Home » Posts tagged 'gvoice' (Page 8)
Tag Archives: gvoice
2016, The Year of VoIP Choice: Redundancy and Multi-Tenant with Wazo
As we celebrate Labor Day, it seemed appropriate to document why Wazo separates the men from the boys so your phones don’t end up as boat anchors buried in the sand. Today our focus is "High Availability (HA)" and "Multi-Tenant (MT)", two very expensive options for many PBXs including some that loosely tout their platforms as free.
In the PBX context, HA means that, when your server fails, there’s another one waiting in the wings to automatically take over. Much of this technology is based upon open source tools, but Sangoma sells a pair of limited term licenses as a FreePBX® add-on for a cool $3,000 not including hardware AND annual maintenance fees. With Wazo, it’s FREE! You can pair two Raspberry Pi’s or two Cloud servers, or you can mix-and-match with any combination of servers you choose. Here’s how we did it in 3 minutes flat:
Multi-tenant has been discussed for the FreePBX platform for the better part of a decade. As best we can tell, it’s still a pipe dream. Virtual machines running separate servers are the suggested solution even though this requires managing multiple Asterisk platforms forever. With Wazo’s FREE Entities module, MT is a cake walk. We’ll walk you through the 5-minute setup process thanks to the tips provided by Amy Grant on the PIAF Forum.
Deploying Wazo HA Servers with NeoRouter
Here’s the HA setup drill. First, you build two identical Wazo platforms running the same version of Incredible PBX for Wazo. Then you set the first server up as the Master and the second one as the Slave. As we said, these servers don’t need to be on the same hardware platform. And they need not be colocated although they have to share the same private LAN. We’ll handle that little detail by taking advantage of the NeoRouter client software that’s already installed as part of every Incredible PBX for Wazo build.
Unless both of your servers reside on the same local area network, you will need to deploy a NeoRouter server somewhere, but NOT on your Wazo Master since the NeoRouter server itself would become a single point of failure should it die along with your primary server. The Slave server would be a great choice. We covered the NeoRouter Server setup a long time ago in this tutorial, but don’t use the vintage install script. Instead you’ll need to deploy a current version of the Free NeoRouter Server that matches your server platform now that we support operating systems other than CentOS. Incidentally, all of the supported Cloud platforms that we’ve documented for Wazo also support NeoRouter.
We’ve made NeoRouter Server setup easy with this script which works with CentOS/SL, Ubuntu, Debian, and Raspbian. The actual setup steps covered in our original tutorial still are the same.
cd /root wget http://incrediblepbx.com/install-neorouter-server chmod +x install-neorouter-server ./install-neorouter-server
After you have your Free NeoRouter Server in place, the next step is to run nrclientcmd on each Wazo server and login to your NeoRouter Server with your credentials. The NeoRouter Server will assign a private IP address to each machine on the NeoRouter VPN. The addresses will be in the range 10.0.0.1 to 10.0.0.255. We’ll use these assigned addresses when setting up the Master and Slave Wazo HA servers.
High Availability Prerequisites with Wazo
In the Incredible PBX for Wazo context, the prerequisites list for your two HA servers is a short one. (1) You need two functioning Incredible PBX for Wazo machines on the same local area network. (2) Both the Master and Slave must be running the same version of Wazo. (3) All trunk registration timeouts (expiry) must be less than 300 seconds. (4) The Slave server must have no phone provisioning plugins installed.
For those using Google Voice trunks with OAuth in conjunction with Incredible PBX for Wazo, keep in mind that this is NOT an integral component of Wazo so it technically is not supported. However, you can easily make it work by configuring any desired Google Voice trunks on BOTH the Master and Slave machines using add-gvtrunk before enabling High Availability. Then the Google Voice trunks will continue to work even after a failover to Slave.
High Availability Limitations with Wazo
When the Master node fails, some features are not available on the Slave:
- Call history / call records are not recorded.
- Voicemail messages saved on the Master node are not available.
- Custom voicemail greetings recorded on the Master node are not available.
- Phone provisioning is disabled, i.e. a phone will always keep the same configuration, even after restarting it.
- Phone remote directory is not accessible because the provisioned IP address points to the Master.
Configuring Your Servers for High Availability
Like most Wazo tasks, setting up High Availability on your Master and Slave servers is a 5-minute process. Begin by configuring HA in the Web interface: Configuration ‣ Management ‣ High Availability. (1) Configure the first server as Master with the Remote Address of the Slave. (2) Login to the Linux CLI of Master as root and restart Wazo: xivo-service restart. (3) For the second machine, configure the server as Slave with the Remote Address of the Master.
Next, return to the Linux CLI of Master while still logged in as root. (1) Set up file synchronization by running this script: xivo-sync -i. (2) Start configuration synchronization by running: xivo-master-slave-db-replication 192.168.1.2 using the actual IP address of your Slave. (3) Finally, synchronize the two servers by running xivo-sync on Master. Done! Isn’t it nice saving $3,000 for 5 minutes work using open source software? 🙂
If you love the nitty gritty details, you can read up on Wazo HA in their excellent documentation.
Here’s what pbxstatus will show on Master and Slave while both servers are operational:
And here’s what happens when you halt Master. Within a minute or two, your designated Slave server will come to life:
Choosing Compatible Phones for High Availability
That’s only half the story, of course. Now that you have HA up and running, the remaining trick is that you want your phones to continue to work when things switch over to Slave. To accomplish this, you’ll need to use SIP phones that are compatible with HA technology. Some are, and many are not. Wazo has made it easy for you by publishing a compatibility list. Their documentation includes Officially Supported Devices as well as Community Supported Devices. HINT: Snom, Yealink, and Aastra 6700i and 9000i series phones are your safest bets.1 Here’s what a SIP extension setup would look like on Yealink’s popular T46G:
Deploying Multi-Tenant Technology with Wazo
If you’re new to MT technology, the idea here is to provide separate extensions and trunks for use by different departments within an organization. The reasons should be obvious. These departments have separate budgets and separate clientele, and you probably don’t want the public calling a central number in order to reach everyone in an organization. And the organization wants to identify costs and log calls associated with its various departments.
Wazo handles MT using Entities. When you set up Incredible PBX for Wazo, it automatically created a single Entity named Incredible PBX. You can create additional ones and name them anything you like in the Wazo Web interface: Configuration ‣ Management ‣ Entities.
Next, create Contexts to support your new Entity. Mimic the existing contexts in IPX ‣ IPX Configuration ‣ Contexts and provide unique names for each of them. Be sure you associate each of the new contexts with the new entity you created. Then set up users, lines, trunks, and call routing for the new entity in the same way you did it for the original IncrediblePBX entity. Take a look at Amy Grant’s setup with Google Voice on the PIAF Forum for additional tips. Simple and it’s FREE!
Originally published: Monday, September 5, 2016 Updated: Saturday, January 28, 2017
9 Countries Have Never Visited Nerd Vittles. Got a Friend in Any of Them https://t.co/wMfmlhiQ9y #asterisk #freepbx pic.twitter.com/TPFGZbqWB6
— Ward Mundy (@NerdUno) April 22, 2016
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
- HA failover even works great using $29 UTP-E62 if you can find one. [↩]
Raspberry Pi One-Minute Wonder: A Turnkey and Truly Incredible PBX for XiVO
Hard to believe it’s been 4½ years since the introduction of the original Raspberry Pi®. We love half-birthdays, and we’ve got a blockbuster gift for you today as we celebrate the fact that almost 10 million RasPi’s have been shipped. Yes, our love affair with the Raspberry Pi lives on. The sensational Raspberry Pi 3 sports a 1.2GHz 64-bit quad-core ARM Cortex-A53 CPU with ten times the performance of the original Raspberry Pi. Of particular interest to the VoIP community will be the RasPi 3’s integrated 802.11n wireless LAN and Bluetooth 4.1 hardware. And, of course, the RasPi 3 retains its compatibility with the Raspberry Pi 1 and 2. Did we mention it’s still just $35? Because we like to celebrate half birthdays, too, we’re pleased to introduce a brand new Incredible PBX™ for XiVO image for the Raspberry Pi 3 featuring Raspbian 8, the latest release of Asterisk® 13, and XiVO. This one installs in under a minute. And, yes, it’s still FREE with pure open source GPL code.
Special Thanks. First things first. We want to extend our extra special thanks to Iris-Network for their awesome Raspivo – XiVO build. Without it and their repositories, none of this would have been possible.
Raspberry Pi 3 Performance. Gone are the days of worrying about Raspberry Pi performance. Both the user interface and call quality now match what you’d expect to find on a $300-$500 VoIP server. For best results, we recommend 32GB Class 10 microSD cards which now are plentiful at the $10 price point.1
Raspberry Pi 3 Shopping List. Before you can install Incredible PBX for XiVO, you’ll need a compatible Raspberry Pi 3 platform. Here’s the short list that, when coupled with the Incredible PBX image, turns today’s adventure into kid’s play:
$35* Raspberry Pi 3 from MCM or Newark or Amazon $10 Power Adapter (2.5 amps minimum!) $10 32GB microSDHC Class 10 card (Don’t use SanDisk Ultra!) £12.95 Pibow 3 case or $7.50 Official RasPi 3 case
About That Asterisk. We write about Asterisk® regularly, but the asterisk we’re talking about is the one accompanying the $35* price tag for the Raspberry Pi 3. Yes, that’s the advertised price. And, no, if you want one quickly, you may pay a bit more. Right now you can snag one on Amazon for $35.99 with two-day Prime shipping. We’re assuming you already own a USB keyboard and an HDMI-compatible monitor. If so, today’s going rate for all of our recommended pieces is under $65, not bad for a fully-equipped, quad-core computer. Did we mention that Incredible PBX for XiVO is FREE with NoGotchas!
Incredible PBX Feature Set. Where to begin? Let’s start with the Alphabet Stew: IAX, SIP, SMS, FAX, SRTP, and OAuth functionality. Voice Recognition and Text-to-Speech VoIP application support using Festival and Google. Free calling with Google Voice, Simonics SIP gateway, or RingPlus cellular service. And all of your Nerd Vittles favorites: AsteriDex, Click-to-Dial, News, Weather, Reminders, and even an Alarm Clock. Plus hundreds of features that typically are found in commercial PBXs: Conferencing, IVRs and AutoAttendants, Simultaneous Ringing on your Smartphone, Email Delivery of Voicemail, Voicemail Blasting, Automatic Backups, High Availability Support, Automatic Phone Setups, and much more…
Incredible PBX Network Security Model. Most phone calls cost money. Unlike many of the other "free" VoIP solutions, our most important criteria for VoIP is rock-solid security. If your free server ends up costing you thousands of dollars in phone bills due to fraud, it isn’t free at all. Once you plug in that network cable, you’ve painted a bullseye on your checkbook.
No single network security system can protect you against zero-day vulnerabilities that no one has ever seen. Deploying multiple layers of security is not only smart, it’s essential with today’s Internet topology. It works much like the Bundle of Sticks from Aesop’s Fables. The more sticks there are in your bundle, the more difficult it is to break them apart. If a vulnerability suddenly appears in the Linux kernel, or in Asterisk, or in your web server, or in your favorite web GUI, you can continue to sleep well knowing that other layers of security have your back. No one else in the telecommunications industry has anything close. You can’t hack what you can’t see, and the Incredible PBX automatically configures a WhiteList as part of the one-minute setup. And it’s all open source GPL code that you can share with anybody and everybody unlike the so-called "freeware" products. Freeware with Asterisks is anything but free!
Do your part and do your homework. Comparison shop as if your phone bill matters! 😉 Incredible PBX provides:
- Preconfigured IPtables Linux Firewall
- Preconfigured Travelin’ Man 3 WhiteLists
- Randomized Port Knocker for Remote Access
- Fail2Ban Log Monitoring for SSH, Apache, Asterisk
- Randomized Ultra-Secure Passwords
- Automatic Update Utility for Security & Bug Fixes
- Asterisk Manager Lockdown to localhost
- Security Alerts via the PIAF Forum
Incredible PBX for XiVO Installation & Setup Tutorial
Here’s everything need to know about installation and setup of Incredible PBX for XiVO. "Automatic" means you just watch.
