer and a principal at PacificNX, tells us they soon will have a $20 a month platform specifically tailored to XiVO. And that’s what you’ll be hearing when you call the Nerd Vittles Demo IVR:

Published: Tuesday, May 31, 2016

Need help with Asterisk? Visit the PBX in a Flash Forum.

Special Thanks to Our Generous Sponsors

FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.

Some Recent Nerd Vittles Articles of Interest…

2016, The Year of (real) VoIP Choice: Meet XiVO, a UC Solution for Any Business

Thursday, May 5, 2016 / 1 Comment on 2016, The Year of (real) VoIP Choice: Meet XiVO, a UC Solution for Any Business

We promised you that 2016 was going to be a year filled with surprises, and today we’re pleased to introduce another open source, pure GPL3 solution for any business. Whether your requirements are a call center or a versatile phone system for hundreds of employees, XiVO™ offers a compelling unified communications solution that checks all the boxes. Unlike some products that function merely as a code generator for Asterisk®, XiVO is in a league of its own. XiVO is actually an integral component of the Asterisk application itself. It manages your telephony server in realtime using its versatile PostGreSQL database platform. Did we mention it’s also a great playground for hobbyists and SOHO VoIP enthusiasts? Let’s get started.

UPDATE: The first release of Incredible PBX for XiVO is now available here. Please consider this article superseded by the new release.

There’s no way to do justice to a product like XiVO in a single article. So our plan is to introduce XiVO today and get your platform up and running where you can make and receive free calls throughout the United States and Canada. Then you can add Incredible PBX components and additional SIP providers as we continue to build them out. Just follow along with our Incredible PBX development for XiVO on the PIAF Forum, and you’ll get a first-hand look at how sausage is made. We already have text-to-speech applications for news and weather up and running. You can take them for a test drive by calling the XiVO demo:

And, of course, we’ve integrated the Travelin’ Man 3 IPtables firewall to provide rock-solid security for XiVO, and we’ll cover that today as well. As part of this development process, you’ll discover how easy it is to build Asterisk applications for XiVO on your own. And hopefully you’ll share some of your creations with the rest of us. That’s what open source development is all about.

Choosing an Experimental Platform for XiVO

We’re just getting started with XiVO development so, like us, we’re assuming you’ll want to kick the tires a bit before jumping into a new VoIP solution for the long haul. That means you first must choose a platform on which to install XiVO. We have several recommendations for you. If you have a robust desktop machine with lots of RAM and processing power, then installing XiVO under VirtualBox may be the way to go. We actually use an iMac with 16GB of RAM, and it provides plenty of horsepower to run VirtualBox and XiVO. With VirtualBox, we’ll start by downloading the XiVO ISO.

We didn’t mention that XiVO has been under development for over 10 years and is supported by the original developers with financial support from Avencall. Because of its Canadian roots, it seems only fitting that many may wish to consider CloudAtCost in Canada as an appropriate site to host your experimental XiVO server. A one-time payment of $10.50 still buys you a sandbox in the cloud for life with coupon code TAKE70, and XiVO installs on the CloudAtCost platform without a hiccup. For a CloudAtCost implementation, we’ll start by creating a Debian 8 server.¹ And then we’ll download and run the XiVO installation script to build our XiVO server. Finally, we’ll walk you through setting up XiVO on a $5/month Digital Ocean Droplet which provides state-of-the-art performance at rock-bottom Cloud pricing. So begin by choosing your hardware platform from the three options below:

1. Installing XiVO as a VirtualBox Virtual Machine

For standalone implementations including VirtualBox, we’ll begin by downloading the 64-bit XiVO Server ISO to your desktop. Next, create a VirtualBox 64-bit Debian VM platform with 1024 MB RAM and at least a 10GB virtual drive. In System Settings, enable I/O APIC and disable the other options. Select a Sound Card to match your machine and configure Network Adapter 1 as a Bridged Network Device. In the Storage Settings (shown below) for your (1) Empty IDE Controller, (2) select the downloaded XiVO ISO as your installation media. Start the VM and proceed through the initial install.

Click Install, choose your language, pick your time zone, choose your keyboard map, create a very secure root password, and choose a Debian mirror that’s close to your server. Choose /dev/sda as your bootloader assuming that’s the disk drive configured by VirtualBox. In less than 10 minutes, the install will complete and your VM will reboot. Log into your server as root and obtain your IP address: ifconfig. You’ll need it for the web configuration step that comes next.

