Home » Posts tagged 'pbx' (Page 4)

Tag Archives: pbx

The Most Versatile VoIP Provider: FREE PORTING

The Incredible PBX: Adding Multiple Google Voice Trunks

blankAbout the only drawback to Google Voice's free U.S. and Canada calling with the Incredible PBX has been the fact that you could only make one outbound call at a time... at least on Google's nickel. So today we'll fix that, and you can enjoy simultaneous outbound calls using as many Google Voice trunks as you have signed up for. If you're in the U.S., you're eligible and no invitation is required. Just head over to the Google Voice site to register.

Today's Incredible PBX enhancement also will permit you to set up multiple inbound DIDs for different area codes across the country which may save your out-of-town friends and relatives a little change when they want to contact you. And to think we had $200 a month phone bills in our college days just to call the hometown honey. The wonders of modern technology!

Prerequisites. Here's what you'll need to get started today. First, you need a functioning Incredible PBX. So start by installing Incredible PBX. Second, you'll need a second Google Voice account. And finally, you'll need an additional SIPgate One number.

Installation Assumptions. We'll walk you through the steps to get a second account activated with the Incredible PBX. If you need more than two, just repeat the steps below and substitute a new number for 2 in every step. As with baking cookies, if you skip a step, the cookies taste like crap. 🙂 For security reasons, we're using an additional SIPgate One account for the second setup. This avoids having to open up SIP access in your firewall which would require additional locking down of IPtables to specific SIP IP addresses.

Setting Up New SIPgate and Google Voice Accounts. As was true with the initial Incredible PBX setup, the first steps in activating a second line are to create and configure your SIPgate account and then tie that number into your new Google Voice account. For ease of reference, we've repeated below the pertinent portions of the original Nerd Vittles article.

blankConfiguring SIPgate. If you live in the U.S. and have a cellphone, we'd recommend the SIPgate option since no adjustment of your hardware-based firewall is required. Otherwise, skip to the IPkall setup below. Step #1 is to request a SIPgate invite at this link. You'll need to enter your U.S. cellphone number to receive the SMS message with your invitation code. Don't worry. You can erase your cellphone number from your account once it is set up and working properly. Once you receive the invite code, enter it and choose the option to set up a residential account. Next, choose a phone number and write it down. The area code really doesn't matter because Google Voice is the only one that will be calling this number after we get things set up. For now, leave your cellphone number in place so that you can receive your confirmation call from Google Voice in the next step. After that, you'll want to revisit SIPgate and remove all parallel calling numbers. Finally, click on the Settings link and write down your SIP ID and SIP Password. You'll need these in a few minutes to complete the configuration of The Incredible PBX. Now place a call to your new SIPgate number and make certain that your cellphone rings before proceeding.

blankConfiguring Google Voice. Once you've signed up for a new Google Voice account, choose a telephone number and plug in your new SIPgate number as the destination for your Google Voice calls and choose Office as the Phone Type.

Google Voice will place a test call to your number which SIPgate will forward to your cellphone. Enter the two-digit code that's displayed when you're prompted to do so.

While you're still in Google Voice Settings, click on the Calls tab. Make sure your settings match these:

  • Call Screening - OFF
  • Call Presentation - OFF
  • Caller ID (In) - Display Caller's Number
  • Caller ID (Out) - Don't Change Anything
  • Do Not Disturb - OFF

Click Save Changes once you adjust your settings. Under the Voicemail tab, plug in your email address so you get notified of new voicemails. Down the road, receipt of a Google Voice voicemail will be a big hint that something has come unglued on your PBX.

Once you've confirmed your Google Voice number, revisit SIPgate and remove all parallel calling numbers including your cell number. Be sure you've written down your SIPid and SIPpassword while you're there!

FreePBX Overview. Don't be intimidated by the FreePBX setup instructions which follow. All we're really doing is cloning the original pieces of information that made Google Voice work in the initial Incredible PBX setup. For most of the items, we'll just tack a 2 onto the names previously used. Nothing prevents your adding 3, 4, and 5 accounts down the road if you have additional Google Voice and SIPgate accounts to support each iteration.

To begin, use a web browser to open FreePBX on your Incredible PBX. Using the actual private IP address of your server, go to the following link: http://192.168.0.33/admin.

Adding Parking Lot Slots. As originally configured, the Incredible PBX provides 5 parking lot slots for use on your PBX. These are numbers that let you temporarily "park" calls so that they can be picked up on another extension. One of those slots (75) is used by the Incredible PBX to place outbound Google Voice calls. If you want the ability to place simultaneous outbound Google Voice calls using multiple trunks, then we need additional parking lot slots for each simultaneous call. We recommend bumping up the number of parking lot slots from 5 to 9. Then you can use 75-79 for up to 5 simultaneous outbound calls with Google Voice. Here's how. In FreePBX, choose Setup, Parking Lot, Number of Slots: 9. Your entries should look like this screen shot:

blank

When you've made the change, click Submit Changes, Apply Configuration Changes, Continue with Reload.

Creating Additional Custom Destinations. You'll recall that Google Voice actually places two calls when you make an outbound call. First, Google Voice calls you back. Then Google Voice places a call to your desired destination. The callback to you is handled transparently in Incredible PBX using pygooglevoice and Asterisk®'s parking lot feature. To handle multiple simultaneous calls, you'll need additional custom destinations. Here's how. In FreePBX, choose Tools, Custom Destinations, Add Custom Destination. Then make your new entries for custom-park2 look like this:

blank

When you've made the entries and carefully checked them, click Submit Changes, Apply Configuration Changes, Continue with Reload.

Creating Additional Inbound Routes. Now we need an additional Inbound Route to handle the second incoming call generated by Google Voice. Here's how. In FreePBX, choose Setup, Inbound Routes, Add Incoming Route, gv-ringback2. Make the entries shown in the screenshot below substituting your 10-digit SIPgate/IPkall and Google Voice numbers in the appropriate fields. Be sure to choose Custom GV-Park2 as the Custom Destination for this Inbound Route. Check your entries carefully, a typo here will kill completion of the calls!

blank

When you've made the entries and carefully checked them, click Submit, Apply Configuration Changes, Continue with Reload.

Creating Additional Custom Trunks. With every telephony provider, Asterisk needs a Trunk. In the case of Google Voice, we need a Custom Trunk for each Google Voice number to be used on your Incredible PBX. Think of a trunk as the bucket where Asterisk dumps an outbound call for processing. Two calls require two buckets. Three calls, three buckets. And so on. Well, that's almost true. Some providers can handle multiple calls, but Google Voice doesn't. So we need to make two changes in your trunk setup. First, we'll adjust the original Custom Trunk for Google Voice and limit it to one simultaneous call at a time. Then, we'll add a new Custom Trunk to support the second Google Voice account. Here's how.

In FreePBX, choose Setup, Trunks. In the right column, you'll see a list of all your existing trunks. Click on the second entry that looks like this: local/$OUTNUM$@ (custom). Be sure the Custom Dial String looks like what is shown below. If not, choose another trunk until you find the right one. Then make an entry of 1 in the Maximum Channels field:

blank

When you've made the entry and carefully checked it, click Submit Changes, Apply Configuration Changes, Continue with Reload.

Now we're ready to Add the additional Custom Trunk. In FreePBX, choose Setup, Trunks, Add Custom Trunk. Make your entries look like what's shown below:

blank

When you've made the Maximum Channels and Custom Dial String entries shown above and carefully checked them, click Submit Changes, Apply Configuration Changes, Continue with Reload.

Creating Additional Outbound Routes. FreePBX uses Outbound Routes to do just what the name implies: to route outbound calls to their destination. Outbound Routes are processed in the order in which they appear in the FreePBX Outbound Routes listing. We need to make three changes in the Outbound Routes processing to support a second Google Voice call path. First, we want to modify the existing Default Outbound Route to accommodate the second Google Voice account. Second, we want to add a new Outbound Route for the second Google Voice account so that calls can be placed directly with this route using a different dialing prefix. You'll recall that Google Voice calls in the Incredible PBX can optionally be dialed using the 48 prefix followed by a 10-digit number. The 48 spells GV on the phone key pad. So we'll add a new Outbound Route with a 482 (GV2) prefix which will tell Asterisk to route these calls out using the second Google Voice account. These prefixes can be anything you desire incidentally. Third, we'll need to move this new route UP the routes list so that it appears above and gets processed before the Default route. Here's how.

In FreePBX, choose Setup, Outbound Routes, Default. In the blank Trunk Sequence pulldown, choose the following entry: local/$OUTNUM#@custom-gv2. Now click the Add button. This should leave you with 3 outbound routes numbered 0, 1, and 2. Be sure your entries match the following:

blank

When you've made the entry and carefully checked it, click Submit Changes, Apply Configuration Changes, Continue with Reload.

Now we're ready to add a new Outbound Route to support a custom dialing prefix for the second Google Voice account. In FreePBX, choose Setup, Outbound Routes. In the Add Route form, make the following entries:

blank

When you've made the entries, click Submit Changes, Apply Configuration Changes, Continue with Reload.

Finally, look at the listing of Routes in the Right Margin. Using the arrow beside GoogleVoice2, move it up until it is just beneath the GoogleVoice entry. Then click Apply Config Changes, Continue with Reload.

Adding Additional SIPgate Trunks. If you set up your Incredible PBX originally using IPkall, then there already will be a sipgate trunk that can be used for this second line. Otherwise, you'll need to create a new sipgate2 trunk and clone the setup from the original sipgate trunk. Within FreePBX, goto Setup, Trunks and either Add a new SIP trunk or edit the existing sipgate trunk if it isn't already in use. If this is a newly added trunk, enter sipgate2 as the Trunk Name. The PEER Details under Outgoing Settings should be added so they look like this (substituting your actual SIPid and SIPpassword that were obtained from the SIPgate registration page:

type=peer
username=SIPid
fromuser=SIPid
secret=SIPpassword
context=from-trunk
host=sipgate.com
fromdomain=sipgate.com
insecure=very
caninvite=no
canreinvite=no
nat=yes
disallow=all
allow=ulaw&alaw

Blank out any data that's entered in the Incoming Settings section of the form. Then enter a Registration String with your actual SIPid, SIPpassword, and 10-digit SIPgate phone number:

SIPid:SIPpassword@sipgate.com/SIPphonenumber

Check your entries carefully for typos. Then click Submit Changes, Apply Configuration Changes, Continue with Reload.

Now is a good time to check and be sure the new SIPgate trunk registered with SIPgate. In FreePBX, choose Tools, Asterisk Info, SIP Info. Your newly created SIPgate trunk should display as Registered. If it says Request Sent, then you've got a typo in your credentials.

That takes care of all the FreePBX settings needed to support a second Google Voice number. Now we just need to add a chunk of dialplan code to Asterisk and restart Asterisk. Then you'll be ready to go. All of this is handled by a simple Nerd Vittles script so... not to worry! It's easy.

Adding Dialplan Code for Additional Trunks. Log into your server as root, and issue the following commands to download and run the dialplan configuration script. For future reference, be advised that there are configuration scripts for gv2, gv3, gv4, and gv5 with corresponding names.

cd /root
wget http://incrediblepbx.com/configure-gv2
chmod +x configure-gv2
./configure-gv2

When prompted, enter your 10-digit Google Voice phone number, your Google Voice email address, your Google Voice password, and your 10-digit SIPgate RingBack number. Check your work and then press the Enter key to adjust your dialplan and reload Asterisk. You now have a 2-line Incredible PBX. Enjoy!

The Incredible PBX: Basic Installation Guide

Adding Skype to The Incredible PBX

Adding Incredible Backup... and Restore to The Incredible PBX

Adding Remotes, Preserving Security with The Incredible PBX

Remote Phone Meets Travelin' Man with The Incredible PBX

Continue reading Basic Installation Guide, Part II.

Continue reading Basic Installation Guide, Part III.

Continue reading Basic Installation Guide, Part IV.

blankSupport Issues. With any application as sophisticated as this one, you're bound to have questions. Blog comments are a terrible place to handle support issues although we welcome general comments about our articles and software. If you have particular support issues, we encourage you to get actively involved in the PBX in a Flash Forums. It's the best Asterisk tech support site in the business, and it's all free! We maintain a thread with the latest Patches and Bug Fixes for Incredible PBX. Please have a look. Unlike some forums, ours is extremely friendly and is supported by literally hundreds of Asterisk gurus and thousands of ordinary users just like you. So you won't have to wait long for an answer to your questions.


blank
Need help with Asterisk? Visit the PBX in a Flash Forum.
Or Try the New, Free PBX in a Flash Conference Bridge.


whos.amung.us If you're wondering what your fellow man is reading on Nerd Vittles these days, wonder no more. Visit our new whos.amung.us statistical web site and check out what's happening. It's a terrific resource both for us and for you.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

blankBOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

blankThe lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

blankVitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

blankSpecial Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 


Some Recent Nerd Vittles Articles of Interest...

Free U.S. & Canada Calls: Google Voice Dialer for Windows

There now are a number of ways to make free calls to anyone in the U.S. and Canada using Google Voice without having to jump through the hoops of calling into your voicemail and having Google Voice call you back. There’s our Asterisk® implementation using pygooglevoice which lets you transparently place calls through Google Voice using any phone connected to your PBX in a Flash system. You also can set up a Sip Sorcery account and make free calls through that interface using a SIP phone. And now there’s Dogface05’s stand-alone Dialer for Windows that lets you place calls from the Windows command line in seconds. Because this is such a simple alternative, everyone should add it to their Windows toolkit. Here’s how.

