Home » Posts tagged 'gpl' (Page 3)

Tag Archives: gpl

The Most Versatile VoIP Provider: FREE PORTING

Now Serving: The Incredible PBX 13-13 Whole Enchilada

blank

We’re delighted to introduce the bells and whistles for Incredible PBX® 13-13. We’ve taken a slightly different approach with this release. Instead of getting the Whole Enchilada out of the box, you now have a choice. You start with Incredible PBX 13-13 LEAN on the recommended CentOS® 6.10 platform. This gets you a fully-functioning PBX with the latest Asterisk® 13 and most of the FreePBX® 13 GPL modules. This release includes support for Skyetel SIP trunking from our Platinum Sponsor together with $50 in free service to get you started. You still can customize your PBX in any way you like. Or just upgrade to the Whole Enchilada and take advantage of the entire feature set that Incredible PBX has traditionally offered. Last but not least, you can add Incredible Fax for flawless faxing with HylaFax® and AvantFax® including fax detection on specified inbound routes. So the choice is totally up to you. We have a lot to cover. For today, we’ll get all the Incredible PBX pieces installed.

blank Just Released: Incredible PBX 16-15 for CentOS 7. Take it for a test drive.

Here’s a sneak peek at what’s included in Incredible PBX 13-13 Whole Enchilada: dozens of preconfigured SIP Trunks from our favorite providers, Voice Dialing (411) with IBM STT or Google, Headline News (951), Weather by ZIP Code (947), Today in History (86329), IBM TTS, ODBC Lookups (222), ODBC Calling with AsteriDex (223), Telephone Reminders (123), AsteriDex (Web GUI), Reminders (Web GUI), PortKnocker, Travelin’ Man 4, Time of Day (*61), SMS Dictator (767), Wolfram Alpha (4747), Hotel-Style Wakeup Calls (*68), Allison’s Demo IVR (3366), Lenny (53669), Call Parking (**70), Call Pickup (71), Blacklist Add (*30), Blacklist Remove (*31), Blacklist Last Caller (*32), Call Forward Activate (*72), Call Forward DeActivate (*73), Conferencing (C-O-N-F), Call Pickup (*8), Dictation (*34), Email Dictation (*35), DND Activate (*78), DND DeActivate (*79), SpeedDial with AsteriDex (000NNN), Email Delivery of Voicemails, NeoRouter VPN, and more. With a little luck, this will light a fire under some of you to roll up your sleeves and participate in the open source development community.

Installing a Base CentOS Operating System

You can install Incredible PBX 13-13 Lean on a dedicated server, on a virtual machine platform such as VirtualBox, or a Cloud-based server. We recommend a minimum 1GB of RAM with a swapfile unless installing on OpenVZ platforms. We’ve provided a script to do it for you. Depending upon the number of users your server will be supporting, we recommend a disk capacity of 10-30 GB. Last but not least, you need a reliable Internet connection.

Before you can install Incredible PBX 13-13 Lean, you’ll need a basic Linux platform. For this build, you can start by deploying a minimal install of CentOS 6. The Incredible PBX installer will load all of the necessary components to support Asterisk and FreePBX as well as upgrading CentOS to 6.10. Better yet, use the new Incredible PBX 13-13 ISO which bundles both the operating system packages and all of the Incredible PBX goodies. Complete Incredible PBX 13-13 ISO tutorial available here.

Begin by installing 64-bit CentOS 6 on your favorite hardware or Desktop. Or you may prefer to use a Cloud provider1 that already offers a preconfigured CentOS or Incredible PBX 13-13 image in the case of HiFormance. If you’re using a Cloud platform, you can skip the rest of this section. Just choose CentOS 6 or Incredible PBX 13-13 on HiFormance as the default operating system for your cloud-based server.

For those using a dedicated hardware platform or wishing to install CentOS as a virtual machine, the drill is the same. Start by downloading the 64-bit CentOS 6.10 minimal ISO. Burn the ISO to a DVD unless you’ll be booting from the ISO on a virtual machine platform such as VirtualBox. On virtual platforms, we recommend at least 1GB RAM and a 20GB dedicated drive. For VirtualBox, we’ve provided a one-minute installer. Here are the settings:

Type: Linux
Version: RedHat 64-bit
RAM: 1024MB
Default Drive Options with 20GB space
Create
Settings->System: Enable IO APIC and Disable HW Clock (leave rest alone)
Settings->Audio: Enable
Settings->Network: Enable, Bridged
Settings->Storage: Far right CD icon (choose your ISO)
Start

If you’re booting your server with the CentOS ISO to start the CentOS install, here are the simplest installation steps:

Choose Language and Click Continue
Click: Install Destination (do not change anything!)
Click: Done
Click: Network & Hostname
Click: ON
Click: Done
Click: Begin Installation
Click: Root Password: password, password, Click Done twice
Wait for Minimal Software Install and Setup to finish
Click: Reboot

Installing Incredible PBX 13-13 LEAN

Unless you’re using a virtual machine Incredible PBX image or the Incredible PBX 13-13 image on HiFormance, you’ll need to run the Incredible PBX installer. Once you have CentOS up and running, log into your server as root and issue the following commands to kick off the Incredible PBX install.

passwd
yum -y update
yum -y install net-tools nano wget tar
wget http://incrediblepbx.com/incrediblepbx-13-13-LEAN.tar.gz
tar zxvf incrediblepbx-13-13-LEAN.tar.gz
rm -f incrediblepbx-13-13-LEAN.tar.gz
# to add swap file on non-OpenVZ cloud platforms
./create-swapfile-DO
# kick off Phase I install
./IncrediblePBX-13-13.sh
# after reboot, kick off Phase II install
./IncrediblePBX-13-13.sh
# add Full Enchilada apps, if desired
./Enchilada-upgrade.sh
# add HylaFax/AvantFax, if desired
./incrediblefax13.sh
# set passwords
./update-passwords
# set desired timezone
./timezone-setup
# remember to enable TUN/TAP if using VPS Control Panel
# reconfigure PortKnocker if installing on an OpenVZ platform
echo 'OPTIONS="-i venet0:0"' >> /etc/sysconfig/knockd
service knockd restart
# fix pbxstatus for NeoRouter VPN support, if desired
cd /usr/local/sbin
sed -i "s|cat /etc/hostip|cat /etc/hostip \\| cut -f 3 -d ' ' |" pbxstatus
# set up NeoRouter client, if desired
nrclientcmd

WebMin is also installed and configured as part of the base install. The root password for access is the same as your Linux root password. We strongly recommend that you not use WebMin to make configuration changes to your server. You may inadvertently damage the operation of your PBX beyond repair. WebMin is an excellent tool to LOOK at how your server is configured. When used for that purpose, we highly recommend WebMin as a way to become familiar with your Linux configuration.

Using the Incredible PBX 13-13 Web GUI

NOTE: If you plan to upgrade to the Whole Enchilada, you can skip this section. It’s for those that wish to roll their own PBX from the ground up.

Most of the configuration of your PBX will be performed using the web-based Incredible PBX GUI with its FreePBX 13 GPL modules. Use a browser pointed to the IP address of your server and choose Incredible PBX Admin. Log in as admin with the password you configured in the previous step. HINT: You can always change it if you happen to forget it.

blank

To get a basic system set up so that you can make and receive calls, you’ll need to add a VoIP trunk, create one or more extensions, set up an inbound route to send incoming calls to an extension, and set up an outbound route to send calls placed from your extension to a VoIP trunk that connects to telephones in the real world. You’ll also need a SIP phone or softphone to use as an extension on your PBX. Our previous tutorial will walk you through this setup procedure. Over the years, we’ve built a number of command line utilities including a script to preconfigure SIP trunks for more than a dozen providers in seconds. You’ll find links to all of them here.

Continue Reading: Configuring Extensions, Trunks & Routes

blank

Upgrading to Incredible PBX Whole Enchilada

There now are two more pieces to put in place. The sequence matters! Be sure to upgrade to the Whole Enchilada before you install Incredible Fax. If you perform the steps backwards, you may irreparably damage your fax setup by overwriting parts of it.

The Whole Enchilada upgrade script now is included in the Incredible PBX LEAN tarball. If you have an earlier release, you may need to download the Whole Enchilada tarball as documented below. Upgrading to the Whole Enchilada is simple. Log into your server as root and issue the following commands. Try issuing just the last command first to see if the enchilada upgrade script already is in place. Otherwise, execute all of the commands below. Be advised that the upgrade will overwrite all of your existing Incredible PBX setup including any extensions, trunks, and routes you may have created previously. You also will be prompted to reset all of your passwords as part of the upgrade.

cd /root
./Enchilada*

If you accidentally installed Incredible Fax before upgrading to the Whole Enchilada, you may be able to recover your Incredible Fax setup by executing the following commands. It’s worth a try anyway.

amportal a ma install avantfax
amportal a r

Installing Incredible Fax with HylaFax/AvantFax

You don’t need to upgrade to the Whole Enchilada in order to use Incredible Fax; however, you may forfeit the opportunity to later upgrade to the Whole Enchilada if you install Incredible Fax first. But the choice is completely up to you. To install Incredible Fax, log into your server as root and issue the following commands:

cd /root
./incrediblefax13.sh

After entering your email address to receive incoming faxes, you’ll be prompted about two dozen times to choose options as part of the install. Simple press the ENTER key at each prompt and accept all of the defaults. When the install finishes, make certain that you reboot your server to bring Incredible Fax on line. There will be a new AvantFax option in the Incredible PBX GUI. The default credentials for AvantFax GUI are admin:password; however, you first will be prompted for your Apache admin credentials which were set when you installed Incredible PBX 13-13 LEAN or the Whole Enchilada. Then you’ll be asked to change your AvantFax password.

Upgrading to IBM Speech Engines

If you’ve endured Google’s Death by a Thousand Cuts with text-to-speech (TTS) and voice recognition (STT) over the years, then we don’t have to tell you what a welcome addition IBM’s new speech utilities are. We can’t say enough good things about the new IBM Watson TTS and STT offerings. With IBM’s services, you have a choice of free or commercial tiers. Let’s put the pieces in place so you’ll be ready to play with the Whole Enchilada.

Getting Started with IBM Watson TTS Service

We’ve created a separate tutorial to walk you through obtaining and configuring your IBM Watson credentials. Start there.

Next, login to your Incredible PBX server and issue these commands to update your Asterisk dialplan and edit ibmtts.php:

cd /var/lib/asterisk/agi-bin
./install-ibmtts-dialplan.sh
nano -w ibmtts.php

Insert your credentials in $IBM_username and $IBM_password. For new users, your $IBM_username will be apikey. Your $IBM_password will be the TTS APIkey you obtained from IBM. Next, verify that $IBM_url matches the entry provided when you registered with IBM. Then save the file: Ctrl-X, Y, then ENTER. Now reload the Asterisk dialplan: asterisk -rx "dialplan reload". Try things out by dialing 951 (news) or 947 (Weather) from an extension registered on your PBX.

Getting Started with IBM Watson STT Service

Now let’s get IBM’s Speech to Text service activated. Log back in to the IBM Cloud. Click on the Speech to Text app. Choose a Region to deploy in, choose your Organization from the pull-down menu, and select STT as your Space. Choose the Standard Pricing Plan. Then click Create. When Speech to Text Portal opens, click the Service Credentials tab. In the Actions column, click View Credentials and copy down your STT username and password.

Finally, login to your Incredible PBX server and issue these commands to edit getnumber.sh:

cd /var/lib/asterisk/agi-bin
nano -w getnumber.sh

Insert apikey as your API_USERNAME and your actual STT APIkey API_PASSWORD in the fields provided. Then save the file: Ctrl-X, Y, then ENTER. Update your Voice Dialer (411) to use the new IBM STT service:

sed -i '\\:// BEGIN Call by Name:,\\:// END Call by Name:d' /etc/asterisk/extensions_custom.conf
sed -i '/\\[from-internal-custom\]/r ibm-411.txt' /etc/asterisk/extensions_custom.conf
asterisk -rx "dialplan reload"

Now try out the Incredible PBX Voice Dialer with AsteriDex by dialing 411 and saying "Delta Airlines." Check back next week for the Whole Enchilada apps tutorial.

Adding Skyetel Trunks to Incredible PBX

Now that you have your Incredible PBX platform in place, it’s time to set up your Skyetel trunks to take advantage of the BOGO calling credit (up to $250). The trunks themselves are added by logging into your server with SSH/Putty as root and issuing the following commands if the trunks aren’t already installed on your server. HINT: Check first!

cd /root
wget http://incrediblepbx.com/add-skyetel
chmod +x add-skyetel
# uncomment next line if your incoming calls all have 10-digit numbers
# sed -i 's|from-trunk|from-pstn-e164-us|' add-skyetel
./add-skyetel
chmod -x add-skyetel

Next, sign up for Skyetel service and take advantage of the exclusive Nerd Vittles BOGO offer. First, complete the Prequalification Form here. You then will be provided a link to the Skyetel site to complete your registration. Skyetel will match your original deposit up to $250 which means you could enjoy as much as $500 of SIP trunking service for half price. Effective 10/1/2023, $25/month minimum spend required. Once you have registered on the Skyetel site and your account has been activated, open a support ticket and request your BOGO credit by referencing this Nerd Vittles special offer. Greed will get you nowhere. Credit is limited to one per person/company/address/location. If you want to take advantage of the 10% discount on your current service, open another ticket and attach a copy of your last month’s bill. See footnote 1 for the fine print.2 If you have high call volume requirements, document these in your Prequalification Form, and we will be in touch. Easy Peasy!

Unlike many VoIP providers, Skyetel does not use SIP registrations to make connections to your PBX. Instead, Skyetel utilizes Endpoint Groups to identify which servers can communicate with the Skyetel service. An Endpoint Group consists of a Name, an IP address, a UDP or TCP port for the connection, and a numerical Priority for the group. For incoming calls destined to your PBX, DIDs are associated with an Endpoint Group to route the calls to your PBX. For outgoing calls from your PBX, a matching Endpoint Group is required to authorize outbound calls through the Skyetel network. Thus, the first step in configuring the Skyetel side for use with your PBX is to set up an Endpoint Group. A typical setup for use with Incredible PBX®, Asterisk®, or FreePBX® would look like the following:

  • Name: MyPBX
  • Priority: 1
  • IP Address: PBX-Public-IP-Address
  • Port: 5060
  • Protocol: UDP
  • Description: server1.incrediblepbx.com

To receive incoming PSTN calls, you’ll need at least one DID. On the Skyetel site, you acquire DIDs under the Phone Numbers tab. You have the option of Porting in Existing Numbers (free for the first 60 days after you sign up for service) or purchasing new ones under the Buy Phone Numbers menu option.

Once you have acquired one or more DIDs, navigate to the Local Numbers or Toll Free Numbers tab and specify the desired SIP Format and Endpoint Group for each DID. Add SMS/MMS and E911 support, if desired. Call Forwarding and Failover are also supported. That completes the VoIP setup on the Skyetel side. System Status is always available here.

Configuring a Skyetel Inbound Route

Because there is no SIP registration with Skyetel, incoming calls to Skyetel trunks will NOT be sent to the Default Inbound Route configured on your PBX because FreePBX treats the calls as blocked anonymous calls without an Inbound Route pointing to the 11-digit number of each Skyetel DID. From the GUI, choose Connectivity -> Inbound Routes -> Add Inbound Route. For both the Description and DID fields, enter the 11-digit phone number beginning with a 1. Set the Destination for the incoming DID as desired and click Submit. Reload the Dialplan when prompted. Place a test call to each of your DIDs after configuring the Inbound Routes.

If you have installed the Incredible Fax add-on, you can enable Fax Detection under the Fax tab. And, if you’d like CallerID Name lookups using CallerID Superfecta, you can enable it under the Other tab before saving your setup and reloading your dialplan.

Configuring a Skyetel Outbound Route

If Skyetel will be your primary provider, you can use both 10-digit and 11-digit dialing to process outbound calls through your Skyetel account. From the GUI, choose Connectivity -> Outbound Routes -> Add Outbound Route. For the setup, we recommend the following using the CallerID Number you wish to associate with your outbound calls through Skyetel:

blank

Enter the Dial Patterns under the Dial Patterns tab before saving your outbound route. Here’s what you would enter for 10-digit and 11-digit dialing. If you want to require a dialing prefix to use the Skyetel Outbound Route, enter it in the Prefix field for both dial strings.

blank

There are a million ways to design outbound calling schemes on PBXs with multiple trunks. One of the simplest ways is to use no dial prefix for the primary trunk and then use dialing prefixes for the remaining trunks.