- Download and unzip Incredible PBX for XiVO image from SourceForge (includes GV OAuth support)
- Transfer Incredible PBX image to microSD card
- Boot Raspberry Pi from new microSD card
- Login to RasPi console as root:password to initialize your server (Automatic) and expand image to match SD card
- Reboot after writing down your server IP address (Automatic)
- Login via SSH as root:password to set up passwords (You Pick ’em) & configure firewall (Automatic)
- Enjoy!
Running Incredible PBX for XiVO on the Raspberry Pi
The standard XiVO boot procedure will begin once you insert your microSD card into the Raspberry Pi 3 and apply power. Within a short time, you’ll get the familiar Linux login prompt. Login as root with a password of password.
Once you log in, a startup script will briefly configure a few things and then advise you that it’s time to reboot. Write down the IP address provided because for Phase 2 of the setup, we need to use SSH or Putty on the desktop that you will actually be using to manage your server. The reason for this is that Incredible PBX automatically creates a whitelist of IP addresses that the firewall will allow to access your server. If the IP address isn’t in your whitelist, you may lock yourself out except from the RasPi’s console window.
Once the console window shows that your server has rebooted by displaying the Linux login prompt, switch to SSH or Putty and login as root using the IP address you wrote down. You’ll then be prompted to change your root password for Linux as well as your root password for XiVO GUI access using a web browser. You’ll also need to set a PIN that will be used to authorize access to extension 123 to schedule Telephone Reminders on your server. This completes the configuration. You’ll get a final screen showing the credentials for the preconfigured extension 701 as well as a reminder that your PortKnocker credentials are stored in /root/knock.FAQ in the event you ever lock yourself out of your machine. It’s a good idea to leave this screen displayed while you install and configure a softphone since you can cut-and-paste your extension 701 credentials without having to type anything.
Once you complete the SIP softphone setup below, you can return to the SSH window and press ENTER to finish the install. The Incredible PBX Automatic Update Utility will run, and then you will be presented with the pbxstatus display. You can access the Asterisk CLI by typing: asterisk -rvvvvvvvvvv. Exit from the CLI by typing quit. As mentioned previously, always shut down your server gracefully by typing halt. When prompted for the hostname, type xivo. Once the shutdown procedure finishes, it’s safe to disconnect the power cord from your Raspberry Pi.
Beginning with the September 1 release, many of the log files have been disabled to help prolong the life of microSD cards since XiVO tends to be very chatty. If you are running an earlier release, you can follow this tutorial to disable most logging on your Raspberry Pi.
Enabling WiFi on the Raspberry Pi 3
With the Raspberry Pi 3, wi-fi hardware is included. The next step is configuring it to connect to your WiFi router. Simply open /etc/wpa_supplicant/wpa_supplicant.conf with nano and (1) edit the SSID name and password fields to authorize access to your local, password-protected WiFi router as well as any open WiFi network. (2) Also update the country code for your WiFi region, e.g. country=US. Then (3) save your changes: Ctrl-X, Y, then press ENTER.
network={ ssid="YourSSID" psk="YourSSIDpassword" key_mgmt=WPA-PSK scan_ssid=1 priority=5 } network={ key_mgmt=NONE priority=1 }
Next, enable automatic startup of the wlan0 network interface:
sed -i 's|#allow-hotplug wlan0|allow-hotplug wlan0|' /etc/network/interfaces
Finally, stop and restart the wlan0 interface, count to 15, and check pbxstatus to decipher the added private IP address for your WiFi connection:
ifdown wlan0 ifup wlan0 pbxstatus
If you want to run your Raspberry Pi exclusively off the WiFi connection going forward, simply unplug the network cable from your RasPi and reboot your server.
Choosing a SIP Softphone for Incredible PBX for XiVO
Softphones tend to be a matter of taste for most folks so we’ll keep our suggestions to a minimum. On the Windows platform, it’s hard to go wrong with X-Lite. It works out of the box by simply plugging in the IP address of your server and your SIP username and password. It also happens to be free. The only downside is that X-Lite has a nasty habit of embedding time bombs in their free software so you may have to reinstall it from time to time. If you know what you’re doing Zoiper is another alternative but be advised that it doesn’t work out of the box on servers behind NAT-based routers.
On the Mac platform, our favorite free softphone is Telephone. It’s a barebones SIP client that just works. As with X-Lite, you plug in your server’s IP address and SIP credentials, and you’re in business.
On the Linux or Solaris platforms, we assume that you know what you’re doing and that you are perfectly capable of choosing and installing a SIP phone that meets your requirements.
Incredible PBX Application Quick Start Guide
We’ve finished the basic Incredible PBX for XiVO setup. You now have a functioning PBX with dozens of applications for Asterisk that work out of the box. It’s probably a good idea to spend a little time getting acquainted with Incredible PBX for XiVO before you add trunks to communicate with the outside world.
Here’s a handy cheat sheet for some of the Incredible PBX applications that have been installed or are available as add-ons. There’s also a link for more information. This remains a work-in-progress so expect more applications in coming weeks.
- Google Voice CLI interface and SMS Message Blasting
- CallerID Superfecta – Match Names to CallerID Numbers
- CallerID Blacklist – Block Calls from Spammers and Old Girlfriends
- CDR Reports in CSV Format
- CDR Reports in SQLite3 Format
- Asteridex – The Poor Man’s Rolodex (SQLite3 version)
- AsteriDex Click-to-Dial with XiVO Phonebook
- NeoRouter VPN for XiVO
- FCC RoboCall BlackList
- CallerID WhiteList Override
- Dial 123 – Telephone Reminders
- Dial 411 – Call by Name from AsteriDex
- Dial 947 – Weather Forecasts by ZIP Code
- Dial 951 – Latest Yahoo News
- Dial 2663 – Conference Call
- Dial 3472 – DISA Access
- Dial 4871 – Allison’s Sample IVR
- Dial *61 – Time of Day
- Dial *65 – Decipher Your Extension #
- Dial 8463 – Time of Day
- Dial *881400 – Schedule an Alarm for 2 p.m. (1400 military time)
- Dial 53669 – Meet Lenny, the Robocaller’s Worst Nightmare
How To Make Easily Compressed Backups of Incredible PBX
MicroSD cards WILL wear out especially on XiVO servers with lots of activity. So it’s important to make regular backups of your media so you don’t get surprised when things come unglued down the road. After considerable discussion on the PIAF Forum, here’s the collective wisdom.
You’ll need another machine (such as a Mac or Linux box) on which to plug in the microSD card in order to make a backup image of it since you can’t back up a card that is actually providing the live platform for your PBX. The recommended methodology goes like this. Before shutting down your PBX and removing the microSD card to make the backup, convert all of the unused space on the card to zeros so that the unused space can be easily compressed when you create the backup image. You do this by issuing the following command after logging into the Linux CLI as root on your RasPi 3. Be sure to do it during a period of inactivity on your PBX as it is processor intensive. Then halt the machine and remove the microSD card.
xivo-service stop cat /dev/zero > wipe.it ; rm wipe.it halt
Insert the card into an SD card slot on the machine you will use to make the backup image and issue the following commands after deciphering the correct device name for your card (/dev/disk4 in this example) using the df utility:
sudo df -h sudo dd bs=1m if=/dev/disk4 | gzip -c > incrediblepbx-xivo.img.gz sudo sync sudo diskutil eject /dev/disk4s1 echo "It's safe to remove the microSD card now."
Now return the microSD card to your Raspberry Pi 3 and boot. Store your backups in a safe place!
Configuring Trunks and Routes with Incredible PBX for XiVO
The next step in your XiVO adventure is connecting your PBX to the outside world so that you can make and receive phone calls from anywhere in the world. For this you’ll need one or more trunks. Unlike the Ma Bell world, there’s no reason to put all your eggs in one basket. You can use one or more trunk providers for incoming calls with separate phone numbers for each. And you can use one or more trunk providers for outgoing calls and save money on calls to certain countries by choosing the best provider for where you want to call. And, of course, if you live in the United States, you can set up one or more Google Voice trunks and make calls to the U.S. and Canada for free. We’ve written a number of tutorials to make it easy to set up these trunks.
To get started, point a web browser to the IP address of your PBX. Login as root with the XiVO GUI password you set up above. If you ever forget your password, you can run /root/admin-pw-change to reconfigure it.
XIVO Trunk Implementation Tutorials
- XiVO Trunks Tutorial: Installing a Vitelity SIP Trunk2
- XiVO Trunks Tutorial: Installing a VoIP.ms SIP Trunk
- XiVO Trunks Tutorial: Installing a RingPlus SIP Trunk
- XiVO Trunks Tutorial: Installing a FreeVoipDeal (Betamax) SIP Trunk
- XiVO Trunks Tutorial: Installing a Google Voice-Simonics SIP Trunk
- XiVO Trunks Tutorial: Deploying Native Google Voice with OAuth Trunks
- XiVO Trunks Tutorial: Installing an Anveo Direct Outbound SIP Trunk
- XiVO Trunks Tutorial: Installing a Skype Connect SIP Trunk
Once you’ve added one or more trunks, you’ll need to tell XiVO how to route outgoing and incoming calls. Here are our step-by-step tutorials on setting up Outbound Calling Routes and Incoming Call Routes:
XIVO Call Routing Tutorials
- XiVO Call Routing Tutorial: Creating Outbound Routes for PSTN Calling
- XiVO Call Routing Tutorial: Creating Inbound Routes for DIDs
Enabling Bluetooth & Proximity Detection on the Raspberry Pi
Implementing Bluetooth Proximity Detection with Smartphone and your #RaspberryPi3 https://t.co/TYFrcqcLux #asterisk pic.twitter.com/QqGNjqG3Ag
— Ward Mundy (@NerdUno) March 4, 2016
Where To Go Next with Incredible PBX for XiVO
Now you’re ready to explore. We recommend you pick up here in our Incredible PBX for XiVO tutorial. And be sure to check out the Last Minute Fixes that didn’t make it into the current build. Enjoy the ride!
Originally published: Monday, August 29, 2016
9 Countries Have Never Visited Nerd Vittles. Got a Friend in Any of Them https://t.co/wMfmlhiQ9y #asterisk #freepbx pic.twitter.com/TPFGZbqWB6
— Ward Mundy (@NerdUno) April 22, 2016
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
- Many of our purchase links refer users to Amazon when we find their prices are competitive for the recommended products. Nerd Vittles receives a small referral fee from Amazon to help cover the costs of our blog. We never recommend particular products solely to generate Amazon commissions. However, when pricing is comparable or availability is favorable, we support Amazon because Amazon supports us. [↩]
- Vitelity is a platinum sponsor of Nerd Vittles, and they also happen to be the best in the business. You’ll find a discount coupon to get a great deal on a DID and 4-channel trunk toward the end of this article. [↩]
VirtualBox Magic: A Turnkey PBX in 5 Minutes Flat with XiVO
We’ve sung the praises of VirtualBox for many years because it provides a wonderful platform for experimentation as well as production-ready systems using almost any hardware and any operating system. Versions of VirtualBox are available for Windows PCs, Macs, Linux desktops, and even Solaris machines. And, once you have VirtualBox in place, you can load gigabyte-sized turnkey virtual machines in under a minute. It literally transforms complex computer setups into child’s play.
We’ve received dozens of emails about XiVO, and most of them go something like this:
I’d love to experiment with XiVO as an Asterisk® platform, but I worry that the environment is just too different and the learning curve too steep. I just wish there were a simple way to get started so that I could learn the basics.
Today, your prayers have been answered. You don’t have to buy any hardware. You can use the desktop computer you already have. We’ve taken the Incredible PBX for XiVO tutorial and turned it into a turnkey virtual machine for VirtualBox. You can load it in under a minute and be ready to go. It’s got all of the Incredible PBX bells and whistles, and an extension is already configured so that you can hit the ground running. Just install VirtualBox. Next, install Incredible PBX for XiVO. Install your favorite SIP phone. Plug in the SIP credentials provided. And you’re done in a few minutes. To make outgoing calls, you can add a SIP trunk using one of the numerous SIP provider tutorials we’ve provided. Or, if you live in the United States, you can add a Google Voice trunk in a couple minutes and make free calls in the U.S. and Canada. Let’s get started!
