Asterisk@Home Handbook Wiki Chapter 0 About the Project o 0.1 Please Donate!!! o 0.2 Project Manager o 0.

3 Handbook & Documentation Editor o 0.4 Handbook Wishlist (Please enter your requests here) o 0.5 The problem with writing/editing this Handbook. o 0.6 Everyone is encouraged to edit this Handbook. o 0.7 Liability Disclaimer Asterisk@Home Handbook Wiki Chapter 1 Introduction to Asterisk@Home o 1.1 What is Asterisk o 1.2 What is Asterisk@Home o 1.3 Current list of software in Asterisk@Home. o 1.4 Licensing for Asterisk@Home o 1.5 Licensing for the Asterisk@Home Handbook Wiki o 1.6 Please do not contact Digium for support. Asterisk@Home Handbook Wiki Chapter 2 Installation of Asterisk@Home

o o o o o

2.1 2.2 2.3 2.4 2.5

o o o o

2.6 2.7 2.8 2.9

Hardware Requirements Install from an .ISO Setting up your Time Zone and/or Keybord Layout Install to an existing CentOS 4.2 system Setting up your router/firewall to work with Asterisk@Home 2.5.1 What is NAT? 2.5.2 What is a STUN Server? 2.5.3 What is SIP? 2.5.3.1 Setting up your router/firewall so Asterisk@Home can communicate with a VOIP Provider via SIP 2.5.3.2 Setting a remote router/firewall so your remote SIP phones can communicate with your Asterisk@Home Server via SIP 2.5.4 What is IAX? 2.5.4.1 Setting up your router/firewall so Asterisk@Home can communicate with a VOIP Provider or another Asterisk server via IAX through a NAT 2.5.4.2 Setting a remote router/firewall so your remote IAX phones can communicate with your Asterisk@Home Server via IAX through a NAT 2.5.5 How to deal with a constantly changing internet IP address? 2.5.5.1 What is DNS? 2.5.5.2 What is Dynamic DNS? 2.5.5.3 How do I get Dynamic DNS to work? 2.5.5.3.1 Dynamic DNS with router that has DynDNS client built in? 2.5.5.3.2 Dynamic DNS with DynDNS client running on Asterisk@Home? 2.5.5.4 How do I use Dynamic DNS with Asterisk@Home Putting your Asterisk@Home Server directly on the internet How do I know what versions of software is installed on my Asterisk@Home Server? Modifying the A@H branding to something more Corporate friendly. Quick Set Up guide. This is to assist with re installs 2.9.1 Securing Asterisk 2.9.2 Rebuilding Zaptel drivers 2.9.3 NAT configuration 2.9.4 Trunk configurations (IAX2/SIP with Telasip) 2.9.5 Outbound routing 2.9.6 Auto Attendant configurations 2.9.7 Updating Asterisk 2.9.8 VMWare Tools installation and configuration 2.9.9 Backing up, migrating and restoring

Asterisk@Home Handbook Wiki Chapter 3 Securing your Asterisk@Home server o 3.1 Giving your Asterisk@Home Server a static IP address o 3.2 Changing your default CentOS Password o 3.3 Changing your default AMP Password o 3.4 Changing your default FOP Password o 3.5 Changing your default MeetMe Password

o o o o o o o o

3.6 Changing your default System Mail Password 3.7 Changing your default Sugar CRM Password 3.8 Securing the ALT-F9 into the Asterisk CLI console #9 feature/security risk 3.9 Placing a password on the Asterisk@Home Splash page 3.10 Changing your default MySQL Password 3.11 Changing your host name 3.12 Updating patches to CentOS 3.13 Backup and restore of Asterisk@Home 3.13.1 Backup 3.13.2 Restore 3.13.3 Backup Storage