Another outbound calling scheme would be to assign specific DIDs to individual extensions on your PBX. Here you could use NXXNXXXXXX with the 1 Prepend as the Dial Pattern with every Outbound Route and change the Extension Number in the CallerID field of the Dial Pattern. With this setup, you’d need a separate Outbound Route for each group of extensions using a specific trunk on your PBX. Additional dial patterns can be added for each extension designated for a particular trunk. A lower priority Outbound Route then could be added without a CallerID entry to cover extensions that weren’t restricted or specified.

HINT: Keep in mind that Outbound Routes are processed by FreePBX in top-down order. The first route with a matching dial pattern is the trunk that is selected to place the outbound call. No other outbound routes are ever used even if the call fails or the trunk is unavailable. To avoid failed calls, consider adding additional trunks to the Trunk Sequence in every outbound route. In summary, if you have multiple routes with the exact same dial pattern, then the match nearest to the top of the Outbound Route list wins. You can rearrange the order of the outbound routes by dragging them into any sequence desired.

Audio Issues with Skyetel

If you experience one-way or no audio on some calls, make sure you have filled in the NAT Settings section in the GUI under Settings -> Asterisk SIP Settings -> General. In addition to adding your external and internal IP addresses there, be sure to add your external IP address in /etc/asterisk/sip_general_custom.conf like the following example and restart Asterisk:

externip=xxx.xxx.xxx.xxx

If you’re using PJSIP trunks or extensions on your PBX, implement this fix as well.

Receiving SMS Messages Through Skyetel

Most Skyetel DIDs support SMS messaging. Once you have purchased one or more DIDs, you can edit each number and, under the SMS & MMS tab, you can redirect incoming SMS messages to an email or SMS destination of your choice using the following example:


blank

Sending SMS Messages Through Skyetel

We’ve created a simple script that will let you send SMS messages from the Linux CLI using your Skyetel DIDs. In order to send SMS messages, you first will need to create an SID key and password in the Skyetel portal. From the Settings icon, choose API Keys -> Create. Once the credentials appear, copy both your SID and Password. Then click SAVE.

Next, from the Linux CLI, issue the following commands to download the sms-skyetel script into your /root folder. Then edit the file and insert your SID, secret, and DID credentials in the fields at the top of the script. Save the file, and you’re all set.

cd /root
wget http://incrediblepbx.com/sms-skyetel
chmod +x sms-skyetel
nano -w sms-skyetel

To send an SMS message, use the following syntax where 18005551212 is the 11-digit SMS destination: sms-skyetel 18005551212 "Some message"

Using Gmail as a SmartHost for SendMail

Many Internet service providers block email transmissions from downstream servers (that’s you) to reduce spam. The simple solution is to use your Gmail account as a smarthost for SendMail. Here’s how. Log into your server as root and issue the following commands:

yum -y install sendmail-cf
cd /etc/mail
hostname -f > genericsdomain
touch genericstable
makemap -r hash genericstable.db < genericstable
mv sendmail.mc sendmail.mc.original
wget http://incrediblepbx.com/sendmail.mc.gmail
cp sendmail.mc.gmail sendmail.mc
mkdir -p auth
chmod 700 auth
cd auth
echo AuthInfo:smtp.gmail.com \\"U:smmsp\\" \\"I:user_id\\" \\"P:password\\" \\"M:PLAIN\\" > client-info
echo AuthInfo:smtp.gmail.com:587 \\"U:smmsp\\" \\"I:user_id\\" \\"P:password\\" \\"M:PLAIN\\" >> client-info
echo AuthInfo:smtp.gmail.com:465 \\"U:smmsp\\" \\"I:user_id\\" \\"P:password\\" \\"M:PLAIN\\" >> client-info
nano -w client-info

When the nano editor opens the client-info file, change the 3 user_id entries to your Gmail account name without @gmail.com and change the 3 password entries to your actual Gmail password. Save the file: Ctrl-X, Y, then ENTER.

Now issue the following commands:

chmod 600 client-info
makemap -r hash client-info.db < client-info
cd ..
make
service sendmail restart

Finally, send yourself a test message. Be sure to check your spam folder!

 echo "test" | mail -s testmessage yourname@yourdomain.com

Check mail success with: tail /var/log/maillog. If you have trouble getting a successful Gmail registration (especially if you have previously used this Google account from a different IP address), try this Google Voice Reset Procedure. It usually fixes connectivity problems. If it still doesn’t work, enable Less Secure Apps using this Google tool.

Originally published: Monday, November 13, 2017  Updated: Saturday, March 23, 2019


News Flash: Turn Incredible PBX into a Fault-Tolerant HA Platform for $1/Month

Continue Reading: Configuring Extensions, Trunks & Routes

Don't Miss: Incredible PBX Application User's Guide covering the 31 Whole Enchilada apps

Check out the new Incredible PBX 13-13 ISO. Complete tutorial available here.


blankSupport Issues. With any application as sophisticated as this one, you're bound to have questions. Blog comments are a difficult place to address support issues although we welcome general comments about our articles and software. If you have particular support issues, we encourage you to get actively involved in the PBX in a Flash Forum. It's the best Asterisk tech support site in the business, and it's all free! Please have a look and post your support questions there. Unlike some forums, the PIAF Forum is extremely friendly and is supported by literally hundreds of Asterisk gurus and thousands of users just like you. You won't have to wait long for an answer to your question.


blank
Need help with Asterisk? Visit the VoIP-info Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

blankBOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

blankThe lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

blankVitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

blankSpecial Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



blank

  1. Some of our links refer users to Amazon or other service providers when we find their prices are competitive for the recommended products. Nerd Vittles receives a small referral fee from these providers to help cover the costs of our blog. We never recommend particular products solely to generate commissions. However, when pricing is comparable or availability is favorable, we support these providers because they support us. []
  2. In the unlikely event that Skyetel cannot provide a 10% reduction in your current origination rate and/or DID costs, Skyetel will give you an additional $50 credit to use with the Skyetel service. []

Celebrating 2019: Return of the One-Minute Desktop PBX


blank

If you’re new to the VoIP world and aren’t quite ready to dive into the Nerd Vittles cloud computing offerings, then we have a one minute setup solution today that doesn’t require you to buy anything ever. You can use almost any desktop computer you already own to bring up the VirtualBox® edition of Incredible PBX® in less than 60 seconds. If you’ve followed Nerd Vittles over the years, you already know that VirtualBox from Oracle® is one of our favorite platforms. Once VirtualBox is installed on your desktop computer, adding Incredible PBX is a snap. Download the new Incredible PBX vbox image from SourceForge, double-click on the downloaded image, check the initialize MAC address box, and boom. In less than a minute, your PBX is ready to use.

The really nice thing about playing along today is it won’t cost you a dime to try things out for yourself. And, if you really love it and we think you will, there’s no hidden fee or crippleware to hinder your continued use of Incredible PBX for as long as you like. Of course, the Incredible PBX feature set is included as well which brings you nearly three dozen applications for Asterisk® that will revolutionize your communications platform. Just add your credentials and speech-to-text, voice recognition, and a Siri-like telephony interface are as close as your nearest SIP phone. If you later decide you’d like to migrate your server to an inexpensive cloud-based platform, Incredible Backup and Restore make it a 15-minute turnkey task.

Installing Oracle VM VirtualBox

blank

Oracle’s virtual machine platform inherited from Sun is amazing. It’s not only free, but it’s pure GPL2 code. VirtualBox gives you a virtual machine platform that runs on top of any desktop operating system. In terms of limitations, we haven’t found any. We even tested this on an Atom-based Windows 7 machine with 2GB of RAM, and it worked without a hiccup. So step #1 today is to download one or more of the VirtualBox installers from VirtualBox.org or Oracle.com. Our recommendation is to put all of the 100MB installers on a 4GB thumb drive.1 Then you’ll have everything in one place whenever and wherever you happen to need it. Once you’ve downloaded the software, simply install it onto your favorite desktop machine. Accept all of the default settings, and you’ll be good to go. For more details, here’s a link to the Oracle VM VirtualBox User Manual.

Installing Incredible PBX 13 with VirtualBox

To begin, download the latest Incredible PBX vbox image (2.6 GB) onto your desktop. Incredible PBX 13-13.10 includes all of the very latest FreePBX® 13 modules.

Next, double-click on the Incredible PBX .ova image on your desktop. Be sure to check the box to initialize the MAC address of the image and then click Import. Once the import is finished, you’ll see a new Incredible PBX virtual machine in the VM List of the VirtualBox Manager Window. Let’s make a couple of one-time adjustments to the Incredible PBX configuration to account for possible differences in sound and network cards on different host machines.

(1) Click once on the Incredible PBX virtual machine in the VM List. Then (2) click the Settings button. In the Audio tab, check the Enable Audio option and choose your sound card. In the Network tab for Adapter 1, check the Enable Network Adapter option. From the Attached to pull-down menu, choose Bridged Adapter. Then select your network card from the Name list. Then click OK. That’s all the configuration that is necessary for Incredible PBX.

Running Incredible PBX in VirtualBox

Once you’ve imported and configured the Incredible PBX Virtual Machine, you’re ready to go. Highlight the Incredible PBX virtual machine in the VM List on the VirtualBox Manager Window and click the Start button. The standard Linux boot procedure will begin and, within a few seconds, you’ll get the familiar Linux login prompt. During the bootstrap procedure, you’ll see a couple of dialogue boxes pop up that explain the keystrokes to move back and forth between your host operating system desktop and your virtual machine. Remember, you still have full access to your desktop computer. Incredible PBX is merely running as a task in a VM window. Always gracefully halt Incredible PBX just as you would on any computer.

Here’s what you need to know. To work in the Incredible PBX virtual machine, just left-click your mouse while it is positioned inside the VM window. To return to your host operating system desktop, press the right Option key on Windows machines or the left Command key on any Mac. For other operating systems, read the dialogue boxes for instructions on moving around. To access the Linux CLI, login as root with the default password: password. Change your passwords immediately by typing: /root/update-passwords.

Setting the Date and Time with VirtualBox

On some platforms, VirtualBox has a nasty habit of mangling the date and time of your virtual machine. Typing date will tell you whether your VM is affected. If it’s a problem, manually set the date and time and then update the hardware clock. Here’s how assuming 01070709 is the month, day, and correct time of your server:

date 01070709
clock -w

Overview of the Initial Asterisk Setup Process

For those new to PBXs, here’s a two paragraph summary of how Voice over IP (VoIP) works. Phones connected to your PBX are registered with Extensions so that they can make and receive calls. When a PBX user picks up a phone and dials a number, an Outbound Route tells the PBX which Trunk to use to place the call based upon established dialing rules. Unless the dialed number is a local extension, a Trunk registered with some service provider accepts the call, and the PBX sends the call to that provider. The provider then routes the call to its destination where the recipient’s phone rings to announce the incoming call. When the recipient picks up the phone, the conversation begins.

Looking at things from the other end, when a caller somewhere in the world wishes to reach you, the caller picks up a telephone and dials a number known as a DID that is assigned to you by a provider with whom you have established service. When the provider receives the call to your DID, it routes the call to your PBX based upon destination information you established with the provider. Your PBX receives the call with information identifying the DID of the call as well as the CallerID name and number of the caller. An Inbound Route on your PBX then determines where to send the call based upon that DID and CallerID information. Typically, a call is routed to an Extension, a group of Extensions known as a Ring Group, or an IVR or AutoAttendant giving the caller choices on routing the call to the desired destination. Once the call is routed to an Extension, the PBX rings the phone registered to that Extension. When you pick up the phone, the conversation begins.

Configuring Asterisk to Support NAT-Based Routing

With a VoIP server, many PBXs and Extensions are housed behind a NAT-based router that is found in most homes and businesses. These routers assign private IP addresses that are not accessible from the Internet. This causes SIP routing headaches because there are actually two legs to every call, one on the private IP address of your server or extension and another on the public Internet with an entirely different IP address. Routers supposedly handle this handoff of the call using Network Address Translation (NAT) and SIP ALG. With Asterisk-based PBXs, we want the PBX itself to handle the NAT chores so it is critically important to do three things when setting up your PBX. First, turn off SIP ALG on every router used by your PBX and every extension connected to your PBX. Second, tell your PBX about your public and private IP address setup. Step #2 is done in the Incredible PBX GUI with a browser. Login as admin and choose Settings:Asterisk SIP Settings. In the NAT Settings section of the form, click Detect Network Settings. Make sure your public and private IP addresses are correctly listed. Then click Submit and reload your dialplan when prompted. Failure to perform BOTH of these steps typically results in calls with one-way audio, i.e. where either you or the called party can’t hear the other party in the conversation. The third rule to remember is to always configure SIP Extensions on your PBX with NAT Mode=YES. This is rarely harmful and failure to configure SIP extensions in this way typically causes one-way audio in calls as well. IAX extensions avoid NAT issues.

Configuring Extensions with Incredible PBX GUI

Extensions are created using the Incredible PBX GUI: Applications:Extensions. Many SIP phones expect extensions to communicate on UDP port 5060. If this is the case with your SIP phone or softphone, then always create Chan_SIP extensions which communicate on UDP 5060. If your SIP phone or softphone provide port flexibility, then you have a choice in the type of SIP extension to create: Chan_SIP or the more versatile PJSIP. Just remember to always configure SIP extensions with NAT Mode=YES in the Advanced tab. If your VoIP phones or softphones support IAX connectivity, you may wish to consider IAX extensions which avoid NAT problems.

When you create a new Extension, a new entry is automatically created in the PBX Internal Directory. If you wish to allow individual users to manage their extensions or use the WebRTC softphone, then you will also have to create a (very) secure password for User Control Panel (UCP) access. Choose Admin:User Management and click on the key icon of the desired extension to assign a password for UCP and WebRTC access.

Configuring SIP Phones with Incredible PBX GUI

SIP phones and softphones typically require three pieces of information: the IP address of your server, the extension number, and the extension password. If you’re using a PJSIP extension, you also will need to change the port to UDP 5061. If your server is behind a NAT-based router, SIP phones also behind the same router need to use the private LAN address rather than the public IP address. If the SIP phones are outside the router protecting the PBX, then use the public IP address and make certain that you also map ports 5060 and 5061 from your router to the private LAN address of your PBX. Beginning with Incredible PBX 13-13.10, you now can make free SIP URI calls worldwide from almost any SIP phone or softphone. Our SIP URI tutorial covers everything you need to know.

The PIAF Forum can provide you with helpful information in choosing high quality SIP phones. Yealink phones are highly recommended with minimal issues. Cisco phones are the most difficult to configure. Insofar as free softphones, we recommend the Zoiper 3 offerings for Windows, Mac, iOS, and Android. Zoiper 5 still is experiencing some growing pains. A key advantage of the Zoiper softphone is it supports IAX extensions which eliminate the NAT issues entirely. On the Mac platform, we also recommend the Telephone app which is available in the App Store. For SRTP communications, use Grandstream Wave.

Configuring Trunks with Incredible PBX GUI

Perhaps the most difficult component to configure in the PBX is the Trunk. Almost every provider has a different way of doing things. We’ve taken some of the torture out of the exercise by providing configuration settings for dozens of providers. All you need to do is edit the desired Trunk (Connectivity:Trunks), change the Disable Trunk entry to No, and insert your credentials in both the PEER Details and Registration string of the SIP Settings Outgoing and Incoming tabs.

UPDATE: Whether your desktop PBX has a static IP address on the Internet or not, you now can take advantage of a terrific Nerd Vittles Skyetel offer of $50 in free service using Skyetel’s just released support for dynamic IP addressing. Start by mapping UDP ports 5060 and 10000-20000 to your server from your router. The firewall settings and Skyetel trunk setups are preconfigured in this VirtualBox image. Once you get this far, you’re ready to install Skyetel’s new dynamic IP address updater. This is required since you never actually register a trunk with Skyetel. Here’s how. Log into your server as root and cd /usr/src. Then follow this tutorial to put the pieces in place. While this is beta software at this juncture, we have tested it with excellent results. However, if you run into issues, please post your questions on the PIAF Forum. Now jump over to our Skyetel Tutorial to claim your $50 credit and to get your account set up and configured. Effective 10/1/2023, $25/month minimum spend required.

Of course, Incredible PBX comes preconfigured with setups for dozens of other providers that let you register a new trunk on the provider’s server. VoIP.ms (free iNUM), CircleNet, CallCentric (free DID and iNUM), LocalPhone (25¢/mo. iNUM), Future-Nine, AnveoDirect, and V1VoIP are excellent options.2 Most don’t cost you anything unless you make calls. Review our complete SIP tutorial here: Developing a Cost-Effective SIP Strategy.