Installing Oracle VM VirtualBox
Oracle’s virtual machine platform inherited from Sun is amazing. It’s not only free, but it’s pure GPL2 code. VirtualBox gives you a virtual machine platform that runs on top of any desktop operating system. In terms of limitations, we haven’t found any. We even tested this on an Atom-based Windows 7 machine with 2GB of RAM, and it worked without a hiccup. So step #1 today is to download one or more of the VirtualBox installers from VirtualBox.org or Oracle.com. Our recommendation is to put all of the 100MB installers on a 4GB thumb drive.1 Then you’ll have everything in one place whenever and wherever you happen to need it. Once you’ve downloaded the software, simply install it onto your favorite desktop machine. Accept all of the default settings, and you’ll be good to go. For more details, here’s a link to the Oracle VM VirtualBox User Manual.
Downloading & Installing Incredible PBX for XiVO Virtual Machine
To begin, download Incredible PBX for XiVO .ova image (1.0 GB) to the computer on which you installed VirtualBox.
When the download completes, double-click on the .ova file you downloaded to load it into VirtualBox. When prompted, be sure to check the Reinitialize the Mac address of all network cards box, agree to the license agreement, and then click the Import button. Once the import is finished, you’ll see a new (1) Incredible PBX for XiVO virtual machine in the VM List of the VirtualBox Manager Window. We need to make a couple of one-time adjustments to the Incredible PBX for XiVO configuration to account for differences in sound and network cards on different host machines.
(1) Click once on the Incredible PBX for XiVO virtual machine in the VM List. Then (2) click the Settings button. In the Audio tab, check the Enable Audio option and choose your sound card. In the Network tab for Adapter 1, check the Enable Network Adapter option. From the Attached to pull-down menu, choose Bridged Adapter. Then select your network card from the Name list. Then click OK. That’s all the configuration that is necessary for your Incredible PBX for XiVO.
Running Incredible PBX for XiVO in VirtualBox
Once you’ve imported and configured the Incredible PBX for XiVO Virtual Machine, you’re ready to go. Highlight Incredible PBX for XiVO virtual machine in the VM List on the VirtualBox Manager Window and click the Start button. The standard XiVO boot procedure will begin and, within a short time, you’ll get the familiar Linux login prompt. During the bootstrap procedure, you’ll see a couple of dialogue boxes pop up that explain the keystrokes to move back and forth between your host operating system desktop and your virtual machine. Remember, you still have full access to your desktop computer. Incredible PBX for XiVO is merely running as a task in a VirtualBox window. Always gracefully halt Incredible PBX just as you would on a dedicated computer.
Here’s what you need to know. To work in the Incredible PBX for XiVO virtual machine, just left-click your mouse while it is positioned inside the VM window. To return to your host operating system desktop, press the right Option key on Windows machines or the left Command key on any Mac. For other operating systems, read the dialogue boxes for instructions on moving around. To access the Linux CLI, login as root with the default password: password.
Once you log into your virtual machine, a startup script will briefly configure a few things and then advise you that it’s time to reboot. Write down the IP address provided because for Phase 2 of the setup, we need to use SSH or Putty on the desktop that you will actually be using to manage your server. The reason for this is that Incredible PBX automatically creates a whitelist of IP addresses that the firewall will allow to access your server. If the IP address isn’t in your whitelist, you may lock yourself out except from the VirtualBox console window.
Once the VirtualBox console window shows that your server has rebooted by displaying the Linux login prompt, switch to SHH or Putty and login as root using the IP address you wrote down. You’ll then be prompted to change your root password for Linux as well as your root password for XiVO GUI access using a web browser. You’ll also need to set a PIN that will be used to authorize access to extension 123 to schedule Telephone Reminders on your server. This completes the configuration. You’ll get a final screen showing the credentials for the preconfigured extension 701 as well as a reminder that your PortKnocker credentials are stored in /root/knock.FAQ in the event you ever lock yourself out of your machine. It’s a good idea to leave this screen displayed while you install and configure a softphone since you can cut-and-paste your extension 701 credentials without having to type anything.
Once you complete the SIP softphone setup below, you can return to the SSH window and press ENTER to finish the install. The Incredible PBX Automatic Update Utility will run, and then you will be presented with the pbxstatus display. You can access the Asterisk CLI by typing: asterisk -rvvvvvvvvvv. Exit from the CLI by typing quit. As mentioned previously, always shut down your server gracefully by typing halt. When prompted for the hostname, type xivo. Once the shutdown procedure finishes, it’s save to turn off your virtual machine.
Choosing a SIP Softphone for Incredible PBX for XiVO
Softphones tend to be a matter of taste for most folks so we’ll keep our suggestions to a minimum. On the Windows platform, it’s hard to go wrong with X-Lite. It works out of the box by simply plugging in the IP address of your server and your SIP username and password. It also happens to be free. The only downside is that X-Lite has a nasty habit of embedding time bombs in their free software so you may have to reinstall it from time to time. If you know what you’re doing Zoiper is another alternative but be advised that it doesn’t work out of the box on servers behind NAT-based routers.
On the Mac platform, our favorite free softphone is Telephone. It’s a barebones SIP client that just works. As with X-Lite, you plug in your server’s IP address and SIP credentials, and you’re in business.
On the Linux or Solaris platforms, we assume that you know what you’re doing and that you are perfectly capable of choosing and installing a SIP phone that meets your requirements.
Incredible PBX Application Quick Start Guide
We’ve finished the basic Incredible PBX for XiVO setup. You now have a functioning PBX with dozens of applications for Asterisk that work out of the box. It’s probably a good idea to spend a little time getting acquainted with Incredible PBX for XiVO before you add trunks to communicate with the outside world.
Here’s a handy cheat sheet for some of the Incredible PBX applications that have been installed or are available as add-ons. There’s also a link for more information. This remains a work-in-progress so expect more applications in coming weeks.
- Google Voice CLI interface and SMS Message Blasting (Add-On)
- CallerID Superfecta – Match Names to CallerID Numbers
- CallerID Blacklist – Block Calls from Spammers and Old Girlfriends
- CDR Reports in CSV Format
- CDR Reports in SQLite3 Format
- Asteridex – The Poor Man’s Rolodex (SQLite3 version)
- AsteriDex Click-to-Dial with XiVO Phonebook
- NeoRouter VPN for XiVO
- FCC RoboCall BlackList
- CallerID WhiteList Override
- Dial 123 – Telephone Reminders
- Dial 411 – Call by Name from AsteriDex
- Dial 947 – Weather Forecasts by ZIP Code
- Dial 951 – Latest Yahoo News
- Dial 2663 – Conference Call
- Dial 3472 – DISA Access
- Dial 4871 – Allison’s Sample IVR
- Dial *881400 – Schedule an Alarm for 2 p.m. (1400 military time)
- Dial 53669 – Meet Lenny, the Robocaller’s Worst Nightmare
Configuring Trunks and Routes with Incredible PBX for XiVO
The next step in your XiVO adventure is connecting your PBX to the outside world so that you can make and receive phone calls from anywhere in the world. For this you’ll need one or more trunks. Unlike the Ma Bell world, there’s no reason to put all your eggs in one basket. You can use one or more trunk providers for incoming calls with separate phone numbers for each. And you can use one or more trunk providers for outgoing calls and save money on calls to certain countries by choosing the best provider for where you want to call. And, of course, if you live in the United States, you can set up one or more Google Voice trunks and make calls to the U.S. and Canada for free. We’ve written a number of tutorials to make it easy to set up these trunks.
To get started, point a web browser to the IP address of your PBX. Login as root with the XiVO GUI password you set up above. If you ever forget your password, you can run /root/admin-pw-change to reconfigure it.
XIVO Trunk Implementation Tutorials
- XiVO Trunks Tutorial: Installing a Vitelity SIP Trunk2
- XiVO Trunks Tutorial: Installing a VoIP.ms SIP Trunk
- XiVO Trunks Tutorial: Installing a RingPlus SIP Trunk
- XiVO Trunks Tutorial: Installing a FreeVoipDeal (Betamax) SIP Trunk
- XiVO Trunks Tutorial: Installing a Google Voice-Simonics SIP Trunk
- XiVO Trunks Tutorial: Deploying Native Google Voice with OAuth Trunks
- XiVO Trunks Tutorial: Installing an Anveo Direct Outbound SIP Trunk
- XiVO Trunks Tutorial: Installing a Skype Connect SIP Trunk
Once you’ve added one or more trunks, you’ll need to tell XiVO how to route outgoing and incoming calls. Here are our step-by-step tutorials on setting up Outbound Calling Routes and Incoming Call Routes:
XIVO Call Routing Tutorials
- XiVO Call Routing Tutorial: Creating Outbound Routes for PSTN Calling
- XiVO Call Routing Tutorial: Creating Inbound Routes for DIDs
Now you’re ready to explore. We recommend you pick up here in our Incredible PBX for XiVO tutorial. And be sure to check out the Last Minute Fixes that didn’t make it into the current build. Enjoy the ride!
Originally published: Monday, August 22, 2016
9 Countries Have Never Visited Nerd Vittles. Got a Friend in Any of Them https://t.co/wMfmlhiQ9y #asterisk #freepbx pic.twitter.com/TPFGZbqWB6
— Ward Mundy (@NerdUno) April 22, 2016
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
- Many of our purchase links refer users to Amazon when we find their prices are competitive for the recommended products. Nerd Vittles receives a small referral fee from Amazon to help cover the costs of our blog. We never recommend particular products solely to generate Amazon commissions. However, when pricing is comparable or availability is favorable, we support Amazon because Amazon supports us. [↩]
- Vitelity is a platinum sponsor of Nerd Vittles, and they also happen to be the best in the business. You’ll find a discount coupon to get a great deal on a DID and 4-channel trunk toward the end of this article. [↩]
Google Voice with OAuth 2 Comes to Incredible PBX for XiVO
Since we began our XiVO adventure a couple months ago, the most requested feature has been direct support for Google Voice. For those in the United States, it remains the cheapest VoIP solution on the planet (when it works) with unlimited free calls throughout the U.S. and Canada. While we’ve had Google Voice functionality in XiVO through the Simonics SIP to Google Voice Gateway since the outset, there still were some who preferred to keep their credentials and tokens to themselves. And then there were those that found the $4.99 per line Simonics setup fee too rich for their blood.
To celebrate the new school year, today we’re pleased to provide a new tutorial and script that bolts Google Voice with OAuth authentication onto Incredible PBX for XiVO. Our extra special thanks goes to Sylvain Boily, the father of XiVO, for his selfless work in bringing this to fruition in less than a day. That tells you just how adaptable the XiVO platform really is. We’ve simply added a little window dressing to ease the pain for those just getting started with XiVO and Incredible PBX.
Overview. If you’re new to Google Voice, here’s how the installation scenario goes. First, you set up a Gmail account at gmail.com. Next, you create a Google Voice account. Then, you configure Google Voice for use with Asterisk®. Next, you obtain your Google Voice OAuth 2 Refresh Token which becomes your password to use in configuring Google Voice on the XiVO platform. Next, using SSH or Putty, you log into your XiVO server as root and download and run the installation script to get your Google Voice credentials set up in XiVO. Finally, you log into the XiVO GUI with a browser and set up a custom trunk as well as an outgoing and incoming route for Google Voice calls. To add more Google Voice trunks, you simply repeat the drill. You now should have a perfectly functioning, free VoIP platform compliments of Google and Sylvain Boily and his development team. Let’s get started.
