Archive

Archive for the ‘Asterisk’ Category

Using pfsense with remote sip phones

January 20, 2010 3 comments

pfsense by default only allows one sip registration to be active at a time on a protected LAN. The siproxd extension allows multiple phones to coexist happily, but it is a little confusing to set up. Here is what works the best from my testing:
Firewall: Rules: WAN = none for SIP or RTP

Firewall: NAT: Port Forward = none

Firewall: NAT: Outbound = Manual Outbound NAT, using default rule with NO Static Port mapping

Reboot the pfsense machine

UPDATE: siproxd is not necessary for multiple sip reigsrations to work! The above should be adequate.

Install the siproxd package from the System:Package Manager page on the pfsense admin page.

Services: siproxd: Settings = Inbound to LAN, Outbound to WAN, Port to 5060. Expedited Forwarding on.

Reboot the pfsense machine

I am including some screenshots to help.

Click on the “e” to edit the rule.

siproxd settings:

Categories: Asterisk, networking, pfsense

IPCOP traffic shaping for simple, effective qos

August 4, 2009 Leave a comment

Using the default traffic shaper works really well for simple qos needs. Set your defined rtp ports (e.g. udp 3000 and 3001) and udp 5060 and udp 4569 as high priority. Add any offending traffic (e.g. gotomeeting at udp 8200) as low or medium. Takes about 5 minutes and works like a charm!

Categories: Asterisk, ipcop, networking, VoIP

Fresh gnudialer install on CentOS 5

November 5, 2008 Leave a comment
# do a CentOS 5 install 
# deselect Office Productivity
# select Developement
# select Web Server
# disable selinux  (this is a MUST do)
# reboot
#

#
#rpm --import /usr/share/rhn/RPM-GPG-KEY-fedora

yum -y update
updatedb

yum -y install joe
yum -y install screen
yum -y install kernel-devel
yum -y install cdrecord
yum -y install mkisofs
yum -y install libidn
yum -y install libgcj
yum -y install bison
yum -y install libtermcap
yum -y install libtermcap-devel
yum -y install newt
yum -y install newt-devel
yum -y install ncurses
yum -y install ncurses-devel
yum -y install openssl
yum -y install openssl-devel
updatedb

service httpd start

cd /usr/src

yum -y install mysql.i386
yum -y install mysql-server
yum -y install mysql-devel

service mysqld start
wget http://www.dynx.net/ASTERISK/gnudialer/easy_setup/create_tables.sql
mysql -uroot < create_tables.sql

# CHANGE THIS
mysqladmin -uroot password '~somepassword'

service httpd start

#wget http://prdownloads.sourceforge.net/webadmin/webmin-1.350-1.noarch.rpm
#rpm -i webmin-1.350-1.noarch.rpm

cd /usr/src

wget http://downloads.digium.com/pub/asterisk/releases/asterisk-1.2.24.tar.gz
tar zxfv asterisk-1.2.24.tar.gz
wget http://downloads.digium.com/pub/asterisk/releases/asterisk-addons-1.2.8.tar.gz
tar zxfv asterisk-addons-1.2.8.tar.gz
wget http://downloads.digium.com/pub/libpri/releases/libpri-1.2.6.tar.gz
tar zxfv libpri-1.2.6.tar.gz
wget http://downloads.digium.com/pub/zaptel/releases/zaptel-1.2.22.tar.gz
tar zxfv zaptel-1.2.22.tar.gz

cd /usr/src/libpri-1.2.6
make clean
make
make install

cd /usr/src/zaptel-1.2.22
make clean
make
make install
make config

cd /usr/src/asterisk.1.2.24
make mpg123
make clean
make
make install
make samples
/usr/sbin/safe_asterisk

yum -y install subversion
cd /usr/src
svn checkout http://dynx.net/svn/gnudialer-puff/trunk gnudialer-puff
cd gnudialer-puff
make clean
make
make install
make reload

cd /usr/src/gnudialer-puff/astcrm-1.1.6
wget http://www.dynx.net/ASTERISK/gnudialer/java/j2sdk-1_4_2_08-linux-i586.rpm
rpm -i j2sdk-1_4_2_08-linux-i586.rpm
export PATH=$PATH:/usr/java/j2sdk1.4.2_08/bin
export CLASSPATH=$CLASSPATH:.
make clean
make
make install

# remember you need to still read all the /usr/src/gnudialer-puff/README's and INSTALL 
# remember you need to still read all the /usr/src/gnudialer-puff/astcrm-1.1.6/README's and INSTALL
# you need to do this because you MUST change the user/pass in various areas, 
# or use the defaults if you are UNSURE whats needs to change.