2. Installing XiVO as a CloudAtCost Cloud-Based Server

You can’t use an ISO as the installation media at CloudAtCost so we have to start by building a 64-bit Debian 8 virtual machine with at least 512 MB RAM and a 10GB virtual drive. No need to choose a larger drive at the moment since there’s a bug in CloudAtCost’s installer for Debian 8. See the footnote for details. Once your virtual machine is built, log in as root and issue the following commands to kick off the XiVO install:

apt-get -y remove apache2*
apt-get update
apt-get -y upgrade
reboot
# log back in as root and...
wget http://mirror.xivo.io/fai/xivo-migration/xivo_install_current.sh
bash xivo_install_current.sh

3. Installing XiVO as a Digital Ocean Droplet

As with CloudAtCost, you’ll need to begin your XiVO adventure at Digital Ocean by first signing up for an account. With our referral code, you’ll get a $10 credit (and so will Nerd Vittles). That’s good for two full months of service to kick the tires of XiVO without ever spending a dime. Once your account is set up, create a $5/month Debian 8 (64-bit) Droplet. When you receive the email with your droplet credentials, log into your new server as root using SSH/Putty and issue the following commands to get Debian 8 squared away:

apt-get update
apt-get upgrade -y
dd if=/dev/zero of=/swapfile bs=1024 count=1024k
chown root:root /swapfile
chmod 0600 /swapfile
mkswap /swapfile
swapon /swapfile
echo "/swapfile          swap            swap    defaults        0 0" >> /etc/fstab
sysctl vm.swappiness=10
echo vm.swappiness=10 >> /etc/sysctl.conf
free
reboot

After the reboot, log into your server again with your new root password and kick off the XiVO install:

wget http://mirror.xivo.io/fai/xivo-migration/xivo_install_current.sh
bash xivo_install_current.sh

Enabling SSH Root Access with XiVO

If you installed XiVO using the XiVO ISO, then root logins via SSH are disabled by default. Only enable it if you plan to also implement the firewall in the next step! To enable root logins via SSH, log into the server console as root and edit the SSH config file: nano -w /etc/ssh/sshd_config. Find the line in the Authentication section that begins with PermitRootLogin and change it to: PermitRootLogin yes. Save your change (Ctrl-X, y, ENTER) and then restart SSH: /etc/init.d/ssh restart.

Setting Up a Firewall to Protect XiVO

We don’t build PBXs without a rock-solid firewall, but it’s your phone bill so the choice is all yours. The Travelin’ Man 3 implementation of the Linux IPtables firewall provides a safe computing platform using a WhiteList to only allow access by trusted users and providers. You can add additional users to the whitelist as desired using add-ip and add-fqdn in the /root folder. Restart your firewall using only this command: iptables-restart. If you’ll be using FQDNs in your WhiteList, then add the ipchecker script to your cron jobs. Then review Step #5 in the TM3 tutorial.

echo "*/10 5-22 * * * root /root/ipchecker > /dev/null 2>&1" >> /etc/crontab

It’s imperative that you set this up from a client workstation that’s running SSH or Putty. Otherwise, you may inadvertently lock yourself out from your own server. While logged into your server via SSH as root, issue the following commands:

cd /root
wget http://incrediblepbx.com/firewall-xivo.tar.gz
tar zxvf firewall-xivo.tar.gz
rm -f firewall-xivo.tar.gz
./tm3-xivo.sh

Configuring XiVO with a Web Browser

Once the basic install is completed, you use a web browser to actually configure and manage your XiVO server. To get things started, point your browser to the IP address of your XiVO server. Choose your Language. Accept the GPL3 license agreement. Then fill in the blanks to create a Hostname for your server (XiVO), a domain name (some domain that you own or one chosen from your favorite dynamic DNS provider), a very secure Web interface password (choose as if your phone bill depends upon it). The network interface and DNS server entries should already be correct. Click Next.

On the second configuration screen, choose an Entity (department/organization name or IncrediblePBX will suffice). Then set up the Contexts to manage calls on your PBX:

Internal Calls Context: manages extension numbers that can be reached internally
Incalls Context: manages calls coming from outside of your system
Outcalls Context: manages calls going from your system to the outside

Here’s what we’ll be using by way of example:

Finally, validate your entries to complete the configuration. Now log into your XiVO server as root using your newly created web password. You should get a status screen that looks something like this. If you had any doubts about the quality of the XiVO product, this should put your mind at ease. 🙂

Logging Into the XiVO Web Interface

To make changes in your XiVO setup, you’ll need to log into the web interface at the IP address of your XiVO PBX. Login with root as the username together with the Web Interface Password you set up above. You can change this password at any time under the Configuration tab by clicking on Users and editing your existing settings.