Prerequisites. You’ll obviously need a Google Voice account. If you don’t have one, just register for an invite. Next, you’ll need a phone number to use for placing the outbound calls. And, finally, you’ll need to download and install Dogface05’s dialer on your Windows system.

blankGoogle Voice Setup. Log into your Google Voice account and click Settings, Phones, Add Another Phone. Add the area code and phone number of the phone you’ll be using to place calls and mark it as an Office phone. You’ll have to go through Google’s confirmation drill to successfully register the number with Google Voice. After the number is confirmed, be sure there’s a check mark beside this Google Voice destination so that incoming calls to your GV number will be routed to this number.

While you’re still in the Google Voice Setup, click on the General tab. Uncheck Enable Call Screening. Turn Call Presentation Off. And set CallerID to Display Caller’s Number. Finally, uncheck Do Not Disturb. Now click the Save Changes button.

Dialer Setup for Windows. From your Windows machine, open a browser and download the Google Voice dialer to your Desktop. Unzip the downloaded file and drag gvdial.exe to your \windows directory so that it’s in your path.

blankPlacing a Call. Let’s first make sure everything is working properly. Open a command prompt window from the Windows Desktop and enter a dialing command using the following syntax:

gvdial username password destination ani [phonetype]

where:

  • username = your Google Voice email address
  • password = your Google Voice password
  • destination = 10-digit number of person to call
  • ani = your 10-digit phone number registered with Google Voice
  • phonetype = 3

The phonetype is actually optional and can be ignored unless you happen to be using a Gizmo number in which case it needs to be 7. Never enter the brackets. That merely signifies that the entry is optional.

Assuming your registered email address with Google Voice is joe@gmail.com, your password is secret, the number you wish to call is 6781234567, and your number is 4049876543, the dial string should look like this:

gvdial joe@gmail.com secret 6781234567 4049876543

Your phone should ring at this point, and Google Voice will complete the outbound call to 678-123-4567.

Creating Speed Dial Batch Files. Using Notepad, you now can create batch files for frequently dialed numbers. For example, the entry above could be saved in a batch file called joe.bat. Then simply create a desktop icon for Joe and link it to joe.bat. Double-click on the Joe icon whenever you wish to place a call to Joe. Here’s how the batch file might look:

echo off
cls
gvdial joe@gmail.com secret 6781234567 4049876543
echo Press ENTER key after the called party answers.
pause


Surfing the Google Wave. We’ve got a dozen Google Wave invites to give away during the next week. Just post a comment on any Nerd Vittles article, and we’ll put your name in the hat. Be sure to provide a Gmail address with your comment as this is required to take advantage of the Google Wave Preview. Here’s a sample for you to try once you have Google Wave credentials:


blank
Need help with Asterisk? Visit the PBX in a Flash Forum.
Or Try the New, Free PBX in a Flash Conference Bridge.


whos.amung.us If you’re wondering what your fellow man is reading on Nerd Vittles these days, wonder no more. Visit our new whos.amung.us statistical web site and check out what’s happening. It’s a terrific resource both for us and for you.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

blankBOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

blankThe lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

blankVitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

blankSpecial Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 


Some Recent Nerd Vittles Articles of Interest…

Welcome to IP Country: A New Layer of Asterisk Security

image courtesy of fail2ban.org One of the problems with writing a blog like Nerd Vittles is it's more than double the work of your typical blog where a writer pontificates about something and then moves on. What makes Nerd Vittles a little different is that, with help from a number of very gifted developers, we actually create useful applications and then write about how to use them. So you get a bonus for the same low price: free! This obviously imposes some time constraints in order to get fresh material into your hot little hands every week.

This week we turn our attention to Asterisk® Security again and unfortunately the Whole Enchilada is not yet ready. So today you get Chapter I of this topic with a comment that we're still mulling over some enhancements. When those pieces are finished or at least properly evaluated, we'll produce a sequel. Software houses spend years developing applications. And sometimes it takes us more than a week. 🙂

Let's start with a few observations which should be quite obvious to those who have wrestled with VoIP or Asterisk for a while. Internet security is a bitch. And Asterisk security is much, much worse. When a few disgruntled people can bring Twitter to its knees because they're mad about some particular tweet or Twitter user, it tells you what we're all up against. Hate to say it but we can all thank Microsoft for years of security neglect that rendered the Windows operating system less than optimum in preventing the spread and deployment of BOTs. And the tools have gotten more dangerous as well. Strangers (our euphemism for these folks) write new software, too. blank

If you're using PBX in a Flash (and you really should be!), you know that we've devoted enormous resources to Asterisk security. Two years ago when PBX in a Flash was introduced, the majority of people using Asterisk still were using 1234 as the extension password on all or most of their extensions. A couple $100,000 phone bills and lots of public education, and that situation hopefully is behind us. Two years ago, no Asterisk aggregation included a firewall... except PBX in a Flash. Believe it or not, there were individuals running Asterisk servers on the public Internet with a default root password of password. That added more than a few more BOTs to the Internet kettle of fish. Then there were the brute force password hacks that hit Asterisk servers thousands of times per minute guessing passwords. Nothing stood in the way of these attacks until PBX in a Flash introduced Fail2Ban which automatically blacklisted IP addresses after a certain number of failed login attempts. We followed Fail2Ban with our Atomic Flash product which provided a turnkey Hamachi VPN implementation for rock-solid safe remote computing. And, of course, there was a one-minute Hamachi VPN install script for standard PBX in a Flash systems. No other aggregation has it to this day.

The purpose of the history lesson isn't to crow about PBX in a Flash although we're mighty proud of it. Rather we wanted to make you aware that precious little development effort is actually going into security while enormous resources are devoted to things such as Internet faxing, Skype, and Google Voice integration. We'll be the first to admit that we love the latest gee whiz gizmos as much as anybody. But come on. A handful of us who do this purely for fun somehow manage to turn out loads of security enhancements while huge, for-profit companies are devoting virtually zero resources to making Asterisk, SIP, and the VoIP community safer. SIP is about as secure as whispering at a movie theater. Google releases Google Voice with SIP access protected by a 4-digit password. 🙄 That approach to security needs to change, or we're all going to wake up sorry one day soon. If this is preaching to the choir, then feel free to pass this article on to one of your brethren who has not yet seen the light! Start by reading our Primer on Asterisk Security.

If you have extremely secure passwords on your Asterisk extensions and trunks, and you have deployed a properly configured firewall with Fail2Ban to protect against brute force attacks, then you're ahead of the curve insofar as Asterisk security is concerned. But what we think is still missing is access restrictions based upon what the military calls a "need to know." Simply stated, it means folks shouldn't get access of any kind to your Asterisk server unless they have a need to be there. And, if we find someone there that doesn't belong, they should be kicked off and banned from further access.

So today we have a new security tool for your Asterisk toolbox: IP Country, country-based network filtering by IP address. In a nutshell, it means configuring your Asterisk server to dramatically reduce the number of IP addresses which can reach your server at all. If you receive anonymous SIP connections from all around the globe that you actually need or if you're attacked from a BOT running on grandma's Windows machine down the block, this may not work for you, but it's another tool in your quiver of arrows. For most servers, it has the potential to reduce the vulnerability from random outside threats substantially. It's taken a lot of research to come up with much of what follows, and we want to express our special thanks to Sandro Gauci and Joe Roper for their assistance. Some of this technology has been around for many years, but unfortunately it was expensive. So we also want to express our special appreciation to MaxMind for releasing their open source GeoLite Country database which is now free for downloading. That is the critical ingredient in much of what follows. So here's a word from our sponsor:

This product includes GeoLite data created by MaxMind, available from http://www.maxmind.com/.

Scope of Protection. An obvious question is just exactly what are we trying to protect. In our view, it's several things. First, we don't want strangers logging in to extensions on our server and making free calls around the globe using pilfered or hacked passwords. We also don't want strangers using our extensions to masquerade as us for any other purpose. Second, we don't want strangers randomly calling our server using SIP URI's that they've dreamed up. And third, we don't want strangers accessing any other applications on our server including SSH and FTP as well as web and email services.

IP Country Design. As with other security features in Asterisk, FreePBX, and IPtables, our implementation of IP Country uses permit and deny access tables that consist of authorized and unauthorized ranges of IP addresses. There's also a table with the latest GeoLite Country information which is used as the data source for your permit table. When a connection to the server is made, the IP address is checked against the permit table of authorized addresses. If there's no match, we'll consider the connection a stranger. If there is a match, then we'll check the deny table to make certain this particular IP address hasn't been banned. Unless you alter all of our scripts, your system must be using the default MySQL account name of root with a password of passw0rd. As configured in PBX in a Flash, this is NOT a security risk since MySQL access is limited to your server, and your server requires root credentials to log in.

Today's Objective. To get everyone started, we're going to tackle the first two objectives today. The solutions offered should work fine on any FreePBX-based Asterisk system... even those that hide the existence of FreePBX.

For outgoing calls, we'll introduce a new script which runs periodically to examine the IP addresses attached to every SIP and IAX extension and trunk on your Asterisk server. If a stranger's IP address is identified (as explained above), we'll add an IPtables firewall rule to permanently block access to your server from this IP address. These rules are stored in /etc/sysconfig/iptables should you ever need to remove an IP address that has been blocked. You can adjust the script execution frequency based upon the thickness of your wallet. After all, it's your phone bill. This functionality is mutually independent from the incoming call protection outlined below so you can use either or both of the functions to meet your own requirements. For systems that use enormous numbers of SIP URI's for communications around the globe, you might choose to implement just this piece for extension and trunk IP Country protection without altering your incoming dialplan at all. Keep in mind that FreePBX now supports permit and deny IP address filters on extensions, something you really should be using even if you decide against implementing the IP Country security protection layer.

For incoming calls, we're going to modify FreePBX's existing Blacklist functionality to also look up the calling IP address in our IP Country permit and deny tables. If the IP address is authorized, the call will go through. Otherwise, the call will be treated just as if the caller's number were blacklisted. Be aware that incoming calls to one of your commercial DIDs may reflect the IP address of your provider since the caller may be calling from a Plain Old Telephone rather than an IP address. The existing Blacklist functionality can be used to block these unwanted callers. If you live in the United States, you'll probably also want to call 888-382-1222 and place your DIDs in the Do Not Call database. Just call from a phone using the CallerID of the number you wish to block.

Installing GeoLite Country. To get started, log into your server as root and issue the following commands:

cd /
wget http://bestof.nerdvittles.com/applications/ipcountry/ipcountry.tgz
tar zxvf ipcountry.tgz
rm ipcountry.tgz
cd /root/ipcountry
./nv-ipcountry

Once the nv-ipcountry script begins to run, it will download and install the GeoLite Country database into MySQL. You then will be asked whether to add countries to your permit table. Since your permit table is empty at this point, the answer should be yes. You'll then get a list of country codes. Choose the two-character country code desired and type it in UPPERCASE, e.g. US. If you want to add one or more additional countries, just rerun ./nv-ipcountry and do NOT initialize the permit table (which erases all of its contents).

New GeoLite Country databases are released every month or two so get used to the procedure. You'll be using it periodically to keep your list of IP addresses current. We'll cover the update procedure after we get you up and running.

Remember: If no IP addresses for any country are added to the permit table, you will not be able to make calls or register trunks with your providers! The only default entries added to the permit table are the non-routable, private IP address ranges, e.g. 192.168.0, etc. The geolite table is merely a data repository of the latest GeoLite Country database and has no effect on the daily operation of your system! You use it only as a data source for populating your permit table.

Testing IP Country. Before we actually turn anything on, we need to be sure we're not going to blow your Asterisk system out of the water! In short, we want to make sure that every extension that's supposed to be able to make a connection to your PBX still can. And we need to make sure all of your trunk registrations still are working. While you're still in the /root/ipcountry directory, issue the following command: ./test.sh. This script will display all of your SIP and IAX connections and then will tell you whether each connection will pass muster with IP Country security in place. Each IP address should display ok. If any of them show ko, you have a problem. This means that you have an extension or trunk with an IP address that is not included in your permit table. You can scan through the show peers listings in the display to figure out which providers or extensions are associated with any problem IP addresses. Be sure it's not a bad guy first. Then you have a couple of options. You can either manually add the IP address to the permit table as outlined below. Or you can add additional countries which include the missing IP address(es). To decipher the country of any problem IP address, go to this link and plug in the IP address. Once you've made entries in your permit table to cover all of your needed IP addresses, run the test script again just to be sure everything shows ok. Do NOT proceed until you get all ok's, and don't write us if you do.