Asterisk@Home Handbook Wiki Chapter 4 Using AMP to Configure your Asterisk@Home Server o 4.1 What is AMP? o 4.2 How does AMP work? o 4.3 How to Log into AMP o 4.3 Configuring an extension o 4.4 Configuring a trunk for outbound and inbound calls o 4.5 Configuring Outbound Routing o 4.6 Configuring Incoming Calls o 4.7 Configuring the digital receptionist 4.7.1 How to connect a caller to a default extension when one is not chosen o 4.8 Trunking two Asterisk@Home Servers Asterisk@Home Handbook Wiki Chapter 5 PSTN interface cards o 5.1 FXO Cards 5.1.1 Digium Wildcard X100P OEM FXO PCI Card 5.2.1 Cisco / Linksys / Sipura SPA-3000 FXO/FXS Device o 5.2 FXS Cards 5.2.1 Digium TDM400P FXO/FXS Card o 5.3 T1/PRI Cards o 5.4 ISDN Cards 5.4.1 ISDN BRI Cards 5.4.1.1 ISDN BRI Cards with HFC chipset 5.4.1.2 ISDN BRI Cards with HFC chipset 5.4.2 ISDN PRI Cards 5.4.2.1 ISDN PRI Cards, Digium 5.4.2.2 ISDN PRI Cards, Sangoma o 5.5 Channel banks Asterisk@Home Handbook Wiki Chapter 6 VOIP Service Providers o 6.1 Free World Dialup (FWD) o 6.2 Free World Dialup OUT (FWD) o 6.3 VoicePulse o 6.4 Sixtel o 6.5 VoipJet o 6.6 MyNetfone - AUSTRALIA o 6.7 Telasip o 6.8 Exgn LLC o 6.9 Gizmo Project / SIPphone o 6.10 Iristel o 6.11 Voxee o 6.12 Gafachi o 6.13 Acanac o 6.14 Stanaphone o 6.15 Vbuzzer o 6.16 Broadvoice

Asterisk@Home Handbook Wiki Chapter 7 VOIP Phones o 7.1 Soft phones 7.1.1 X-Ten Lite 7.1.2 sipXphone 7.1.3 Express Talk 7.1.4 Yate 7.1.5 Idefisk o 7.2 Hard phones

7.2.1 Cisco 7960/7940 7.2.1.1 Setting up a Cisco phone step by step 7.2.2 Polycom 7.2.2.1 Why choose Polycom VOIP Phones? 7.2.2.2 How to get Polycom Firmware and SIP Updates 7.2.2.3 Polycom and NATS. Welcome to hell (at least as of 01/20/06) 7.2.2.4 How to use Provisioning (Central Boot Server) to deploy a fleet of Polycoms 7.2.2.4.1 Contents of the Polycom SIP update & Bootrom Zip file 7.2.2.4.2 Create an FTP site and configure your phone to connect to it 7.2.2.4.3 Updating the SIP Application and the Bootrom 7.2.2.4.4 What are those MACADDRESS-*.log files in my FTP Polycom root directory? 7.2.2.4.5 Master Configuration Files 7.2.2.4.6 Application Configuration Files 7.2.2.4.7 Contact Directory Files 7.2.2.5 Suggestions on how to setup Polycom File Provisioning 7.2.2.5.1 Suggestions on editing the sip.cfg file 7.2.2.5.2 Suggestions on editing the MACADDRESS.cfg file 7.2.2.5.3 Suggestions on editing the x1001.cfg file 7.2.2.5.4 Suggestions on Speed Dial and Company Wide Contacts Directory 7.2.2.6 Polycom Cheat Sheet 7.2.2.7 Please put in a product enhancement request at the Polycom Site