Configuring Google Voice for Use with XiVO
If you’re one of the five people on Earth that does not yet have a Gmail account, start there. Once you’ve set up your Gmail account and logged in, open a new browser tab to access the Google Voice site. Accept the Google Terms and Privacy Policy. Then choose a new Phone Number in your favorite area code. NOTE: Before Google will assign you a number, you must enter an existing U.S. phone number to verify your identity and location as well as to use for initially forwarding calls. Once your account is set up, you will get an email asking that you verify your email address. Once you’ve done that, you’ll be prompted to login to your Google Voice account again. When you do so, you’ll be prompted to Install the Hangouts Dialer app to make VoIP calls from Android. Do NOT install the dialer, or you may break the ability to use your Google Voice number with Asterisk. Instead, click X to close the dialog box.
UPDATE: Google continues to tighten up on obtaining more than one Google Voice number from the same computer or the same IP address. If this is a problem for you, here’s a workaround. From your smartphone, install the Google Voice app from iPhone App Store or Google’s Play Store. Then open the app and login to your new Google account. Choose your new Google Voice number when prompted and provide a cell number with SMS as your callback number for verification. Once the number is verified, log out of Google Voice. Do NOT make any calls. Now head back to your PC’s browser and login to http://google.com/voice. You will be presented with the new Google Voice interface which does not include the Google Chat option. But fear not. At least for now there’s still a way to get there. After you have set up your new phone number and opened the Google Voice interface, click on the 3 vertical dots in the left sidebar (it’s labeled More). When it opens, click Legacy Google Voice in the sidebar. That will return you to the old UI. Now click on the Gear icon (upper right) and choose Settings. Make sure the Google Chat option is selected and disable forwarding calls to whatever default phone number you set up.
Next, click on the Calls tab. Make sure your settings match these:
- Call Screening – OFF
- Call Presentation – OFF
- Caller ID (In) – Display Caller’s Number
- Caller ID (Out) – Don’t Change Anything
- Do Not Disturb – OFF
- Call Options (Enable Recording) – OFF
- Global Spam Filtering – ON
Under the Voicemail tab, plug in your email address so you get notified of new voicemails. Then click Save Settings. Down the road, receipt of a Google Voice voicemail will be a big hint that something has come unglued on your PBX.
One final word of caution is in order regardless of your choice of providers: Do NOT use special characters in any provider passwords, or nothing will work!
Now it’s time to obtain your OAuth 2 credentials. Even though it’s a bit more work on the front end, the good news is you won’t have to worry about your Google Voice trunks failing when Google phases out plain-text passwords. The other good news is you won’t be passing your plain-text Google Voice credentials across the Internet for everyone in the world to see.
Obtaining Your Google Voice OAuth 2 Credentials for XiVO
While you’re still logged into your Google Voice account, you need to obtain a refresh_token which is what you’ll use instead of a password when setting up your Google Voice account with XiVO. Here’s how.
1. Be sure you are still logged into your Google Voice account. If not, log back in at https://voice.google.com.
2. In a separate browser tab, go to the Google OAUTH Playground using your browser while still logged into your Google Voice account.
3. Once logged in to Google OAUTH Playground, click on the Gear icon in upper right corner (as shown below).
3a. Check the box: Use your own OAuth credentials
3b. Enter Incredible PBX OAuth Client ID:
466295438629-prpknsovs0b8gjfcrs0sn04s9hgn8j3d.apps.googleusercontent.com
3c. Enter Incredible PBX OAuth Client secret: 4ewzJaCx275clcT4i4Hfxqo2
3d. Click Close
4. Click Step 1: Select and Authorize APIs (as shown below)
4a. In OAUTH Scope field, enter: https://www.googleapis.com/auth/googletalk
4b. Click Authorize APIs (blue) button.
5. Click Step 2: Exchange authorization code for tokens
5a. Click Exchange authorization code for tokens (blue) button
5b. When the tokens have been generated, Step 2 will close.
6. Reopen Step 2 and copy your Refresh_Token. This is the "password" you will need to enter (together with your Gmail account name and 10-digit GV phone number) when you add your GV trunk in the Incredible PBX GUI. Store this refresh_token in a safe place. Google doesn’t permanently store it!
7. Authorization tokens NEVER expire! If you ever need to remove your authorization tokens, go here and delete Incredible PBX Google Voice OAUTH entry by clicking on it and choosing DELETE option.
Switch back to your Gmail account and click on the Phone icon at the bottom of the window to place one test call. Once you successfully place a call, you can log out of Google Voice and Gmail.
Yes, this is a convoluted process. Setting up a secure computing environment often is. Just follow the steps and don’t skip any. It’s easy once you get the hang of it. And you’ll sleep better.
Downloading and Installing Google Voice with OAuth 2 for XiVO
Now it’s time to reconfigure XiVO to use Google Voice with OAuth 2. Before you begin, write down your 10-digit Google Voice phone number, your Google account name without @gmail.com, and your Refresh Token from the previous step.
Log into your server as root using SSH or Putty. Then execute the following commands to kick off the install:
cd /root apt-get update apt-get -y install build-essential libssl-dev wget http://incrediblepbx.com/gvoauth-xivo.tar.gz tar zxvf gvoauth-xivo.tar.gz rm -f gvoauth-xivo.tar.gz ./add-gvtrunk
Plug in your Google Voice phone number and credentials when prompted. Then check your work carefully. When the install finishes, fire up your favorite browser to finish the setup using the settings that were provided.
Configuring XiVO for Google Voice OAuth
From a browser pointed to the IP address of your server, log in to XiVO as root with your GUI password.
Choose Services.IPBX.Trunk Management.Customized. Click on + Add to create a new custom trunk. Configure the trunk using the settings provided by the installer and click the Save button. The Trunk Name will be your actual gmailname (without @gmail.com). Interface will be Motif/gmailname (using your actual Gmail name). Interface suffix will be @voice.google.com. And the Context will be Outcalls (to-extern).
Next, choose Services.IPBX.Call Management.Incoming Calls. Click on + Add to create a new inbound route for your Google Voice DID. This is where you tell XiVO how to route calls placed to your Google Voice number. For your DID, enter your 10-digit Google Voice number. For the Context, choose Incalls (from-extern). Then choose from the pick lists to select a Destination and Redirect option for the incoming calls. It could be an extension, a ring group, a conference room, or an IVR. Click Save when you’re finished.
Finally, choose Services.IPBX.Call Management.Outgoing Calls. Click on + Add to create a new outbound route. Under the General tab, configure the route as shown below using a Name of out_gmailname (using your actual Gmail name). The Context should be Outcalls (to-extern). The Preprocess subroutine should be subr-gv-outcall. And the desired Custom Trunk should be dragged left to the selected column:
Under the Exten tab, add the desired 10-digit Exten string and trim off any prefix using Stripnum. Then click the Save button.
For example, for a first trunk, you might choose NXXNXXXXXX as the Exten with a Stripnum of 0. This would tell XiVO to route all 10-digit calls to this Custom GV Trunk. For a second Google Voice trunk, you might choose 9NXXNXXXXXX with a Stripnum of 1. This would tell XiVO to route 11-digit calls with a 9 prefix to this Custom Trunk AND to strip off the first digit (9) before sending the 10-digit call to Google Voice.
Taking Google Voice for a Test Drive with XiVO
That completes the Google Voice setup. You now should be able to place a call using your Google Voice trunk by dialing any 10-digit number. And calls placed to your Google Voice number should ring at the inbound destination you chose above.
If you have additional Google Voice trunks, simply run /root/add-gvtrunk again and insert the new credentials.
Should you ever need to delete a Google Voice account from your server, just run /root/del-gvtrunk with the name of the Google Voice trunk to delete. Enjoy your free phone service!
Originally published: Tuesday, August 16, 2016 Updated: Thursday, August 18, 2016
9 Countries Have Never Visited Nerd Vittles. Got a Friend in Any of Them https://t.co/wMfmlhiQ9y #asterisk #freepbx pic.twitter.com/TPFGZbqWB6
— Ward Mundy (@NerdUno) April 22, 2016
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
Take the XiVO Plunge: 4 Months of Free Cloud Hosting
Nobody has to tell us how painful change can be. We oversaw the deployment of over 30,000 IBM PCs only to switch horses and become a dedicated Mac lover. And we’ve invested almost 10 years in another Asterisk® GUI only to be disappointed by the direction of that project. That led to our New Year’s Resolution to find a better mousetrap for unified communications open source development. And, boy, did we find one. So here’s the deal. You either believe in the open source community and want to foster free and open development of software, or you don’t. And, if you don’t, that’s perfectly fine. There are lots of commercial PBX alternatives including the terrific 3CX products from our platinum sponsor. But don’t wrap yourself in the open source flag, brag about free and freedom, and then market a product that is none of the above. If your distro’s license agreement prohibits redistribution thereby discouraging sharing which is the lynchpin of the GPL, then the product has little if anything to do with free and freedom.
The good news is we’ve now found an awesome alternative that is pure open source code with an actual GPL3 license. So come join the party and lend a hand with your suggestions and/or your code contributions. We’ll put your name in bright lights, and the open source community will be forever in your debt. Our challenge is to get you as excited about XiVO as we are. There’s nothing with VoIP and Unified Communications that you can’t do better, cheaper, and faster using XiVO. And XiVO’s Asterisk RealTime implementation has no competition, period. Instead of lengthy delays to process changes, rewrite Asterisk config files, and reload the entire Asterisk dial plan, Asterisk RealTime brings instantaneous configuration updates.
We can think of no better way to introduce you to this terrific platform than offering up a free cloud platform until 2017 to let you kick the tires. It won’t impact your production servers while letting you explore the possibilities offered by a state-of-the-art Asterisk 13 platform with no equal. Believe me. We know every wart and pimple in the old GUI platform, and you won’t have to wrestle with any of the traditional problems that we all assumed were native to Asterisk. Guess what? They weren’t. No, your server won’t blow up when you add a new module. No, Asterisk won’t refuse to start because you chose to upgrade an existing component. No, you won’t be Nickle and Dimed into buying critical platform enhancements. And, no, you won’t be charged hundreds of dollars for "support" only to be told that you need to switch to a more proprietary platform. Yes, the XiVO development team releases seamless upgrades every three weeks at no cost. Yes, uncrippled endpoint provisioning for dozens of phones is provided in XiVO at no cost. Yes, powerful call center and High Availability technology is included at no cost. And, yes, backups of your server are made every night for free.
There’s more good news. VULTR is a relatively new cloud provider that now hosts virtual machines in over a dozen cities around the world. For new subscribers, they are offering a $20 credit when you sign up using our referral link. And, yes, your registration provides a few shekels to Nerd Vittles to keep the lights on. The great news is that $20 buys you a full four months of XiVO cloud hosting service, and you won’t find a better do-it-yourself platform at any price, let alone free.
Building the Debian 8 Platform at Vultr for XiVO
The first step in your XiVO adventure is to sign up for a Vultr account with your $20 credit using the Nerd Vittles referral link. Once you’ve done that, it’s time to build your Debian 8 virtual machine to host XiVO in the Cloud. (1) Choose your favorite city to host your server, (2) pick the Debian 8 64-bit platform, and (3) choose the $5/month server size.
IMPORTANT: Leave the Server Hostname & Label blank!
Once your virtual machine is up and running, log in with SSH or Putty using the root password provided. Do NOT install XiVO from the console, or the firewall will lock you out of your own machine! Change your root password immediately: passwd.
Next, set up a swap file on your virtual machine, or the XiVO install will fail on the $5 platform:
dd if=/dev/zero of=/swapfile bs=1024 count=1024k chown root:root /swapfile chmod 0600 /swapfile mkswap /swapfile swapon /swapfile echo "/swapfile swap swap defaults 0 0" >> /etc/fstab sysctl vm.swappiness=10 echo vm.swappiness=10 >> /etc/sysctl.conf free -h cat /proc/sys/vm/swappiness
Installing Incredible PBX for XiVO in the Vultr Cloud
While still logged into your server as root using SSH/Putty, issue the following commands to kick off the install:
cd /root wget http://incrediblepbx.com/IncrediblePBX13-XiVO.sh chmod +x IncrediblePBX13-XiVO.sh ./IncrediblePBX13-XiVO.sh
The initial setup brings your Debian 8 server up to current specs, and then the virtual machine will reboot. After rebooting, log into your server again as root with your new root password. Issue the following command to complete the XiVO and Incredible PBX installation and configuration:
./IncrediblePBX13-XiVO.sh
You’ll be prompted to set your time zone, passwords, and choose the optional features of Incredible PBX you wish to install. We strongly recommend you install ALL of the Incredible PBX feature set. Many cannot be added later.