Manually Adding IP Addresses to IP Country. We've provided a command-line utility which makes it easy to add IP addresses and address ranges to either the permit or deny tables of IP Country. Be very careful using this tool! There's limited error-checking which means it's easy to create a mess. You'll find iputility.php in the /root/ipcountry folder. Since all IP addresses are stored as integers, you can use it to merely discover the integer value of an IP address, or you can actually insert IP addresses into either the permit or deny tables. Here are a few examples to show how the utility works:

./iputility.php 156.130.20.10
Returns the integer value for this IP address; no database update
./iputility.php 156.130.20.10 156.130.20.255
Returns integer values for this IP address range; no database update
./iputility.php 156.130.20.10 deny
Adds this IP address to IP Country deny table
./iputility.php 156.130.20.10 156.130.20.255 permit
Adds this address range to IP Country permit table)

A couple of points worth noting. First, all custom entries in your permit and deny tables using iputility will show a country code of AA. This makes them easy to find using phpMyAdmin if you make a mistake. Second, if you attempt to enter the same IP address range more than once, you'll get a database error since all entries in the tables must be unique. Third, remember that entries in the deny table take precedence over entries in the permit table. So, if the same IP address or address range is in both tables, access will be denied. The reason for this is to make it easy to exclude a few bad apples from a country that you might otherwise find unobjectionable. Finally, keep in mind that manual entries added to the permit table will have to be added again each time you initialize the table and insert new country IP codes after a GeoLite Country refresh. The deny table is unaffected by database refreshes. So make yourself a list of entries you manually insert into the permit table and keep it in a safe place for future reference.

Activating the IP Address Checker. In the /root/ipcountry directory, you'll find the script that we'll use to check your system periodically to be sure all of the extensions and trunks are registered at permitted IP addresses. To run the script manually, log into your server as root and type: /root/ipcountry/ip-checker.sh. When you run it, you shouldn't see any modifications to IPtables, just a string of ok's. So now we want to added the script as a cron job that will be run periodically to watch your system. Edit /etc/crontab and insert the following line at the bottom of the file:

*/1 * * * * /root/ipcountry/ip-checker.sh > /dev/null

*/1 means run the script once a minute, all day and night, every day. */5 means every 5 minutes. You make the call on how safe you'd like your system to be. If you'd like to receive an email or text message every time an IP address is blocked by ip-checker.sh, just edit the filecheck.php script, uncomment the two lines that begin with // and replace yourname@gmail.com with your email or text message address.

WARNING: For ip-checker.sh to work properly with IPtables, there are a couple of prerequisites. First, IPtables must be running on your system with the iptables file located in /etc/sysconfig. Second, your IPtables setup must include an SSH permit rule that looks like this:

-A INPUT -p tcp -m tcp --dport ssh -j ACCEPT

We use this rule as a place finder to determine where to insert new rules to block stranger's IP addresses. If you don't have the above rule, filecheck.php (used by ip-checker.sh) won't be able to insert new rules. So you'll need to manually edit filecheck.php to provide a "hook" that can be used to insert rules into your iptables file. PBX in a Flash systems come preconfigured to support this. With other aggregations, YMMV!

Activating the Incoming Call Checker. To screen incoming calls using your IP Country permit and deny tables, the setup is straight-forward assuming you are running the latest version of FreePBX 2.5. We're going to adjust the Blacklist context to also perform IP address lookups from IP Country when new calls arrive on your PBX. Just log into your server as root and add the following lines to the bottom of the extensions_override_freepbx.conf file in /etc/asterisk:

[app-blacklist-check]
include => app-blacklist-check-custom
exten => s,1,LookupBlacklist()
exten => s,n,GotoIf($["${LOOKUPBLSTATUS}"="FOUND"]?blacklisted)
exten => s,n,Set(TESTAT=${CUT(SIP_HEADER(From),@,2)})
exten => s,n,GotoIf($["${TESTAT}" != ""]?hasat)
exten => s,n,Set(FROM_IP=${CUT(CUT(SIP_HEADER(From),>,1),:,2)})
exten => s,n,Goto(gotip)
exten => s,n(hasat),Set(FROM_IP=${CUT(CUT(CUT(SIP_HEADER(From),@,2),>,1),:,1)})
exten => s,n(gotip),NoOp(Gateway IP is ${FROM_IP})
exten => s,n,NoOp(IP Country Lookup in Progress...)
; put authorized special calls like sipgate's Google Voice ringbacks below
exten => s,n,GotoIf($["${FROM_IP}"="sipgate.com"]?keepon)
exten => s,n,AGI(nv-ipcountry.php|${FROM_IP})
exten => s,n,GotoIf($["${STRANGER}"="true"]?blacklisted)
exten => s,n(keepon),NoOp(** AUTHORIZED CALLER **)
exten => s,n,Return()
exten => s,n(blacklisted),Answer
exten => s,n,Wait(1)
exten => s,n,Zapateller()
exten => s,n,Playback(ss-noservice)
exten => s,n,Hangup

Make sure you remove the line-wrap in the s,n(hasat) line and any others that may have wrapped in the display above! Then save the file and reload your Asterisk dialplan: asterisk -rx "dialplan reload". You're all set! If you'd like email notices when a stranger calls and is blacklisted, edit nv-ipcountry.php in /var/lib/asterisk/agi-bin. Plug in your actual email address in the $email variable and set $emailalerts = 1.

Housekeeping 101. As we mentioned above, the pool and location of IP addresses continues to change so periodic updates are necessary, or you'll end up blocking calls that otherwise should be permitted. MaxMind updates GeoLite Country on the first day of every month so add it to your TO-DO list. We strongly recommend that you perform these steps through an SSH connection from a remote PC. Why? Because, if you forget step 1 while logged directly into your server, you could inadvertently lock yourself out of your own system if the ip-checker script happens to run while your permit table is empty. If you do it from a remote machine, you can simply move to another machine and follow these instructions properly. Otherwise, you've got a serious problem on your main server. If this server provides phones to your business, do the update when the server is idle. So here's the drill:

  1. Comment out the ip-checker.sh /etc/crontab entry
  2. Download new GeoLite Country database from MaxMind
  3. Initialize the ipcountry.permit table
  4. Add authorized countries back into ipcountry.permit table
  5. Add back any custom entries to permit table
  6. Test your IP Country system to make sure you get all ok's
  7. Reactivate ip-checker.sh in /etc/crontab

1. Log into your server as root. To comment out the ip-checker.sh line in /etc/crontab, just add # as the first character on the line and save the file.

2. Change to the /root/ipcountry directory and run ./nv-GeoIPrefresh.

3. While still in the /root/ipcountry directory, run ./nv-ipcountry and choose 1-Yes to initialize your ipcountry.permit table.

4. Continue running or rerun ./nv-ipcountry to add each desired country to your ipcountry.permit table.

5. Run ./iputility.php to add custom IP address entries to your ipcountry.permit table. You do NOT need to reenter addresses in the deny table. It is unaffected by this update procedure.

6. Test your system again to make sure all extensions and trunks get an ok by running ./test.sh.

7. Edit /etc/crontab and remove the # at the beginning of the ip-checker.sh line and save the file.

What's Next. We're still exploring another possibility with IP Country, and that is integrating GeoLite Country directly into IPtables. This would validate every packet coming into your firewall using IP Country-like rules in IPtables. If you want to look at how it could be done, see this excellent writeup. Well, not so fast. Unfortunately, it won't compile under CentOS 5.2. Here's a link to the problem code if there are any Linux gurus in the house. Our reluctance in doing this has to do with performance. Keep in mind that, without stateful packet inspection, every single packet coming into your server would presumably trigger a database lookup. On a busy telephony system generating hundreds of thousands of packets per second, it would take a beast of a server with sufficient memory to cache the entire IP Country database in order to handle the processing load. So now we've got to either learn about or find an expert on the IPtables State Machine. If anyone wants to experiment, please share your expertise with the rest of us. There's a Google Voice invite in it for you, too.


whos.amung.us If you're wondering what your fellow man is reading on Nerd Vittles these days, wonder no more. Visit our new whos.amung.us statistical web site and check out what's happening. It's a terrific resource both for us and for you.


blank
Need help with Asterisk? Visit the PBX in a Flash Forum.
Or Try the New, Free PBX in a Flash Conference Bridge.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

blankBOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

blankThe lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

blankVitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

blankSpecial Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 


Some Recent Nerd Vittles Articles of Interest...

Introducing VPN in a Flash: The $499 Mobile Telephony Appliance with Asterisk

Aspire OneWe’ve spent a lot of time designing turnkey Asterisk®-based systems from the early Asterisk at Home days until the latest Orgasmatron Builds1 for PBX in a Flash. So, trust us! Nothing comes close to the new VPN in a Flash Mobile Telephony Appliance. Having endured more than a decade of preparations for national emergencies, we are well aware of the need for well-designed telephony systems which can be deployed on a moment’s notice anywhere. We also appreciate the need for a versatile, portable communications appliance which can be toted from hotel room to hotel room providing secure VoIP communications back to the mothership. And we fully grasp the need of thousands of businesses to transparently deploy remote communications devices at far away places but in a way that they still can be supported from home base. With all that in mind, Tom King and I have spent the last several months designing this VoIP telephony appliance. Now let us introduce you to the new world2 of VPN in a Flash.

Aspire OneUntil six months ago, the hardware simply wasn’t available to provide the GUI performance necessary to create such a portable appliance. But the Intel Atom® processor changed all of that. And now Acer has stepped up with an almost perfect mobile implementation of the Atom motherboard in the Aspire One® Netbook. Weighing in at just over two pounds, it’s totally portable but also a powerhouse. And it’s quiet.

On the software side, the stars all lined up when Fedora® introduced Fedora 10 last week, an almost perfect rendition of the Linux® operating system with every imaginable bell and whistle including a low-overhead KDE® GUI that rivals the very best of Windows® and Mac OS X®. Our challenge was to put all the pieces together and add the very best of the Asterisk® telephony world to the mix. And, of course, we wanted to accomplish all of this while staying true to our open source roots. We think this Fedora Remix3 meets that goal in spades! You certainly could build your own system from the ground up, and we would encourage you to download Fedora 10 and do that when you have a few months of free time on your hands. The new Fedora 10 build is a perfect platform for Asterisk and the latest state-of-the-art hardware. In the meantime, our rendition which configures everything to better support Asterisk in a mobile telephony environment should save you about 500 man-hours. Try it. You’ll see. 😉

Aspire One Desktop

We also wanted the new system design to include every imaginable communications bell and whistle on the planet including a flexible, turnkey virtual private network implementation, transparent support for wired and wireless networks, a built-in preconfigured softphone which is ready for business, and all of the Nerd Vittles utilities and FreePBX® functionality that has made PBX in a Flash such a hit.

Finally, a new Mondo backup script has been included that lets you clone your entire system to a $20 bootable USB flash drive for incredibly easy system recovery in the event of a hardware catastrophe. And the 2008 introductory price for these built-to-order systems: just $499 plus shipping to US-48 destinations. And there’s loads of documentation, too. With a little luck, a self-installing, bootable flash drive appliance for our friends outside of the United States should be available by early next year.


About the Face Lift. Well, it’s been a painful few days at Nerd Vittles Headquarters. Our former hosting provider, BlueHost, apparently hired a new recruit that deemed our CPU utilization unworthy… in the middle of the night last Thursday. He promptly shut down our site. For any of you considering shared hosting, this is one of the dirty little secrets of the industry. They may promise you unlimited disk storage and unlimited bandwidth, but they don’t really mean it. I’m reminded of Mark Twain’s old adage about bankers: "Bankers are the folks that hand you an umbrella when the sun is shining and want it back the minute it starts to rain." Internet hosting providers have some of the same gene pool unfortunately.

The sad part of the story is that BlueHost is one of the better providers in the United States, and we, in fact, have recommended them. Hundreds of our readers took us up on our BlueHost recommendation. It gets even worse. We provided free Asterisk support to the BlueHost folks about a year ago when they were attempting to reconfigure their queues. We even brought in a local consultant in their area to assist. Do you think we even got a return call from our fair-weather friends when we were trying to figure out why our site suddenly became a problem? Our site utilization has been fairly steady for more than two years! Suffice it to say, the phone never rang. But that’s all history now. Nerd Vittles has moved to our new high-performance server at WestNIC that also hosts the PBX in a Flash Forum, and we’re happy to be there.

Nothing’s ever simple, of course. WestNIC employs PHP5 while BlueHost still was using PHP4. Even though cPanel made the server transition easy, our particular version of the WordPress blogging software was more than a little long in the tooth. Everything at first appeared to work fine. But it turned out that you could no longer read individual posts. Call us picky but that was a deal breaker. What to do? Suffice it to say that 17 version upgrades later, we’re now current. The only fatality was a few recent comments which got deleted by operator error… mine. 🙄

All good blogs deserve a facelift at least once every five years, don’t you think? Well, we’re about a month shy of our Fifth Anniversary, but it was worth the effort. And the performance boost is nothing short of amazing. We hope you agree. Enjoy!