Asterisk@Home Handbook Wiki Chapter 8 Configuring and using Asterisk@Home extra features o 8.1 Conferencing 8.1.1 External access to conferences o 8.2 Weather Forecast Dialing o 8.3 DHCP server o 8.4 Flash Operator Panel (FOP) 8.4.1 Hang-up on a Call 8.4.2 Transfering a Call 8.4.3 Initiating a Call 8.4.4 How to Create a Conference o 8.5 FTP server (vsftpd) o 8.6 Cisco XML Services o 8.7 Music On Hold (mpg123) o 8.8 FAX to E-mail o 8.8.1 Fax support (SpanDSP) o 8.9 xPL o 8.10 Sugar CRM o 8.11 Festival o 8.12 Voicemail o 8.13 Connecting to your CentOS Command Line Remotely (Using SSH) o 8.14 Open A2Billing o 8.15 Bluetooth Presence Detection o 8.16 Setting up your NTP Time Server o 8.17 Changing *60 to give the exact time Asterisk@Home Handbook Wiki Chapter 9 Software that is not installed with Asterisk@Home o 9.1 Click-to-Dial using Microsoft Outlook and AstTapi 9.1.1 Download AstTapi and install it 9.1.2 Modifying the "Manager_Custom.conf" file in A@H (don't panic! this is easy!) 9.1.3 Configuring AstTapi in outlook o 9.2 H.323 add-on o 9.3 Webmin - Web Based Linux Management o 9.4 How to use Shorewall Firewall to protect your A@H Server 9.4.1 What is Shorewall 9.4.2 How do I download and Install Shorewall? 9.4.3 How do I configure Shorewall o 9.5 How to use IPCOP firewall to protect the A@H Server o 9.6 The definitive guide to Sound Card Installation A@H 2.0-2.19.7 o 9.7 The definitive guide to Sound Card Installation, configuration and usage with A@H 2.2+ o 9.8 AsteriDex o 9.9 AsteriDex II o 9.10 Qmail o 9.11 Web Admin Interface Upgrade (Admin-UI v2.0) o 9.12 NetMgr Network Bandwidth Monitoring

Asterisk@Home Handbook Wiki Chapter 10 CentOS Tips, tricks and command line help o 10.1 Helpful commands to know in CentOS o 10.2 What if I use Non-Standard Hardware? o 10.2.1 VIA EPIA 800 mhz board (586 board) Asterisk@Home Handbook Wiki Chapter 11 Chapter 11 Asterisk End User's Manual o 11.1 Asterisk's Basic Phone Feature List o 11.2 Administrative Phone Feature List Asterisk@Home Handbook Wiki Chapter 12 Web Resources Asterisk@Home Handbook Wiki Chapter 13 Consultants and Consulting Companies that support A@H o 13.1 Baldwin Technology Solutions Inc. o 13.2 Tech Data Pros o 13.3 Pibix o 13.4 Jonathan Roper o 13.5 Anteil, Inc. o 13.6 Tinnio konsulting o 13.7 HealthTech o 13.8 Dimi Telecom o 13.9 TightWire o 13.10 OFB Consulting o 13.11 Gyantec Consulting o 13.12 Memon Consulting o 13.13 Enterux Solutions

Chapter 0 About the Project Putting together an easy to use, self configured, works everytime (almost), asterisk PBX solution is not an easy task. It takes an awful lot of time and energy to successfully pull it off. If you find Asterisk@Home a worthy product, please go to our donations page and donate. Your support can help our developers continue putting out great releases.

0.1 Please Donate!!! Please visit our donations page at http://sourceforge.net/donate/index.php?group_id=123387 and contribute. To view Asterisk@Home Supporters please visit http://sourceforge.net/project/project_donations.php?group_id=123387 0.2 Project Manager The Asterisk@Home Project Manager is Andrew. His alias at SourceForge.net is Agillis. 0.3 Handbook & Documentation Editor The Asterisk@Home's Handbook and Documentation Editor is Ginel Lipan. My alias at SourceForge.net is GinelLipan. I'm a Network Admin at Kawasaki Rail Car, Inc. in Yonkers, NY. When I first stumbled onto A@H, I was completely floored. A@H is an amazing compilation of software that makes it more than the sum of its parts. Asterisk alone is highly configurable, but when you put it together into a package like Asterisk@Home did, it really goes above and beyond. Asterisk@Home has managed to deliver Asterisk to a swath of users that otherwise wouldn't of even dreamed of trying to use it (including me). Asterisk by itself tends to require a high level of command line and technical expertise. Luckily A@H covers much of the work (installing an OS, installing asterisk, installing a web based configuration tool (AMP), etc etc). On top of it all I am grateful for the Open Source Community's time and effort that has benefited us all with extremely high quality software. Without a community of contributors, the world's options would have been severely limited. Now that the 3rd World is beginning to enter into the global IT economy, open source software and its development is really set to take off. So I've decided to give back to the community by trying to put together a high quality piece of documentation that both beginners and experts can gain from. I encourage everyone to contribute to this handbook so new users can learn from our pool of collective knowledge and experience. Comments and critiques are always welcome. If you'd like to send me an email, I can be reached at . For any requests for help concerning A@H, please RTFM (Read This Fine Manual) or search our SourceForge forum. If there isn't anything in the Handbook or forum, please post your question in the forum. Next time anyone with the same problem searches the forum, they'll be able to find your question and hopefully an answer.