Verify that the XiVO install completed successfully when prompted. Then verify that the XiVO initial configuration completed successfully by once again pressing ENTER. The firewall and Incredible PBX install will then proceed without further prompting. Total setup time: under 10 minutes.
There still are some setup steps required, and these are performed within the XiVO GUI using a web browser. For step-by-step instructions on the Incredible PBX Initial Configuration Procedure, click here. Enjoy your adventure!
Originally published: Monday, July 25, 2016
9 Countries Have Never Visited Nerd Vittles. Got a Friend in Any of Them https://t.co/wMfmlhiQ9y #asterisk #freepbx pic.twitter.com/TPFGZbqWB6
— Ward Mundy (@NerdUno) April 22, 2016
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
The Definitive Quick Start Guide: Introducing Incredible PBX for XiVO
Today we kick off a new Asterisk® adventure with the introduction of Incredible PBX™ for XiVO®. This pure GPL implementation of Asterisk has no strings, no gotchas, no hidden agenda, and no primadonnas. It’s open source code with no prohibitions on redistribution. The XiVO developers actively participate in the XiVO and PBX in a Flash™ communities and actually listen to constructive suggestions to improve their product. Changes happen in days, not years. Today we celebrate the return of true GPL project development and the end of closed-source ISOs and commercial modules with costly annual support contracts. Join us!
UPDATE: This article has been superseded. For the latest tutorial, go here.
If you’ve been following Nerd Vittles these past two months, then you already know there is literally nothing in the open source Unified Communications world that you can’t do faster, better, and cheaper with XiVO: automatic backups every night, seamless upgrades every three weeks, uncrippled endpoint provisioning for dozens of phones, powerful call centers, high availability redundant servers, real-time Asterisk technology out of the box, flexible SDK and APIs, and much more.
XiVO Installation Methodology
There are two ways to build XiVO servers. You can start with a minimal install of Debian 8 (64-bit), or you can use the 64-bit XiVO ISO. The advantage of the XiVO ISO is that building a system from the ISO gets you BOTH Debian 8 AND the basic XiVO install. However, you can only use the XiVO ISO on platforms that you own, not on virtual machines controlled by somebody else. Stated another way, if you plan to use dedicated hardware or VirtualBox or VMware ESXi, use the XiVO ISO. Otherwise, install a minimal Debian 8 (64-bit) operating system and nothing else on your platform of choice. Now you’re ready to choose your Incredible PBX installer. Install time: about 5-20 minutes depending upon the platform.
IMPORTANT: When you build your Debian 8 platform on either stand-alone hardware or as a virtual machine, use a fully-qualified domain name for your server’s hostname, e.g. xivo.incrediblepbx.com, NOT xivo. Disaster awaits if you forget this! But, don’t worry. If you do forget, the install will blow up, and you’ll get to start over. But you’ll remember the next time. 😉
Incredible PBX Feature Set
If you’ve been sleeping under a rock for the last few years, you may be wondering what the Incredible PBX offering includes. We’ve tried to preserve much of the functionality of prior releases in the XiVO implementation, and there is still more to come. Here’s a quick summary of two dozen features and applications that Incredible PBX offers for XiVO today:
Recent Additions: Skype Connect, Port Knocker, PPTP VPN, Pico TTS, A La Carte installer, Telephone Alarms.
The 3 Flavors of Incredible PBX for XiVO
To kick off our Independence Day celebration, we introduced three new Incredible PBX turnkey installers for XiVO because of the numerous platforms on which XiVO will run. We’ve now combined all three of the original installers into a single script for ease of use.
For those new to XiVO, there are three steps in getting a XiVO PBX up and running: (1) Debian 8 OS installation, (2) XiVO installation, (3) and XiVO basic configuration (typically using a web browser). The Incredible PBX installer has different tasks based upon how far along in this installation process you happen to be on a particular platform. Our special thanks to Sylvain Boily for his Python wizard to assist us in providing turnkey installs to the greatest extent possible. So here’s the new installer, but you are well advised to actually follow the platform tutorial (below) for your provider because of special quirks that are provider-specific:
IncrediblePBX13-XiVO.sh – Suitable for Debian 8 (32-bit or 64-bit) minimal platform where XiVO is not installed. Use with Cloud VMs. Also works with Debian 8 (32-bit or 64-bit) platform with XiVO installed but not configured. This is typically the situation if you built your server using the XiVO ISO. And the new installer works with Debian 8 (32-bit and 64-bit) platform with XiVO installed and configured.
WARNING: Incredible PBX erases and replaces stuff as part of its installation procedure. NEVER install Incredible PBX over the top of an existing production server!
Incredible PBX Installation Procedure
We’ve taken the guesswork out of this for a number of platforms by providing detailed tutorials that you can follow:
Choosing a XiVO Hardware Platform
- XiVO Platform Tutorial: Manually Installing XiVO and Debian 8
- XiVO Platform Tutorial: Installing XiVO on a Dedicated PC
- XiVO Platform Tutorial: Installing XiVO VM on VirtualBox
- XiVO Platform Tutorial: Turnkey 5-Minute Install on VirtualBox
- XiVO Platform Tutorial: Installing XiVO VM on VMware ESXi
- XiVO Platform Tutorial: Installing XiVO VM at ImpactVPS
- XiVO Platform Tutorial: Installing XiVO VM at Digital Ocean
- XiVO Platform Tutorial: Installing XiVO VM at CloudAtCost
- XiVO Platform Tutorial: Installing XiVO VM at RentPBX
- XiVO Platform Tutorial: Installing XiVO VM at Vultr
- XiVO Platform Tutorial: Installing XiVO VM at OVH.com
- XiVO Platform Tutorial: Turnkey 1-Minute Install on Raspberry Pi 3
If your situation falls somewhere in between all of these, here’s a quick summary. For stand-alone systems and virtual machine platforms that you own (such as VirtualBox and VMware ESXi), download and install the 64-bit version of XiVO using the XiVO ISO. For most other virtual machine platforms in the Cloud, you’ll start by creating a 64-bit Debian 8 virtual machine with at least 1GB of RAM and a 20GB drive. For turnkey cloud servers such as RentPBX, simply choose the VM option that already has Debian 8 and XiVO preinstalled.
Once you have your platform up and running, simply download and run the Incredible PBX installer:
cd /root wget http://incrediblepbx.com/IncrediblePBX13-XiVO.sh chmod +x IncrediblePBX13-XiVO.sh ./IncrediblePBX13-XiVO.sh
Incredible PBX Initial Configuration
Here are the first steps to complete after you have finished your initial XiVO and Incredible PBX installation. Log into the web interface at the IP address of your server using username root and the web password you created during installation.
All of this initial setup will be completed under the IPBX option of the Services tab as shown below. For each of the categories below, click on the matching section and tab in XiVO’s IPBX toolbar and fill in the properties as indicated.
UPDATE: The latest Incredible PBX for XiVO installer automatically configures SIP defaults and a dozen SIP trunks for you using XiVO Snapshots if you elect to install all of the Incredible PBX features when you run the installer. If so, you can skip through the next few sections of this tutorial.
General Settings:SIP Protocol
WARNING: If your XiVO server is running as a virtual machine behind a hardware-based NAT router and the virtual host also is sitting behind the same router, you may experience failed calls by setting the external IP address and local network addresses in the following screen. Try calls first without these settings, and add them only if you experience calling issues such as failed calls or one-way audio.
Genl Settings:SIP Protocol:Signaling:Codecs
In order of priority, move desired Codecs from right to left by clicking on + icons. If you plan to use the IAX or SCCP protocol for phones and/or trunks, also select Default Codecs under General Settings:IAX Protocol:Default and General Settings:SCCP Protocol tabs, respectively.
Genl Settings:SIP Protocol:Signaling:DNS
For DNS Manager and Server Lookup support (required for some SIP providers), enable the DNS Request field:
IPBX Configuration:Contexts
XiVO differs from some other Asterisk implementations in the way it manages the routing of calls. XiVO uses Contexts to define what constitute Internal calls (Default), External calls (Outcalls), and Incoming calls (Incalls). Think of these contexts as dialing rules. They define how the three categories of calls are managed internally by the XiVO PBX and determine which callers can do what with your PBX resources. XiVO uses dial strings and ranges of phone numbers to manage and constrain how various classes of calls are routed. The reason for these call specifications is pretty simple. You don’t want outside callers dialing into your PBX and making outbound calls using your PBX trunks on your nickel.
Some basic settings to enable internal calls and allow creation of user accounts were configured when you set up your XiVO PBX by running the configuration script. However, before anyone can make or receive calls to/from outside the XiVO PBX, you’ll need some additional specifications.
Edit the from-extern (Incalls) context and click Incoming Calls tab then the + icon. Add a range of DID numbers for incoming calls that will be allowed. These are the phone numbers assigned to SIP and IAX trunks that were acquired through commercial providers such as Vitelity. Note that the example below assumes that your incoming DID trunks deliver calls with 10-digit numbers. If you’re using a service such as Google Voice that delivers calls with 11-digit numbers starting with a 1, then add an additional range of numbers starting with a 1. If the provider delivers calls with +44, then you’d add an additional range with that prefix. Click Save once you’ve entered your settings.
Let’s also modify the Default context to support MeetMe conferencing for your server. Edit the default context and click Conference Rooms tab then + icon. For the extension range, enter 2663-2665. 2663 spells C-O-N-F by the way. Then click Save. If you have a DAHDI timing source on your server, you then can add conferences: IPBX Setting:Conference Rooms. If you don’t have a DAHDI timing source or you don’t know what any of this means, keep reading. There’s an easier way to set up a conference room for your users.
While you’re still in the (2) Default context, click on the (3) General tab and (4) move all of the sub-contexts to the left (Selected) column. (5) Then click the Save button.
General Settings:Advanced (Time Zone)
IPBX Settings:Users:Add User
Before you can actually make or receive calls with XiVO PBX, you’ll first need at least one User, Extension, and Line. So click on the (1) Users tab and then (2) the + icon and Add option (as shown below) to get started.
Use the General tab entries below as a guide to create your first user account. You only need to fill in options (1) and (2) if you would like this user to receive a simultaneous call on a mobile phone whenever this user’s internal phone rings.
In the Lines tab, assign an internal phone number for this user. By default, the initial configuration script created a range of extension numbers for you: 701-799. This can be changed in the next section to meet your specific requirements.
Once you’ve chosen an extension, click the Save button and a Line will automatically be generated to associate with your new User account.
Next, goto IPX Settings:Lines and click the pencil icon to obtain your SIP username and password credentials. You’ll need these to connect a SIP phone or softphone to your user account.
While you’re obtaining your username and password SIP credentials, fill in the blanks for the Line and click Save:
IPX Settings:Users (Voicemail Setup)
There are two steps to setting up voice mailboxes correctly. First, you need to configure the voicemail system defaults to accommodate your required time zones. The system only comes with support for Europe/Paris.
Go to (1) IPX General Settings:Voicemails and (2) click Time Zones tab and then (3) + Add. (4) Name your new time zone, (5) select the correct Time Zone from the pull-down list, and (6) add the following under Options and (7) Save your entry:
'vm-received' q 'digits/at' kM
Go to (1) IPX Settings:Users, edit your (2) User account, and click the (3) Voicemail tab. (4) Click the + icon to Add a new Voicemail account. (5) Check Enable Voicemail. (6) Fill in the form using the sample below. Be sure to choose the correct Time Zone for your voicemails. Uncheck Delete message after notification to retrieve voicemail messages by dialing *98 from an extension. (7) Click Save.