Configuring Inbound Routes in Incredible PBX GUI

Inbound Routes, as the name implies, are used to direct incoming calls to a specific destination. That destination could be an extension, a ring group, an IVR or AutoAttendant, or even a conference or DISA extension to place outbound calls (hopefully with a very secure password). Inbound Routes can be identified by DID, CallerID number, or both. To create Inbound Routes, choose Connectivity:Inbound Routes and then click Add Inbound Route. Provide at least a Description for the route, a DID to be matched, and the Destination for the incoming calls that match. If you only want certain callers to be able to reach certain extensions, add a CallerID number to your matching criteria. You can add Call Recording and CallerID CNAM Lookups under the Other tab.

Configuring Outbound Routes in Incredible PBX GUI

Outbound Routes serve a couple of purposes. First, they assure that calls placed by users of your PBX are routed out through an appropriate trunk to reach their destination in the least costly manner. Second, they serve as a security mechanism by either blocking or restricting certain calls by requiring a PIN to complete the calls. For example, if you only permit 10-digit calls and route all of those calls out through a specific trunk with a $20 account balance, there is little risk of running up an exorbitant phone bill because of unauthorized calls unless you’ve deposited a lot of money in your account or activated automatic funds replenishment. This raises another important security tip. Never authorize recurring charges on credit cards registered with your VoIP providers and, if possible, place pricing limits on calls with your providers. If a bad guy were to break into your PBX, you don’t want to give the intruder a blank check to make unauthorized calls. And you certainly don’t want to join the $100,000 Phone Bill Club.

To create outbound routes in the Incredible PBX GUI, navigate to Connectivity:Outbound Routes and click Add Outbound Route. In the Route Settings tab, give the Outbound Route a name and choose one or more trunks to use for the outbound calls. In the Dial Patterns tab, specify the dial strings that must be matched to use this Outbound Route. NXXNXXXXXX would require only 10-digit numbers with the first and fourth digits being a number between 2 and 9. Note that Outbound Routes are searched from the top entry to the bottom until there is a match. Make certain that you order your routes correctly and then place test calls watching the Asterisk CLI to make sure the calls are routed as you intended.

Design Methodology for Outbound Routes

There are a million ways to design outbound calling schemes on PBXs with multiple trunks. One of the simplest ways is to use no dial prefix for the primary trunk and then use dialing prefixes such as *1 and *2 for the remaining trunks.

Another outbound calling scheme would be to assign specific DIDs to individual extensions on your PBX. Here you could use NXXNXXXXXX with the 1 Prepend as the Dial Pattern with every Outbound Route and change the Extension Number in the CallerID field of the Dial Pattern. With this setup, you’d need a separate Outbound Route for each group of extensions using a specific trunk on your PBX. Additional dial patterns can be added for each extension designated for a particular trunk. A lower priority Outbound Route then could be added without a CallerID entry to cover extensions that weren’t restricted or specified.

HINT: Keep in mind that Outbound Routes are processed by FreePBX in top-down order. The first route with a matching dial pattern is the trunk that is selected to place the outbound call. No other outbound routes are ever used even if the call fails or the trunk is unavailable. To avoid failed calls, consider adding additional trunks to the Trunk Sequence in every outbound route. In summary, if you have multiple routes with the exact same dial pattern, then the match nearest to the top of the Outbound Route list wins. You can rearrange the order of the outbound routes by dragging them into any sequence desired.

Configuring Incredible PBX for VirtualBox

In order to take advantage of all the Incredible PBX applications, you’ll need to obtain IBM text-to-speech (TTS) and speech-to-text (STT) credentials as well as a (free) Application ID for Wolfram Alpha.

NOV. 1 UPDATE: IBM moved the goal posts effective December 1, 2018:

blank

This Nerd Vittles tutorial will walk you through getting your IBM account set up and obtaining both your TTS and STT credentials. Be sure to write down BOTH sets of credentials which you’ll need in a minute. For home and SOHO use, IBM access and services are FREE even though you must provide a credit card when signing up. The IBM signup process explains their pricing plans.

To use Wolfram Alpha, sign up for a free Wolfram Alpha API account. Just provide your email address and set up a password. It takes less than a minute. Log into your account and click on Get An App ID. Make up a name for your application and write down (and keep secret) your APP-ID code. That’s all there is to getting set up with Wolfram Alpha. If you want to explore costs for commercial use, there are links to let you get more information.

In addition to your Wolfram Alpha APPID, there are two sets of IBM credentials to plug into the Asterisk AGI scripts. Keep in mind that there are different usernames and passwords for the IBM Watson TTS and STT services. The TTS credentials will look like the following: $IBM_username and $IBM_password. The STT credentials look like this: $API_USERNAME and $API_PASSWORD. Don’t mix them up. 🙂

All of the scripts requiring credentials are located in /var/lib/asterisk/agi-bin so switch to that directory after logging into your server as root. Edit each of the following files and insert your TTS credentials in the variables already provided: nv-today2.php, ibmtts.php, and ibmtts2.php. Edit each of the following files and insert your STT credentials in the variables already provided: getquery.sh, getnumber.sh, and getnumber2.sh. Finally, edit 4747 and insert your Wolfram Alpha APPID.

Using Asteridex with Incredible PBX

AsteriDex is a web-based dialer and address book application for Asterisk and Incredible PBX. It lets you store and manage phone numbers of all your friends and business associates in an easy-to-use SQLite3 database. You simply call up the application with your favorite web browser: http://pbx-ip-address/asteridex4/. When you click on a contact that you wish to call, AsteriDex first calls you at extension 701, and then AsteriDex connects you to your contact through another outbound call made using your default outbound trunk that supports numbers in the 1NXXNXXXXXX format.

Taking Incredible PBX for a Test Drive

You can take Incredible PBX on a test drive by dialing D-E-M-O (3366) from any phone connected to your PBX.

With Allison’s Demo IVR, you can choose from the following options:

  • 0. Chat with Operator — connects to extension 701
  • 1. AsteriDex Voice Dialer – say "Delta Airlines" or "American Airlines" to connect
  • 2. Conferencing – log in using 1234 as the conference PIN
  • 3. Wolfram Alpha Almanac – say "What planes are flying overhead"
  • 4. Lenny – The Telemarketer’s Worst Nightmare
  • 5. Today’s News Headlines — courtesy of Yahoo! News
  • 6. Weather by ZIP Code – enter any 5-digit ZIP code for today’s weather
  • 7. Today in History — courtesy of OnThisDay.com
  • 8. Chat with Nerd Uno — courtesy of SIP URI connection to 3CX iPhone Client
  • 9. DISA Voice Dialer — say any 10-digit number to be connected
  • *. Current Date and Time — courtesy of Incredible PBX

News Flash: Turn Incredible PBX into a Fault-Tolerant HA Platform for $1/Month

Continue Reading: Configuring Extensions, Trunks & Routes

Don’t Miss: Incredible PBX Application User’s Guide covering the 31 Whole Enchilada apps

Originally published: Monday, January 7, 2019  Updated: Sunday, January 20, 2019


blank
Need help with Asterisk? Visit the VoIP-info Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

blankBOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

blankThe lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

blankVitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

blankSpecial Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



blank

  1. Some of our purchase links refer users to Amazon when we find their prices are competitive for the recommended products. Nerd Vittles receives a small referral fee from Amazon to help cover the costs of our blog. We never recommend particular products solely to generate Amazon commissions. However, when pricing is comparable or availability is favorable, we support Amazon because Amazon supports us. []
  2. Some of our links refer users to sites or service providers when we find their prices are competitive for the recommended products. Nerd Vittles receives a small referral fee from these providers to help cover the costs of our blog. We never recommend particular products solely to generate commissions. []

Introducing the GPL Toolkit for FreePBX and Incredible PBX


blank

We’ve been scratching our head for a good way to commemorate Micro$oft’s $7.5 billion purchase of GitHub which has served as the linchpin of the open source development community for many years. We’ll leave it to others and history to judge whether this was a good idea or not. What we came up with was a GPL Toolkit for Incredible PBX 13-13 that makes it child’s play to upgrade FreePBX® GPL modules in our Incredible PBX® 13-13 offerings for CentOS/SL, Ubuntu, and Raspbian using the FreePBX GitHub repository. Because Incredible PBX platforms don’t use module signature checking, it was fairly simple to design an upgrade methodology that leverages the FreePBX 13 module offerings posted on GitHub. While these modules would cause all sorts of module signature alarms to go off if used with other distributions, with Incredible PBX, implementation is straight-forward and painless.

To get started, log into your Incredible PBX 13-13 server as root and issue the following commands to download the GPL Toolkit:

cd /root
wget http://incrediblepbx.com/gpl-toolkit.tar.gz
tar zxvf gpl-toolkit.tar.gz
rm -f gpl-toolkit.tar.gz

Once the install finishes, you’ll end up with 7 scripts: gpl-module-list-full, gpl-module-list-fpbx, gpl-module-list-contrib, gpl-download-fpbx, gpl-download-contrib, gpl-install-fpbx, and gpl-install-contrib. As the names suggest, the gpl-module-list-full provides a simple way to list ALL FreePBX GPL modules (Sangoma-produced and contributor-produced) which are available for download from GitHub. And that will be your starting point whenever you wish to install or upgrade a FreePBX module in Incredible PBX 13-13. You will note that modules fall into one of two categories: fpbx or contrib. The reason is because Sangoma has chosen to store the modules in two separate user accounts on GitHub. So you first must decipher which repo houses the module you wish to download or install. Once you’ve figured that out, you can choose to either manually download and install the module (gpl-download) or automatically download and install the module (gpl-install). The syntax is simple. Use either /root/gpl-install-fpbx modulename for Sangoma-produced modules or /root/gpl-install-contrib modulename for contributor-produced modules.

Cautionary Notes. Updating a few FreePBX modules may cause problems with Incredible PBX 13-13 because of modifications that were made when the distribution was initially developed. So steer clear of the modules blocked by the install script. Aside from those few exceptions, the remaining modules should work well without causing any problems. Be advised that you should always update the framework module before attempting to update the core module. We’ve tested all of the Sangoma releases shown below, but that’s not to say something can’t come unglued down the road. With contributor-produced modules, Sangoma doesn’t vouch for them, and neither do we. HINT: It is ALWAYS a good idea to make a good backup of your server before venturing into uncharted territory.


blank

Adding a few FreePBX modules may reset the Module Signature Checking flag. If this should happen to you, simply reset the Enable Module Signature Checking flag to NO in Settings: Advanced Settings. If this doesn’t fix the issue, issue the following command after logging into your server as root: /root/sig-fix

Taking the GPL Toolkit for a Spin. There have been some reported bugs in a few of the default Sangoma-produced modules in the Incredible PBX 13-13 build so let’s tackle those to demonstrate how easy this new upgrade process actually is. Using the gpl-module-list-full script, we would have deciphered the names of the modules we wanted to upgrade as superfecta, bulkhandler, and phonebook. So, after logging into your server as root, issue these gplinstall commands:

/root/gpl-install-fpbx superfecta
/root/gpl-install-fpbx bulkhandler
/root/gpl-install-fpbx phonebook

Where To Go From Here? The next step in your adventure should be to learn a bit about each of the available GPL modules for FreePBX including when each module was last updated. You can do that by visiting Sangoma’s FreePBX repo on GitHub and the FreePBX contributor’s repo on GitHub. We’ve always found it’s a smart idea to build a second Incredible PBX 13-13 server with either VirtualBox or an inexpensive cloud facility to use as a sandbox for experimentation. There are lots of Nerd Vittles articles to show you how. Then you don’t have to worry about damaging your production server until you first have verified that the upgrades don’t introduce problems of their own. Enjoy!

Originally published: Thursday, June 14, 2018  Updated: Friday, August 17, 2018


blankSupport Issues. With any application as sophisticated as this one, you’re bound to have questions. Blog comments are a terrible place to handle support issues although we welcome general comments about our articles and software. If you have particular support issues, we encourage you to get actively involved in the PBX in a Flash Forums. It’s the best Asterisk tech support site in the business, and it’s all free! Please have a look and post your support questions there. Unlike some forums, ours is extremely friendly and is supported by literally hundreds of Asterisk gurus and thousands of users just like you. You won’t have to wait long for an answer to your question.


blank
Need help with Asterisk? Visit the PBX in a Flash Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

blankBOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

blankThe lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

blankVitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

blankSpecial Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Some Recent Nerd Vittles Articles of Interest…

One Minute Wonder: Introducing VitalPBX for VirtualBox


blank

Last week we took VitalPBX to the Cloud with our rock-solid firewall. And this week we’ll show you how to get VitalPBX up and running on any desktop computer in less than a minute using VirtualBox®. If you’ve followed Nerd Vittles over the years, you already know that VirtualBox from Oracle® is one of our favorite platforms. Almost any desktop computer can serve as a VirtualBox hosting platform. And once VirtualBox is installed, adding VitalPBX is a snap. Download the VitalPBX image, initialize your MAC address, start up the VM, and boom. Instant PBX perfection! The really nice thing about our tutorials is it doesn’t cost you a dime to try things out for yourself. And the Incredible PBX® feature set is included as well. Just add your credentials and speech-to-text, voice recognition, and a Siri-like interface are as close as your nearest SIP phone. Splurge with a $4.99 one-time purchase to add Google Voice, and you’ve got unlimited free calling in the U.S. and Canada. So why wait? Let’s get started.

Installing Oracle VM VirtualBox

blank

Oracle’s virtual machine platform inherited from Sun is amazing. It’s not only free, but it’s pure GPL2 code. VirtualBox gives you a virtual machine platform that runs on top of any desktop operating system. In terms of limitations, we haven’t found any. We even tested this on an Atom-based Windows 7 machine with 2GB of RAM, and it worked without a hiccup. So step #1 today is to download one or more of the VirtualBox installers from VirtualBox.org or Oracle.com. Our recommendation is to put all of the 100MB installers on a 4GB thumb drive.1 Then you’ll have everything in one place whenever and wherever you happen to need it. Once you’ve downloaded the software, simply install it onto your favorite desktop machine. Accept all of the default settings, and you’ll be good to go. For more details, here’s a link to the Oracle VM VirtualBox User Manual.

Installing Incredible PBX for VitalPBX VM

To begin, download the Incredible PBX for VitalPBX .ova image (1.0 GB) to the computer on which you installed VirtualBox.

Next, double-click on the VitalPBX .ova image on your desktop. Be sure to check the box to initialize the MAC address of the image and then click Import. Once the import is finished, you’ll see a new VitalPBX virtual machine in the VM List of the VirtualBox Manager Window. Let’s make a couple of one-time adjustments to the VitalPBX configuration to account for differences in sound and network cards on different host machines.

(1) Click once on the VitalPBX virtual machine in the VM List. Then (2) click the Settings button. In the Audio tab, check the Enable Audio option and choose your sound card. In the Network tab for Adapter 1, check the Enable Network Adapter option. From the Attached to pull-down menu, choose Bridged Adapter. Then select your network card from the Name list. Then click OK. That’s all the configuration that is necessary for VitalPBX.

Running VitalPBX in VirtualBox

Once you’ve imported and configured the VitalPBX Virtual Machine, you’re ready to go. Highlight the VitalPBX virtual machine in the VM List on the VirtualBox Manager Window and click the Start button. The standard CentOS boot procedure will begin and, within a few seconds, you’ll get the familiar Linux login prompt. During the bootstrap procedure, you’ll see a couple of dialogue boxes pop up that explain the keystrokes to move back and forth between your host operating system desktop and your virtual machine. Remember, you still have full access to your desktop computer. Incredible PBX for VitalPBX is merely running as a task in a VM window. Always gracefully halt VitalPBX just as you would on any computer.

Here’s what you need to know. To work in the VitalPBX virtual machine, just left-click your mouse while it is positioned inside the VM window. To return to your host operating system desktop, press the right Option key on Windows machines or the left Command key on any Mac. For other operating systems, read the dialogue boxes for instructions on moving around. To access the Linux CLI, login as root with the default password: password. Change your root password immediately by typing: passwd.

VitalPBX comes preconfigured so we need to login to the virtual machine for one primary reason, to obtain the IP address of VitalPBX. Once you’ve deciphered the IP address, point your favorite web browser at the IP address you wrote down. You’ll be prompted to create an admin password for your PBX and then you’ll be asked to register the PBX with Telesoft.

We’re assuming your VitalPBX VM is set up behind a hardware-based firewall. If not, you should immediately configure the firewall as documented in our VitalPBX in the Cloud article.

First, you’ll need to change the password for Extension 701: PBX:Extensions:Edit:701. The Edit option is the four-bar icon in the upper right corner of the VitalPBX dialog window. Click Save and Reload your Dialplan.