Creating Users and Lines with XiVO

For those migrating from the FreePBX® world, you’re probably most familiar with the procedure for creating extensions. More advanced administrators may have switched to device and user mode where users and devices are created separately. Phone numbers or extensions were associated with users while phone instruments were associated with devices. In the World of XiVO, we’ll start with the simplest configuration, and you can move on from there when you’re ready. In our scenario today, we’ll create a couple of users. Each user has a Name, Language, Time Zone, and other optional characteristics such as a Mobile Phone Number which can ring simultaneously whenever a user receives a call to his or her local XiVO phone number. By adding a Line (aka Phone Number) for the user as the user account is created, XiVO will automatically generate a separate Line with username and password credentials. This Line will be associated with the User during the initial user setup procedure, and this Line then can be registered to a SIP phone, softphone, or XiVO client (which we will cover separately down the road). In the example below, we’re using Nerd Uno’s extension 701 (associated with line 3jz8tsr0) to call Nerd Dos’ extension 702 (associated with line 8fmne2x4).

XiVO has an excellent tutorial that covers creating Users with a SIP Line. So jump there and add a couple of Users following the steps in the tutorial. When you’re finished, you’ll have two Users and two associated Lines with credentials to set up SIP phones. Since you’re just getting your feet wet and will probably make some mistakes, it’s probably a good idea to turn off Fail2Ban while you’re experimenting. Otherwise, you may accidentally lock yourself out of your server (ask us how we know) and think it’s a problem with XiVO. Here’s how:

/etc/init.d/fail2ban stop

To set up your SIP phones, you’ll need the credentials for each of the two lines. Under the Lines tab, click on the Pencil icon to reveal the Username and Password. Fill in the missing pieces as shown below and make certain that your NAT entry is set to Yes.

With those credentials in hand, go ahead and configure a couple of SIP phones and make certain you can call between them with audio in both directions before proceeding. For those with a Mac, Telephone is perfect for experimentation because you can set up multiple softphones and place calls between them.

IMPORTANT: If your server is sitting behind a NAT-based firewall, you must set the external and local network IP addresses for XiVO in General Settings -> SIP Protocol. You’ll find the fields in the Network tab.

Configuring a SIP Trunk for Google Voice with XiVO

Now that you have internal calls working, let’s turn our attention to connecting your PBX to the rest of the world. We obviously can’t cover the setup for every SIP provider, but we can provide a good example that will get our U.S. friends free calling in the U.S. and Canada. We’ve chosen the Simonics SIP Gateway to Google Voice because a one-time payment of $5.99 gets you a traditional SIP trunk to interface with any existing Google Voice number. If you don’t have a Google Voice number, sign up here. In your Google Voice Settings, make sure Forward Calls to Google Chat is enabled and disable Call Screening in the Calls tab. Then, with your Google credentials and Google Voice number in hand, visit the Simonics web site to sign up for service. Sign in with your Google credentials and complete the registration process. Once you have your Simonics account name and password, log into your XiVO web portal.

With credentials in hand, on the XiVO side, start by choosing the SIP Protocol tab under Trunk Management. There are actually three tabs to configure for the SIP trunk. Begin in the General tab and make it look like this using your credentials. NOTE: The complete FQDN for the Simonics gateway should be gvgw.simonics.com:

Next, click on the Register tab and reenter your credentials. Leave the empty fields exactly as shown. Be sure the Register box is checked.

Next, in the Signaling tab, change the Monitoring option to Yes and then click Save. Monitoring is the XiVO equivalent of the SIP Qualify option.

We also need to make one minor adjustment in the SIP Protocol Defaults in the General Settings. Just Save your settings after checking Match users with ‘username’ field.

Next, we need to tell XiVO how to process Incoming and Outgoing Calls using the Google Voice SIP trunk. Under the Call Management section, let’s begin with the Incoming Calls setup by creating a new Incoming Calls DID for your 11-digit Google Voice number. To keep things simple, we’ll route the incoming calls to the User mapped to extension 701:

For Outgoing Calls, we need to route calls with a specific dial string out the Simonics SIP trunk using the to-extern context. By way of example, we’ve set this up using a dialing prefix of 48 (GV) and a 10-digit number. We’re letting XiVO supply the missing 1 country code required by Google Voice, and we’ll let XiVO strip off the 48 prefix in processing the outbound calls. If this is your only outgoing trunk, you may prefer not to use a dial prefix at all. In that case, change the dial string to a 10-digit number (NXXNXXXXXX) and set Stripnum to 0.

Well, that’s enough for today. There’s complete XiVO PDF Documentation available here. We’ll have lots more to say about XiVO in coming weeks. Come join the party!

Continue reading Part 2.

Published: Thursday, May 5, 2016

Need help with Asterisk? Visit the PBX in a Flash Forum.

Special Thanks to Our Generous Sponsors

FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.