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

blankBOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

blankThe lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

blankVitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

blankSpecial Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 


Some Recent Nerd Vittles Articles of Interest…

  1. If you don’t know what an Orgasmatron Build is, use the search function at the top of this page. []
  2. And speaking of new worlds, lawyers love footnotes so you’d better get used to these little numbers. 🙂 We’ll break you in easy today. There are just a few of them. []
  3. Fedora and the Infinity design logo are trademarks of Red Hat, Inc. Asterisk is a registered trademark of Digium, Inc. All other trademarks and registered trademarks are property of their respective owners. This software aggregation is neither provided nor supported by the Fedora Project and contains non-Fedora and modified Fedora content. Official Fedora software is available through the Fedora Project website. []

The Lean, Mean Asterisk Machine: And Now It’s a Fax Machine

blankHard to believe it’s been a year since PBX in a Flash hit the street, but today’s the Big Day! So Happy Birthday to us. With an estimated 100,000 downloads worldwide and over a million RSS feeds to our Kennonsoft User Interface each month, you might be wondering what keeps us going with all the reported venture capital behind Big Orange and Lime Green. Well, we’re glad you asked. Truth be told, it’s the cushy offices (in our kitchens) and the endless flow of generous contributions from grateful users. Heh, heh! Seriously, there are some real reasons that account for the popularity of PBX in a Flash. Bottom Line: It Just Works! And here’s a representative sample of other feedback from our fans:

  • Currency – The PBX in a Flash distribution is always up to date. Our separate payload file makes it easy. No one else has anything close. So their builds are almost always long in the tooth.
  • Upgradability – Unlike the competition, you don’t have to start all over each time a new version of Asterisk® or Linux hits the street. We’ll have more to say about our new SUSHI (Software Update Service – Hyperlinked, Interactive) in coming weeks.
  • FlexibilityPBX in a Flash remains the only distribution that builds Asterisk from source. Even Digium®’s own distribution now uses RPMs. When you add new hardware or upgrade the Linux kernel to plug a security vulnerability, you’ll understand why this is critically important.
  • SupportPBX in a Flash has the best support group in the business. It’s called the PBX in a Flash Forum, and it’s free. Unlike the competition, you don’t have to pay to get help on basic technical issues with our product. And you don’t normally wait more than an hour or two for a response. That’s what Open Source is all about!
  • Security – We take security seriously. It’s our number one priority. When there’s a known problem, we don’t hide it or ignore it. We fix it right now. And the RSS Feed that’s part of our KennonSoft User Interface lets you know about it immediately. You can make your own comparisons and draw your own conclusions with regard to the other distributions.
  • No Slimeware – We’re up front about the way we operate and why. We don’t create backdoors or Trojan Horses in our distribution that phone home for any reason. We notify users of issues through an RSS Feed. We believe it’s up to you, not Big Brother, to decide whether to protect your own system. As permitted by the GPL, we do encrypt some of our freeware installation scripts because of the conduct of some in this business that pass off the work product of others as their own.
  • No Bugs – People chuckled when we began a year ago with this mantra because of the experience we all had in days of old. We still believe it and do our best to keep the PBX in a Flash distribution bug free. If you don’t believe it, visit our forums and then visit the others. Some bugs obviously are beyond our control, but we do endeavor to steer users toward stable versions of open source products that can be used reliably in almost any business environment.

So there’s a quick update on how we’re doing and why we do things the way we do. Unlike a year ago, there are lots of choices now in the marketplace. If you’re still on the fence, the nice part of the open source movement is that it doesn’t cost you anything to try several flavors and make your own decision. Ultimately, we think you’ll choose PBX in a Flash for all of the reasons we’ve mentioned.

2011 Update: This article has been updated to support Asterisk 1.8 using HylaFax, AvantFax, and IAXmodem. Click here for the latest article.

blankWelcome Back Faxing. That brings us to today’s topic: adding a fax machine to your PBX in a Flash system. With all the distributions, there have been numerous fax options. And the one word that describes most of them is P-A-I-N-F-U-L. We’ve been searching for a way to return to the good ol’ Asterisk@Home days with NVfax. It just worked. Well, today it works again with PBX in a Flash and Asterisk 1.4. And, yes, it should work on the other distributions as well. I’ve had mixed emotions about whether to protect the install script, but I’ve chosen to release it in unencrypted format because I think we all can benefit from the contributions of others while still giving credit to those that contribute. And, yes, I know there’s a difference of opinion about this… for some very good reasons. But the Nerd Vittles contribution to VoIP technology has always been distribution agnostic, and we’ve decided to keep it that way. We’re equally delighted that Philippe Lindheimer has left the hooks in FreePBX to support NVfax so, once you complete this install, you can manage incoming fax calls from the comfort of the FreePBX user interface… even in distributions which no longer call it FreePBX. Ever wonder why these folks didn’t also rename Asterisk while they were in the lobotomy business?

How It Works. There are two pieces to the new faxing mechanism. For inbound faxing, you simply set FreePBX to use NVfax to listen for a fax tone on inbound trunks. We’ve found that 5 is the magic number for detecting a fax tone on most inbound calls. YMMV! You also can dial local extension 329 (F-A-X) and the extension will listen for an incoming fax. In either instance, if a fax tone is detected, the call is routed to a fax context that converts the incoming fax to a PDF document which is then sent to your email address specified in your Fax Handling setup for each Inbound Route on your system. The correct answers for Fax Handling are Fax Extension: System, Fax Email: any email address that works, Fax Detection Type: NVFax, and Pause After Answer: 5. Don’t forget to also enter the Fax Machine Settings under the Setup->General Settings tab in FreePBX. For outbound faxing, we can’t recall this ever working with NVfax, but it does now. Here’s how to set things up. Create a PDF document of anything you wish to send by fax. Name the document so that it corresponds with the phone number of the fax destination, e.g. 6789991234.pdf would mean you plan to send the PDF document to a fax device at the following phone number: 678-999-1234. Now place the document in the /tmp directory on your server. Next, pick up a phone on your system and dial 32948 (F-A-X-I-T). When prompted for the destination fax phone number, key in 6789991234. Once you receive an acknowledgment that your fax has been sent, hang up. It doesn’t get much easier than that.

Prerequisites. Well, there are lots of them. But a stock installation of Asterisk with CentOS works great so long as you also have outbound emailing working and you’ve installed a text-to-speech engine. Either Flite or Cepstral works just fine. All of the bundled distributions should suffice. We actually only use TTS to generate the voice prompts for the outbound faxing so, if you don’t need that functionality, no TTS engine is required. If you need help with outbound emailing, see our PBX in a Flash knol. There also are setup instructions for Gmail and Comcast in the PBX in a Flash forum.

Installing the Fax Software. We’ve written a script which handles all of the heavy lifting for you. Just log into your server as root and issue the following commands:

cd /root
wget http://pbxinaflash.net/source/fax/fax.pbx
chmod +x fax.pbx
./fax.pbx

In less than a minute, you should be all set.

Configuring the Fax Software. First, edit the [faxit] context in /etc/asterisk/extensions_custom.conf to plug in your actual fax number to be displayed on outbound faxes. It should be the 17th line up from the bottom of the file. Save your changes and reload Asterisk: amportal restart. Now load FreePBX using your favorite browser and make the Fax Machine entries in Setup->General Settings. Remember that your return email address must match your server domain name that you set up in /etc/hosts to get outbound email flowing, e.g. pbx.dyndns.org. Next, for each of your Inbound Routes in which you wish to enable fax detection, edit the entry and fill in the Fax Handling options we previously mentioned. To repeat, the correct answers are Fax Extension: System, Fax Email: any email address that works, Fax Detection Type: NVFax, and Pause After Answer: 5. Finally, add Misc Destinations for Fax (329) and FaxIt (32948). Reload your dialplan, and you should be ready to go.

Testing Things Out. The easiest way to assure that your system is properly configured is to attach a real fax machine to an FXS device on your system. Then send a fax to extension 329 (F-A-X). You should receive the fax via email shortly thereafter. That’s only half the battle unfortunately. If you want to receive faxes from outside your PBX, you also need to find a VoIP provider that properly supports faxing. Suffice it to say, all VoIP providers are not created equal when it comes to fax support. Our Best of Nerd Vittles article on faxing will provide some suggestions as well as a few tips and tricks. If you have a standard POTS line connected to an FXO device on your Asterisk server, that’s an even better option. Just make certain that fax detection is enabled on the inbound route for that line.

Don’t be misled by the brevity of this article. It in no way is a measure of the effort that it’s taken to make NVfax work again. One way that you can show your appreciation for the good deeds of others is through the Donate link at the top of our page. There’s no obligation, of course, but it does keep the Little Mrs. from regularly asking, "Tell me again why you do this?" Enjoy and thanks in advance.


Getting Started with PBX in a Flash. There’s a great deal of literature on PBX in a Flash that is yours for the taking. But we wanted to mention a terrific new series of articles in Mark Berry’s blog that are especially well suited for those just learning about VoIP. Have a look. We think you’ll agree.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

blankBOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

blankThe lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

blankVitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

blankSpecial Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 


Some Recent Nerd Vittles Articles of Interest…

It’s a Dell With Asterisk, Dude: Introducing the Orgasmatron II for the Dirt-Cheap Dell SC440

blankAbout 20 years ago, we began our migration from proprietary DEC VAX minicomputers by acquiring two of the first Dell servers ever manufactured. They were serial numbers 6 and 7. And we were just about as excited about the transition as the folks on Sesame Street. The machines were quickly named Bert and Ernie, and there was even a scrolling LCD display on the units showing the machine names. Considering that this all occurred inside a federal courthouse, it was revolutionary at the time. Michael Dell has gotten a little richer since that initial $10,000 investment (a bargain at the time!), and I'd have to say Dell servers have improved a good bit as well. So we finally bit the bullet last week and bought two of Dell's SC440 servers when they went on sale for a whopping $199 each. For this price, you got Dual Core Intel® Pentium®E2180, 2.0GHz processors with 1MB Cache, an 800MHz FSB, an 80GB 7.2K RPM Serial ATA 3Gbps 3.5-in Cabled Hard Drive connected to the onboard SATA controller, 512MB of 667MHz DDR2 RAM, a 48X CD-ROM Drive, and an On-Board Single Gigabit Network Adapter. For $19 more, you got 2GB of RAM. We hope some of you also took advantage of the offer because today we're releasing our plug-and-play Osgasmatron II for the SC440. Nov. 13 NEWS FLASH: Dell once again is offering the SC440 with Dual-Core processor but it now includes a second hard disk for $299 until November 19. It's still a great deal on a top-notch server. To get email alerts when the SC440 again goes on sale, go to techbargains.com and search for SC440. Then click on Send Email Deal Alert. Be sure to confirm the alert by replying to the email. These units have gone on sale roughly every two weeks since early September.

If you've missed the last two week's articles, the Orgasmatron II is the Ultimate Kitchen Sink for Asterisk®. It includes PBX in a Flash 1.3 in all its glory plus the newly released FreePBX 2.5 and so much more. From the time you insert the CD 'til you have a functioning Asterisk PBX with all the bells and whistles imaginable... 15 minutes!

If you've been following along with our articles, you already know that we've identified what we believe to be the perfect Asterisk SIP phone, the Aastra 57i. But our previously anointed perfect small business/home computer on which to run a production Asterisk server for about 50 employees, the Everex gPC2 (aka "The WalMart Special"), is no more. So this build moves to a different platform and a very different performance level. You'll see about twice the performance on the SC440 compared to the WalMart Special. Today's build provides a preconfigured SC440 installation on a 2-disk ISO image backup of the whole system using Mondo. And, NO, it won't work with any other hardware! Once you download the ISO images and burn your CDs, it's a 15-minute No-Brainer to install the entire image onto your own SC440. Wait to install any add-on cards until after you complete the Orgasmatron install. You must have an SC440 configured as above, or this Mondo restore will not work. So accept no substitutes, or you may end up with an Electronic Brick instead of an Orgasmatron II.

We've preconfigured some extensions on your new system as well as outbound and incoming trunks from some terrific providers including our second homegrown entry for VoIP terminations. Joe Roper and his business partner in Spain now offer a terrific IAX VoIP termination service. You can choose penny a minute service in the U.S. and most of Canada, or you can opt for premium VoIP service at about 2¢ a minute in the U.S. International rates also are VERY reasonable! You literally can sign up for service, plug in your phones, and have a system in full operation in under an hour.

So... what do you get with this preconfigured build? In addition to all of the goodness of a stock PBX in a Flash 1.3 build including Asterisk 1.4.21.2 running under CentOS 5.2 with a version of Zaptel that actually works with legacy cards. You also get the brand new FreePBX 2.5 as well as the latest versions of Apache, MySQL, PHP, and SendMail. And you get a Baker's Dozen preconfigured Nerd Vittles applications. Complete documentation is available here.