Original File
Categories: Asterisk, linux, Software

hudlite server password

October 9, 2008 Leave a comment

It is pretty easy to find the server password for hudlite if you don’t have it.

Connect via ssh to to the server

issue the following command:

ps aux | grep hud
The password is returned on the line with the ./hudlite-server process

From the fonality knowledgebase.

IAX2 trunking trixbox Pro servers

September 7, 2008 2 comments

This is to complement my most popular post, from 2 years ago, which is about trunking two freePBX servers. It is even easier to trunk two trixbox Pro servers and set up 4 digit dialing.

Example:

server 1 ID: 1231000  has 7xxx extensions. Extensions dialed 6xxx will go to server 2

server 2 ID: 3212000 has 6xxx extensions. Extensions dialed 7xxx will go to server 1

Substitute your server ID numbers where applicable

SERVER 1 SETTINGS:

From server 1 control panel, go to the Options:voip page. Add a voip account with the following settings:

Provider: Other, IAX2

Route Name: 3212000

Username: leave blank

Password: leave blank

Register: No

Server: s3212000x.trixbox.fonality.com

Click Add Voip Account, and acknowledge the dire warning.

go to the Options:dial plan page.

Add a new dial plan:

Prefix: 6

dial string: xxx

Description and Type: optional

Route: VoIP: 3212000

Strip Digits: 0

Prepend: 000 (VERY IMPORTANT)

Click Add Dial Plan

SERVER 2 SETTINGS:

From server 2 control panel, go to the Options:voip page. Add a voip account with the following settings:

Provider: Other, IAX2

Route Name: 1231000

Username: leave blank

Password: leave blank

Register: No

Server: s1231000x.trixbox.fonality.com

Click Add Voip Account, and acknowledge the dire warning.

go to the Options:dial plan page.

Add a new dial plan:

Prefix: 7

dial string: xxx

Description and Type: optional

Route: VoIP: 1231000

Strip Digits: 0

Prepend: 000 (VERY IMPORTANT)

Click Add Dial Plan

You now should have 4 digit dialing between servers.

Categories: Asterisk

trixbox Pro, DNS, and internet outages – what I have learned from my pain

August 29, 2008 Leave a comment

With the floods here in Iowa this summer I suddenly had several customers with no internet connections. I expected voip trunks to not work, but several of them also were losing registration on all their phones. I thought I had understood how to set up DNS properly, but I did not quite have it.

Here’s the best formula as I understand it:

Have your gateway use a valid public DNS server.
Have the trixbox Pro server use the gateway as the primary DNS, and a public DNS server as the secondary DNS
Have the phones use the trixbox Pro server as their only DNS.

One thing that drove me about insane was my sandbox server was on a cheap netgear router. I guess cheap routers can’t be counted on to function properly at all without a WAN link. I could unplug the WAN link and within a minute the phones would lose registration, even with everything else set up correctly. Today I put an IPCOP firewall on the sandbox network and everything functions exactly like it should without the WAN link.

A Linksys WRT54G loses registrations at intervals but keeps the trixbox Pro system marginally functional. A Linksys WRTT54G with DD-WRT firmware functions properly, though.

A related problem with VERY similar symptoms:
Having a SIP trunk with a FQDN will cause all phones to unregister in the event of an internet outage. Changing to a straight IP address removes that problem. I guess that is an asterisk bug.

1:1 NAT (SNAT) with IPCop or other IPTables firewalls.

November 27, 2007 Leave a comment

This could be needed for any number of reasons, but I needed to do this to have two trixbox Pro servers live next to each other on the same LAN behind an IPCop firewall. They were reporting back the same IP address to the hybrid hosting source, so inbound connections to both were routing to the one server. Normally this is remedied manually by changing the externip in sip.conf, but that is set automatically with trixbox pro, and not an option.

You need to log into the firewall at the console or via ssh. You need to comment out one line to disable masquerading, and add a few more in its place:

nano /etc/rc.d/rc.firewall

#Individual machine on GREEN
/sbin/iptables -t nat -A POSTROUTING -s 10.0.1.99 -j SNAT --to-source 1.2.3.5
#all other machines on GREEN
/sbin/iptables -t nat -A POSTROUTING -s 10.0.1.0/24 -j SNAT --to-source 1.2.3.4
#all other machines on ORANGE
/sbin/iptables -t nat -A POSTROUTING -s 10.0.2.0/24 -j SNAT --to-source 1.2.3.4
#DISABLE MASQUERADE
# /sbin/iptables -t nat -A REDNAT -o $IFACE -j MASQUERADE