Setting Up a Ring Group in XiVO
A ring group is a collection of extensions to which calls can be routed. In XiVO terminology, they’re known as Groups. Extensions in a Group can be set to ring simultaneously or in one of six round-robin configurations based upon factors such as previous call volume. Before you can create a ring group, you first have to enable a range of extensions to dedicate to Groups. Edit the Default context, click the Groups tab, and then click the + Add icon to add a range of extension numbers:
To create a new ring group, choose IPX Setttings -> Groups and click the + Add icon. A typical setup to ring all extensions simultaneous and play a ring tone to the caller would look like this:
Next, click on the Users tab and move the desired extensions to the the selected side of the window. Then click Save.
Setting Up Trunks and Routes for XiVO Calling
Before you can make calls to phones outside your PBX or receive calls from outside your PBX, you’ll need one or more trunks. We’ve simplified the process of setting these up by providing step-by-step tutorials for the leading trunk providers. They are reproduced below for ease of reference:
XIVO Trunk Implementation Tutorials
- XiVO Trunks Tutorial: Installing a Vitelity SIP Trunk
- XiVO Trunks Tutorial: Installing a VoIP.ms SIP Trunk
- XiVO Trunks Tutorial: Installing a RingPlus SIP Trunk
- XiVO Trunks Tutorial: Installing a FreeVoipDeal (Betamax) SIP Trunk
- XiVO Trunks Tutorial: Installing a Google Voice-Simonics SIP Trunk
- XiVO Trunks Tutorial: Deploying Native Google Voice with OAuth Trunks
- XiVO Trunks Tutorial: Installing an Anveo Direct Outbound SIP Trunk
- XiVO Trunks Tutorial: Installing a Skype Connect SIP Trunk
- XiVO Trunks Tutorial: Installing a LocalPhone SIP Trunk
- XiVO Trunks Tutorial: Installing a CallCentric SIP Trunk
- XiVO Trunks Tutorial: Installing a FlowRoute SIP Trunk* (not yet verified)
Once you’ve added one or more trunks, you’ll need to tell XiVO how to route outgoing and incoming calls. Here are our step-by-step tutorials on setting up Outbound Calling Routes and Incoming Call Routes:
XIVO Call Routing Tutorials
- XiVO Call Routing Tutorial: Creating Outbound Routes for PSTN Calling
- XiVO Call Routing Tutorial: Creating Inbound Routes for DIDs
Deploying Google Voice with OAuth on XiVO PBX
Beginning in mid-August, 2016, native Google Voice with OAuth support became available on the Incredible PBX for XiVO platform. It supports deployment of multiple Google Voice trunks on any XiVO server. This new Nerd Vittles tutorial will walk you through implementation.
Using an SMTP Mail RelayHost with Postfix
To cut down on spam, many ISPs no longer allow SMTP mail traffic that originates from downstream mail servers. If your server is connected to an ISP such as Comcast, that would be you. Here’s how to reconfigure the Postfix mail server included with XiVO to process your outgoing emails using your ISP as a mail relay.
First, edit /etc/postfix/main.cf and search for relayhost. Replace it with the entries below. If it’s not in the file, then just add the following entries to the end of the file:
relayhost = smtp.comcast.net:587 smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasldb smtp_sasl_security_options = noanonymous
Next, create /etc/postfix/sasldb and add the following entries: your ISP (smtp.comcast.net) followed by a TAB and then your full comcast login name, a colon, and your Comcast password. No spaces! Save the file.
Next, create a hashed version of the file: postmap sasldb
Then restart Postfix: /etc/init.d/postfix restart
Now send yourself a test email like this:
echo "test" | mail -s testmessage yourname@yourmailprovider.com
Getting Started with SQLite3 on the XiVO Platform
Here are a couple SQLite3 queries to get you started with syntax:
sqlite3 /var/lib/asterisk/agi-bin/zipcodes.sqlite "select zip,city,state from zipcodes where zip=29401;" sqlite3 /var/lib/asterisk/agi-bin/asteridex.sqlite 'select name,out from user1 where name LIKE "%Airlines%";'
A bonus script in /root will let you convert existing MySQL databases to SQLite3. For example, if you’re currently using AsteriDex on another Incredible PBX platform, it only takes a couple seconds to convert your MySQL database to SQLite3. The syntax to run the script looks like this:
./mysql2sqlite3.sh -u root -ppassw0rd yourdatabase | sqlite3 yourdatabase.sqlite
Move the script to the server on which your existing MySQL databases are stored and run it there using the above syntax. Then copy the asteridex.sqlite file to your XiVO server and save it in /var/lib/asterisk/agi-bin.
Getting Started with Incredible PBX Call Logs
To retrieve SQLite3 call log data, here are a few examples to get you started:
ALL: sqlite3 /var/log/asterisk/master.db "select * from cdr"
DATE: sqlite3 /var/log/asterisk/master.db "select * from cdr where calldate >= '2016-05-22'"
NPA: sqlite3 /var/log/asterisk/master.db "SELECT * from cdr WHERE clid LIKE '%<843%'"
DEST: sqlite3 /var/log/asterisk/master.db "SELECT * from cdr WHERE dstchannel LIKE '%411%'"
FLDS: sqlite3 /var/log/asterisk/master.db "PRAGMA table_info(cdr)"
To retrieve the CDR log in CSV format suitable for spreadsheets, download:
/var/log/asterisk/cdr-csv/Master.csv
Managing Your Logs with XiVO
XiVO is a busy place especially on a busy PBX. Call logs and traditional Asterisk and Linux logs grow like crazy. We have added the following entries to /etc/crontab to assure that you don’t inadvertently run out of disk space on your server. Modify them to meet your own requirements.
10 1 * * * root rm -f /tmp/tts* > /dev/null 2>&1 11 1 * * * root rm -f /var/log/asterisk/*.gz > /dev/null 2>&1 11 2 * * * root rm -f /var/log/asterisk/*.1.gz > /dev/null 2>&1 12 1 * * * root rm -f /var/log/*.gz > /dev/null 2>&1 12 2 * * * root rm -f /var/log/*.1.gz > /dev/null 2>&1
Activating Voice Recognition for XiVO
Google has changed the licensing of their speech recognition engine about as many times as you change diapers on a newborn baby. Today’s rule restricts use to “personal and development use.” Assuming you qualify, the very first order of business is to enable speech recognition for your XiVO PBX. Once enabled, the Incredible PBX feature set grows exponentially. You’ll ultimately have access to the Voice Dialer for AsteriDex, Worldwide Weather Reports where you can say the name of a city and state or province to get a weather forecast for almost anywhere, Wolfram Alpha for a Siri-like encyclopedia for your PBX, and Lefteris Zafiris’ speech recognition software to build additional Asterisk apps limited only by your imagination. And, rumor has it, Google is about to announce new licensing terms, but we’re not there yet. To try out the Voice Dialer in today’s demo IVR, you’ll need to obtain a license key from Google. This Nerd Vittles tutorial will walk you through that process. Don’t forget to add your key to /var/lib/asterisk/agi-bin/speech-recog.agi on line 72.
Adding DISA Support to Your XiVO PBX
If you’re new to PBX lingo, DISA stands for Direct Inward System Access. As the name implies, it lets you make calls from outside your PBX using the call resources inside your PBX. This gives anybody with your DISA credentials the ability to make calls through your PBX on your nickel. It probably ranks up there as the most abused and one of the most loved features of the modern PBX.
There are three ways to implement DISA with Incredible PBX for XiVO. You can continue reading this section for our custom implementation with two-step authentication. There also are two native XiVO methods for implementing DISA using a PIN for security. First, you can dedicate a DID to incoming DISA calls. Or you can add a DISA option to an existing IVR. Both methods are documented in our tutorial on the PIAF Forum.
We prefer two-step authentication with DISA to make it harder for the bad guys. First, the outside phone number has to match the whitelist of numbers authorized to use your DISA service. And, second, you have to supply the DISA password for your server before you get dialtone to place an outbound call. Ultimately, of course, the monkey is on your back to create a very secure DISA password and to change it regularly. If all this sounds too scary, don’t install DISA on your PBX.
1. To get started, edit /root/disa-xivo.txt. When the editor opens the dialplan code, move the cursor down to the following line:
exten => 3472,n,GotoIf($["${CALLERID(number)}"="701"]?disago1) ; Good guy
2. Clone the line by pressing Ctrl-K and then Ctrl-U. Add copies of the line by pressing Ctrl-U again for each phone number you’d like to whitelist so that the caller can access DISA on your server. Now edit each line and replace 701 with the 10-digit number to be whitelisted.
3. Move the cursor down to the following line and replace 12341234 with the 8-digit numeric password that callers will have to enter to access DISA on your server:
exten => 3472,n,GotoIf($["${MYCODE}" = "12341234"]?disago2:bad,1)
4. Save the dialplan changes by pressing Ctrl-X, then Y, then ENTER.
5. Now copy the dialplan code into your XiVO setup, remove any previous copies of the code, and restart Asterisk:
cd /root sed -i '\:// BEGIN DISA:,\:// END DISA:d' /etc/asterisk/extensions_extra.d/xivo-extrafeatures.conf cat disa-xivo.txt >> /etc/asterisk/extensions_extra.d/xivo-extrafeatures.conf /etc/init.d/asterisk reload
6. The traditional way to access DISA is to add it as an undisclosed option in an IVR that is assigned to one of your inbound trunks (DIDs). For the demo IVR that we installed last week, edit the ivr-1.conf configuration file and change the "option 0″ line so that it looks like this. Then SAVE your changes.
exten => 0,1(ivrsel-0),Dial(Local/3472@default)
7. Adjust the inbound calls route of one of your DIDs to point to the demo IVR by changing the destination to Customized with the following Command:
Goto(ivr-1,s,1)
Here’s how ours looks for the Nerd Vittles XiVO Demo IVR:
8. Now you should be able to call your DID and choose option 0 to access DISA assuming you have whitelisted the number from which you are calling. When prompted, enter the DISA password you assigned and press #. You then should be able to dial a 10-digit number to make an outside call from within your PBX.
SECURITY HINT: Whenever you implement a new IVR on your PBX, it’s always a good idea to call in from an outside number 13 TIMES and try every key from your phone to make sure there is no unanticipated hole in your setup. Be sure to also let the IVR timeout to see what result you get.
Setting Up a Softphone or WebRTC to Connect to XiVO
If you’re a Mac user, you’re lucky (and smart). Download and install Telephone from the Mac App Store. Start up the application and choose Telephone:Preference:Accounts. Click on the + icon to add a new account. To set up your softphone, you need 3 pieces of information: the IP address of your server (Domain), and your Username and Password. In the World of XiVO, you’ll find these under IPBX:Services:Lines. Just click on the Pencil icon beside the extension to which you want to connect. Now copy or cut-and-paste your Username and Password into the Accounts dialog of the Telephone app. Click Done when you’re finished, and your new softphone will come to life and should show Available. Dial the IVR (4871) to try things out. With Telephone, you can use over two dozen soft phones simultaneously on your desktop.
Prefer to use WebRTC from your browser as a softphone? XiVO has you covered. Complete setup instructions available here.
For everyone else, we recommend YateClient which is free. Download it from here. Run YateClient once you’ve installed it and enter the credentials for the XiVO Line. You’ll need the IP address of your server plus your Line username and password associated with the 701 extension. On the XiVO platform, do NOT use an actual extension number for your username with XiVO. Go to IPBX Settings:Lines to decipher the appropriate username and password for the desired extension. Click OK to save your entries.
Test Drive of Sample Incredible PBX Apps
Once your softphone is registered, you can try out some of the Incredible PBX sample applications:
- 4871 (IVR1) – Allison’s Demo IVR
- 411 (Voice Dialing) – Call by Name (try "Delta Airlines")
- 2663 (CONF) – Conference Room with Music on Hold
- 951 – Yahoo! News Headlines (TTS)
- 947 (ZIP) – NWS Weather by ZIP Code
- 53669 (LENNY) – The Telemarketer’s Worst Nightmare
You can review the Dialplan code in the GUI by choosing IPBX Configuration:Configuration Files and clicking xivo-extrafeatures.conf. The sample IVR code is in ivr-1.conf. This Nerd Vittles tutorial will walk you through building your own IVRs for XiVO.