Some Recent Nerd Vittles Articles of Interest…

There’s a glitch in the CloudAtCost builds for Debian8. Regardless of how much disk storage you allocate, CloudAtCost will only use 10GB. Moral: Don’t waste your resources by allocating more than 10GB of disk space. This is an experimental platform, and 10GB will suffice. If you really need more space, this thread on the PIAF Forum will walk you through expanding the storage allocation beyond the 10GB threshold. [↩]

Sleep Well: Create a $10.50 Incredible Backup Server in the Cloud with WebDAV

Monday, April 25, 2016

Embed from Getty Images

With the impending demise of Copy.com, it seemed like a good time to revisit the subject of backups and to do a little advance preparation for that rainy day when your Incredible PBX™ server decides it’s taken its last breath. We recently documented how to build an Incredible PBX in the Cloud for a one-time cost of $10.50. And we showed you how to build a Linux Sandbox in the Cloud for the same bargain-basement price. Today, we’re adding a third way to spend one day’s lunch money with our new Backup Server in the Cloud at CloudAtCost. And, like the other two, a one-time investment of $10.50 gets you a 10GB cloud repository to store your most important Asterisk® files for life!¹ If you’re feeling really adventurous, you can double or quadruple your resources and your storage capacity at the same great 70% off rates with CloudAtCost coupon code: TAKE70. Some have asked us for a referral code to give credit where credit is due. Thanks for thinking of us, but we already have all of the CloudAtCost resources we could ever use. So this one, like the two before it, is on us!

https://youtu.be/INVaNT1R_jE

We recommend you start by building an Incredible PBX platform at CloudAtCost using our previous tutorial. Is it production-ready? Probably not. Is it a good standby server which can swing into action when your primary server croaks? Absolutely. Can it be used for off-site storage of backups from your primary Incredible PBX server? You bet. And today we’ll show you how. It’s about a 10-minute process once you have Incredible PBX up and running in the Cloud. We’ll also provide an updated Incredible Backup script to transparently upload backup images to your new CloudAtCost backup server.

It’s been quite a while since we first explored WebDAV back in 2005. Today we’re going to bolt on WebDAV to your existing Incredible PBX platform so that some of that spare storage space in the Cloud can be used to house snapshot images of your Incredible PBX production server. Since this will be a fully-functioning Incredible PBX server in addition to serving as a backup server, it can perform double-duty as a hot standby on a moment’s notice. When disaster strikes, restore the latest backup which happens to be colocated on your Cloud server, and you’ll be back in business.

Overview. As you probably know, WebDAV is an acronym for Web-based Distributed Authoring and Versioning. Simply put, it is an HTTP protocol extension that allows people anywhere on the Internet to edit and manage documents and other files using the same protocol and port used for surfing the web. In the Mac and Linux worlds, WebDAV provides a Disk Volume that “looks and feels” like any other networked hard disk. In the Windows world, WebDAV is called Web Folders. They can be used like any other mapped drive in Network Neighborhood. If you’re still a little fuzzy about the WebDAV concept, think of how you link to another drive on your local area network. WebDAV gives you the same functionality across the entire Internet with virtually the same ease of use. Depending upon user privileges, of course, you can copy files to and from a WebDAV volume, and the protocol imposes versioning control through file locking to assure that multiple people with access rights don’t change the same file at the same time.

Initial Setup of WebDAV in the Cloud. For today, we’re assuming you already have a functioning Incredible PBX server at CloudAtCost running under CentOS 6.7. If not, start with our tutorial here. If you’d prefer to use the Linux Sandbox configuration for your WebDAV platform, skip down to the next section. To keep things simple, we’re going to set up a separate dav directory within your existing Incredible PBX cloud server to use for WebDAV storage. This means files and folders managed with WebDAV will appear in /var/www/html/dav on your server. We’ll password-protect the directory using Apache web credentials for the admin user. You first must set up these credentials by issuing the following command while logged into your server as root:

htpasswd /etc/pbx/wwwpasswd admin

To activate WebDAV on your Incredible PBX server at CloudAtCost, while still logged into your server as root, issue the following commands:

mkdir /var/www/html/dav
chown asterisk:asterisk /var/www/html/dav
chown asterisk:asterisk /var/lib/dav
cd /etc/pbx/httpdconf
wget http://incrediblepbx.com/dav.conf
service httpd restart

Keep in mind that WebDAV is running on an Incredible PBX server which means that remote HTTP access will require that your remote IP address be in the IPtables WhiteList. You can add it easily using the add-ip or add-fqdn utilities in /root. Don’t forget, or none of this will work.