Next, you’ll need to register a Google Voice trunk with the Simonics SIP/GV Gateway for a one-time fee of $4.99. This gets you unlimited incoming and outgoing calls to the U.S. and Canada if you live in the U.S. Otherwise, set up a SIP trunk and enter your credentials in PBX:External:Trunks:SIP. If you’re using the Simonics gateway, the SIP trunk already has been set up. Just enter your credentials and change Disable Trunk to NO as shown below:


blank

CAUTION: In choosing a DID for outbound calls with Incredible PBX, we strongly recommend that you use a Google Voice trunk. The reason is that, as long as your Google Voice account has no money allocated to it, Google will manage outbound calls to 10 and 11-digit phone numbers and block those that may incur enormous long distance charges from unscrupulous "merchants" in certain Caribbean countries. If you don’t heed our recommendation, we urge you NOT to link an Inbound Route to the Incredible PBX custom context. It’s your phone bill.

If you plan to use VitalPBX for "real work," then you’ll also want to change the Conference credentials for 2663 (C-O-N-F): PBX:Applications:Conference.

The VitalPBX virtual machine comes preconfigured to direct all incoming calls to Allison’s Demo IVR for Incredible PBX. If you’d prefer some other setup, change the Destination of the Default Inbound Route: PBX:External:Inbound Route:Default.

Configuring Incredible PBX for VitalPBX

In order to take advantage of all the Incredible PBX applications, you’ll need to obtain IBM text-to-speech (TTS) and speech-to-text (STT) credentials as well as a (free) Application ID for Wolfram Alpha.

NOV. 1 UPDATE: IBM has moved the goal posts effective December 1, 2018:

blank

This Nerd Vittles tutorial will walk you through getting your IBM account set up and obtaining both your TTS and STT credentials. Be sure to write down BOTH sets of credentials which you’ll need in a minute. For home and SOHO use, IBM access and services are FREE even though you must provide a credit card when signing up. The IBM signup process explains their pricing plans.

To use Wolfram Alpha, sign up for a free Wolfram Alpha API account. Just provide your email address and set up a password. It takes less than a minute. Log into your account and click on Get An App ID. Make up a name for your application and write down (and keep secret) your APP-ID code. That’s all there is to getting set up with Wolfram Alpha. If you want to explore costs for commercial use, there are links to let you get more information.

In addition to your Wolfram Alpha APPID, there are two sets of IBM credentials to plug into the Asterisk AGI scripts. Keep in mind that there are different usernames and passwords for the IBM Watson TTS and STT services. The TTS credentials will look like the following: $IBM_username and $IBM_password. The STT credentials look like this: $API_USERNAME and $API_PASSWORD. Don’t mix them up. 🙂

All of the scripts requiring credentials are located in /var/lib/asterisk/agi-bin so switch to that directory after logging into your server as root. Edit each of the following files and insert your TTS credentials in the variables already provided: nv-today2.php, ibmtts.php, and ibmtts2.php. Edit each of the following files and insert your STT credentials in the variables already provided: getquery.sh, getnumber.sh, and getnumber2.sh. Finally, edit 4747 and insert your Wolfram Alpha APPID.

Using Asteridex with VitalPBX

AsteriDex is a web-based dialer and address book application for Asterisk and VitalPBX. It lets you store and manage phone numbers of all your friends and business associates in an easy-to-use SQLite3 database. You simply call up the application with your favorite web browser: http://vitalpbx-ip-address/asteridex4/. When you click on a contact that you wish to call, AsteriDex first calls you at extension 701, and then AsteriDex connects you to your contact through another outbound call made using your default outbound trunk that supports numbers in the 1NXXNXXXXXX format.

Before AsteriDex Click-to-Call will work, you must authorize AsteriDex to access Asterisk from your browser. After logging into your server as root, edit the following file in /etc/asterisk/ombutel: manager__50-ombutel-user.conf. For each public IP address you wish to authorize, add an entry like the following immediately below the existing permit entry in the file. The non-routable IP address subnets already have been configured so, if you’re using a browser behind the same firewall as VitalPBX, you can skip this step. Otherwise reload the dialplan after adding public IP addresses: asterisk -rx "dialplan reload"

permit=12.34.56.78

Taking Incredible PBX for a Test Drive

You can take Incredible PBX for VitalPBX on a test drive in two ways. You can call our server, and then you can try things out on your own server and compare the results. Call our IVR by dialing 1-843-606-0555. For our international friends, you can use the following SIP URI for a free call: 10159591015959@atlanta.voip.ms. For tips on setting up your own secure, hybrid SIP URI with VitalPBX, see our original tutorial. The FreePBX® setup is virtually identical except for the location of the custom SIP setting for match_auth_username=yes. On a VitalPBX server, you will enter it here: Settings:Technology Settings:SIP Settings:CUSTOM.

With Allison’s Demo IVR, you can choose from the following options:

  • 0. Chat with Operator — connects to extension 701
  • 1. AsteriDex Voice Dialer – say "Delta Airlines" or "American Airlines" to connect
  • 2. Conferencing – log in using 1234 as the conference PIN
  • 3. Wolfram Alpha Almanac – say "What planes are flying overhead"
  • 4. Lenny – The Telemarketer’s Worst Nightmare
  • 5. Today’s News Headlines — courtesy of Yahoo! News
  • 6. Weather by ZIP Code – enter any 5-digit ZIP code for today’s weather
  • 7. Today in History — courtesy of OnThisDay.com
  • 8. Chat with Nerd Uno — courtesy of SIP URI connection to 3CX iPhone Client
  • 9. DISA Voice Dialer — say any 10-digit number to be connected
  • *. Current Date and Time — courtesy of VitalPBX

You can call your own IVR in two ways. From an internal VitalPBX phone, dial D-E-M-O (2663) to be connected. Or simply dial the number of the DID you routed to the Incredible PBX Custom Context. Either way, you should be connected to the Incredible PBX IVR running on your VitalPBX server. Be sure that you heed AND test the CAUTION documented above. Enjoy!

Originally published: Monday, April 9, 2018




blank
Need help with VitalPBX? Visit the VitalPBX Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

blankBOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

blankThe lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

blankVitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

blankSpecial Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



blank

  1. Many of our purchase links refer users to Amazon when we find their prices are competitive for the recommended products. Nerd Vittles receives a small referral fee from Amazon to help cover the costs of our blog. We never recommend particular products solely to generate Amazon commissions. However, when pricing is comparable or availability is favorable, we support Amazon because Amazon supports us. []

VitalPBX in the Cloud: Providers, Backups, & Airtight Security

blank

Last month we introduced VitalPBX, a terrific new (free) VoIP platform that’s about as intuitive as software can get. We followed up with a dozen Incredible PBX applications that really showed off the flexibility of this new Asterisk® platform. And today we’re pleased to introduce two new cloud solutions that offer our whitelist firewall design for security plus automatic backups. Both Digital Ocean and Vultr offer terrific performance coupled with a $5/month price point that is easy on your wallet. Our tip of the hat goes to Digital Ocean this month because they are again offering a $10 credit on new accounts while also generously supporting Nerd Vittles. That translates into two free months of VitalPBX in the Cloud service for you to kick the tires. If you like what you see, you can spring for the extra $1 a month and add automatic backups to your $5/mo. bill going forward. With a $10 credit, what’s to lose?

To get started, set up an account with one of these cloud providers and create a $5 a month server with 64-bit CentOS 7 in your choice of cities. Once you have your root password, log into your new server as root using SSH or Putty. On Digital Ocean, you will be prompted to change your password the first time you login. On Vultr, you have to manually do it by issuing the command: passwd. Then you’re ready to begin the VitalPBX install. Just issue the following commands and then grab a cup of coffee.

cd /root
yum -y install wget nano tar
wget https://raw.githubusercontent.com/wardmundy/VPS/master/vps.sh
chmod +x vps.sh
./vps.sh

The base install takes less than 15 minutes to complete. When it’s finished, use a web browser from your desktop PC and log into the IP address of your new VitalPBX server. You’ll be prompted to set up an admin password for GUI access and then you register your server with Telesoft. Should you ever forget your admin password, here’s how to force a reset on your next login from a browser:

mysql ombutel -e 'update ombu_settings set value = "yes" where name = "reset_pwd"'

After logging in, you’ll be presented with the VitalPBX Dashboard:


blank

From here, the drill is pretty much the same as what was outlined in our original VitalPBX tutorial. So jump over there to complete your set up and configure extensions, trunks, routes, and a few other settings for your new PBX. Then pick back up here to secure your server!

Security Methodology. What is different on the cloud platform is you don’t have a hardware-based firewall to protect your server. So we’ll need to configure VitalPBX using its built-in firewalld and Fail2Ban applications. Our preference is to use a whitelist of IP addresses to access your server and its resources. In that way, the Bad Guys never even see your server on the Internet. Our security philosophy is simple. If you can’t see it, you can’t hack it.

In addition to a WhiteList of public IP addresses, we also will enable a secure NeoRouter VPN front door to your server as well as a PortKnocker backdoor thereby providing three separate and secure ways to gain server access without publicly exposing VitalPBX to the Internet. If you have a better way, by all means go for it. After all, it’s your phone bill.

Firewall and Fail2Ban Setup. To begin, login to the VitalPBX GUI with a browser using your admin credentials. Then do the following:

(1.) Add NeoRouter VPN Protocol TCP Port 32976 in Admin:Security:Firewall:Services.

(2.) Add NeoRouter VPN Action ACCEPT rule in Admin:Security:Firewall:Rules.

(3.a.) WhiteList your client and server IP addresses in Admin:Security:Firewall:WhiteList.
(3.b.) WhiteList 127.0.0.1 (for localhost) and 10.0.0.0/24 (for NeoRouter VPN).
(3.c.) WhiteList the IP addresses of any potential unregistered trunk providers.
(3.d.) WhiteList the public IP addresses of any extensions you plan to install.

(4.) Enable Fail2Ban in Admin:Security:Intrusion Detection.

(5.a.) WhiteList your client IP address(es) in Admin:Security:Intrusion Detection:Whitelist.
(5.b.) WhiteList the NeoRouter VPN subnet, 10.0.0.0/24, as well.

(6.) Remove the following rules from Admin:Security:Firewall:Rules

SIP
HTTP
HTTPS
SSH
IAX2
PJSIP

(7.) Reload the VitalPBX dialplan by clicking the Red indicator (upper right of the GUI).

(8.) Verify IPtables WhiteList: iptables -nL | grep ACCEPT

(9.) Verify Fail2Ban WhiteList: grep -r ignoreip /etc/fail2ban/jail.d/*

Travelin’ Man 3 Addition. One of the major shortcomings in the firewalld implementation of IPtables is the lack of any support for fully-qualified domain names in their WhiteList. For those that want to use dynamic DNS updating services with custom FQDNs to manage remote user access to your server, this is a serious limitation even though PortKnocker alleviates some of the misery. So here’s our solution. We have reworked the Travelin’ Man 3 toolkit for VitalPBX so that you can use command line scripts to add (add-ip and add-fqdn), remove (del-acct), and manage (ipchecker) your WhiteList using either IP addresses (add-ip) or FQDNs (add-fqdn). The automatic update utility (ipchecker) will keep your FQDNs synchronized with your dynamic IP address service by updating the WhiteList every 10 minutes between 5 a.m. and 10 p.m. daily. Keep in mind that this is a supplement to the existing VitalPBX firewall setup documented above. And we only recommend that you add it if you plan to implement automatic management of dynamic IP addresses with FQDNs for your extensions and remote users.

If you plan to use the TM3 addition, you are strongly urged to not make further firewall changes using the VitalPBX GUI unless (1) you can also remember to keep your desktop PC’s IP address whitelisted in VitalPBX and (2) you remember to restart IPtables (iptables-restart) in the CLI after having made firewall changes in the VitalPBX GUI. Otherwise, you will lose your Travelin’ Man 3 WhiteList entries which means folks will get locked out of your server until the TM3 WhiteList is updated by running iptables-restart. All TM3 WhiteListed entries are stored and managed in individual text files in /root with a file extension of .iptables. Do not manually delete them!

To install the TM3 addition, issue the following commands:

cd /
wget http://incrediblepbx.com/tm3-vitalpbx.tar.gz
tar zxvf tm3-vitalpbx.tar.gz
rm -f tm3-vitalpbx.tar.gz
echo "/usr/local/sbin/iptables-boot" >> /etc/rc.d/rc.local
chmod +x /etc/rc.d/rc.local
systemctl enable rc-local
echo "*/10 5-22 * * * root /usr/local/sbin/ipchecker > /dev/null 2>&1" >> /etc/crontab

Using DynDNS to Manage FQDNs. The key ingredient with Travelin’ Man 3 is automatic management of dynamic IP addresses. When a user or even the administrator moves to a different location or IP address, we don’t want to have to manually adjust anything. So what you’ll first need is a DynDNS account. Other free providers are available but are less flexible. For $40 a year, DynDNS lets you set up 30 FQDNs and keep the IP addresses for those hostnames current. That’s more than ample for almost any small business but, if you need more horsepower, DynDNS.com can handle it. What we recommend is setting up a separate FQDN for each phone on your system that uses a dynamic IP address. This can include the administrator account if desired because it works in exactly the same way. When the administrator extension drops off the radar, a refresh of IPtables will bring all FQDNs back to life including the administrator’s account. Sounds simple? It is.

Getting Started with Travelin’ Man 3. Here are the 5 tools that are included in the TM3 suite for VitalPBX:

  • add-ip some-label ip-address – Allows you to add an IP address to the WhiteList
  • add-fqdn some-label FQDN – Allows you to add an FQDN to the WhiteList
  • del-acct some-label.iptables – Deletes an IP address or FQDN from WhiteList
  • ipchecker – Runs every 10 minutes to synchronize FQDNs; do NOT run manually
  • iptables-restart – Restarts IPtables and adds TM3 WhiteListed IPs and FQDNs
  • iptables-boot – Loads TM3 WhiteListed IPs and FQDNs on boot only
  • show-whitelist – Displays contents of both VitalPBX and TM3 WhiteLists

Using Email to Manage Your WhiteList. We have one new addition to Travelin’ Man 3 for the VitalPBX platform. Now your authorized users can send an email to the VitalPBX server to whitelist an IP address and gain access. Two different passwords are supported and can be handed out to different classes of PBX users, e.g. administrators and ordinary users. Using the "permanent" password lets someone add an IP address to the VitalPBX whitelist permanently. Using the "temporary" password lets a user add an IP address to the whitelist until the next reboot or firewall restart. In both cases, the administrator gets an immediate email showing the whitelisted IP address, who requested it, and the type of whitelist entry that was requested. The syntax for the email request is straight-forward. Just send an email to the special email account set up to handle these requests and include a Subject for the message that looks exactly like this where 8.8.8.8 is the IP address to be whitelisted and some-password is one of the two passwords: WhiteList 8.8.8.8 PW some-password

As most of you know, we’re sticklers for security, and there’s plenty of it here. First, we recommend you use an obscure FQDN for your server so that it is not easily guessed by someone wanting to do harm. Second, we assume your IP address also won’t be published. Third, the email account name also should be obscure. Think of it as another password. For example, martin432 would be a good choice while whitelist would be pretty lousy. Keep in mind that the only people sending mail to this account will be folks that need immediate access to your PBX. Finally, BOTH of the passwords to use the email feature need to be long and difficult to decipher. A mix of alphanumeric characters and upper and lowercase letters is strongly recommended because it makes successful penetration nearly impossible.

To begin, we need to reconfigure your VitalPBX Firewall to accept incoming email on TCP port 25. In Admin:Security:Firewall:Services, Add a new service that looks like the following: Name: SMTP    Protocol: TCP    Port: 25. Then SAVE your entry.

Next, we need to add a VitalPBX Firewall Rule that allows incoming SMTP traffic. In Admin:Security:Firewall:Rules, Add a new rule: Service: SMTP    Action: Accept. Then SAVE.