  • Inbound and Outbound VoIP Faxing Using nvFax... finally!
  • FONmail for Asterisk to send voice messages to any email address on the planet
  • AsteriDex RoboDialer and Telephone Directory
  • Telephone Reminders with Support for Recurring Reminders and Web-based TTS Reminder Messages
  • NewsClips for Asterisk featuring Dozens of Yahoo News Feeds (TTS)
  • Weather Reports by Airport Code (TTS)
  • Weather Reports by ZIP Code (TTS)
  • Worldwide Weather Forecasts (TTS)
  • xTide for Asterisk (TTS)
  • MailCall for Asterisk: Get Your Email By Telephone (TTS)
  • TeleYapper 4.0 Message Broadcasting System
  • CallWho for Phone Lookup and Dialing of Entries in the AsteriDex Database (TTS)
  • TFTP Server with preconfigured setups for 10 Aastra 57i SIP telephones

In addition, you get dozens of preconfigured telephony applications and functions that would take even an expert the better part of a year or two to build independently. And, unlike all of the other distributions, we build Asterisk from source so it's simple to modify and upgrade whenever you feel the need. Here's a short list of what you have to look forward to:

  • Stealth AutoAttendant with Welcome and Application IVRs
  • Key Telephone Support Using Park and Parking Lot
  • Intercom/Paging Support
  • Bluetooth Proximity Detection with Automatic Call Forwarding to Cell Phone
  • DISA
  • Blacklisting with Web and Telephony Interfaces
  • CallerID Name Lookups from Numerous Providers
  • Weekly Automated System Backups to a Flash Drive
  • One Touch Day/Night Service
  • Music on Hold
  • Voicemail with Email Delivery of Messages and Pager Notification
  • Voicemail Blasting
  • Cell Phone Direct Dial
  • Call Forward: All, Busy, No Answer
  • Call Waiting
  • Call Pickup
  • Zap Barge
  • Call Transfer: Attended and Blind
  • Dictation Service with Email Delivery
  • Do Not Disturb
  • Gabcast
  • Phonebook Dial by Name
  • Speed Dial
  • Flite Text to Speech (TTS)
  • Windows Networking with SAMBA
  • Linux Firewall and Fail2Ban with SSH, HTTP, and SIP/IAX login protection
  • PBX in a Flash Software Update Service To Keep Your System Current
  • One-Click Cepstral TTS Install with Allison... Just Type install-cepstral

Prerequisites. As mentioned, you'll need an SC440 configured with the specs outlined above including the 2GB RAM upgrade. We also recommend a 4GB USB flash drive on which to store automatic weekly backups of your new system. Just plug it into your new machine, log in as root, and type: /root/usbformat.sh. That's it! Every Sunday night, you'll get a new backup in ISO format on your flash drive. If something goes wrong on your system, copy the ISOs to CDs and reboot with Disk 1. It doesn't get any easier than that. And you can always check on the latest backup by issuing the command: /root/usbcheck.sh

Finally, you'll need to cough up a whopping $5 to download the two-disk ISO image for this build. And, yes, we eat our own dog food. The ISO images you'll be downloading were captured as a backup on the flash drive of one of our SC440 lab machines. We got 'em yesterday! If you use this special build, it seemed only fair that you cover the cost of the bandwidth to download it. As most of you know, we don't have the luxury of freeloading off SourceForge for our downloads. And we didn't want to impose upon our existing bandwidth providers to bring you this custom image. The good news is that, once you download the image from DreamHost, you are more than welcome to pass it along to one or more of your friends or business acquaintances at no charge. You can even do it electronically through the DreamHost Files Forever program. And, if you'd like to host this image for your fellow man at no cost, be our guest... and thank you! Bottom line: For under $250, you'll have the slickest, fastest, most reliable PBX and fax machines on the planet with rock-solid weekly backups and, of course, access to the one-of-a-kind PBX in a Flash Software Update Service!

Getting Started. Once you have your SC440 in hand, take it out of the box, plug it into your LAN with DHCP and DNS support and Internet connectivity. You'll need a USB keyboard for typing temporarily. We also strongly recommend that you always keep your system running behind a NAT-based firewall/router. We strongly recommend the dirt-cheap dLink WBR-2310 WiFi router which handles NAT issues with VoIP masterfully. Don't redirect any ports to the machine and don't turn the PC on just yet.

Download the two ISO images for the SC440 from here. If you don't know how to create a CD from an ISO image, read that section from our previous article. In fact, read the whole article. It'll help you immensely down the road. Once you have the two CDs in hand, turn on the SC440 and quickly insert Disk 1 into the CD drive and close the drive. If you don't see a Mondo Rescue screen within a minute or less, turn the machine off and then back on again. At the Mondo Rescue main screen, type nuke and press the Enter key. This will erase, repartition, and reformat your hard disk in case you didn't know. This is normal. If you get any kind of errors about incorrect drive or partition names, halt the install by pressing CTL-ALT-DEL and remove the CD. Otherwise, ignore the errors. You'll need to install PBX in a Flash using our standard ISO which is available here. Otherwise, go have a cup of coffee and come back in about 10 minutes. After fileset #87 is restored, you'll be prompted to insert Disk 2 and press Enter to finish the install. When the second CD finishes, eject it and wait for the prompt. Then type "exit" and press Enter. Your SC440 will reboot, and you're ready to go.

After the reboot finishes, type root at the login prompt for your username and password for your password. The IP address assigned by your DHCP server should appear near the top of the screen. Write it down. If there is no IP address, your machine does not have network connectivity or access to a DHCP server with an available IP address. Correct the problem and reboot. You can safely ignore the warning that Fail2Ban is OFFLINE. We've updated the Fail2Ban software to protect Asterisk SIP and IAX connections, and our status program isn't up to date as this article goes to press. update-fixes will get you a new version from our Software Update Service shortly.

Securing Passwords. We're going to change five passwords now. For the time being (until you've done some reading), think up one really difficult password (that you won't forget) and use it for all five passwords. At the root@pbx:~ $ command prompt, type the following commands and type in your new password when prompted. Don't forget your password or you'll get to put in your two CDs and start over.

passwd
passwd-maint
passwd-wwwadmin
passwd-meetme
/usr/libexec/webmin/changepass.pl /etc/webmin root yournewpasswordhere

Now, using a web browser, go to the IP address of your new PBX in a Flash server. Click the Admin tab and then choose the FreePBX Administration botton. Log in as maint with your new maint password. Before you do anything else, change ALL of the 10 extension passwords to something secure... as if your phone bill depended upon it! Click Setup, Extensions and then choose each extension, modify BOTH the device secret and Voicemail Password, and click Submit. When you finish all the extensions, then reload the dialplan to save your changes. Finally, change your DISA password to something very, very secure: Setup, DISA, DISAmain, PIN. Reload your dialplan once again to save your changes.

Regardless of what you may read elsewhere, the Orgasmatron II has all the very latest security patches as of today. If you want more security, take our advice and add a hardware-based firewall/router between your Internet connection and your new Orgasmatron II and don't expose port 80 (the web interface) to the Internet!

Permanently Setting the IP Address. There are different schools of thought on whether to use a fixed or dynamic IP address. Most hardware-based routers support DHCP IP address reservations. The simplest way to permanently secure the existing IP address for your server is to reserve it on your router. If you'd prefer to assign your own IP address, we have included the deprecated netconfig utility which can be run after logging into your server as root. Sometimes you will need to run it once, enter your settings, reboot, and then repeat the drill. Then you should be all set. Either way, you need a permanent IP address for your machine when all is said and done. Once you have a permanent IP address, hop on over to dyndns.org and sign up for your own fully-qualified domain name (FQDN), e.g. mypbx.dyndns.org. You're going to need it for a whole host of things with your new PBX, and dyndns.org is about the easiest way to do it. Once you have your FQDN and DynDNS username and password, log in as root and edit: /etc/ddclient/ddclient.conf. Search (Ctl-W) for ***. Fill in your username and password and uncomment those two lines. Then search for *** again, uncomment the next three lines and fill in your fully-qualified domain name. Save the file and service ddclient restart. To make sure everything worked, issue the following command: ddclient -force. Assuming there are no errors, issue the following command to start ddclient each time your server reboots: /sbin/chkconfig --add ddclient. Now the IP address of your Asterisk server will always resolve to your FQDN from DynDNS. And anyone can call you via SIP for free using the following SIP URI: mothership@yourFQDN.dyndns.org. You can take this a step further and sign up for a free incoming phone number at ipkall.com. For your account type, choose SIP. For your SIP phone number, enter: mothership. For your SIP proxy, enter the fully-qualified domain name (FQDN) for your server, e.g. mypbx.dyndns.org. Choose a password and enter your real email address, and they will beam you a Washington state phone number within a day or so. You can't beat the price!

Adding Plain Old Phones. Before your new PBX will be of much use, you're going to need something to make and receive calls, i.e. a telephone. For today, you've got several choices: a POTS phone, a softphone, or a SIP phone (highly recommended). Option #1 and the best home solution is to use a Plain Old Telephone or your favorite cordless phone set (with 8-10 extensions) if you purchase a little device (the size of a pack of cigs) known as an SPA-2102. It's under $70. Be sure you specify that you want an unlocked device, meaning it doesn't force you to use a particular service provider. Once you get it, plug the device into your LAN, and then plug your phone instrument into the SPA-2102. Note that this adapter supports two-line cordless phones! Your router will hand out a private IP address for the SPA-2102 to talk on your network. You'll need the IP address of the SPA-2102 in order to configure it to work with Asterisk. After you connect the device to your network and a phone to the device, pick up the phone and dial ****. At the voice prompt, dial 110#. The device will tell you its DHCP-assigned IP address. Write it down and then access the configuration utility by pointing your web browser to that IP address.

Once the configuration utility displays in your web browser, click Admin Login and then Advanced in the upper right corner of the web page. When the page reloads, click the Line1 tab and then repeat this drill for the Line2 tab if you want to connect the device to two extensions on your Asterisk system. Scroll down the screen to the Proxy field in the Proxy and Registration section of the form. Type in the private IP address of your Asterisk system which you wrote down previously. Be sure the Register field is set to Yes and then move to the Subscriber Information section of the form. Assuming you're using the preconfigured extensions starting with 701, do the following. Enter House Phone as the Display Name. Enter 701 as the User ID. Enter your actual password for this extension in the Password field, and set Use Auth ID to No. Click the Submit All Changes button and wait for your Sipura to reset. In the Line 1 Status section of the Info tab, your device should show that it's Registered. You're done. Now repeat the drill for Line2 using extension 702. Pick up a phone and dial 1234# to test out BOTH extensions.

Downloading a Free Softphone. Unless you already have an IP phone, the easiest way to get started and make sure everything is working is to install an IP softphone. You can download a softphone for Windows, Mac, or Linux from CounterPath. Or download the pulver.Communicator. Here's another great SIP/IAX softphone for all platforms that's great, too, and it requires no installation: Zoiper 2.0 (formerly IDEfisk). All are free! Just install and then configure with the IP address of your PBX in a Flash server. For username and password, use one of the extension numbers and passwords which you set up with FreePBX. Once you make a few test calls, don't waste any more time. Buy a decent SIP telephone. We think the best phone out there is the Aastra 57i for under $200. Another $100 buys you the Aastra 57i CT with a cordless DECT phone.

Configuring Aastra 57i SIP Phones. Your new system comes preconfigured to automatically configure up to 15 Aastra 57i phones. Plug each phone into your network and wait for it to boot. Once it boots, press the Option button, then Phone Status (3), then IP & MAC Address (1). Write down each phone's IP address and MAC address. Then press Done to exit from the menus.

Next, we need to tell your phone to use your new Asterisk server as the TFTP server to obtain its setup. Press the Option button again, then Admin Menu (5). Type 22222 for the admin password and press Enter. Then choose Config Server (1), then TFTP Settings (2), then Primary TFTP (1), enter the IP address of your new server, and press Done a half dozen times.

Log back into your server as root. Switch to the TFTP directory: cd /tftpboot. You'll notice that there are config files for up to 15 phones. Simply choose the extension number you wish to use for each phone AND rename each file (filenames are 701.cfg to 715.cfg) to the MAC address of each phone.cfg. Do NOT use hyphens in the MAC address. One final step and you'll be ready to load up your phones. We need to set the correct IP address to tell each phone where your server is located. So... issue the following command using the IP address of your new server instead of 192.168.0.123. Leave the rest of the command as it is!

sed -i 's|192.168.0.0|192.168.0.123|g' /tftpboot/aastra.cfg

Now restart each phone by pressing the Option button and then Restart Phone (6) and then the Restart button. Once the phone reboots, you can make a test call by dialing 1-2-3-4. You can get the latest news by dialing 5-1-1. Or get a weather forecast by airport code (6-1-1) or zip code (Z-I-P).

A Word About Ports. For the techies out there that want to configure remote telephones or link to a server in another town, you'll need to know the ports to remap to your new server from your firewall. Here's a list of the ports available and used by PBX in a Flash. We don't recommend exposing UDP 5038 which is used to communicate with Asterisk via the Asterisk Manager.

TCP 80 - HTTP (needed to access the web sites on your server from the Internet... not recommended!!!)
TCP 22 - SSH (needed if you want remote SSH access)
TCP 9001 - WebMin (needed if you want remote WebMin access... not recommended!!!)
UDP 10000-62000 - RTP (needed for SIP communications)
UDP 5004-5037 - SIP (ditto)
UDP 5039-5082 - SIP (ditto)
UDP 4569 - IAX2 (needed for IAX communications typically between Asterisk servers)

blankSetting Up Trunks for Outgoing and Incoming Calls. If you want to communicate with the rest of the telephones in the world, then you'll need a way to route outbound calls (terminations) to their destination. And you'll need a phone number (DIDs) so that folks can call you. Unlike the Ma Bell world, you need not rely upon the same provider for both. And nothing prevents you from having multiple outbound and incoming trunks to your new PBX. At a minimum, however, you do need one outbound trunk and one inbound phone number unless you're merely planning to talk to other extensions set up on your system. We've actually put all the hooks in place to make it easy for you to interconnect to other Asterisk servers, but we'll save that for another day. For today, we want to get you a functioning system so that you can place outbound calls to anywhere in the world and can receive incoming calls from anywhere in the world.

For outbound calling, we recommend you establish accounts with several providers. We've included the necessary setups for Joe Roper's new service for PBX in a Flash as well as Vitelity and AOL. To register for the service, just visit the web site and register. To sign up to the service in the USA and be charged in US Dollars, please sign up here. To sign up for the European Service and be charged in Euros, sign up here.