Setting Up WebDAV on a CloudAtCost Linux Sandbox. If you’d prefer to set up WebDAV on a Linux Sandbox at CloudAtCost rather than the Incredible PBX platform, begin by installing the sandbox by following along in the Nerd Vittles tutorial. Once you’re up an running, issue the following commands to activate WebDAV:

mkdir /etc/pbx
htpasswd -c /etc/pbx/wwwpasswd admin
mkdir /var/www/html/dav
chown apache:apache /var/www/html/dav
cd /etc/httpd/conf.d
wget http://incrediblepbx.com/dav.conf
service httpd restart

You won’t have to whitelist the IP address of your local Incredible PBX server in the IPtables firewall running on your WebDAV server at CloudAtCost because port 80 already is whitelisted in the default Linux Sandbox setup.

Accessing WebDAV in the Cloud. As installed, you’ll need your username (admin) and your Apache password assigned above to access your WebDAV server in the Cloud. Use a browser for read only access to the dav directory at the IP address of your server, e.g. http://23.45.67.89/dav. Or establish a network share to the WebDAV resource for read and write access.

Configuring a Local CentOS/SL Server for WebDAV Access. Linux needs something special in order to treat remote WebDAV resources as part of your local file system. Fortunately, there is a packaged solution that does all the heavy lifting for you. On every CentOS/Scientific Linux server from which you want to access remote WebDAV resources, issue the following commands while logged into the server as root:

yum -y install davfs2
mkdir /dav
cd /root
wget http://incrediblepbx.com/incrediblebackup-dav
chmod +x incrediblebackup-dav

Configuring a Local Debian/Ubuntu/Raspbian Server for WebDAV Access. The setup drill is much the same as it is for CentOS except the package installation syntax needs to be adjusted. On every Debian, Ubuntu, or Raspbian (Raspberry Pi) server from which you want to access remote WebDAV resources, issue the following commands while logged into the server as root:

apt-get -y install davfs2
mkdir /dav
cd /root
wget http://incrediblepbx.com/incrediblebackup-dav
chmod +x incrediblebackup-dav

Connecting to Your WebDAV Server in the Cloud. The new Incredible Backup script, /root/incrediblebackup-dav, will automatically make a connection to your new WebDAV server in the Cloud once you’ve entered your admin credentials and the IP address of your WebDAV server. Do this by editing incrediblebackup-dav. Just plug in your admin password and the IP address of your WebDAV server in the Cloud. Then save the file.

In case you’re curious, here is the command to access WebDAV as a file system from your local server. Assuming admin:passwd555 were your remote Apache credentials and 23.45.67.89 was the IP address of your CloudAtCost server, the mount command would look like this:

echo passwd555 | mount.davfs http://23.45.67.89/dav /dav -o username=admin

All of the /dav files on the WebDAV server in the Cloud then would be accessible in the /dav directory on your local server until the WebDAV connection was closed/unmounted. You can add, edit, and delete files and directories. All of your local changes will automatically be synchronized with your WebDAV server in the Cloud.

To close the WebDAV connection, issue the following command:

umount.davfs /dav

Making a Backup to Your WebDAV Server in the Cloud. This is the easy part. Once everything is in place and you have configured the Incredible Backup script with your admin credentials and WebDAV server’s IP address, you’re ready to kick off a backup. Just issue the following command while logged into your server as root:

/root/incrediblebackup-dav

Restoring a Backup from Your WebDAV Server in the Cloud. There are two ways to do this. If your local server and Cloud-based server are running identical versions of Incredible PBX, then you can restore the backup image to your Cloud server and run Incredible PBX in the Cloud. Simply move the desired backup file from /var/www/html/dav on the Cloud server to /backup and then run incrediblerestore from the /root folder. Once the restore completes, reboot your Cloud server, reconfigure the IP addresses of your phones, and you’re back in business.

If you’d prefer to restore a backup from the Cloud to a local server, then you would first build a new server to match the one from which the backup was originally made. Next, configure the new server to support WebDAV access to your Cloud-based server following the tutorial above. Then execute the following commands after logging into your local server as root. Use the credentials, IP address, and actual backup filename saved on your Cloud server:

mkdir /backup
cd /root
echo passwd555 | mount.davfs http://23.45.67.89/dav /dav -o username=admin
cp /dav/backupfilename.tar.gz /backup/.
umount.davfs /dav
./incrediblerestore /backup/backupfilename.tar.gz
rm /backup/backupfilename.tar.gz

WebDAV Cautionary Notes and Gotchas. First, WebDAV does a lot of heavy lifting under the covers because its intended for use as a collaboration tool by multiple people accessing and updating the same resources. So synchronization is important. When we’re moving huge files from a local server to the WebDAV cloud, this synchronization activity can give the appearance that your server has hung either during the backup procedure or thereafter. It hasn’t. So, after you run the Incredible Backup script to upload a new backup image, leave your server alone for a while. On your local server, don’t attempt to list /dav or otherwise use it for about an hour to be safe. On a Raspberry Pi, just be patient while the backup procedure completes. After that, you should be good to go. Depending upon the Linux flavor of your local server, the Incredible Backup script may not dismount your WebDAV resource successfully. You can do this manually LATER although it won’t hurt anything to leave the connection in place. As noted above, the dismount command is umount.davfs /dav.