Next, we need to log into the Linux CLI as root to do a couple of things. First, we need to reconfigure Postfix to accept emails from outside our server. Replace 8.8.8.8 with the actual IP address of your server. Replace smtp.myserver.com with the actual FQDN of your server. If you don’t have one, simply remove the FQDN from the command.

yum -y install mailx
postconf -e "mynetworks = 127.0.0.0/8, 8.8.8.8"
postconf -e "mydestination = smtp.myserver.com, localhost.localdomain, localhost"
postconf -e "inet_interfaces = all"
postconf -e "recipient_delimiter = +"
service postfix restart

Second, we need to add an email account to process the incoming emails. Replace someuser on each line with that obscure account name you plan to use for incoming emails. Then send yourself a test email and be sure it arrives. The last command cleans out the mail account.

adduser someuser --shell=/bin/false --no-create-home --system -U 
echo "test" | mail -s "Hello World" someuser
mail -u someuser
> /var/mail/someuser

Finally, we need to set up your passwords and admin email address in /root/mailcheck. To begin, insert your actual mail account name in the following command by replacing realuser and then execute the command:

sed -i 's|someuser|realuser|' /root/mailcheck

Now edit /root/mailcheck with nano or your favorite editor and change the TempPW, PermPW, and MyEMail entries. Then save the file and add the following entry to /etc/crontab:

*/3 5-22 * * * root /root/mailcheck > /dev/null 2>&1
 

CAUTION: Because of the bifurcated nature of the integration of TM3’s WhiteList into the VitalPBX firewall setup, be advised that you never want to make a change in the VitalPBX GUI’s firewall configuration without assuring that the desktop machine from which you are making that change is already included in the VitalPBX Whitelist (see #3.a., above). The same applies to issuing an iptables-restart from the Linux CLI. The reason is there are two separate whitelists and either of these actions would temporarily disable the TM3 WhiteList until the iptables-restart procedure was executed AND completed. In both situations, you most probably would be locked out of web and SSH access to your own server. A VitalPBX firewall reload only restarts firewalld with the VitalPBX WhiteList, and an iptables-restart from the CLI first restarts firewalld without the TM3 WhiteList rules and then adds the TM3 WhiteList rules after the firewalld reload is completed. We have added safeguards to some of the TM3 utilities to keep you from shooting yourself in the foot by requiring the VitalPBX WhiteList addition before you can use the TM3 iptables-restart and del-acct utilities; however, this is not the case with ipchecker which typically runs as a cron job from localhost. Because there is no safeguard mechanism, do NOT run it manually unless you’re sure you first have whitelisted your desktop PC’s IP address in the VitalPBX GUI (see #3.a., above). Without getting down in the weeds, we also have no ability to control the internal workings of the VitalPBX firewall. Should you get locked out of your server, there are three remedies. The first is the email solution documented above. The second is to use PortKnocker to regain access. The third is to use the localhost console in the Digital Ocean or Vultr control panel to issue the iptables-restart command. You might want to print this out for a rainy day. 🙂

PortKnocker Installation. You may not know the remote IP addresses of everyone using your PBX, and some of your users may travel to different sites and need a temporary IP address whitelisted while using a WiFi hotspot. And, not that it would happen to you, but once in a while an administrator locks himself out of his own server by changing IP addresses without first whitelisting the new address. The solution to all of these problems is easy with PortKnocker. The user simply sends three sequential pings to ports known only by you and your users using the machine or smartphone that needs access. You can read our original tutorial for more detail. For today, let’s get PortKnocker installed and configured with your three random ports. You can review the assignment at any time by displaying /root/knock.FAQ which also explains how to send the knocks using a desktop machine or a smartphone.

cd /root
wget http://incrediblepbx.com/knock-vitalpbx.sh
chmod +x knock-vitalpbx.sh
./knock-vitalpbx.sh

As with other Incredible PBX Travelin’ Man 3 implementations, IP addresses whitelisted using PortKnocker only last until the next reboot, or until you issue the following command firewall-cmd --reload (does not reload TM3 WhiteList), or until you execute a firewall update from within the VitalPBX GUI (does not reload TM3 WhiteList), or until you issue the command iptables-restart which restarts the firewall AND loads the TM3 WhiteList entries. To permanently WhiteList IP addresses, follow the procedure in Step #3 above or add the entries using the TM3 utilities documented in the previous section.

NeoRouter Installation. A virtual private network (VPN) is perhaps the safest way to access any server including VitalPBX. All of your communications is securely encrypted and you connect to the server through a network tunnel using a non-routable, private IP address. There are many VPNs from which to choose. Our personal favorite is NeoRouter because up to 256 devices can be interconnected at zero cost, and you can set the whole thing up in minutes with virtually no networking expertise. If you want all of the background on NeoRouter, see our latest tutorial.

NeoRouter uses a star topology which means you must run the NeoRouter Server application on a computer platform that is accessible over the Internet all the time. Then each of the remote devices or servers runs the NeoRouter Client application, connects to the server to obtain a private IP address, and then can communicate with all of the other devices connected to the VPN. If you already have a NeoRouter Server in place, then you can skip the server installation step and skip down to installing the NeoRouter Client on your VitalPBX server.

NeoRouter Server Setup. If you’re just getting started with NeoRouter, the first step is setting up the NeoRouter Server on a platform of your choice. If you’re using the Automatic Backup feature of Digital Ocean or Vultr, then your VitalPBX server is probably as good a site as any. NeoRouter Server uses minimal resources, and outages shouldn’t be a problem except for hurricanes, tornados, and bombs. But, just so you know, if the NeoRouter Server is down, none of the NeoRouter Clients can access the VPN or any other clients so you’d have to resort to public IP addresses for network access.

To install NeoRouter Server on your VitalPBX platform, log into your server as root and issue the following commands:

cd /root
wget http://download.neorouter.com/Downloads/NRFree/Update_2.3.1.4360/Linux/CentOS/nrserver-2.3.1.4360-free-centos-x86_64.rpm
rpm -Uvh nrserver-2.3.1.4360-free-centos-x86_64.rpm

Next, create at least one account with administrator privileges and one account with user privileges to your NeoRouter VPN:

nrserver -adduser admin-name admin-password admin
nrserver -adduser user-name user-password user

The commands to manage NeoRouter Server are a little different on the CentOS 7 platform. Here’s what you’ll need:

Start on boot: systemctl enable nrserver.service
Check status: systemctl status nrserver.service
Restart server: systemctl restart nrserver.service
Change settings: nrserver -help

NeoRouter Client Setup. Whether you’re running NeoRouter Server on your VitalPBX platform or not, you’ll still need to install and configure the NeoRouter Client software in order to access the server through the VPN using a remote computer, smartphone, or tablet. NeoRouter Clients for Linux, Windows, Macs, FreeBSD, Mobile, OpenWRT, Tomato, and HTML5 are available here. Be sure to choose the NRFree V2 platform tab before downloading a client, or you’ll get the wrong client software and nothing will work! Ask us how we know.

To install NeoRouter Client on your VitalPBX platform, log into your server as root and issue the following commands:

cd /root
wget http://download.neorouter.com/Downloads/NRFree/Update_2.3.1.4360/Linux/CentOS/nrclient-2.3.1.4360-free-centos-x86_64.rpm
rpm -Uvh nrclient-2.3.1.4360-free-centos-x86_64.rpm

As with NeoRouter Server, the commands to manage NeoRouter Client are a little different on the CentOS 7 platform. Here’s what you’ll need:

Start on boot: systemctl enable nrservice.service
Check status: systemctl status nrservice.service
Restart client: systemctl restart nrservice.service
Login to VPN: nrclientcmd

The main requirement after installing the software is to login to your VPN: nrclientcmd. You’ll be prompted for the FQDN or IP address of your NeoRouter Server and then the admin or user credentials. If successful, you’ll get a display of all the machines logged into the VPN, including the VitalPBX server.

NeoRouter Network Explorer – somebody@vultr.guest

> My Computers
10.0.0.2 vultr.guest

Available Commands: changeview, wakeonlan, setproxy, changepassword, quit
Enter command:

The next step is to download and install NeoRouter Client software on your desktop computer and smartphone. Then you can remotely connect to your VitalPBX server from those platforms. In our example above, you could login to 10.0.0.2 with either SSH or your web browser and never have to worry about whitelisting your remote machines with VitalPBX.

Checking VitalPBX Status. As with other Incredible PBX platforms, we have reworked the pbxstatus utility to support VitalPBX. Running it from the command prompt will display the status of all of the key services on your PBX. Note the addition of the VPN’s IP address which tells you that NeoRouter Client is alive and well:


blank

Configuring Automatic Backups. When you’re ready to enable backups for a Digital Ocean droplet, navigate to the list of droplets for your account. Click the Droplet name for which you’d like to enable backups, and then click the Backups menu item. This will display the cost of backups for the given droplet. Click the Enable Backups button to enable backups.

The Vultr setup is similar. Automatic backup settings are managed through the Vultr control panel. Once you log into your account, visit the server’s management area, click on your server in the dialog, and then click on the "Backups" tab for your VPS. Click Enable Backups. On either platform, the backup option adds a $1 a month to the cost of the $5 server. That’s pretty cheap insurance.

Originally published: Monday, April 2, 2018




blank
Need help with VitalPBX? Visit the VitalPBX Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

blankBOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

blankThe lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

blankVitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

blankSpecial Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



blank

The SMS Toolkit: Integrating Text Messaging into Asterisk

blank

Unless you’ve been living under a rock, you probably already know that most folks spend a lot more time texting on their smartphones rather than talking. So it only made sense to develop some useful SMS tools to get the most out of your Asterisk® PBX. Today we’re pleased to introduce version 1 of an SMS Toolkit for Incredible PBX® using any SMS-enabled DID from either Vitelity or VoIP.ms. Just text a simple message to your PBX, and Incredible PBX will do the heavy lifting and either call you back with the results or reply to your text message. You can whitelist an IP address in your firewall or retrieve news headlines or a weather forecast. You can also look up a phone number in your AsteriDex phone book and place a call through your PBX using either the Voice Dialer or speed dial codes. You can enable call forwarding from your PBX extension to your smartphone, or a simple SMS command brings the calling flexibility of DISA to your smartphone. Here’s a list of supported SMS commands:

  • help – Plays a list of supported SMS commands
  • news – Retrieves latest news headlines from Yahoo
  • weather – Retrieves weather report by zip code
  • wolfram – Siri-like query to Wolfram Alpha
  • whitelist – Whitelist a new IP address in your firewall
  • disa – Use DISA calling from your smartphone with password
  • cf on – Enable call forwarding from PBX extension to smartphone
  • cf off – Disable call forwarding from PBX extension
  • cf status – Status of call forwarding on PBX extension
  • asteridex – Use AsteriDex Voice Dialer to place a call from PBX
  • odbc – Use AsteriDex speed dial codes to place a call from PBX
  • sms – Dictate an SMS message and deliver from Google Voice on PBX

Prerequisites for SMS Toolkit Deployment

To get started, you’ll need a DID from Vitelity or VoIP.ms that supports SMS messaging. You’ll be hard-pressed to beat our Vitelity DID special which is summarized at the end of this article, but the choice is all yours. The way this works is you provide a forwarding email address in the Vitelity or VoIP.ms portal for delivery of incoming SMS messages. These emails will be sent to your PBX where we will use SendMail and our mailcall script to process the messages and deliver the results. SMS messaging is a free add-on with both Vitelity and VoIP.ms DIDs unlike some other providers.

Since Vitelity or VoIP.ms will be delivering incoming SMS messages by email, it means you’ll also need a dedicated account and fully-qualified domain name (FQDN) for your server, e.g. smsuser@mypbx.mydomain.com. While a dynamic IP address will work if you implement automatic FQDN updating on your PBX, a static IP address for your PBX is obviously preferable and all of our recommended cloud solutions provide that including RentPBX, Digital Ocean, Vultr, and HiFormance.

Implementing the SMS Toolkit for Asterisk

Let’s walk through the steps to put all the pieces in place for the SMS Toolkit:

  1. Add a Dedicated Account to Linux for SMS Messaging
  2. Configure PBX for Receipt of Incoming SMS Emails
  3. Obtain and Configure DID with Vitelity or VoIP.ms
  4. Install and Configure MailCall Components

1. Adding a Dedicated Account to Linux

To simplify the task of sifting through incoming emails, we’ll want to create a new Linux user account that can be dedicated to receipt of SMS email messages. The second and third commands will verify that the account has been created with support for incoming mail. Just log into your server as root and issue the following commands:

adduser smsuser --shell=/bin/false --no-create-home --system -U
ls /var/mail/smsuser
mail -u smsuser

 

2. Configuring SendMail to Receive Inbound Email

By design, both SendMail and the Incredible PBX firewall block incoming email. We’re going to change that but, in doing so, we wish to caution that we don’t want to turn your server into an open mail relay for the spammers of the world. Once we’ve opened up your server to receive email, it’s important to test it to be sure it’s not insecure. Because the SMS Toolkit is intended to be a dedicated application just for you as administrator of your server, it’s equally important not to publicize the FQDN of your server. Once the spammers find your email address, incoming email can be just a big a problem as serving as an open mail relay.

To add a firewall rule in Incredible PBX to support incoming SMTP mail traffic, issue the following commands:

echo "iptables -A INPUT -p tcp -m tcp --dport 25 -j ACCEPT" >> /usr/local/sbin/iptables-custom
iptables-restart

Configuring SendMail to receive incoming email requires a few changes in /etc/mail/sendmail.mc followed by a restart of the SendMail service.

Using your favorite editor: nano -w /etc/mail/sendmail.mc

1a. Search for the following line:

DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl

1b. Replace that line with the following two lines:

dnl # DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
FEATURE(`dnsbl',`dnsbl.njabl.org',`"550 Mail from " $&{client_addr} " rejected"')dnl


2a. Search for the following line:

FEATURE(`accept_unresolvable_domains')dnl

2b. Replace the line with the following and save the file:

dnl # FEATURE(`accept_unresolvable_domains')dnl

 
3. If you need an FQDN or dynamic DNS support, you can’t beat free. Here are some options.

4. Issue the following commands to complete the setup and restart SendMail:

yum -y install sendmail-cf
cd /etc/mail
make
echo "127.0.0.1 insert-your-server-FQDN-here" >> /etc/hosts
service sendmail restart

 
5. Using a browser from your desktop PC, test your server’s IP address to make certain it is not an open mail relay. All tests should report "Relaying Denied" or "Invalid route address."

6. Test your new mail account by sending an email to smsuser@your-server’s-fqdn. Wait a bit and check for email: mail -u smsuser. Then delete the email: > /var/mail/smsuser

3a. Configuring Vitelity DID for SMS Email Relay

With Vitelity DIDs, the first step is to order a DID that supports SMS, most do. Next, you need to decide whether this DID will be used for other purposes, such as serving as a trunk on your PBX for receipt of incoming calls. If this is your plan, then review the Vitelity offer at the bottom of this page. You’ll be hard-pressed to beat the price or the feature set. And you’ll also be providing support for our open source projects. Vitelity has been a Platinum Sponsor of Nerd Vittles for almost a decade.

If you only want to use the DID to support SMS messaging, then there’s little reason to sign up for the unlimited calling plan. Instead, choose the pay-per-minute (PPM) plan for your DID. It costs $1.49 a month. Don’t even both registering the trunk which will save your having to pay for misdialed calls and spam. SMS messages are free.

Once your DID is set up, go to My Numbers -> Local in the Vitelity web portal and choose SMS from the Action pull-down menu of your new DID:

blank

In the SMS dialog, set up a password for messaging, disable international messages, and enter the email forwarding address for your incoming SMS messages. Save your settings, and you’re good to go.

3b. Configuring VoIP.ms DID for SMS Email Relay

If you plan to dedicate a DID to SMS messaging, two advantages of the VoIP.ms offering are (1) the price ($0.85/month on the pay by the minute plan with $0.40 setup fee and (2) you can forward incoming SMS messages to another SMS number (such as your smartphone) in addition to an email address if you want to use the DID for traditional SMS messaging while also deploying our SMS Toolkit. As noted above, there’s no charge for SMS messages at this time although VoIP.ms has warned (for years) that they may begin charging a penny a message. As long as Vitelity is free, I wouldn’t worry. 🙂

To get started, sign up for a VoIP.ms account and order a DID with SMS support. A cellphone is displayed beside each DID that supports SMS in their ordering page. As with Vitelity, there’s no need to register the trunk on your PBX if you only plan to use the SMS messaging component. Once your DID is provisioned, choose DID Numbers -> Manage DIDs in the VoIP.ms portal. Then edit the DID you just purchased. At the bottom of the form, fill in the SMS section as shown below:

blank

4. Installing and Configuring MailCall on your PBX

MailCall was specifically designed for Incredible PBX 13-13 Full Enchilada but should work without modification with the latest version of Incredible PBX for Issabel 4. For other platforms including Debian, Ubuntu, and Raspbian, some adjustments may be necessary, and we have not yet had time to work out the kinks. There will be some so please hold off. Just to restate the obvious. Many of the MailCall features will not work until they are first configured on your server, e.g. Voice Dialing, Wolfram Alpha, and Voice SMS Messaging. All of the setups are covered in the Full Enchilada tutorial.