In addition to being one of the least expensive providers, there's also the premium service option. You can prefix any number with 000 to try it out. Give it a try. We think you'll be pleased with the service AND the pricing. DIDs for inbound service are not yet available, but Vitelity has lots of them, and there's a link below to get you started.

blankVitelity: One of the Best Providers on the Planet. If you're seeking the best flexibility in choosing an area code and phone number plus reasonable entry level pricing plus high quality calls, then Vitelity is a winner. Vitelity provides Tier A DID inbound service in over 3,000 rate centers throughout the US and Canada. And, when you use our special link to sign up, the Nerd Vittles and PBX in a Flash projects get a few shekels down the road while you get an incredible signup deal as well. The going rate for Vitelity's DID service is $7.95 a month which includes up to 4,000 incoming minutes on two simultaneous channels with terminations priced at 1.45¢ per minute. For PBX in a Flash users, sign up now, and you can purchase a Tier A DID with unlimited incoming calls for just $3.99 a month and you get a free hour of outbound calling to test out their call quality. To check availability of local numbers and tiers of service from Vitelity, click here. Do not use this link to order your DIDs, or you won't get the special pricing! After the free hour of outbound calling, Vitelity's rate is just 1.44¢ per minute for outbound calls in the U.S. You can't beat the price (except with us) and the call quality is excellent as well. We've tried just about everybody.

To sweeten the pot a bit more, we've preconfigured both inbound and outbound Vitelity trunks for you. For the vitel-inbound trunk, all you'll need to do is plug in your username, password, and host assigned by Vitelity and adjust the registration string to match your assigned username and password. In FreePBX, click Setup, Trunks, SIP/vitel-inbound and make the changes. Then adjust the vitel-outbound trunk to reflect your actual username in the fromuser and username entries, your real password in the secret entry, and the correct host provided by Vitelity for your outbound calls, and you're all set. In FreePBX, click Setup, Trunks, SIP/vitel-outbound and make the changes. The same setup drill will get you going the the PIAF VoIP service as well.

To test things out, pick up a phone configured on your system and dial an area code and number of someone in the United States or Canada. Now get someone to call you using your new number. Presto! You have inbound and outbound phone service. And, if you'd like to see just how good SIP service can be, pick up a phone on your system and dial D-E-M-O. This will connect you to the PBX in a Flash hosted demo applications server at Aretta Communications.

An Alternate Outbound Calling Solution. As we said, it costs you almost nothing to add an alternate outbound calling solution to your new system. As luck would have it, adding a third outbound calling provider is now a breeze because AOL just entered the SIP terminations market with a product called AIM Call Out. We wrote about it recently, and you can read the article here. All you need is an AOL or AIM account name and $5 to get you started. The system you've just installed is preconfigured to use AIM Call Out. All you have to do is plug in your username and password, and you can immediately make calls to anywhere in the United States for under 2¢ per minute. Adding international calling is as easy as inserting the correct dial string. If you never use it, it doesn't cost you a dime. So $5 is mighty cheap insurance in our book.

First things first. Sign up for the service at this link. Your username will look something like this: johndoe@aim.com. You also will be assigned a password. Using your web browser, open FreePBX by pointing to the IP address of your new server and choosing Administration, then FreePBX. Type in admin as your username and the password you assigned to your system. From the main FreePBX menu, choose Setup, Trunks, and click on SIP/AIM in the far right column. Scroll down to the Peer Details section of the form and replace yourAIMpassword with your new password. Then replace yourAIMaccountname with your actual AIM account name. Now click the Submit Changes button and then Apply Configuration Changes and Continue with Reload.

Setting Up an Alternate DID for Incoming Calls. You also may want to consider a second phone number where people can call you. For example, if Grandma and Grandpa happen to be in another state and still have an old fashioned telephone, you might consider adding an additional DID to your system in their area code. They then can make a local call to reach you by dialing the local DID. On the les.net pay-as-you-go plan, it costs less than a dollar a month plus a penny a minute for the calls. Money well spent if we do say so... and you'll sleep better.

If this setup looks a bit complicated, don't be intimidated. Remember, we're connecting your PBX to the rest of the world so people can call you! With les.net, you have a choice of rate plans for most DIDs. You either can pay $3.99 a month for unlimited inbound calls with two concurrent channels or 99¢ per month and 1.1¢ per minute with four concurrent channels. Just visit their site and click Signup to register. Once you are registered, click Login and then Order DIDs. Pick a phone number. Then click Peers/Trunks and Create New Peer. Write down the Peer Name as you will need it in a minute to set up your connection. Choose SIP for Peer Technology, RFC2833 for DTMF Mode, G.711 for Codecs, Registration for Peer Type, enter the public IP address of your server for Peer Address, make up a secure password and write it down also, specify an Outbound CallerID for your calls, and check the 10-digit dialing box. Leave voicemail unchecked since you'll handle this on your end. Save your changes.

Now choose Your DIDs and click on the one you just ordered. We now need to tie the phone number to the Peer setup you just created above. Click on the DID and select the Route to Peer which you just created. Check the Send DID Prefix box and leave everything else blank. Click Save Changes and you're finished at the les.net end. Now let's set up your inbound DID trunk in Asterisk using FreePBX.

Log into FreePBX using a web browser. Click Setup, Trunks and then Add SIP Trunk. Fill in the CallerID and then drop down to the Outgoing Settings section of the form. For Trunk Name, use the Peer Name that you created above and wrote down. It ought to look something like this: 1092832198. For Peer Details, enter the following using the Peer Name and Password you assigned at les.net:

canreinvite=no
context=from-trunk
fromuser=1092832198
host=did.voip.les.net
insecure=port,invite
nat=yes
secret=yourpassword
type=peer
username=1092832198

For Incoming Settings, use from-pstn for the User Context and enter the following User Details:

canreinvite=no
context=from-pstn
dtmfmode=rfc2833
insecure=port,invite
nat=yes
type=user

For the registration string, enter a string like the following using your Peer Name and Password:

1092832198:yourpassword@did.voip.les.net/1092832198

Now click the Submit Changes button and then Apply Configuration Changes and Continue with Reload.

Choosing a VoIP Provider That Supports Faxing. We've included a reliable fax solution in this build, and we'll cover all the details soon. We do want to give you a head start if you plan to use your new machine to handle inbound faxes. To test your machine, you can connect a real fax machine to one of the lines on an SPA-2102. Then send a fax to extension 329 (F-A-X). But first you must configure your email address in two places using FreePBX: Setup, General Settings, Email address to have faxes emailed to AND Setup, Inbound Routes, any DID / any CID, fax Email. Once you've saved your settings, send the fax and see if it's delivered to your email address. If it works reliably, then the fax and email applications on your machine are configured correctly. Unfortunately, that's only half the battle. To receive faxes from outside your system, you'll also need a DID from a provider that supports faxing. And then it's still only about a 90% proposition... on a good day. We've tested this with many, many VoIP providers. Some work. Many don't. Some, such as Vitelity, offer a faxing service for a fee. Guess what? Their regular VoIP setup doesn't support faxing. Our old friends at Telasip.com still support faxing. We've also had good luck with Future-Nine and Teliax. You can read the beginnings of our fax dissertation here for more details. With the exception of the trunk setup covered in the article, all of the remaining setup steps already have been completed on your new server!

Interconnecting Two Asterisk Servers. We've preconfigured this build to support an IAX interconnect to a second PBX in a Flash system. The trunk setup for the second machine to match the setup on this build can be printed out. The filename is /root/MainPeerTrunkSetup.gif.

Choosing a Preferred Provider. Finally, you'll need to decide whether to use PIAF-USA or AOL or Vitelity as your primary terminations provider. HINT: We're the cheapest! So we've set things up this way. This is handled in FreePBX in the Outbound Routes tab under the Default entry. You can adjust easily these in any way you like by adding trunks or moving entries up and down the list to change their priority. Just be sure to leave ENUM at the top of the list since ENUM calls are always free. If a free call isn't possible, your server will automatically drop down to the next trunk in the priority list. Don't add Vitelity to the list unless you have actually created a Vitelity account since they handle unsuccessful connections in a non-standard way which will cause FreePBX not to drop down to the next trunk to attempt a connection.

Activating the Stealth AutoAttendant for Inbound Calls. By default, all incoming calls are routed to the Day/Night Code 1 context which allows you to toggle calls between a Day setting and a Night setting by pressing *281. For builds before Rev. D, the Day setting for Code 1 is set to Ring Group 700 which rings all of the extensions on your system. If you'd prefer our Stealth Autoattendant which plays a brief greeting during which you can choose other options or direct dial extensions on your system before the call is passed to Ring Group 700, then edit Day/Night Code 1 and set the Day option to IVR: MainIVR.

A Word About Mondo Rescue. We would be remiss if we didn't mention what a fantastic open source product Mondo Rescue is. It's the sole reason that today's build was possible. Our special thanks go to the development team: Bruno Cornec, Andree Leidenfrost, and Hugo Rabson. It is the first (and only) backup software for Linux builds that actually works reliably. The best way to prove that for yourself is to download this build and try it for yourself on your Dell, dude. It has much more flexibility than what you will experience, but that would take another dozen pages to explain. We'll save that for another day. In the meantime, if you'd like more information, visit the Mondo Rescue web site.

What you need to know today is that the device name for your USB flash drive may differ from the setting of /dev/sdb1 that is preconfigured depending upon the Dude that built your Dell. If you have the Rev. D build (shown at the bottom of the DreamHost download site), simply log into your server as root and type: /root/usbdevice.sh. You're all set. With prior builds, to find out the identity of your USB stick, plug it into one of the front USB ports, log in as root, and type dmesg. Included in the output will be a section that looks something like this:

USB Mass Storage support registered.
Vendor: VBTM Model: Store 'n' Go Rev: 5.00
Type: Direct-Access ANSI SCSI revision: 00
SCSI device sdb: 2013184 512-byte hdwr sectors (1031 MB)
sdb: Write Protect is off
sdb: Mode Sense: 23 00 00 00
sdb: assuming drive cache: write through
SCSI device sdb: 2013184 512-byte hdwr sectors (1031 MB)
sdb: Write Protect is off
sdb: Mode Sense: 23 00 00 00
sdb: assuming drive cache: write through
sdb: sdb4

If the entry in bold above does not say "sdb1" then you have a little work to do. First, edit /root/usbcheck.sh and change sdb1 on the mount line to the sdb# entry shown above in bold. Save your change: Ctrl-X, Y, then Enter. Now edit /root/usbformat.sh and make the same change in the fdisk AND mkdosfs lines of the script. Save your changes. Finally edit /etc/asterisk/disk-backup.conf. Press Ctl-W and search for sdb1. Change the entry to the device name in bold above. Save your change. Now restart Asterisk with the command: amportal restart. Finally, format your new flash drive and you're ready to go: /root/usbformat.sh. Be sure to check your flash drive periodically to make certain you're getting backups: /root/usbcheck.sh.

Installing Cepstral on Your New Server. If you want real text-to-speech with Allison's familiar voice, then you'll need to buy Cepstral. It's dirt cheap for single, non-commercial use. To install it, there's still a problem with the script on your new machine unfortunately. Something has happened to Darren Sessions' archives, but luckily we still have backups. This has been fixed in Rev. D. Otherwise, to point to the uncorrupted version of the software, log in to your server as root and issue the following two commands:

sed -i 's|www.darrensessions.com/pub|pbxinaflash.net/source|' /root/install-cepstral
sed -i 's|www.darrensessions.com/pub|pbxinaflash.net/source|' /usr/local/sbin/install-cepstral

Then run install-cepstral from the command prompt. At one point you'll be asked whether to create a missing directory for the Cepstral installation. Be sure to type y at the prompt rather than just pressing the Enter key. Instructions for registering your copy of Cepstral are displayed when the install completes. For complete documentation, read our previous tutorial.

Addendum: Enabling Parking Lot. As configured, FreePBX gets confused by the 700 ring group thinking it is your default parking lot. To fix the problem, simply enable the Parking Lot feature from the FreePBX Setup tab. Click on the Enable checkbox, leave the default 70 extension to place calls in the parking lot, and choose a default location to which to send orphaned parking lot calls. Then everything works normally.

Where To Go From Here. Well, we've covered a good bit of territory today. When you're ready, move on to the second part of this article at the link below. In the meantime, you have a new phone system that works. And there are a number of PDF documents in the /root folder on your new system which are worth a read. Better yet, you can browse through all of the documentation which is available for PBX in a Flash by going here. You also can dial D-E-M-O on your new system and see just how powerful direct SIP connections can be to other Asterisk hosts (in this case, ours!)... at no cost. Finally, you can log into your server and type help-pbx for access to a treasure trove of additional features. Enjoy!

Continue reading Part II...


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

blankBOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

blankThe lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

blankVitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

blankSpecial Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 


Some Recent Nerd Vittles Articles of Interest...