Second, be very careful in configuring Incredible Backup to make certain that you specify the correct IP address for your WebDAV server in the Cloud. WebDAV will try to connect to any IP address, and you don’t want to inadvertently upload your backup files to someone else’s server. Third, ALWAYS use a web browser to access your WebDAV server in the Cloud after your backup completes to make certain that a backup with the current date and time is shown in the directory listing. Particularly with RedHat OS flavors, it may take some time for the entire tarball upload to complete even though the script will indicate it has finished. Again, patience is a virtue. Don’t reboot. Things will get sorted out in due course.

Finally, as with other network connections, if the WebDAV connection fails for some reason, your backup would be stored locally in the /dav folder rather than on WebDAV in the Cloud. That’s obviously not too helpful in the event of a local disk crash. So don’t forget to check your WebDAV server in the Cloud to verify successful completion of the backup.

Enjoy!

Republished: Monday, April 25, 2016

Need help with Asterisk? Visit the PBX in a Flash Forum.

Special Thanks to Our Generous Sponsors

FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.

Some Recent Nerd Vittles Articles of Interest…

The lifetime promise is, of course, in the eye of the beholder. It may be your lifetime but, more than likely, it’s the lifetime of CloudAtCost. The two are not necessarily the same so plan accordingly. 🙂 [↩]

Taking a Fresh Look at the Asterisk, FreePBX, and Incredible PBX Security Models

Monday, April 18, 2016

Embed from Getty Images

About once a year, we try to shine the spotlight on Asterisk® security in hopes of saving lots of organizations and individuals a little bit (or a lot) of money. In light of last week’s major security lapse in the Asterisk® dialplan of those using FreePBX® since the Asterisk@Home days, now seemed like a good time for a review. As we’ve noted before, the problem with open source phone systems is they’re open source phone systems. So the bad guys can figure out how they work just like the good guys. Unfortunately, some of the bad guys are paying particular attention to Asterisk and FreePBX so it behooves all of us to remain vigilant and patch vulnerabilities quickly. The FreePBX Devs have done an admirable job in responding quickly to this issue.

Last week’s vulnerability involves the call transfer methodology that has been incorporated into FreePBX-based Asterisk servers for at least a decade. In a nutshell, it allows an internal or outside caller or called party to transfer a call using touchtones instead of a dedicated transfer button or hook flash. ## performs a blind transfer while *2 sets up an attended transfer where the person transferring the call can actually talk to the transfer recipient before executing the call transfer. Some of our foreign friends used this *2 methodology to initiate calls to Asterisk servers and then to transfer those calls to expensive destinations while the other party to the call listened to music on hold. Worse yet, it could be performed within an answering IVR on some servers so the administrator never knew the call transfer took place other than reviewing the call detail records. As with some previous vulnerabilities, this one had lain dormant since the inception of call transfer technology in Asterisk. The default settings in FreePBX permitted outside calling or called parties to initiate transfers using these feature codes. We’re reminded of a similar vulnerability that used to exist in many Asterisk voicemail systems that allowed callers to dialout to another number from within the voicemail system.

We hope to persuade you today that allowing transfer of calls using touch tones is a very bad idea to begin with. Even when you don’t get a surprise phone bill, it often results in unanticipated consequences such as depicted in this video shared on DSL Reports:

https://youtu.be/bnMVebywX6Y

Here’s how you can protect any server that uses all or some of the FreePBX GUI. First, be aware that the FreePBX developers are working on a rewrite of the Core component in versions 13 and 12. The fix would limit use of this technology to those on the internal side of a PBX. In other words, remote callers would be blocked from calling into an Asterisk server and transferring themselves to a phone on a cruise ship sailing in the Indian Ocean. In the meantime, issuing the following commands will patch things up:

mysql -uroot -ppassw0rd asterisk -e "update freepbx_settings set value = 'tr' where keyword = 'DIAL_OPTIONS' limit 1"
mysql -uroot -ppassw0rd asterisk -e "update freepbx_settings set value = '' where keyword = 'TRUNK_OPTIONS' limit 1"
amportal a r

For those using Incredible PBX™, the Automatic Update Utility will patch your server the next time you log in as root.

Olle Johansson has been one of the primary shakers and movers when it comes to educating folks on Asterisk security and inspiring developers to do a better job designing these systems. If you didn’t attend AstriCon 2013 and haven’t watched the Security Master Class, put these videos on your Bucket List. They’re all free and well worth your time.