After logging into your server as root, issue the following commands to install MailCall:

cd /
wget http://incrediblepbx.com/MailCall.tar.gz
tar zxvf MailCall.tar.gz
rm -f MailCall.tar.gz

 

For the DISA and Firewall WhiteList components of MailCall, a 5-digit PIN is required for obvious reasons. This needs to be set in two places: (1) in two chunks of dialplan code (/tmp/sms-dialplan.txt) to be added and (2) at the top of the mailcall script itself (/root/mailcall). Just search for XXXXX and replace the five X’s with a 5-digit secure PIN in all three places. Then issue the remainder of the commands below:

nano -w /tmp/sms-dialplan.txt
nano -w /root/mailcall
cat /tmp/sms-dialplan.txt >> /etc/asterisk/extensions_custom.conf
echo "asterisk ALL = NOPASSWD: /sbin/iptables" >> /etc/sudoers
echo "*/2 * * * * root /root/mailcall > /dev/null 2>&1" >> /etc/crontab
asterisk -rx "dialplan reload"

 

As a security precaution, you can only use SMS Toolkit to forward and unforward calls to your cellphone from a PBX extension designated for your use. You can associate more than one cellphone with a given extension, but you can’t associate multiple extensions with a single cellphone. To set up the association between your cellphone and an extension on your PBX, issue the following command while logged in as root where 8431234567 is your cell phone number and 701 is the associated extension:

asterisk -rx "database put CELL 8431234567 701"

 

Sending an SMS message of CF ON to your DID from 8431234567 will automatically forward extension 701 calls to your cell. Sending CF OFF will disable call forwarding for extension 701. Sending CF STATUS will retrieve the current status of call forwarding for extension 701.

Finally, a few words about the SMS whitelist command. It can be used in two ways. If you just text whitelist, then you will get a call back that first prompts for your PIN. You then will be prompted for the IP address to whitelist. Using your cellphone, enter the IP address using * for periods, e.g. 1*2*3*4 becomes 1.2.3.4. The alternative whitelist option doesn’t require a callback. Just send a text message with whitelist pin ip-address using periods, not *, e.g. WHITELIST 98765 1.2.3.4 would whitelist 1.2.3.4 if your PIN was correctly entered as 98765 and matches the entry in /root/mailcall. Enjoy!

Published: Monday, February 26, 2018



blank

NEW YEAR’S TREAT: If you could use one or more free DIDs in the U.S. with unlimited inbound calls and unlimited simultaneous channels, then today’s your lucky day. TelecomsXChange and Bluebird Communications have a few hundred thousand DIDs to give away so you better hurry. You have your choice of DID locations including New York, New Jersey, California, Texas, and Iowa. The DIDs support Voice, Fax, Video, and even Text Messaging (by request). The only requirement at your end is a dedicated IP address for your VoIP server. Once you receive your welcome email with your number, be sure to whitelist the provider’s IP address in your firewall. For Incredible PBX servers, use add-ip to whitelist the UDP SIP port, 5060, using the IP address provided in your welcoming email.

Here’s the link to order your DIDs.

Your DID Trunk Setup in your favorite GUI should look like this:

Trunk Name: IPC
Peer Details:
type=friend
qualify=yes
host={IP address provided in welcome email}
context=from-trunk

Your Inbound Route should specify the 10-digit DID.

Why not add 300 New Wholesale Providers to Make Asterisk Shine while visiting TelecomsXchange. Enjoy!


blank
Need help with Asterisk? Visit the PBX in a Flash Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

blankBOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

blankThe lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

blankVitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

blankSpecial Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Some Recent Nerd Vittles Articles of Interest…

Incredible PBX 13-13 Application User’s Guide

blank

For those just beginning the Incredible PBX® 13-13 adventure, start here. Once your system is up and running, you’ll be ready to kick the tires. And today we’ll cover the applications for Asterisk® that are included in the latest and greatest Incredible PBX Whole Enchilada. If you have questions, post them on the PIAF Forum for some quick and friendly assistance.

Here’s a Table of Contents to the Incredible PBX 13-13 Applications with hotlinks. Enjoy!

  1. Checking System Status
  2. Enabling Speech Recognition for Asterisk
  3. Wolfram Alpha for Siri-like queries by phone*
  4. Automatic Update Utility
  5. Resetting Incredible PBX Passwords
  6. Apache Authentication for Apps
  7. IPtables Firewall WhiteList
  8. PortKnocker Remote Access
  9. Travelin’ Man 4 Remote Access by Phone
  10. Conference Bridge
  11. CallerID Name (CNAM) Lookups
  12. Faxing with Incredible PBX
  13. Voicemail 101 with Incredible PBX
  14. Email Delivery of MP3 Voicemails
  15. Reconfiguring SendMail for SmartHosts
  16. SMS Blasting with Google Voice
  17. SMS Voice Messaging with Google Voice*
  18. SMS Messaging with VoIP.ms
  19. SIP URI Calling with Speed Dials
  20. IVR Demo of Incredible PBX Applications*
  21. Backup and Restore Options
  22. AsteriDex – The Poor Man’s Rolodex®
  23. Voice Dialing with AsteriDex*
  24. Speed Dialing with AsteriDex
  25. Scheduling Reminders by Phone or Web
  26. DISA Access with Incredible PBX
  27. Yahoo! News Headlines
  28. Weather Forecasts with Incredible PBX*
  29. ODBC Application Support
  30. Today in History
  31. Time of Day

* Requires Voice Recognition implementation. See #2 above.

1. Checking Current Status of Incredible PBX

There are several ways to check the status of your server. First, log into your server as root and type: status or pbxstatus. You can even add the default phone number for your server by inserting it in /etc/pbx/.phone.

blank

The second option is to use a browser to access your server. Choose the Incredible PBX Admin option after pointing a browser to the IP address of your server:

blank

Once you log in with your admin password, the Dashboard of your server will display the status of trunks, users, and active calls on your server. In addition, you can review the latest news and security alerts from the RSS Feeds of Nerd Vittles, Incredible PBX, FreePBX®, and Asterisk. For additional status information, choose Reports:Asterisk Info.

blank

2. Adding Speech Recognition to Asterisk

Google changed the licensing of their speech recognition engine last year and now restricts use to "personal and development use." Assuming you qualify, the very first order of business is to enable speech recognition for your new PBX. We no longer recommend Google Speech Recognition because of the licensing issues and Google’s propensity to break things regularly. Instead, we recommend IBM’s Speech Recognition and TTS engines. For most users, there will be no cost. And the services are second to none. For a complete installation and setup tutorial, see our original article on Incredible PBX 13-13. Once speech recognition is enabled, the Incredible PBX feature set grows exponentially. You’ll have access to the Voice Dialer for AsteriDex as well as SMS Voice Messaging and Wolfram Alpha for a Siri-like encyclopedia.

NOV. 1 UPDATE: IBM has moved the goal posts effective December 1, 2018:

blank

Here’s how to activate Google speech recognition on Incredible PBX if you choose not to use the IBM solution. Don’t skip any steps!

1. Using an existing Google/Gmail account, you first must join the Chrome-Dev Group.

2. Using the same account, create a new Speech Recognition Project.

blank

3. Click on your newly created project and choose APIs & auth.

4. Turn ON the Speech API by clicking on its Status button in the far right margin. HINT: If you forgot to complete Step #1, the Speech API option will be missing!

blank

5. Click on Credentials in APIs & auth and choose Create New Key -> Server key. Leave the IP address restriction blank!

blank

6. Write down your new API key or copy it to the clipboard.

7. Log into your server as root and issue the following command:

nano -w /var/lib/asterisk/agi-bin/speech-recog.agi

8. When the nano editor opens, go to line 70 of speech-recog.agi: my $key = "". Insert your API key from Step #6 above between the quotation marks and save the file: Ctrl-X, Y, then Enter.

3. Using Wolfram Alpha with Incredible PBX

Ever wished your Asterisk server could harness the power of a 10,000 CPU Supercomputer to answer virtually any question you can dream up about the world we live in? Well, so long as it’s for non-commercial use, today’s your lucky day. Apple demonstrated with Siri™ just how amazing this technology can be by coupling Wolfram Alpha® to a speech-to-text engine on the iPhone. Now you can do much the same thing using voice recognition on the Incredible PBX for Asterisk-GUI.

blank

Before using Wolfram Alpha from any phone connected to your PBX, you first must configure it by obtaining and adding a Wolfram Alpha application ID to Incredible PBX. Here are the simple steps:

1. Obtain your free Wolfram Alpha APP-ID here.

2. Log into your server as root and issue the following command:

nano -w /var/lib/asterisk/agi-bin/wolfram.sh

3. When the nano editor opens, insert your IBM STT and Wolfram APP-ID credentials in the spaces provided. Then save the file.

To use Wolfram Alpha, dial 4747 (that’s S-I-R-I backwards) from any extension.

Here are some sample queries to get you started:

Weather in Charleston South Carolina
Weather forecast for Washington D.C.
Next solar eclipse
Otis Redding
Define politician
Who won the 1969 Superbowl? (Broadway Joe)
What planes are flying overhead now?
Ham and cheese sandwich (nutritional information)
Holidays 2015 (summary of all holidays for 2015 with dates and DOW)
Medical University of South Carolina (history of MUSC)
Star Trek (show history, air dates, number of episodes, and more)
Apollo 11 (everything you ever wanted to know)
Cheapest Toaster (brand and price)
Battle of Gettysburg (sad day 🙂 )
Daylight Savings Time 2015 (date ranges and how to set your clocks)
Tablets by Samsung (pricing, models, and specs)
Doughnut (you don’t wanna know)
Snickers bar (ditto)
Weather (local weather at your server’s location)

4. Automatic Update Utility for Incredible PBX

A key security component of Incredible PBX is its Automatic Update Utility. Each time you log into your server as root, the Automatic Update Utility is run. It installs the latest fixes and security patches for your server. Don’t disable it! In fact, don’t delete anything from the /root folder. You’ll need all of it sooner or later.

We recommend you log into your server as root at least once a week to keep your server current. Ditto for the web interface to Incredible PBX. Insofar as security is concerned, we make a best effort to keep the components of Incredible PBX up to date. The Linux operating system was installed by you before the Incredible PBX install began. That’s a nice way of saying Linux security is primarily your responsibility. When an egregious Linux vulnerability comes along that we know about, we will try to notify you of the issue on the PIAF Forum and on the RSS Feed that is part of the Incredible PBX GUI. Check the RSS Feeds at least once a week as well. As a condition of use of the free Incredible PBX product, you accepted ultimate responsibility for the security and reliability of your server. None of this discussion changes any of that.

5. Resetting Incredible PBX Passwords

Yes. It happens to all of us. We forget our passwords. Incredible PBX includes a convenient utility that lets you reset many of the passwords associated with Incredible PBX. Just log into your server as root and issue the command: /root/update-passwords

To reset Incredible PBX GUI admin password, issue command: /root/admin-pw-change

To reset the AvantFax admin password which is accessible within the Incredible PBX GUI, issue the following command: /root/avantfax-pw-change

6. Apache Authentication with Incredible PBX

With the exception of the Admin GUI and WebMin, all web-based applications included in Incredible PBX require successful Apache authentication to gain access. When you installed Incredible PBX, you should have created an admin account for Apache. If not, issue the following command using a secure password after logging in as root:

htpasswd -cb /etc/pbx/wwwpasswd admin newpassword

With the exception of AsteriDex and Reminders, you gain access to other Incredible PBX applications with the admin Apache account. For the remaining apps, you may wish to (but don’t have to) assign different account names and passwords to various departments in your organization. To set up these accounts, use the syntax above substituting the name of the department for "admin" and the department password for "newpassword."

7. Managing the IPtables Linux Firewall

As installed, Incredible PBX includes a preconfigured, locked-down Linux firewall that restricts incoming IPv6 traffic to localhost and, via a Travelin’ Man 3 WhiteList application, limits incoming IPv4 traffic to your server’s public and private IP addresses, your desktop computer’s IP address (that was used for the install), private LAN and NeoRouter VPN traffic, and a collection of our favorite VoIP providers. You can WhiteList additional IP addresses for additional providers or for SIP and IAX phones located outside your firewall. The following firewall management scripts are accessible from the /root directory:

  • ./add-ip — WhiteList an additional IP address or IP address range (CIDR)
  • ./add-fqdn — WhiteList a site using a fully-qualified domain name (FQDN)
  • ./del-acct — Remove previously designated entry from the WhiteList
  • ./ipchecker — Check whether specified FQDNs have changed & update IPtables
  • iptables-restart — Used exclusively to restart IPtables and test for failed FQDNs
  • iptables -nL — Check the current status of your IPtables firewall

IPtables can be manually configured (if you know what you’re doing) by editing iptables and ip6tables in /etc/sysconfig. Additional IPtables rules are included and managed in /usr/local/sbin/iptables-custom. NEVER use traditional iptables commands such as iptables save to update your IPtables configuration, or you will permanently delete all of your FQDN entries! Instead, use the provided utilities to whitelist additional sites and then restart IPtables using iptables-restart. This protects the FQDN entries in your setup while also checking for invalid FQDN entries and removing them temporarily so that IPtables will successfully restart. If you use service iptables restart to restart IPtables and there happens to be an FQDN entry for a host that is either down or has disappeared, IPtables will fail to restart and your server will be left with NO firewall protection! Using the traditional IPtables mechanisms also will disable Fail2Ban. Incredible PBX periodically checks for changed FQDN entries using the ipchecker script configured in /etc/crontab.

If you elect to integrate Facebook into your Incredible PBX setup, you will need to manually uncomment the last 3 lines in /usr/local/sbin/iptables-custom in order to whitelist the Facebook servers. Then restart the firewall: iptables-restart

WARNING: By default, Incredible PBX whitelists all of the non-routable LAN subnets including 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16. If you elect to install Incredible PBX in the Amazon Cloud, be advised that Amazon treats the 172.16.0.0/12 subnet as routable IP addresses. This means that anyone in the Amazon Cloud (including the bad guys) will have direct access to your server. While they still need a password or vulnerability to gain access, it nevertheless exposes your server to needless hacking attempts. We strongly recommend that you comment out the 172.16.0.0/12 entry in /usr/local/sbin/iptables-custom if you intend to deploy your server in the Amazon Cloud. Then restart the firewall: iptables-restart

8. PortKnocker Remote Access

IPtables is a powerful firewall that keeps the bad guys out. It also will keep legitimate users (including you) from gaining remote access to your server unless you had the forethought to WhiteList your remote IP address before you left on that family vacation. Unfortunately, you don’t always know your IP address in advance. And dynamic IP addresses assigned with hotel WiFi frequently change. To address this problem, Incredible PBX includes a preconfigured PortKnocker utility. This lets you send three secret "knocks" on random TCP ports to your server to tell it to let you in either temporarily (until IPtables is restarted) or permanently.

To reconfigure PortKnocker to permanently whitelist IP addresses from which you issue a successful knock, login as root and issue the command: iptables-knock activate

For PortKnocker to work, you obviously need to know the secret knocks. You’ll find them in /root/knock.FAQ. Record them in your wallet or inside your suitcase for that rainy day! There are PortKnocker apps for almost all smartphones as well as for Windows, Mac, and Linux computers. Install your favorite AND test access before you leave town. You can change the ports by editing /etc/knockd.conf. Then restart PortKnocker: service knockd restart

blank

Finally, be aware that PortKnocker does not need any special access to your server to work; however, if your server is behind a hardware-based firewall, then you must map the three PortKnocker TCP ports to the private IP address of your server, or the knocks obviously will never get delivered to your server.

If you installed Incredible PBX on a cloud platform, then your server may use a network port other than eth0. Typically, it’s venet0:0 on OpenVZ servers. You can decipher the name of your network port for your public IP address by issuing the command: ifconfig. In this case, the config file needs to be modified and then PortKnocker needs to be restarted. Edit /etc/sysconfig/knockd and insert the following: OPTIONS="-i venet0:0". Restart PortKnocker with the command: service knockd restart

Review our PortKnocker tutorial for additional configuration tips.

9. Travelin’ Man 4 Remote Access (dial TM4)

In addition to PortKnocker, Incredible PBX also includes a telephone-based solution to temporarily gain remote access to your server. This does require a bit of preplanning since you must create account credentials for the person to whom you wish to give remote access via a phone call. The complete tutorial for Travelin’ Man 4 is available on the PIAF Forum. All of the pieces already are in place on your server so skip down to the Configuration & Operation sections for details on implementation. The tutorial also covers the Administrator Utilities in /root/tm4 which let you set up remote user accounts.

10. Using the Conference Bridge (dial CONF)

A new turnkey Asterisk 13 Conference Bridge has been added to Incredible PBX. A conference bridge allows a group of people to participate in a joint phone call. Typically, participants dial into a virtual meeting room from their own phone. This virtual meeting room supports dozens or even hundreds of participants depending upon server capacity.

You do not need a timing source for conferencing with Incredible PBX! Old-style Asterisk Conference Rooms which required a timing source are disabled.