Build a $199 Turnkey (Green!) Asterisk 1.4 System in Less Than An Hour

blankIt takes a lot to get our attention on the Asterisk® hardware front these days, but this one’s a genuine eyepopper in our book. For $199 (actually $223.89 including shipping and tax), WalMart delivers a brand new Everex Green gPC to your door with a 1.5GHz VIA C7-D Energy Efficient Processor, 512MB of DDR2 533MHz SDRAM, an 80GB, 7200 RPM PATA drive, DVD/CD-RW drive, 10/100 Ethernet adapter, 6 USB ports, keyboard, mouse, speakers, and one year warranty. While the machine ships with Linux preinstalled, we chose to spend 33 minutes installing the latest version of PBX in a Flash which provides CentOS 5, Asterisk 1.4, FreePBX 2.3, and the usual assortment of Linux tools: Apache, SendMail, PHP 5, phpMyAdmin, MySQL 5… and No Bugs! You can order the PC on line at this link, or you may get lucky and find one sitting in your neighborhood WalMart store. Just click on the Find in Store link on the link above. Tiger Direct and zareason.com also have the same unit, and currently it’s at the same price. For other locations, check this thread on the PBX in a Flash Forum. To say Everex can’t make these machines fast enough is really an understatement. All we can suggest is check the web sites daily. They get new shipments regularly, and they sell out just as fast. If you’re unfamiliar with the Everex brand, don’t worry. They’ve been in the PC business for decades, and their machines are built with industry-standard components. And, finally, for those of you that depend upon Asterisk systems for a living, why not build up a few of these babies as spares to have on hand. It’s the cheapest insurance you can buy!

Now that PBX in a Flash has been around for 9 whole weeks, we thought it might be helpful to walk you through the typical installation scenario that we use to bring up new systems. This gets you the latest code, all the patches, and a rock-solid system to begin your Asterisk adventure. What’s the difference in PBX in a Flash and other Asterisk 1.4 aggregations? Well, we’ll let you be the judge. Compare the Help message threads here and then here, and you’ll get the idea. So let’s get started.

Getting Started with PBX in a Flash. Just like all the other offerings, you need to begin by downloading the ISO image for PBX in a Flash (646.96 MB). As new locations for ISO downloads come on line, we will add them to the download list. Just click on the location nearest to you. Once you’ve got the image in hand, use your favorite tool to burn it to a bootable CD. Remember, your hard disk will first be erased by this install.

On the new Everex machine, insert the CD containing the pbxinaflash.iso and then reboot. After reading the initial prompts and warnings, press the Enter key to begin the installation. Or, if you want to first check the media for corruption, type linux mediacheck and then press the <Enter> key. When prompted, be sure to choose the option that erases all existing partitions and uses the default partition layout. Then choose your time zone and leave the UTC system clock option unchecked. Next choose a root password for your new system. Make it secure, and write it down. We plan to use this password for virtually everything on your new system. The install process begins. This includes MySQL, Apache, PHP, CUPS, Samba, WebMin, Subversion, SendMail, Yum, Bluetooth support, SSL, Perl, Python, the kernel development package, and much more. In about 15 minutes depending upon the speed of your PC, the install will pause to allow you to eject the CD. Click the Proceed button to continue after removing the CD. You must have an Internet connection now to complete the install so plug in a 10/100 cable if you haven’t done so already. After reboot, the system will start up with CentOS 5, then download and install Asterisk and FreePBX, and search for the necessary installation script and payload file on pbxinaflash.net. Just to repeat, If you don’t have Internet connectivity, then the installation cannot complete. When the installation finishes, reboot your system and log in as root. The IP address of your PBX in a Flash system will be displayed once you log in. If it’s blank, type service network restart after assuring that you have Internet connectivity and access to a DHCP server that hands out IP addresses. Typing ifconfig should display your IP address on the eth0 port. Write it down. We’ll need it in a minute.

Now that you’ve logged in as root, you should see the IP address displayed with the following command prompt: root@pbx:~/. If instead you see bash displayed as the command prompt and it’s not green, then the installation has not completed successfully. This is probably due to network problems but also could be caused by the time being set incorrectly on your server. You can’t compile Asterisk if the time on your computer is a date in the past! For this glitch you have to start over. If it’s a network issue, fix it and then reboot and watch for the eth0 connection to complete. Assuming it doesn’t fail the second time around, the installation will continue. Likewise, if you do not have DHCP on your network, the installation will fail because the PBX will not be given an IP address. Simply type netconfig, fill in the blanks and reboot. The install will recommence.

Required Steps to Complete the Install. There are three important things to do to complete the installation. First, from the command prompt, run genzaptelconf. This sets up your ZAP hardware as well as a timing source for conferencing. If you’re using additional hardware for your Asterisk system, we recomend removing the 56K modem when you install the cards. This will help avoid interrupt conflicts. Second, decide how to handle the IP address for your PBX in a Flash server. The default is DHCP, but you don’t want the IP address of your PBX changing. Phones and phone calls need to know how to find your PBX, and if your internal IP address changes because of DHCP, that’s a problem. You have two choices. Either set your router to always hand out the same DHCP address to your PBX in a Flash server by specifying its MAC address in the reserved IP address table of your router, or run netconfig at the command prompt and assign a permanent IP address to your server. If you experience problems with the process, see this message thread on the forum. The third configuration requirement probably accounts for more beginner problems with Asterisk systems than everything else combined. Read the next section carefully and do it now!

Getting Rid of One-Way Audio. There are some settings you’ll need to add to /etc/asterisk/sip_custom.conf if you want to have reliable, two-way communications with Asterisk: nano -w /etc/asterisk/sip_custom.conf. The entries depend upon whether your Internet connection has a fixed IP address or a DHCP address issued by your provider. In the latter case, you also need to configure your router to support Dynamic DNS (DDNS) using a service such as dyndns.org. If you have a fixed IP address, then enter settings like the following using your actual public IP address and your private IP subnet:

externip=180.12.12.12
localnet=192.168.1.0/255.255.255.0      (NOTE: The first 3 octets need to match your private IP addresses!)

If you have a public address that changes and you’re using DDNS, then the settings would look something like the following:

externhost=myserver.dyndns.org
localnet=192.168.0.0/255.255.255.0      (NOTE: The first 3 octets need to match your private IP addresses!)

Once you’ve made your entries, save the file: Ctrl-X, Y, then Enter. Reload Asterisk: amportal restart. If you assigned a permanent IP address, reboot your server: shutdown -r now.

Getting Your Machine Up to Date. Tom King, one of our lead developers, has gone to great pains to make it easy for you to always have a current system. All you have to do is type a few commands, but you do have to type them. So do it now! After logging in as root, type update-scripts to get the latest PBX in a Flash scripts installed on your system. This doesn’t run them, it merely makes them available for you to run them. Once you complete this step, you can always review the latest scripting options by typing help-pbx. Now run update-fixes to apply the latest patches to your PBX in a Flash system. When it completes, you’re up to date. If you want the latest version of Asterisk, it’s easy! Just run update-source.

Activating Email Delivery of Voicemail Messages. We’ve previously shown how to configure systems to reliably deliver email messages whenever a voicemail arrives unless your ISP happens to block downstream SMTP mail servers. Here’s the link in case you need it. As it happens, you really don’t have to use a real fully-qualified domain name to get this working. So long as the entry (such as pbx.dyndns.org) is inserted in both the /etc/hosts file and /etc/asterisk/vm_general.inc with a matching servermail entry of vm@pbx.dyndns.org (as explained in the link above), your system will reliably send emails to you whenever you get a voicemail if you configure your extensions in freePBX to support this capability. You can, of course, put in real host entries if you prefer. For 90% of the systems around the world, if you just want your server to reliably e-mail you your voicemail messages, make line 3 of /etc/hosts look like this with a tab after 127.0.0.1 and spaces between the domain names:

127.0.0.1     pbx.dyndns.org pbx.local pbx localhost.localdomain localhost

And then make line 6 of /etc/asterisk/vm_general.inc look like the following:

serveremail=voicemail@pbx.dyndns.org

Now issue the following two commands to make the changes take effect:

service network restart
amportal restart

The command "setup-mail" can be used from the Linux prompt to set the fully-qualified domain name (FQDN) of the mail that is sent out from your server. This may help mail to be delivered from the PBX. One of things mail servers do to reduce spam is to do a reverse lookup on where the mail has come from, checking that there is actually a mailserver at the other end. You can only do this if you have set up dynamic DNS or if you have pointed a hostname at your fixed IP address. Once you have done this, and assuming your ISP is cooperative, then you will receive your voicemails via email if you wish (this is set within FreePBX),and your PBX will email you when FreePBX needs an update. You set this feature in FreePBX General Settings.

If your hosting provider blocks downstream SMTP servers to reduce spam, here’s a link on the PBX in a Flash forum to get you squared away.

Setting Passwords and Other Stuff. While logged into your server as root, you can configure many of the ‘lesser’ passwords on your system (i.e. those passwords with less than root privileges) as well as phones, ZAP hardware, and other goodies. The only command you have to remember is help-pbx. Be aware that there are four different usernames and passwords that are enforced in the web interface to your PBX:

maint... to go everywhere
wwwadmin... for users needing FOP and MeetMe access
meetme... for users needing only MeetMe access
FreePBX... default username:password for admin access is admin:admin

There also is an Administration password you can set in the KennonSoft UI that displays when you point a browser to the IP address of your server. Do NOT use the same password here as it is not overly secure.

Configuring WebMin. WebMin is the Swiss Army Knife of Linux. It provides TOTAL access to your system through a web interface. Search Nerd Vittles for webmin if you want more information. Be very careful if you decide to enable it on the public Internet. You do this by opening port 9001 on your router and pointing it to the private IP address of your PBX in a Flash server. Before using WebMin, you need to set up a username and password for access. From the Linux prompt while logged in as root, type the following command where admin is the username you wish to set up and foo is the password you’ve chosen for the admininstrator account. HINT: Don’t use admin and foo as your username and password for WebMin unless you want your server trashed!

/usr/libexec/webmin/changepass.pl /etc/webmin root password

To access WebMin on your private network, go to http://192.168.0.123:9001 where 192.168.0.123 is the private IP address of your PBX in a Flash server. Then type the username and password you assigned above to gain entry. To stop WebMin: /etc/webmin/stop. To start WebMin: /etc/webmin/start. For complete documentation, go here.

Updating and Configuring FreePBX. FreePBX is installed as part of the PBX in a Flash implementation. This incredible, web-based tool provides a complete menu-driven user interface to Asterisk. The entire FreePBX project is a model of how open source development projects ought to work. And having Philippe Lindheimer’s as the Captain of the Ship is just icing on the cake. All it takes to get started with FreePBX is a few minutes of configuration, and you’ll have a functioning Asterisk PBX complete with voicemail, music on hold, call forwarding, and a powerful interactive voice response (IVR) system. There is excellent documentation for FreePBX which you should read at your earliest convenience. It will answer 99% of your questions about how to use and configure FreePBX. For the one percent that is not covered in the Guide, visit the FreePBX Forums which are frequented regularly by the FreePBX developers. Kindly post FreePBX questions on their forum rather than the PBX-in-a-Flash Forum. This helps everybody. Now let’s get started.

NOTE: PBX in a Flash comes with the IPtables firewall enabled on your system. If this causes problems with access to the FreePBX repository (for loading the FreePBX updates below), you can easily (and temporarily) turn off the firewall. Type help-pbx for assistance. Don’t forget to restart the firewall especially if your system has any Internet exposure!

Now move to a PC or Mac and, using your favorite web browser, go to the IP address you deciphered above for your new server. Be aware that FreePBX has a difficult time displaying properly with IE6 and IE7 and regularly blows up with older versions of Safari. Be safe. Use Firefox. From the PBX in a Flash Main Menu in your web browser, click on the Administration link and then click the FreePBX button. The username and password both default to admin. Click Apply Configuration Changes, Continue with Reload, and then Refresh your browser screen. Now click the Module Administration option in the left frame once FreePBX loads. Now click Check for Updates online in the upper right panel. Next, click Download All which will select every module for download and install. The important step here is to move down the list and Deselect Speed Dials and PHPAGI from the download and install options. You may also want to deselect Zork. Once these apps have been deselected, scroll to the bottom of the page and click Process, then Confirm, then Return once the apps are downloaded and installed, then Apply, then Continue with Reload. Now repeat the process once more and do not deselect the two applications, then Process, Confirm, Return, Apply Config Changes, and Continue with Reload. Finally, scroll down the Modules listing until you get to the Maintenance section. Click on each of the following and choose Install: ConfigEdit, Sys Info, and phpMyAdmin. Then click Process, then Confirm, then Return once the apps are downloaded and installed, then Apply, then Continue with Reload. All three of these tools now are installed in the Maintenance section of the Tools tab of FreePBX. One final step, and you’re good to go. An update of FreePBX has been released. Click Check for Updates online. Then choose Download and Upgrade for the Core, FreePBX Framework, and System Dashboard modules. Then click Process, then Confirm, then Return once the apps are downloaded and installed, then Apply, then Continue with Reload. You now have an up-to-date version of FreePBX. You’ll need to repeat the drill every few weeks as new updates are released. This will assure that you have all of the latest and greatest software. To change your Admin password, click on the Setup tab in the left frame, then click Administrators, then Admin in the far right column, enter a new password, and click Submit Changes, Apply Configuration Changes, and Continue with reload. We’re going to be repeating this process a number of times in the next section so… when instructed to Save Your Changes, that means "click Submit Changes, Apply Configuration Changes, and Continue with reload."