Using PBX Status with XiVO
For those that like to see how things are going from the Linux CLI, a modified version of pbxstatus is available for XiVO. From the Linux CLI, type: pbxstatus.
Using FQDNs with the Travelin’ Man 3 Firewall
If you plan to use FQDNs with your IPtables firewall or if your remote users will be using a Dynamic DNS provider to keep their IP addresses fresh, be sure to review Step #5 in the Travelin’ Man 3 tutorial which explains how to configure your firewall to automatically refresh IP addresses based upon changes in dynamic addresses. All of the necessary components already have been activated. Simply insert your FQDN entries using /root/add-fqdn and modify /root/ipchecker.
PortKnocker for XiVO: Your Firewall Safety Net
If you use a dynamic IP address for your local PC and that address changes, you may find yourself locked out of your own server unless you have heeded the advice in the preceding section. But there’s still hope. Incredible PBX for XiVO now includes the PortKnocker utility which lets you ping three predefined TCP ports in sequence to regain access to your server. You can read all about PortKnocker in this Nerd Vittles article. Unfortunately, PortKnocker doesn’t do you a bit of good if you haven’t deciphered what the three-port secret handshake is for your server. Before you forget, review /root/knock.FAQ and put the information in a safe place where you can retrieve it if the need should ever arise.
Adding a PPTP VPN to XiVO
Microsoft introduced the Point-to-Point-Tunneling-Protocol (PPTP) with Windows 95. Back then we knew it as Dial-Up Networking. Suffice it to say that, in those days, PPTP was anything but secure. Unfortunately, the bad name kinda stuck. For the most part, the security issues have been addressed with the possible exception of man-in-the-middle attacks which are incredibly difficult to pull off unless you are a service provider or have access to the wiring closets of your employer. You can read the long history of PPTP VPNs on Wikipedia for more background. If you’re traveling to China or other democracy-challenged destinations, you probably shouldn’t rely upon PPTP for network security. If these security considerations aren’t applicable in your situation, keep reading because PPTP VPNs are incredibly useful and extremely easy to deploy for an extra layer of VoIP and network security in most countries that have severe wiretapping penalties in place.
PPTP VPNs also provide home-away-from-home transparency to home office network services. Simply stated, with a PPTP VPN, you get a private IP address on the XiVO PBX that lets you do almost anything you could have done sitting at a desk in the home office. PPTP VPNs probably won’t work on most OpenVZ platforms such as Wable and ImpactVPS. But they work great on virtual machines such as CloudAtCost and Digital Ocean. For a quick-and-dirty back door into your server, a PPTP VPN is hard to beat. Here’s how to set one up on your XiVO PBX using 128-bit encryption. Make up a very obscure username and password in the first two lines below:
PPTPUSER=somebodyspecial PPTPPASS=someverysecurepassword apt-get -y update apt-get -y install pptpd sed -i 's|#ms-dns 10.0.0.1|ms-dns 8.8.8.8|' /etc/ppp/pptpd-options sed -i 's|#ms-dns 10.0.0.2|ms-dns 8.8.4.4|' /etc/ppp/pptpd-options echo "localip 172.16.16.100" >> /etc/pptpd.conf echo "remoteip 172.16.16.101-199" >> /etc/pptpd.conf echo "$PPTPUSER pptpd $PPTPPASS *" >> /etc/ppp/chap-secrets /etc/init.d/pptpd restart # show logged in PPTP users last | grep ppp
Connect to your PPTP server from a Windows or Mac in the usual PPTP way. Once connected, you will be assigned an IP address in the range of 172.16.16.101-199. You then can access your XiVO PBX on the following IP address: 172.16.16.100.
Everything You Need to Know About XiVO Backups
Another feature of XiVO that separates the men from the boys is its documentation. In the case of backups, you’ll find everything you need to know here. All backups are stored on your XiVO server’s local drive in /var/backups/xivo. Be sure you have ample storage space available and, if you’re smart, you’ll copy both data.tgz and db.tgz from the local drive to a safe remote location periodically just in case disaster strikes. The documentation shows you how to quickly restore a backup should that ever become necessary.
Upgrading XiVO to the Latest Release
The XiVO development cycle is nothing short of miraculous. A new version is released every three weeks! The average time to close a bug has dropped from 315 days in 2009 to 28 days in 2012! You’ll probably want to keep your system current. 🙂
Upgrading XiVO is even easier than restoring a backup. Upgrade documentation is available here. Because we’ve added the Travelin’ Man 3 firewall, we recommend stopping IPtables during an upgrade and then restarting it when you’re finished. Your phone system is disabled during the upgrade. When upgrading XiVO, remember to also upgrade all associated XiVO Clients. Be sure to verify that things are back to normal once the upgrade procedure is completed: xivo-service status.
The commands to upgrade your XiVO PBX are as follows:
/etc/init.d/netfilter-persistent stop xivo-upgrade iptables-restart # restore Incredible PBX module and ODBC configuration cp -p /etc/asterisk/modules.conf.dpkg-old /etc/asterisk/modules.conf cp -p /etc/asterisk/res_odbc.conf.dpkg-old /etc/asterisk/res_odbc.conf xivo-service restart # code below reactivates Incredible PBX web apps cd / wget http://incrediblepbx.com/incredible-nginx.tar.gz tar zxvf incredible-nginx.tar.gz rm -f incredible-nginx.tar.gz /etc/init.d/nginx restart
Google Voice CLI and SMS Messaging Support
Thanks to Nick Pettazzoni, beginning with the August 29, 2016 release of Incredible PBX for XiVO, you now can take advantage of the pygooglevoice implementation of gvoice as well as Nerd Vittles’ SMS messaging and message blasting utilities. If you’re using an earlier release, it’s easy to add this functionality to your server as well:
cd /root wget http://incrediblepbx.com/install-gv-cli chmod +x install-gv-cli ./install-gv-cli
Be advised that the Google Voice CLI interface (gvoice) uses plain-text Google Voice passwords, not OAuth. Before most Google Voice accounts will work with gvoice and smsblast, you’ll need to do the following and then immediately login to gvoice from the Linux CLI at least once to mark your account as safe for access from this location. Here are the steps:
- Log in to the Gmail account you plan to use with gvoice
- While logged in, open a new browser tab to this site and enable Less Secure Apps
- Open another browser tab and enable the Google Reset procedure here
- Return immediately to the Linux CLI and login to gvoice
Creating an SMS Message Blast with XiVO
Here’s how to take advantage of SMS Message Blasting using a Google Voice account with Incredible PBX for XiVO. Log into your server as root and do the following:
- Edit /root/smsmsg.txt and insert the text message to be sent
- Edit /root/smslist.txt and create a list of the phone numbers to receive the SMS message
- Edit /root/smsblast and insert your gvoice username and password
- Run /root/smsblast to kick off the SMS Blast
Incredible PBX Application Quick Start Guide
Here’s a quick refresher on some of the Incredible PBX applications that have been installed. There’s also a link for more information. This remains a work-in-progress so expect more applications in coming weeks.
- CallerID Superfecta – Match Names to CallerID Numbers
- CallerID Blacklist – Block Calls from Spammers and Old Girlfriends
- CDR Reports in CSV Format
- CDR Reports in SQLite3 Format
- Asteridex – The Poor Man’s Rolodex (SQLite3 version)
- AsteriDex Click-to-Dial with XiVO Phonebook
- NeoRouter VPN for XiVO
- FCC RoboCall BlackList
- CallerID WhiteList Override
- Install Siri-Like Wolfram Alpha Module
- Dial 123 – Telephone Reminders
- Dial 411 – Call by Name from AsteriDex
- Dial 947 – Weather Forecasts by ZIP Code
- Dial 951 – Latest Yahoo News
- Dial 2663 – Conference Call
- Dial 3472 – DISA Access
- Dial 4871 – Allison’s Sample IVR
- Dial 53669 – Meet Lenny, the Robocaller’s Worst Nightmare
XiVO and Incredible PBX Dial Code Cheat Sheets
Complete XiVO documentation is available here. But here are two cheat sheets in PDF format for XiVO Star Codes and Incredible PBX Dial Codes. See also the previous 7 Nerd Vittles XiVO tutorials, all of which are listed below. Enjoy!
Taking Nerd Vittles’ XiVO IVR for a Test Drive
There’s a Demo IVR running at www.pacificnx.com on their XenServer virtualization platform. Scott McCarthy, a leading outside XiVO developer and a principal at PacificNX, advises they have a $50 a month GOLD platform specifically tailored to XiVO for those needing 99.999% reliability, 24/7 support with nightly backups and enterprise level firewalls that have intelligence to stop attacks and look for viruses, spyware and more. That’s what you’ll be hearing when you call the Nerd Vittles Demo IVR:
Nerd Vittles Demo IVR Options
1 – Call by Name (say "Delta Airlines" or "American Airlines" to try it out)
2 – MeetMe Conference
3 – Wolfram Alpha (Coming Soon!)
4 – Lenny (The Telemarketer’s Worst Nightmare)
5 – Today’s News Headlines
6 – Weather Forecast (enter a 5-digit ZIP code)
7 – Today in History (Coming Soon!)
8 – Speak to a Real Person (or maybe just Lenny if we’re out)
Don’t Stop Reading Just Yet. We’ve been busy since this article was first published in June, 2016. Continue reading about the latest developments including XiVO Snapshots.
Published: Monday, June 27, 2016 Updated: Regularly
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
Security 101: A Fresh Look at Incredible PBX Security Audit Methodology
Incredible PBX remains one of the most secure VoIP server platforms on the planet for one simple reason. We always deploy a preconfigured Linux IPtables firewall with a whitelist that hides your server from everyone except you and trusted VoIP providers. IPtables is automatically configured and deployed as part of every initial install of Incredible PBX regardless of your platform. This includes XiVO with Debian 8 as well as CentOS 6 and 7, Ubuntu 14.04, Raspbian 7 and 8, and even SHMZ OS (not recommended). If your server happens to be housed behind a hardware-based firewall as well, then so much the better. That obviously isn’t possible with most Cloud-based servers so IPtables firewall security is a must.
Unlike most other VoIP server platforms, we don’t leave firewall configuration to chance. Nor do we assume you’re a firewall expert. It really doesn’t matter whether you are or not, you still need a server platform that is secure and protected. So we do it for you initially and, if you are a firewall expert or study to become one, you then can modify the default settings to meet your own requirements down the road. In the meantime, you and your server are protected.
As you probably have surmised, we conduct periodic security audits of our servers testing for vulnerabilities. And we perform these audits locally as well as remotely using servers we’ve deployed throughout the world. We also deploy honeypot servers from time to time in order to gather important information about what the bad guys are up to. With as many platforms as Incredible PBX now supports, just conducting local and remote security audits is no small feat.
Today we want to share some of the methodology we use in conducting our audits, and we’ll provide the results of our most recent remote security audit. We encourage everyone with a VoIP server, whether it’s Incredible PBX or some other platform, to periodically test your server(s) for vulnerabilities AND access. It not only could save you thousands of dollars, but it also protects the rest of us by assuring that you haven’t inadvertently provided malicious individuals with a zombie platform from which to launch denial of service and spam attacks against the Internet community. So let’s get started.
The first step in testing your server is to log into your server as root using SSH or Putty from multiple IP addresses. These sites should include logins from the home base of your server if it’s a dedicated machine, from your home PC, from a neighbor’s PC, from a public WiFi hotspot, and from your smartphone as well as someone else’s. If you gain access from all of these sites, you’ve got a problem. It means SSH access is not protected in any way on your server. While SSH is relatively secure, it has had its share of problems. And zero day vulnerabilities are regularly discovered in various Linux utilities so exposing all of your server’s important resources to the Internet is a very bad idea.
The second test deciphers the existing firewall rules that have been activated on your server: iptables -nL. If the results look like the following, you’ve got a major problem. It means there are no firewall rules blocking any access to your server:
root@incrediblepbx:~ $ iptables -nL Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination
Next, reboot your server and repeat the first two tests to make certain that your firewall still is activated properly whenever your server experiences a power outage and comes back on line.