When we began building out Incredible PBX on other platforms several years ago, we decided it was an opportune time to revisit our Asterisk security model and make it as bullet-proof as possible given the number of people now deploying Asterisk servers in the cloud. As a practical matter, there are no hardware-based firewalls to protect you with many of the cloud-based systems. So you literally live or die based upon the strength of your own software-based security model.

As in the past, security is all about layers of protection. A bundle of sticks is harder to break than a single stick. There now are Incredible PBX builds for CentOS, Scientific Linux, Ubuntu 14, and the latest Raspbian 8 for the Raspberry Pi 2 and 3. All of these releases include the new Incredible PBX security model. Here’s how it works…

The 7 Security Layers include the following, and we will go into the details below:

1. IPtables Linux Firewall. Yes, we’ve had IPtables in place with PBX in a Flash for many years. And, yes, it was partially locked down in previous Incredible PBX releases if you chose to deploy Travelin’ Man 3. Now it’s automatically installed AND locked down, period. As installed, the new Incredible PBX limits login access to your server to those on your private LAN (if any) and anyone logging in from the server’s public or private IP address and the public IP address of the desktop machine used to install the Incredible PBX software. If you or your users need access from other computers or phones, those addresses can be added quickly using either the Travelin’ Man 3 tools (add-ip and add-fqdn) or using the Port Knocker application running on your desktop or smartphone. All you need is your randomized 3 codes for the knock. You can also enable a remote IP address by telephone. Keep reading!

2. Travelin’ Man 3 WhiteLists. As in the past, many of the major SIP providers have been whitelisted in the default setup so that you can quickly add new service without worrying about firewall access. These are providers that we’ve used over the years. The preconfigured providers include Vitelity (outbound1.vitelity.net and inbound1.vitelity.net), Google Voice (talk.google.com), VoIP.ms (city.voip.ms), DIDforsale (209.216.2.211), CallCentric (callcentric.com), and also VoIPStreet.com (chi-out.voipstreet.com plus chi-in.voipstreet.com), Les.net (did.voip.les.net), Future-Nine, AxVoice (magnum.axvoice.com), SIP2SIP (proxy.sipthor.net), VoIPMyWay (sip.voipwelcome.com), Obivoice/Vestalink (sms.intelafone.com), Teliax, and IPkall. You are, of course, free to add other providers or users using the whitelist tools being provided. add-ip lets you add an IP address to your whitelist. add-fqdn lets you add a fully-qualified domain name to your whitelist. del-acct lets you remove an entry from your whitelist. Because FQDNs cause problems with IPtables if the FQDN happens to be invalid or non-functional, we’ve provided a customized iptables-restart tool which will filter out bad FQDNs and start up IPtables without the problematic entries.

Be advised that whitelist entries created with PortKnocker are stored in RAM, not in your IPtables file. These RAM entries will get blown out of the water whenever your system is restarted OR if IPtables is restarted. Stated another way, PortKnocker should be used as a stopgap tool to get new IP addresses qualified quickly. If these addresses need access for more than a few hours, then the Travelin’ Man 3 tools should be used to add them to your IPtables whitelist. If your whitelist setup includes dynamic IP addresses, be aware that using ipchecker in a cron job to test for changing dynamic IP addresses will remove PortKnocker whitelist RAM entries whenever an IP address change triggers an iptables-restart.

For more detail on Travelin’ Man 3, review our original tutorial.

3. PortKnocker WhiteListing. We’ve previously written about PortKnocker so we won’t repeat the article here. Simply stated, it lets you knock on three ports on a host machine in the proper order to gain access. If you get the timing and sequence right, the IP address from which you knocked gets whitelisted for access to the server… with appropriate admin or root passwords, of course. The knocking can be accomplished with either a command line tool or an iOS or Android app using your smartphone or tablet. As noted above, it’s a terrific stopgap tool to let you or your users gain quick access to your server. For the reasons we’ve documented, don’t forget that it’s a stopgap tool. Don’t use it as a replacement for Travelin’ Man 3 whitelists unless you don’t plan to deploy dynamic IP address automatic updating. Just to repeat, PortKnocker whitelists get destroyed whenever IPtables is restarted or your server is rebooted. You’ve been warned.

4. TM4 WhiteListing by Telephone. Newer releases of Incredible PBX are preconfigured with ODBC support for telephony applications. One worth mentioning is our new Travelin’ Man 4 utility which lets a remote user dial into a dedicated DID and register an IP address to be whitelisted on the server. Within a couple minutes, the user will be sent an email confirming that the IP address has been whitelisted and remote access is now enabled. For phone systems and administrators supporting hundreds of remote users, this new feature will be a welcome addition. It can be configured in a couple minutes by following the Installation instructions in the Travelin’ Man 4 tutorial. Unlike PortKnocker, whitelisted IP addresses added with TM4 are permanent until modified by the remote user or deleted by the administrator.