To access the Conference Bridge, dial C-O-N-F (2663) from any phone connected to your server. Remote users can be added to a conference by providing a DID that points to an IVR which includes Conference Bridge access. Once connected to the conference bridge, a caller is prompted for the Conference Bridge PIN and his or her name. You can decipher or modify the user and admin passwords to access the Conference Bridge in the Incredible PBX GUI: Applications:Conferences. Then edit 2663 and review the User and Admin PINs.

11. CallerID Name (CNAM) Lookups

By default, Incredible PBX is configured to automatically provide OpenCNAM CallerID name lookups for the first ten calls received each hour. These lookups are only from cached entries in the OpenCNAM database; however, you can enable the commercial lookup service if desired. The cost is four tenths of a cent per successful query.

To enable the OpenCNAM Professional Tier, set up an account at OpenCNAM.com. Once you’ve obtained your credentials, edit the OpenCNAM entry in Admin:CID Superfecta:Default. You may also wish to enable AsteriDex lookups and move the scheme to the top of your list of lookup schemes.

To activate CallerID Superfecta for incoming calls, edit each of your Inbound Routes and Enable Superfecta Lookup with the Default Scheme in the Other tab.

12. Faxing with Incredible PBX

If you can press the ENTER key 25 times, you are fully capable of installing Incredible Fax on your new server. Log into your server as root and run /root/incrediblefax13.sh. Provide an email address for delivery of incoming faxes and press ENTER each time you are prompted to make a selection. Once you reboot your server, you’re all set. As part of the install, you provided an email address for delivery of incoming faxes. That’s all the setup that is required to have incoming faxes sent to most of your DIDs delivered via SendMail in PDF format. The best way to figure out whether a particular provider supports fax technology on their DIDs is to send a test fax to yourself. FaxZERO lets you send 5 free faxes of up to 3 pages every day. Give it a whirl.

blank

You also can send faxes using standard document types with the AvantFax web application. Log into AvantFax from the main Incredible PBX GUI by clicking on the AvantFax icon. The default credentials are admin:password. Choose the Send a Fax option from the main menu, fill in the blanks, and attach your document. AvantFax uses the default dialplan so use the prefix desired to send the fax using your preferred provider. HINT: Google Voice does an excellent job with both incoming and outgoing faxes, and the calls are free in the U.S. and Canada.

With the latest release of Incredible PBX 13-13, fax recognition is supported on incoming calls. Edit each of your Inbound Routes and enable Detect Faxes with Detection Type=SIP, Fax Ring=Yes, Fax Detection Time=4, and Fax Destination=Custom Destination:Fax (HylaFax) in the Fax tab.

Copies of all incoming faxes also are available for retrieval within AvantFax.

13. Voicemail 101 for Incredible PBX

Voicemail functionality is enabled on an extension-by-extension basis as part of the extension setup under the Voicemail tab. Once enabled, you can set up your mailbox and retrieve your messages by dialing *97 from the mailbox extension, or dial *98 to retrieve messages from any extension. Shortcut dialing is also supported, e.g. *98707 would retrieve messages for extension 707. You can leave a message for or forward calls to any extension’s mailbox without actually calling the extension. Just prepend * to any extension number before dialing, e.g. *701. A number of the system settings for voicemail can be tweaked under the Voicemail tab as well. For example, you can automatically delete voicemails once they have been delivered by email. Voicemail Blasting to multiple mailboxes is also supported. Just choose this option under the Applications tab and follow your nose.

14. Email Delivery of MP3 Voicemails

Speaking of email delivery, your voicemails also can be delivered to any email address of your choosing. For every extension under the Voicemail tab for the Extension, simply add an Email Address and enable the Email Attachment. With Incredible PBX, the voicemail message will be attached to the email in MP3 format so it’s suitable for playback with most email clients on desktop PCs, Macs, and smartphones. Be advised that some Internet service providers (such as Comcast) block downstream SMTP servers. You can check whether your outbound email is flowing by accessing WebMin (below) and choosing Servers -> SendMail Mail Server -> Mail Queue. Or you can issue the following command using your destination email address:

echo "test" | mail -s testmessage your-name@your-email-provider.com

If you find outbound mail is accumulating after checking in WebMin, then you’ll need to add your ISP’s SMTP server address as a SmartHost for SendMail as documented in the next section.

15. Reconfiguring SendMail for a SmartHost

Many residential Internet service providers block downstream SMTP servers such as the SendMail server running with Incredible PBX. If you’re sending emails but they never arrive and you’ve checked your SPAM folder, then chances are your ISP is the culprit. The simple solution is to add your ISP’s SMTP server as a SmartHost for SendMail. This means outbound emails will be forwarded to your ISP for actual email transmission over the Internet. Here’s how. Edit /etc/mail/sendmail.cf and search for DS. Immediately after DS, add the FQDN of your ISP’s SMTP server, e.g. DSsmtp.comcrap.net (no spaces!). Save the file and then restart SendMail: service sendmail restart. Your email and voicemail messages with attachments should begin flowing without further delay.

16. SMS Blasting with Google Voice

Out of the box, Incredible PBX supports SMS Message Blasting if you have a functioning Google Voice account set up. Before first use, you must add your credentials, address list, and text message to the SMS Blaster scripts in the /root folder.

In smsblast, insert your credentials:

GVACCT="yourname@gmail.com"
GVPASS="yourpassword"
MSGSUBJECT="Little League Alert"

In smslist.txt, insert one or more recipients for your message. These can be a combination of SMS addresses and email addresses and will be delivered accordingly.

NOTE: For most cellphone providers, you also can send an email message for SMS delivery by the provider. The complete list of providers is available here. Email messaging for SMS requires that you know the cellphone provider for your recipient while standard SMS messaging does not.

# In lieu of SMS number, email is also OK
8431234567 Doe John
mary@doe.com Doe Mary
8435551212@txt.att.net Mr T

In smsmsg.txt, enter the text message to be sent.

Once you have all three files configured, run the script: /root/smsblast.

NOTE: Google has tightened security for using plain-text Google Voice passwords as this application and the next one require. Before you begin, log into your server as root and issue the following command: gvoice. Try logging in with your Google Voice credentials including @gmail.com in your username. If the login fails, perform the following steps using a web browser after logging into the same Google account: (1) Perform the Google Voice Reset Procedure. (2) Enable Less Secure Apps using this Google tool. Then immediately try logging in to gvoice from the CLI again.

17. Voice-Activated SMS Messaging (dial SMS)

In addition to message blasting, you also can dial 767 from any extension and dictate an SMS message to send through your Google Voice account. When prompted for the destination, simply enter the 10-digit SMS number of the recipient. This new implementation of SMS Dictator requires both Google Voice and IBM STT credentials. Follow this tutorial to get started with the latest code.

18. SMS Messaging with VoIP.ms

Incredible PBX for Asterisk-GUI also supports SMS messaging through VoIP.ms if you have an account and an SMS-enabled DID. See the VoIP.ms wiki for setup info on the VoIP.ms side.

To install the VoIP.ms SMS scripts, follow these steps:

cd /root
mkdir sms-voip.ms
cd sms-voip.ms
wget http://incrediblepbx.com/voipms-SMS.tar.gz
tar zxvf voipms-SMS.tar.gz

Edit voipms-sms.php and insert your VoIP.ms number that supports SMS messaging (no spoofing allowed!):

$SMSsender="8005551212";

Edit class.voipms.php and insert your VoIP.ms API credentials:

    /*******************************************\
     *  VoIPms - API Credentials
    \*******************************************/
    var $api_username   = 'yourname@youremail.com';
    var $api_password   = 'yourpassword';

Send an SMS message through VoIP.ms with the following command where smsnumber is the 10-digit number of the SMS recipient and "sms message" is the text message surrounded by quotes:

/root/sms-voip.ms/voipms-sms.php smsnumber "sms message"

NOTE: VoIP.ms has indicated that sooner or later there will be a penny per message charge for SMS messages; however, as of today, they’re still free.

19. SIP URI Calling with Incredible PBX

With one line of dialplan code, you can add Speed Dials for free SIP URI calling worldwide. The dialplan code is stored in the [CallingRule_SIP_URI] context in extensions_custom.conf. Just clone one of the existing entries, designate an extension to dial to connect to the SIP URI, and enter the SIP URI for the destination. Numerous SIP providers support assignment of SIP URI’s to DIDs for unlimited free calling from anywhere in the world. Here’s a sample using a speed dial code of 53669 that connects you to SIP URI 2233435945@sip2sip.info: exten = 53669,1,Dial(SIP/2233435945@sip2sip.info)

20. IVR Demo of Incredible PBX Apps

The easiest way to try out a number of the Incredible PBX applications is to take the IVR Demo for a spin. Just pick up any phone and dial 3366 (D-E-M-O). The sample code for the IVR is available for review and modification in the IVR section of the GUI. There’s also a sample Stealth AutoAttendant. This plays a brief greeting and then rings an extension or ring group. During the greeting, you could configure the application to allow button presses to branch to other applications on your PBX, hence the Stealth name since the codes are not disclosed to callers.

21. Backup & Restore with Incredible PBX

Incredible Backup and Restore scripts are still under development for Incredible PBX 13-13 because of recent changes in Asterisk. If backups are important to you, we strongly recommend you consider a $2.50/month cloud server at Vultr using our referral code. For an additional 50 cents per month, you get weekly image backups of your server that can be restored with a couple of button clicks. It’s the cheapest insurance you can buy for your PBX!

22. AsteriDex – The Poor Man’s Rolodex

AsteriDex is a web-based phonebook application for Incredible PBX. You can access it from the main web menu. Scripts are also available to import your contacts from Outlook and Google Contacts.

23. Voice Dialing with AsteriDex (dial 411)

If you have voice recognition enabled on your server, you can call anyone in your AsteriDex database by dialing 411.

24. Speed Dialing with AsteriDex (dial 000+)

For those without voice recognition, Incredible PBX includes two speed dialing utilities. The first is accessed by dialing 412. Then enter any 3-digit dialcode from your AsteriDex database to complete the call. If you’d prefer to skip the intermediate step, dial 000 + the 3-digit speed dial code desired. The call will be placed immediately using your default outbound routes.

For a complete listing of your AsteriDex dial codes, execute this query:

mysql -u root -ppassw0rd asteridex -e "select name,dialcode from user1 order by name"

To automatically generate the 3-digit speed dial codes for everyone in your AsteriDex database using the first three letters of each name, run the following script from your web browser: http://your-server-ip/asteridex4/dialcode.php.

25. Telephone Reminders (dial 123)

Incredible PBX includes a sophisticated reminders system that lets you schedule individual or recurring reminders using your phone by dialing 123 or a web browser. A complete tutorial is available here. For phone reminders, a password is required to access the reminder system. Typically, these reminders set up a return call at a scheduled time that then plays back either a recorded message or a TTS message generated from the text you entered in the browser application. Incredible PBX also includes a new addition that lets you schedule web reminders that are delivered by email or SMS message.

blank

26. DISA Access with Incredible PBX

Direct Inward System Access (aka DISA) is one of the great PBX inventions of the last 50 years. It’s also one of the most dangerous. It lets someone connect to your PBX and obtain dial tone to place an outbound call using your trunks… on your nickel. Typically, it is offered as an option with an IVR or AutoAttendant. The DISA extension is not preconfigured with Incredible PBX; however, you can easily set it up in the GUI by choosing Applications:DISA. Make up a very secure PIN before exposing DISA access to the outside world. It’s your phone bill.

27. Yahoo! News (Dial 951)

Yahoo! news headlines are available by dialing 951. The news option also is included in the sample IVR application.

28. Weather Forecasts by Phone (dial 947)

You can obtain a current weather forecast for most zip codes by dialing 947 (Z-I-P) and entering the 5-digit zip code.

29. ODBC Application Support for Asterisk

If you’ve recently logged into your server as root, Automatic Update #4 added ODBC/MySQL application support for Asterisk. You can try out a few sample applications that are included to get you started. Dial 222 and enter 12345 for the employee number. This retrieves an employee name from the MySQL timeclock database using Asterisk. Dial 223 to retrieve an AsteriDex name and phone number by entering the 3-character dialcode. You then have the option of placing the call by pressing 1. Once you have created accounts for Travelin’ Man 4, you can dial 864 (T-M-4) to WhiteList an IP address for that account after entering the account number and matching PIN. Use the * key for periods in the IP address.

30. Today in History (Dial T-O-D-A-Y)

It’s always interesting to find out what happened Today in History. And Incredible PBX now delivers it by phone. Just dial 86329 (T-O-D-A-Y) for a walk down memory lane.

31. Time of Day

Speaking of yesteryear, if you grew up dialing TI-4-1212 for the time of day, Ma Bell may have discontinued the service, but we haven’t. Now you can do it on your very own PBX.

If you want your users to be able to dial in for the time directly by dialing extension, here’s how. In the GUI, choose Admin:Custom Destinations:Add Destination. Set up a Time of Day description with a target of new-time,s,1 and save your entry. Now Enable an Application:Misc Application:Add Application with a Feature Code of 8463, Time of Day description, and point it to Custom Destination:Time of Day. Save your entry and then dial 8463 (T-I-M-E) for the Time of Day.

WebMin: The Linux Swiss Army Knife

There is no finer Linux application than WebMin. There is no more dangerous Linux application than WebMin. You’ve been warned. We heartily recommend WebMin as a tool to LOOK at your server’s settings. We strongly discourage changing anything in WebMin unless you totally know what you are doing. This is especially true with management of Linux applications that make up the core of Incredible PBX: the Linux kernel, SendMail, IPtables, Apache, MySQL, PHP, and…

blank

To access WebMin, visit the following link with a web browser using the actual IP address of your server: https://ip-address:9001/. The username is root. The password is your root password. WebMin has root privileges to your server. Reread paragraph 1 and act accordingly.

For an exhaustive tutorial on WebMin, download The Book of WebMin by Joe Cooper. For a more recent commercial offering, take a look at Michal Karzyński’s WebMin Administrator’s Cookbook.

Enjoy your new Gotcha-Free PBX, and… Happy Cyber Monday! It’s always been one of the happiest days of the year around our office.

blank

Check out the new Incredible PBX 13-13 ISO. Complete tutorial available here.

Originally published: Monday, November 27, 2017


blankSupport Issues. With any application as sophisticated as this one, you’re bound to have questions. Blog comments are a terrible place to handle support issues although we welcome general comments about our articles and software. If you have particular support issues, we encourage you to get actively involved in the PBX in a Flash Forums. It’s the best Asterisk tech support site in the business, and it’s all free! Please have a look and post your support questions there. Unlike some forums, ours is extremely friendly and is supported by literally hundreds of Asterisk gurus and thousands of users just like you. You won’t have to wait long for an answer to your question.



blank

NEW YEAR’S TREAT: If you could use one or more free DIDs in the U.S. with unlimited inbound calls and unlimited simultaneous channels, then today’s your lucky day. TelecomsXChange and Bluebird Communications have a few hundred thousand DIDs to give away so you better hurry. You have your choice of DID locations including New York, New Jersey, California, Texas, and Iowa. The DIDs support Voice, Fax, Video, and even Text Messaging (by request). The only requirement at your end is a dedicated IP address for your VoIP server. Once you receive your welcome email with your number, be sure to whitelist the provider’s IP address in your firewall. For Incredible PBX servers, use add-ip to whitelist the UDP SIP port, 5060, using the IP address provided in your welcoming email.

Here’s the link to order your DIDs.

Your DID Trunk Setup in your favorite GUI should look like this:

Trunk Name: IPC
Peer Details:
type=friend
qualify=yes
host={IP address provided in welcome email}
context=from-trunk

Your Inbound Route should specify the 11-digit DID beginning with a 1. Enjoy!


blank
Need help with Asterisk? Visit the PBX in a Flash Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

blankBOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

blankThe lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

blankVitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

blankSpecial Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Some Recent Nerd Vittles Articles of Interest…

Back to Basics: Configuring Extensions, Trunks & Routes

blank

With last week’s release of Incredible PBX 13-13 Lean with Asterisk® 13 and FreePBX® 13 GPL modules, it seemed like an opportune time to revisit the initial setup process of an Asterisk-based PBX. Configuring extensions, trunks, and routes are the fundamental steps in successfully interconnecting your PBX to the telecommunications network. So today we’ll walk through the initial setup process in some detail for those that are just getting started. And we think old-timers may find some hidden nuggets in the exercise as well.

Overview of the Initial Asterisk Setup Process

For those new to PBXs, here’s a two paragraph summary of how Voice over IP (VoIP) works. Phones connected to your PBX are registered with Extensions so that they can make and receive calls. When a PBX user picks up a phone and dials a number, an Outbound Route tells the PBX which Trunk to use to place the call based upon established dialing rules. Unless the dialed number is a local extension, a Trunk registered with some service provider accepts the call, and the PBX sends the call to that provider. The provider then routes the call to its destination where the recipient’s phone rings to announce the incoming call. When the recipient picks up the phone, the conversation begins.