Choosing Internet Telephony Hosting Providers for Your System. Before you can place calls to users outside your system or to receive incoming calls, you’ll need at least one provider (each) for your incoming phone number (DID) and incoming calls as well as a provider for your outbound calls (terminations). We have a list of some of our favorites here, and there are many, many others. Within a few weeks, we also will have some providers that will offer you some free minutes for trying their service with PBX in a Flash. You basically have two choices with most providers. You can either pay as you go or sign up for an all-you-can-eat plan. Most of the latter plans also have caps on minutes, and there are none of the latter plans for business service. In the U.S. market, the going rate for pay as you go service is about 1.5¢ per minute rounded to the tenth of a minute. The best deal on DIDs is from les.net. They charge $3.99 a month for a DID with unlimited, free incoming calls. We will have a free offer from les.net for PBX in a Flash users shortly. Another new provider with excellent service and per minute rates is Aretta Communications out of Atlanta. They also have agreed to co-host our ISO downloads for the U.S. East Coast. Thanks, Aretta! WARNING: Before you sign up for any all-you-can-eat plan, do some reading about the service providers. Some of them are real scam artists with backbilling and all sorts of unconscionable restrictions. You need to be careful. Our cardinal rule in the VoIP Wild West is never, ever entrust your entire PBX to a single hosting provider. As Forrest Gump would say, "Stuff happens!" And life’s too short to have dead telephones, even if it’s a rarity.

Setting Up FreePBX to Make Your First Call. There are four components in FreePBX that need to be configured before you can place a call or receive one from outside your PBX in a Flash system. So here’s FreePBX for Dummies in less than 50 words. You need to configure Trunks, Extensions, Outbound Routes, and Inbound Routes. Trunks are hosting provider specifications that get calls delivered to and transported from your PBX to the rest of the world. Extensions are internal numbers on your PBX that connect your PBX to telephone hardware or softphones. Inbound Routes specify what should be done with calls coming in on a Trunk. Outbound Routes specify what should be done with calls going out to a Trunk. Everything else is basically fluff.

Trunks. When you sign up with most of the better ITHP’s that support Asterisk, they will provide documentation on how to connect their service with your Asterisk system. If they have a trixbox tutorial, use that since it also used FreePBX as the web front end to Asterisk. Here’s an example from les.net. And here’s the Vitelity support page although you will need to set up an account before you can access it. We also have covered the setups for a number of providers in previous articles. Just search the Nerd Vittles site for the name of the provider you wish to use. You’ll also find many Trunk setups in the trixbox Trunk Forum. Once you find the setup for your provider, add it in FreePBX by going to Setup, Trunks, Add SIP Trunk. Our AxVoice setup (which is all entered in the Outgoing section with a label of axvoice) looks like this with a Registration String of yourusername:yourpassword@sip.axvoice.com:

allow=ulaw
authname=yourusername
canreinvite=no
context=all-incoming
defaultip=sip.axvoice.com
disallow=all
dtmfmode=inband
fromdomain=sip.axvoice.com
fromuser=yourusername
host=sip.axvoice.com
insecure=very
nat=yes
secret=yourpassword
type=friend
user=phone
username=yourusername

And our Vitelity Outbound Trunk looks like the following (labeled vitel-outbound) with no registration string:

allow=ulaw&gsm
canreinvite=no
context=from-pstn
disallow=all
fromuser=yourusername
host=outbound1.vitelity.net
secret=yourpassword
sendrpid=yes
trustrpid=yes
type=friend
username=yourusername

Extensions. Now let’s set up a couple of Extensions to get you started. A good rule of thumb for systems with less than 50 extensions is to reserve the IP addresses from 192.x.x.201 to 192.x.x.250 for your phones. Then you can create extension numbers in FreePBX to match those IP addresses. This makes it easy to identify which phone on your system goes with which IP address and makes it easy for end-users to access the phone’s GUI to add bells and whistles. To create extension 201 (don’t start with 200), click Setup, Extensions, Generic SIP Device, Submit. Then fill in the following blanks leaving the defaults in the other fields for the time being.

User Extension ... 201
Display Name ... Home
Outbound CID ... [your 10-digit phone number if you have one; otherwise, leave blank]
Emergency CID ... [your 10-digit phone number for 911 ID if you have one; otherwise, leave blank]
Device Options
secret ... 123884
dtmfmode ... rfc2833
Voicemail & Directory ... Enabled
voicemail password ... 123884
email address ... yourname@yourdomain.com [if you want voicemail messages emailed to you]
pager email address ... yourname@yourdomain.com [if you want to be paged when voicemail messages arrive]
email attachment ... yes [if you want the voicemail message included in the email message]
play CID ... yes [if you want the CallerID played when you retrieve a message]
play envelope ... yes [if you want the date/time of the message played before the message is read to you]
delete Vmail ... yes [if you want the voicemail message deleted after it's emailed to you]
vm options ... callback=from-internal [to enable automatic callbacks by pressing 3,2 after playing a voicemail message]
vm context ... default

Now create several more extensions using the template above: 202, 203, 204, and 205 would be a good start. Keep the passwords simple, but secure! You’ll need them whenever you configure your phone instruments.

Outbound Routes. The idea behind multiple outbound routes is to save money. Some providers are cheaper to some places than others. We’re going to skip that tutorial today. You can search the site for lots of information on choosing providers. Assuming you have only one or two for starters, let’s just set up a default outbound route for all your calls. Using your web browser, access FreePBX on your server and click Setup, Outbound Routes. Enter a route name of Everything. Enter the dial patterns for your outbound calls. In the U.S., you’d enter something like the following:

1NXXNXXXXXX
NXXNXXXXXX

Click on the Trunk Sequence pull-down and choose your providers in the order you’d like them to be used for outbound calls.Click Submit Changes and then save your changes. Note that a second choice in trunk sequence only gets used if the calls fails to go through using your first choice. You’ll notice there’s already a 9_outside route which we don’t need. Click on it and then choose Delete Route 9_outside. Save your changes.

Inbound Routes. We’re also going to abbreviate the inbound routes tutorial just to get you going quickly today. The idea here is that you can have multiple DIDs (phone numbers) that get routed to different extensions or ring groups or departments. For today, we recommend you first build a Ring Group with all of the extension numbers you have created. Once you’ve done that, choose Inbound Routes, leave all of the settings at their default values and move to the Set Destination section and choose your Ring Group as the destination. Now click Submit and save your changes. That will set up a default incoming route for your calls. As you add bells and whistles to your system, you can move the Default Route down the list of priorities so that it only catches calls that aren’t processed with other inbound routing rules.

General Settings. Last, but not least, we need to enter an email address for you so that you are notified when new FreePBX updates are released. Scroll to the bottom of the General Settings screen after selecting it from the left panel. Plug in your email address, click Submit, and save your changes. Done!

Tom King now has put together a detailed tutorial complete with screenshots to get you started with PBX in a Flash. If you are installation-challenged, have a look at the pretty pictures.

Adding Plain Old Phones. Before your new PBX will be of much use, you’re going to need something to make and receive calls, i.e. a telephone. For today, you’ve got several choices: a POTS phone, a softphone, or a SIP phone. Option #1 and the best home solution is to use a Plain Old Telephone or your favorite cordless phone set (with 8-10 extensions) if you purchase a little device (the size of a pack if cigs) known as a Sipura SPA-1001. It’s under $60. Be sure you specify that you want an unlocked device, meaning it doesn’t force you to use a particular service provider. Once you get it, plug the SPA-1001 into your LAN, and then plug your phone instrument into the SPA-1001. Your router will hand out a private IP address for the SPA-1001 to talk on your network. You’ll need the IP address of the SPA-1001 in order to configure it to work with Asterisk. After you connect the device to your network and a phone to the device, pick up the phone and dial ****. At the voice prompt, dial 110#. The Sipura will tell you its DHCP-assigned IP address. Write it down and then access the configuration utility by pointing your web browser to that IP address.

Once the configuration utility displays in your web browser, click Admin Login and then Advanced in the upper right corner of the web page. When the page reloads, click the Line1 tab. Scroll down the screen to the Proxy field in the Proxy and Registration section of the form. Type in the private IP address of your Asterisk system which you wrote down previously. Be sure the Register field is set to Yes and then move to the Subscriber Information section of the form. Assuming your extensions were set up starting with 201, do the following. Enter House Phone as the Display Name. Enter 201 as the User ID. Enter 1234 as the Password, and set Use Auth ID to No. Click the Submit All Changes button and wait for your Sipura to reset. In the Line 1 Status section of the Info tab, your device should show that it’s Registered. You’re done. Pick up the phone and dial 1234# to test it out.

Downloading a Free Softphone. Unless you already have an IP phone, the easiest way to get started and make sure everything is working is to install an IP softphone. You can download a softphone for Windows, Mac, or Linux from CounterPath. Or download the pulver.Communicator or the snom 360 Softphone which is a replica of perhaps the best IP phone on the planet. Here’s another great SIP/IAX softphone for all platforms that’s great, too, and it requires no installation: Zoiper 2.0 (formerly IDEfisk). All are free! Just install and then configure with the IP address of your PBX in a Flash server. For username and password, use one of the extension numbers and passwords which you set up with freePBX. Once you make a few test calls, don’t waste any more time. Buy a decent SIP telephone. We think the best value in the marketplace with excellent build quality and feature set (but probably not the best sound quality) is the $79 GrandStream GXP-2000. It has support for four lines, speaks CallerID numbers, has a lighted display, and can be configured for autoanswer with a great speakerphone. Some other great choices are the Aastra 9133i and the Siemans Cordless Dect phone. Do some reading before you buy. The Voxilla forums are a good place to start.

A Word About Ports. For the techies out there that want "the rest of the story" to properly configure firewalls, here’s a list of the ports available and used by PBX in a Flash:

TCP 80 - HTTP
TCP 9080 - Duplicate HTTP
TCP 22 - SSH
TCP 9022 - Duplicate SSH
TCP 9001 - WebMin
UDP 10000-20000 - RTP
UDP 5004-5082 - SIP
UDP 4569 - IAX2
UDP 2727 - Media Gateway

A2Billing Installation. Our first example of how we plan to build up PBX in a Flash systems is the installation script for A2Billing. If you want A2Billing installed on your system, then log in as root and type install-a2billing. If you don’t want A2Billing, then you don’t download or run the script. When you return to the main web page for your server after installing A2Billing, you will have two new links for A2Billing customers and A2Billing admin. You will have to install the callback funtionality manually from the docs supplied in the install. A2Billing was created by Areski, who some of you may know was responsible for Web MeetMe, ConfigEdit, and the CDR reports included with FreePBX. A2Billing is sufficiently comprehensive that it warrants an article on its own, so we will save that for another day. Some of the projects we will be looking into are how to pass calls from FreePBX to A2Billing for least-cost routing, departmental billing services, building a calling card server, and a VoIP termination platform. Then you can change your name to Ma Bell and start selling minutes to all the people for whom you have installed PBX-in-a-Flash. If you can’t wait, visit asterisk2billing.org.

Where To Go From Here. Our new script repository is now up and running at pbxinaflash.org. Tom King, the ultimate scripting guru is managing that site. So check it often. And now that PBX in a Flash 1.1 is out the door, we’ve been chomping at the bit to get all of our Nerd Vittles Goodies ported over. If you want to try them for yourself, seven are ready today at this link, and each installs in under 15 seconds: AsteriDex, Yahoo News Headlines, Weather by Airport Code, Weather by Zip Code, Worldwide Weather Forecasts, Telephone Reminders, and MailCall for Asterisk. Complete documentation for each application also is provided at the link above. And, if you still have a DBT-120 Bluetooth adapter, you’ll be happy to learn that it works out-of-the-box with PBX in a Flash on your new Everex Green PC. Dust off our recent article on Proximity Detection, and you should be in business in under 10 minutes.

For Those on the Bleeding Edge. Well, you heard it here first. As you may know, the new Asterisk 1.6 beta was released late last week on the heels of the FreePBX 2.4 beta which has been reworked to support it. Do you need to pull your hair out for days or wait months for a turnkey build? Well, no. You can download the new PBX in a Flash 1.6 Install Script today. Just don’t expect any tech support or assistance from the PBX in a Flash development team. Your dialogue on this project needs to be directly with the Asterisk 1.6 development team. What we are providing is a turnkey solution for those that are eager to experiment. Enjoy!


blankFreePBX Training Almost Sold Out! We’re excited about the upcoming FreePBX Training Seminar, and today we want to remind the foot-draggers that you’ve almost missed the boat. And, yes, in addition to some fantastic training and the fine cuisine of Charleston, you’re going to be treated to some once-in-a-lifetime hardware deals on the very finest Asterisk-compatible hardware cards and servers for your business. So sign up today and join the fun. This will be the hands-down very best Asterisk and FreePBX training course that money can buy.

This is a DON’T MISS opportunity to learn everything you ever wanted to know about FreePBX, Asterisk, and Linux. The course will cover IVRs, ACDs, IRQs, E911, and the rest of the alphabet as well as routing, trunking, dialplan integration, remote office configuration, echo cancellation, TDM hardware, gateways, IP phones. It’s a very full, three-day course with a half day devoted to branding and selling Asterisk systems. The seminar is being held at one of Charleston’s premier hotels, the Embassy Suites Historic Charleston, with gorgeous suites, swimming pool and exercise room, free WiFi, free breakfasts, and free cocktails every evening. There also will be evening sessions to sit down one-on-one with the FreePBX and PBX in a Flash developers with ample assistance from the quintessential Asterisk development tools: beer and whiskey!


Some Recent Nerd Vittles Articles of Interest…