5. Fail2Ban. We’ve never been a big fan of Fail2Ban which scans your logs and blacklists IP addresses after several failed attempts to log in or register with SSH or Apache or Asterisk. The reason is because of documented cases where attacks from powerful servers (think: Amazon) completely overpower a machine and delay execution of Fail2Ban log scanning until tens of thousands of registration attempts have been launched. The FreePBX folks are working on a methodology to move failed login attempts to a separate (smaller) log which would go a long way toward eliminating the log scanning bottleneck. In the the meantime, Fail2Ban is included, and it works when it works. But don’t count on it as your only security layer.

6. Randomized Passwords. With the new security model described above, we’ve dispensed with Apache security to protect FreePBX® access. These new Incredible PBX releases rely upon the FreePBX security model which uses encrypted passwords stored in MySQL or MariaDB. As part of the installation process, Incredible PBX randomizes ALL FreePBX passwords including those for the default 701 extension as well as the admin password. When your new Incredible PBX install completes, the most important things to remember are your (randomized) FreePBX admin password AND the (randomized) 3 ports required for Port Knocker access. Put them in a safe place. Sooner or later, you’ll need them. You can review your PortKnocker settings in /root/knock.FAQ. We’ve also included admin-pw-change in the /root folder for those that are too lazy to heed our advice. With the new security model, there is no way to look up your admin password. All you can do is change it… assuming you haven’t also forgotten your root password. 😉

7. Automatic Update Service. All new Incredible PBX builds include an automatic update service to provide security patches and bug fixes whenever you log into your server as root. It saved you just last week! If you don’t want the updates for some reason, you can delete the /root/update* file from your server. If the cost of maintaining this service becomes prohibitive, we may implement a pay-for-service fee, but it presently is supported by voluntary contributions from our users. It has worked extremely well and provided a vehicle for pushing out updates that affect the reliability and security of your server.

A Word About IPv6. Sooner or later Internet Protocol version 6 will be upon us because of the exhaustion of IPv4 IP addresses. Incredible PBX is IPv6-aware and IPtables has been configured to support it as well. As deployed, outbound IPv6 is not restricted. Inbound access is limited to localhost. You, of course, are free to modify it in any way desired. Be advised that disabling IPv6 localhost inbound access will block access to the FreePBX GUI. Don’t ask us how we know. 🙂

Originally published: Monday, April 18, 2016

Need help with Asterisk? Visit the PBX in a Flash Forum.

Special Thanks to Our Generous Sponsors

FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.

Some Recent Nerd Vittles Articles of Interest…

Tag Archives: freepbx

The Most Versatile VoIP Provider: FREE PORTING

Links

Follow us

Recent Posts

Building the Debian 8 Platform at Vultr for XiVO

Installing Incredible PBX for XiVO in the Vultr Cloud

Special Thanks to Our Generous Sponsors

Special Thanks to Our Generous Sponsors

Building the CentOS 7 Platform at Vultr for Incredible PBX

Installing Incredible PBX for CentOS 7 in the Vultr Cloud

Special Thanks to Our Generous Sponsors

Installing Incredible PBX Alarm Clock on the XiVO Platform

Installing Incredible PBX Alarm Clock on the Other Platforms

A Quick Introduction to Military Time for All of Our Civilian Friends

Taking the Incredible PBX Alarm Clock for a Spin

Reviewing Scheduled Alarms with a Web Browser

Special Thanks to Our Generous Sponsors

Choosing a XiVO Hardware Platform

XIVO Initial Setup Tutorial

XIVO Trunk Implementation Tutorials

XIVO Call Routing Tutorials

Taking Nerd Vittles’ XiVO IVR for a Test Drive

Special Thanks to Our Generous Sponsors

Choosing an Experimental Platform for XiVO

1. Installing XiVO as a VirtualBox Virtual Machine

2. Installing XiVO as a CloudAtCost Cloud-Based Server

3. Installing XiVO as a Digital Ocean Droplet

Enabling SSH Root Access with XiVO

Setting Up a Firewall to Protect XiVO

Configuring XiVO with a Web Browser

Logging Into the XiVO Web Interface

Creating Users and Lines with XiVO

Configuring a SIP Trunk for Google Voice with XiVO

Special Thanks to Our Generous Sponsors

Special Thanks to Our Generous Sponsors

Special Thanks to Our Generous Sponsors

Post navigation

Support Nerd Vittles

Free Asterisk Solutions

Tags