If your firewall is not running, try issuing the command, iptables-restart, and then retest: iptables -nL. If you get the same results shown above, then something has come unglued. Here’s how to easily fix things up. First, move to the directory where the iptables rules are stored on your server. For CentOS/SL/RHEL, it’s /etc/sysconfig. For Debian/Ubuntu/Raspbian, it’s /etc/iptables.
Next, copy the default Incredible PBX firewall settings to the proper file location.
For CentOS/SL/RHEL platforms:
cp -p /etc/sysconfig/rules.v4.ubuntu14 /etc/sysconfig/iptables cp -p /etc/sysconfig/rules.v6.ubuntu14 /etc/sysconfig/ip6tables
For Debian/Ubuntu/Raspbian platforms:
cp -p /etc/iptables/rules.v4.ubuntu14 /etc/iptables/rules.v4 cp -p /etc/iptables/rules.v6.ubuntu14 /etc/iptables/rules.v6
Next, edit iptables (CentOS/SL/RHEL) or rules.v4 (Debian/Ubuntu/Raspbian) and move to the bottom of the file where you’ll find a section that looks like this:
# The IP addresses are your server, user, and public addresses respectively -A INPUT -s 8.8.4.4 -j ACCEPT -A INPUT -s 8.8.8.8 -j ACCEPT -A INPUT -s 74.86.213.25 -j ACCEPT
Replace the existing IP addresses with the actual IP addresses of your server, user workstation, and public IP address. Be very careful here. If you don’t whitelist the IP address of the machine on which you are performing these tasks, you will lock yourself out when you restart your firewall. Once you’ve made the changes, save the file.
Finally, restart IPtables using the following command: iptables-restart. Then retest: iptables -nL.
We’re not going to spend a lot of time addressing what the proper firewall rules for your VoIP server should be. If you’re interested, you can take a look at the IPtables firewall setup that is deployed with Incredible PBX. On RHEL/CentOS/SL servers, you’ll find the firewall rules in /etc/sysconfig/iptables. On Debian/Ubuntu/Raspbian servers, the rules are in /etc/iptables/rules.v4. Suffice it to say that, if the only remote access required with your server is to connect to VoIP service providers, there is no reason to expose your web server or your SIP ports to the Internet, period. And this is true whether your server is sitting behind a hardware-based firewall or not.
The Incredible PBX security design uses a whitelist to provide access to most network services other than those that are absolutely essential to the operation of your server. The reason we use a whitelist is because blacklists don’t work. Those interested in doing harm to your server are perfectly capable of altering their IP addresses until they find one that isn’t blacklisted. And they also are adept at poisoning blacklists with IP addresses that are absolutely essential to the operation of your server, e.g. DNS servers and NTP servers.
As part of every Incredible PBX firewall install, we provide SIP and IAX access to many of the major VoIP providers around the globe. You may be wondering why we use IP addresses for providers rather than fully-qualified domain names. The reason is that IPtables doesn’t directly support FQDNs. Instead, when IPtables starts up, it looks up every FQDN and converts it into an IP address. If a server matching the FQDN happens to be off line, IPtables crashes and burns. The same is true if the lookup is attempted before DNS services are running on your server. So, the short answer to why we use IP addresses is because it is safer. The downside, of course, is you can’t eyeball the IP address and decipher to whom it belongs. If you ever have any doubt about the identity of the provider associated with any specific IP address, there’s a simple utility you can run to identify its owner: nslookup 178.63.143.236.
Here is a list of the providers included in the default Incredible PBX whitelist. Others can be added using the add-ip and add-fqdn utilities in /root. If you use FQDNs, be sure to add the entries to /root/ipchecker so that your IP addresses are periodically checked and updated when necessary. This is especially important for dynamic IP addresses at remote locations.
outbound1.vitelity.net inbound1.vitelity.net atlanta.voip.ms chicago.voip.ms dallas.voip.ms houston.voip.ms losangeles.voip.ms newyork.voip.ms seattle.voip.ms tampa.voip.ms montreal.voip.ms montreal2.voip.ms toronto.voip.ms toronto2.voip.ms london.voip.ms didforsale.com callcentric.com sipgate.com chi-in.voipstreet.com did.voip.les.net magnum.axvoice.com proxy.sipthor.net sip.voipwelcome.com incoming.future-nine.com outgoing.future-nine.com DEN.teliax.net LAX.teliax.net NYC.teliax.net ATL.teliax.net IPkall (defunct) used two IP addresses: 66.54.140.46 and 66.54.140.47 gvgw1.simonics.com sip2sip.info googlelabs.com talk.google.com gmail.com
The major drawbacks to firewall whitelists are (1) you can inadvertently lock yourself out of your own server and (2) someone that needs access to your server from remote locations may have more difficulty connecting without intervention by a network administrator to authorize remote access. With Incredible PBX, we’ve provided some tools to ease the pain. First, Incredible PBX is deployed with both the PPTP and NeoRouter VPN platforms already in place. With a VPN IP address, remote logins are minimized because they work from almost anywhere. Second, Incredible PBX includes the PortKnocker utility which lets a remote user "knock" on the server using three randomly assigned port numbers to gain temporary access. Many Incredible PBX platforms also support Travelin’ Man 4 which lets you authorize remote access by telephone. You also need to test remote VPN, PortKnocker, and Travelin’ Man 4 access as part of your security audits.
Testing for vulnerabilities is only half of the puzzle. Also make certain that your server has the proper Linux tools in place to allow you to whitelist additional IP addresses so that remote users can deploy phones or gain access to your server when necessary. Try to run the nslookup and dig utilities to verify that they are installed on your server. If not, install them with yum install bind-utils (CentOS/SL/RHEL) or apt-get install dnsutils (Debian/Ubuntu/Raspbian).
Security Audit Results. We’re pleased to report that no vulnerabilities were identified in any of the Incredible PBX platforms; however, good security practices dictate that the IPkall IP addresses should probably be removed from the whitelist now that the company has ceased providing VoIP services.
For CentOS/SL/RHEL platforms:
sed -i '/66.54.140.46/d' /etc/sysconfig/iptables sed -i '/66.54.140.47/d' /etc/sysconfig/iptables sed -i '/66.54.140.46/d' /etc/sysconfig/rules.v4.ubuntu14 sed -i '/66.54.140.47/d' /etc/sysconfig/rules.v4.ubuntu14 iptables-restart
For Debian/Ubuntu/Raspbian platforms:
sed -i '/66.54.140.46/d' /etc/iptables/rules.v4 sed -i '/66.54.140.47/d' /etc/iptables/rules.v4 sed -i '/66.54.140.46/d' /etc/iptables/rules.v4.ubuntu14 sed -i '/66.54.140.47/d' /etc/iptables/rules.v4.ubuntu14 iptables-restart
We did identify a couple of access anomalies that kept the add-ip and add-fqdn utilities in /root from functioning properly. These glitches meant that a few administrators could not easily add remote IP addresses to their whitelists. Three fixes are recommended. First, be sure the utilities documented in the previous paragraph are installed on your server. Second, on CentOS/SL/RHEL platforms or servers installed using the Incredible PBX ISO, issue the following commands after logging into your server as root:
sed -i 's|/etc/iptables/rules.v4|/etc/sysconfig/iptables|' /root/add-ip sed -i 's|/etc/iptables/rules.v4|/etc/sysconfig/iptables|' /root/add-fqdn
Third, for Incredible PBX deployments on the CentOS 7 platform, issue these commands while logged in as root:
chattr -i /root/add-ip sed -i 's|iptables-persistent|iptables|' /root/add-ip chattr +i /root/add-ip
Be safe!
Originally published: Tuesday, August 9, 2016
Go For the Gold: Incredible PBX for XiVO, CentOS, Ubuntu, or Raspbian. https://t.co/zZDnO8OUVt #asterisk #NoGotchas pic.twitter.com/wv3KkuMJha
— Ward Mundy (@NerdUno) August 8, 2016
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
Incredible PBX for CentOS 7: A Free Cloud Server for 4 Months
[iframe-popup id="4″]
We don’t want anyone to think Incredible PBX is a one-trick pony. 2016 is all about choices and Gotcha-Free VoIP alternatives. We spent last week in the mountains taking a careful look at Ubuntu 16.04 and CentOS 7. Despite the promises that LTS releases of Ubuntu wouldn’t break things that used to work, Ubuntu 16.04 breaks things. Specifically, ODBC as we know it is non-existent. And MySQL is a very different beast with InnoDB now a mandatory component. Those were deal-breakers for us because we no longer could load Incredible PBX database snapshots and because current ODBC code won’t work at all. We had much better luck with CentOS 7, and today we’re pleased to introduce Incredible PBX for CentOS 7.
Some still consider CentOS 7 to be an experimental platform, and we want to take the guesswork out of the equation. So we’re offering up a free cloud platform until December to let you kick the tires. It won’t impact your production servers while letting you explore the possibilities offered by another state-of-the-art Asterisk 13 platform. No, your server won’t blow up when you add a new module. No, Asterisk won’t refuse to start because you chose to upgrade an existing component. No, you won’t be Nickle and Dimed into buying critical platform enhancements. And, no, you won’t be charged hundreds of dollars for "support" only to be told that you need to switch to a more proprietary platform. XiVO remains our platform of choice, but to each his own. You can’t teach some old dogs new tricks so today’s Incredible PBX release is for you. 🙂
There’s more good news. VULTR is a relatively new cloud provider that now hosts virtual machines in over a dozen cities around the world. For new subscribers, they are offering a $20 credit when you sign up using our referral link. And, yes, your registration provides a few shekels to Nerd Vittles to keep the lights on. The great news is that $20 buys you a full four months of Incredible PBX cloud hosting service. You won’t find a better do-it-yourself platform at any price, let alone free.
Building the CentOS 7 Platform at Vultr for Incredible PBX
The first step in your CentOS 7 adventure is to sign up for a Vultr account with your $20 credit using the Nerd Vittles referral link. Once you’ve done that, it’s time to build your CentOS 7 virtual machine to host Incredible PBX in the Cloud. (1) Choose your favorite city to host your server, (2) pick the CentOS 7 64-bit platform (only!), and (3) choose the $5/month server size. Feel free to leave the Server Hostname & Label blank.
Once your virtual machine is up and running, log in with SSH or Putty using the IP address and root password provided. Do NOT install Incredible PBX from the console, or you will lock yourself out of your own server! Change your root password immediately: passwd.
Installing Incredible PBX for CentOS 7 in the Vultr Cloud
While still logged into your server as root using SSH/Putty, issue the following commands to get started. This will set up a swap file and then kick off the Incredible PBX installer:
cd /root wget http://incrediblepbx.com/incrediblepbx13-12.2-centos.tar.gz tar zxvf incrediblepbx* ./create-swapfile-DO ./IncrediblePBX*
The initial setup brings your CentOS 7 server up to current specs, and then the virtual machine will reboot at about the 10 minute mark. After rebooting, log into your server again as root with your new root password. Issue the following command to complete the Incredible PBX installation:
./IncrediblePBX*
Along the way, you may be prompted once or twice to enter information. Just press the ENTER key to accept the defaults. When the installation finishes in about 20 minutes, press the ENTER key to reboot your server and activate the Travelin’ Man 3 firewall. Then log back in as root. Perform the following steps to finish things up and set your passwords:
Make your root password very secure: passwd
Create admin password for GUI access: /root/admin-pw-change
Set your correct time zone: /root/timezone-setup
Create admin password for web apps: htpasswd /etc/pbx/wwwpasswd admin
Make a copy of your Knock codes: cat /root/knock.FAQ
Decipher IP address and other info about your server: status
Now you’re ready to switch to a web browser to finish the setup. Complete the steps using our brief tutorial. Enjoy!
Originally published: Tuesday, August 2, 2016
9 Countries Have Never Visited Nerd Vittles. Got a Friend in Any of Them https://t.co/wMfmlhiQ9y #asterisk #freepbx pic.twitter.com/TPFGZbqWB6
— Ward Mundy (@NerdUno) April 22, 2016
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…