Looking at things from the other end, when a caller somewhere in the world wishes to reach you, the caller picks up a telephone and dials a number known as a DID that is assigned to you by a provider with whom you have established service. When the provider receives the call to your DID, it routes the call to your PBX based upon destination information you established with the provider. Your PBX receives the call with information identifying the DID of the call as well as the CallerID name and number of the caller. An Inbound Route on your PBX then determines where to send the call based upon that DID and CallerID information. Typically, a call is routed to an Extension, a group of Extensions known as a Ring Group, or an IVR or AutoAttendant giving the caller choices on routing the call to the desired destination. Once the call is routed to an Extension, the PBX rings the phone registered to that Extension. When you pick up the phone, the conversation begins.

Configuring Asterisk to Support NAT-Based Routing

With a VoIP server, many PBXs and Extensions are housed behind a NAT-based router that is found in most homes and businesses. These routers assign private IP addresses that are not accessible from the Internet. This causes SIP routing headaches because there are actually two legs to every call, one on the private IP address of your server or extension and another on the public Internet with an entirely different IP address. Routers supposedly handle this handoff of the call using Network Address Translation (NAT) and SIP ALG. With Asterisk-based PBXs, we want the PBX itself to handle the NAT chores so it is critically important to do three things when setting up your PBX. First, turn off SIP ALG on every router used by your PBX and every extension connected to your PBX. Second, tell your PBX about your public and private IP address setup. Step #2 is done in the Incredible PBX GUI with a browser. Login as admin and choose Settings:Asterisk SIP Settings. In the NAT Settings section of the form, click Detect Network Settings. Make sure your public and private IP addresses are correctly listed. Then click Submit and reload your dialplan when prompted. Failure to perform BOTH of these steps typically results in calls with one-way audio, i.e. where either you or the called party can’t hear the other party in the conversation. The third rule to remember is to always configure SIP Extensions on your PBX with NAT Mode=YES. This is rarely harmful and failure to configure SIP extensions in this way typically causes one-way audio in calls as well. IAX extensions avoid NAT issues.

Configuring Extensions with Incredible PBX GUI

Extensions are created using the Incredible PBX GUI: Applications:Extensions. Many SIP phones expect extensions to communicate on UDP port 5060. If this is the case with your SIP phone or softphone, then always create Chan_SIP extensions which communicate on UDP 5060. If your SIP phone or softphone provide port flexibility, then you have a choice in the type of SIP extension to create: Chan_SIP or the more versatile PJSIP. Just remember to always configure SIP extensions with NAT Mode=YES in the Advanced tab. If your VoIP phones or softphones support IAX connectivity, you may wish to consider IAX extensions which avoid NAT problems.

When you create a new Extension, a new entry is automatically created in the PBX Internal Directory. If you wish to allow individual users to manage their extensions or use the WebRTC softphone, then you will also have to create a (very) secure password for User Control Panel (UCP) access. Choose Admin:User Management and click on the key icon of the desired extension to assign a password for UCP and WebRTC access.

Configuring SIP Phones with Incredible PBX GUI

SIP phones and softphones typically require three pieces of information: the IP address of your server, the extension number, and the extension password. If you’re using a PJSIP extension, you also will need to change the port to UDP 5061. If your server is behind a NAT-based router, SIP phones also behind the same router need to use the private LAN address rather than the public IP address. If the SIP phones are outside the router protecting the PBX, then use the public IP address and make certain that you also map ports 5060 and 5061 from your router to the private LAN address of your PBX.

The PIAF Forum can provide you with helpful information in choosing high quality SIP phones. Yealink phones are highly recommended with minimal issues. Cisco phones are the most difficult to configure. Insofar as free softphones, we recommend the Zoiper 3 offerings for Windows, Mac, iOS, and Android. Zoiper 5 still is experiencing some growing pains. A key advantage of the Zoiper softphone is it supports IAX extensions which eliminate the NAT issues entirely. On the Mac platform, we also recommend the Telephone app which is available in the App Store. For SRTP communications, use Grandstream Wave.

Configuring Trunks with Incredible PBX GUI

Perhaps the most difficult component to configure in the PBX is the Trunk. Almost every provider has a different way of doing things. We’ve taken some of the torture out of the exercise by providing a script which will configure settings for dozens of providers in seconds. Once installed, all you need to do is edit the desired Trunk (Connectivity:Trunks), change the Disable Trunk entry to No, and insert your credentials in both the PEER Details and Registration string of the SIP Settings Outgoing and Incoming tabs.

To install the Trunk setups on your PBX, log into your server as root and issue the following commands only once:

cd /root
wget http://incrediblepbx.com/create-sample-trunks.tar.gz
tar zxvf create-sample-trunks.tar.gz
rm create-sample-trunks.tar.gz
./create-sample-trunks

Incredible PBX Wholesale Providers Access

Nerd Vittles has negotiated a special offer that gives you instant access to 300+ wholesale carriers around the globe. In lieu of paying the $650 annual fee for the service, a 13% wholesale surcharge is assessed to cover operational costs of TelecomsXchange. In addition, TelecomsXchange has generously offered to contribute a portion of the surcharge to support the Incredible PBX open source project. See this Nerd Vittles tutorial for installation instructions and signup details.

Configuring Google Voice with Incredible PBX GUI

The advantage of Google Voice trunks for those of you in the United States is that all of your calls within the U.S. and Canada are free. You can’t beat the price, and it has worked reliably for many, many years. There are three different ways to set up Google Voice trunks with Incredible PBX. For a one-time fee of $4.99 with this coupon, you can use the Simonics GV/SIP gateway to configure a Google Voice account using OAuth 2 authentication. Then just set up the Simonics SIP trunk on your PBX to point to the Simonics gateway. A second option is to choose the (recommended) OAuth 2 authentication method for Google Voice when you initially install Incredible PBX 13-13. Finally, you can choose plain-text passwords for Google Voice when you set up Incredible PBX. The drawback of this last option is Google has hinted that they may discontinue support of plain-text passwords.


Here are the initial setup steps on the Google side:

1. Set up a dedicated Gmail and Google Voice account to use exclusively for this Google Voice setup on your PBX. Head over to the Google Voice site and register. You’ll need to provide a U.S. phone number to verify your account by either text message or phone call.


blank

2. Once you have verified your account by entering your verification code, you’ll get a welcome message from Mr. Google. Click Continue to Google Voice.


blank

3. Provide an existing U.S. phone number for verification. It can be the same one you used to set up your Google account in step #1.


blank

4. Once your phone number has been verified, choose a DID in the area code of your choice.


blank

Special Note: Google continues to tighten up on obtaining more than one Google Voice number from the same computer or the same IP address. If this is a problem for you, here’s a workaround. From your smartphone, install the Google Voice app from iPhone App Store or Google’s Play Store. Then open the app and login to your new Google account. Choose your new Google Voice number when prompted and provide a cell number with SMS as your callback number for verification. Once the number is verified, log out of Google Voice. Do NOT make any calls. Now head back to your PC’s browser and login to https://voice.google.com. You will be presented with the new Google Voice interface which does not include the Google Chat option. But fear not. At least for now there’s still a way to get there. After you have set up your new phone number and opened the Google Voice interface, click on the 3 vertical dots in the left sidebar (it’s labeled More). When it opens, click Legacy Google Voice in the sidebar. That will return you to the old UI. Now click on the Gear icon (upper right) and choose Settings. Make sure the Google Chat option is selected and disable forwarding calls to whatever default phone number you set up.

5. When your DID has been assigned, click the More icon at the bottom of the left column of the Google Voice desktop. Click Legacy Google Voice. Now click the Settings icon on your legacy Google Voice desktop. Make certain that Forward Calls to Google chat is checked and disable calls to your forwarding number. Click on the Calls tab and select Call Screening:OFF, CallerID (Incoming):Display Caller’s Number, and Global Spam Filtering:checked. The remaining entries should be blank.

6. Google Voice configuration is now complete. Sign out of your Google Voice account.


The Simonics GV-SIP Gateway Solution. Here’s the quick thumbnail of the steps to put all the pieces in place. First, we set up a Google Voice account at Google as documented above. Next, we’ll set up an account at the Simonics site to link our Google Voice account to the Simonics SIP Gateway. Then we’ll plug our Simonics SIP credentials into the preconfigured Simonics trunk on Incredible PBX. Finally, we’ll add Incoming and Outgoing Routes to tell Incredible PBX how to process Google Voice calls.

Now you’re ready to set up an account on the Simonics site. With this Nerd Vittles link, there’s a one-time fee of $4.99.

1. Start by registering your new Google account.

2. After paying the $4.99 registration fee via PayPal, proceed through the setup process to link your Google Voice account and 11-digit Google Voice phone number to the Simonics SIP Gateway.

3. You then will be provided your SIP username and password as well as the gateway address, gvgw.simonics.com, to use in building your SIP trunk on your PBX.


blank

4. If your SIP credentials ever get compromised, regenerate your password by logging back into the Simonics GW site.

Now it’s time to configure your Simonics trunk in Incredible PBX. Start by logging into the web interface as admin with your admin password from above. Click Connectivity:Trunks and choose the Simonics trunk in the PBX Configuration menu. The Simonics trunk template will display:

blank

1. Untick the Disable Trunk check box.

2. In Outbound CallerID, insert your 10-digit Google Voice number.

3. In username, insert GV1 followed by your 10-digit Google Voice number.

4. In secret, insert your Simonics SIP password.

5. In the Registration String, insert GV1 followed by your 10-digit Google Voice number followed by a colon (:)

6. In the Registration String after the colon, insert your Simonics SIP password.

7. In the tail of the Registration String after the slash (/), insert your 10-digit Google Voice number.

8. Click Submit Changes and then Reload the Dialplan when prompted.


Configuring GV Trunk with Motif in the GUI. If you elect to configure your Google Voice trunk natively using the Incredible PBX GUI, you first will need to obtain a Refresh_Token if you elected to use OAuth 2 authentication.

1. Be sure you are still logged into your Google Voice account. If not, log back in at https://voice.google.com.

2. In a separate browser tab, go to the Google OAUTH Playground using your browser while still logged into your Google Voice account.

3. Once logged in to Google OAUTH Playground, click on the Gear icon in upper right corner (as shown below).

blank

  3a. Check the box: Use your own OAuth credentials
  3b. Enter Incredible PBX OAuth Client ID:

466295438629-prpknsovs0b8gjfcrs0sn04s9hgn8j3d.apps.googleusercontent.com

  3c. Enter Incredible PBX OAuth Client secret: 4ewzJaCx275clcT4i4Hfxqo2
  3d. Click Close

4. Click Step 1: Select and Authorize APIs (as shown below)

blank

  4a. In OAUTH Scope field, enter: https://www.googleapis.com/auth/googletalk
  4b. Click Authorize APIs (blue) button.

5. Click Step 2: Exchange authorization code for tokens

  5a. Click Exchange authorization code for tokens (blue) button

  5b. When the tokens have been generated, Step 2 will close.

6. Reopen Step 2 and copy your Refresh_Token. This is the "password" you will need to enter (together with your Gmail account name and 10-digit GV phone number) when you add your GV trunk in the Incredible PBX GUI. Store this refresh_token in a safe place. Google doesn’t permanently store it!

7. Authorization tokens NEVER expire! If you ever need to remove your authorization tokens, go here and delete Incredible PBX Google Voice OAUTH entry by clicking on it and choosing DELETE option.

Switch back to your Gmail account and click on the Phone icon at the bottom of the window to place one test call. Once you successfully place a call, you can log out of Google Voice and Gmail.

Yes, this is a convoluted process. Setting up a secure computing environment often is. Just follow the steps and don’t skip any. It’s easy once you get the hang of it. And you’ll sleep better.

Now you’re ready to configure your Google Voice account in Incredible PBX. You do it from within the Incredible PBX GUI by choosing Connectivity:Google Voice. Just plug in your Google Voice Username, enter your refresh_token from Step #6 above as your Google Voice Password, enter your 10-digit Google Voice Phone Number, and check the first two boxes: Add Trunk and Add Outbound Routes. Then click Submit and Apply Settings to save your new entries.

If you elected to use plain-text passwords for Google Voice, simply skip obtaining OAuth 2 credentials and substitute your plain-text password for the refresh_token when you create the Google Voice trunk above. If you have trouble getting Google Voice to work using a plain-text password, try this Google Voice Reset Procedure. It usually fixes connectivity problems. If it still doesn’t work, enable Less Secure Apps using this Google tool.

IMPORTANT: Once you’ve entered your credentials, you MUST restart Asterisk from the Linux command line, or Google Voice calls will fail: amportal restart

Configuring Outbound Routes in Incredible PBX GUI

Outbound Routes serve a couple of purposes. First, they assure that calls placed by users of your PBX are routed out through an appropriate trunk to reach their destination in the least costly manner. Second, they serve as a security mechanism by either blocking or restricting certain calls by requiring a PIN to complete the calls. For example, if you only permit 10-digit calls and route all of those calls out through a Google Voice trunk, there is zero risk of running up an exorbitant phone bill because of unauthorized calls unless you’ve deposited a lot of money in your Google Voice account. This raises another important security tip. Never authorize recurring charges on credit cards registered with your VoIP providers and, if possible, place pricing limits on calls with your providers. If a bad guy were to break into your PBX, you don’t want to give the intruder a blank check to make unauthorized calls. And you certainly don’t want to join the $100,000 Phone Bill Club.

To create outbound routes in the Incredible PBX GUI, navigate to Connectivity:Outbound Routes and click Add Outbound Route. In the Route Settings tab, give the Outbound Route a name and choose one or more trunks to use for the outbound calls. In the Dial Patterns tab, specify the dial strings that must be matched to use this Outbound Route. NXXNXXXXXX would require only 10-digit numbers with the first and fourth digits being a number between 2 and 9. Note that Outbound Routes are searched from the top entry to the bottom until there is a match. Make certain that you order your routes correctly and then place test calls watching the Asterisk CLI to make sure the calls are routed as you intended.

Configuring Inbound Routes in Incredible PBX GUI

Inbound Routes, as the name implies, are used to direct incoming calls to a specific destination. That destination could be an extension, a ring group, an IVR or AutoAttendant, or even a conference or DISA extension to place outbound calls (hopefully with a very secure password). Inbound Routes can be identified by DID, CallerID number, or both. To create Inbound Routes, choose Connectivity:Inbound Routes and then click Add Inbound Route. Provide at least a Description for the route, a DID to be matched, and the Destination for the incoming calls that match. If you only want certain callers to be able to reach certain extensions, add a CallerID number to your matching criteria. You can add Call Recording and CallerID CNAM Lookups under the Other tab.

Bug Fix for Incredible Fax Installer

If you installed Incredible PBX 13-13 during the past week, be advised that removal of a GitHub repo will prevent the Incredible Fax installer in /root from completing successfully. Here’s the fix:

sed -i 's|joshnorth|wardmundy|' /root/incrediblefax11.sh

Also note that, with the Incredible PBX 13-13 Lean install, you must manually create a Custom Destination using the GUI. This is the destination to use for receipt of incoming faxes. The settings for the new Custom Destination should look like this:

target -> custom-fax-iaxmodem,s,1
label  -> Fax (HylaFax)
return -> no

You now have a functioning PBX. Down the road, we’ll tackle some of the more esoteric features of Asterisk so… Stay Tuned!

Published: Monday, October 30, 2017  


blank

NEW YEAR’S TREAT: If you could use one or more free DIDs in the U.S. with unlimited inbound calls and unlimited simultaneous channels, then today’s your lucky day. TelecomsXChange and Bluebird Communications have a few hundred thousand DIDs to give away so you better hurry. You have your choice of DID locations including New York, New Jersey, California, Texas, and Iowa. The DIDs support Voice, Fax, Video, and even Text Messaging (by request). The only requirement at your end is a dedicated IP address for your VoIP server. Once you receive your welcome email with your number, be sure to whitelist the provider’s IP address in your firewall. For Incredible PBX servers, use add-ip to whitelist the UDP SIP port, 5060, using the IP address provided in your welcoming email.

Here’s the link to order your DIDs.

Your DID Trunk Setup in your favorite GUI should look like this:

Trunk Name: IPC
Peer Details:
type=friend
qualify=yes
host={IP address provided in welcome email}
context=from-trunk

Your Inbound Route should specify the 11-digit DID beginning with a 1. Enjoy!


blank
Need help with Asterisk? Visit the PBX in a Flash Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

blankBOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

blankThe lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

blankVitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

blankSpecial Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Some Recent Nerd Vittles Articles of Interest…