0.4 Handbook Wishlist (Please enter your requests here) There are just too many facets to A@H for me to be able to know what needs to go into the handbook. Please put your Handbook wishlist here so the community can see what documentation needs there are. 1. 2. 3. 4. 5. 6. 7. 8. Finish the Shorewall Instructions (based on Samy Antoun instructions at http://samyantoun.50webs.com/asterisk/firewall/firewall.htm and Work on seriously expanding the AMP instructions. Work on the SSH instructions See if IPCOP would make a better, easier to configure firewall solution than Shorewall and put up instructions on how to install it. IPCOP is really really easy and has a LOT of nice web based configuration pages. Open A2Billing Instructions and how it works Voicemail to email notification and Voicemail to email as an attachment setup instructions (so that a newbie can understand it). Anyway the voicemail to email attachment can be encoded as an MP3 instead of a wav? (smaller attachment) How to troubleshoot a problem using the software tools in AAH

0.5 The problem with writing/editing this Handbook. The problem with writing/editing this handbook is that Asterisk@Home encompasses an incredible amount of different software packages. There is a wealth of information already on the net concerning each piece of software (CentOS, Asterisk, etc). Unfortunately, it would be to easy to just send users to external web sites and have them find the information they're looking for. But what happens when those links no longer work? That's why the editors of this handbook will do their best to concisely explain instructions and information even though it may be a repeat of information already offered elsewhere. The handbook may grow fairly large because of this but at least all the information will be in one place and not scattered around. What it comes down to is the fact that you will be able to use this Handbook for a handful of other things that may have only a little to do with Asterisk@Home (example: Dynamic DNS information, using a DHCP server with CentOS, etc). I will do my best to make sure all the information you need to use Asterisk@Home is here in this handbook without having to send you to half a dozen other web sites to figure things out. 0.6 Everyone is encouraged to edit this Handbook. This Handbook cannot exist without a community effort. If you see places in the handbook that needs editing for clarification or just adding additional information, don't hesitate to add it. This way the Handbook can gain from all of our experience and evolve into a great resource for everyone. This Handbook should be the FIRST thing users read when installing Asterisk@Home instead of searching around the net for bits and pieces of information and how-to's. 0.7 Liability Disclaimer The authors/editors of this handbook are NOT responsible for any damage done to your system for following its instructions. Since this is a wiki, it has been edited by hundreds of people and the filtering out of mistakes is simply impossible. Do not follow this handbook blindly. Understand what is taking place and make an informed decision when messing around with your hardware/software. Chapter 1 Introduction to Asterisk@Home 1.1 What is Asterisk

According to the Wikipedia http://en.wikipedia.org/wiki/Asterisk_PBX Asterisk is an open source software implementation of a telephone private branch exchange (PBX). Like any PBX, it allows a number of attached telephones to make calls to one another, and to connect to other telephone services including the PSTN. "Its name comes from the asterisk symbol, *, which in UNIX (including Linux) and DOS environments represents a wildcard, matching any filename." Asterisk is free software, released under the GNU General Public License (GPL). Mark Spencer of Digium originally created Asterisk and remains its primary maintainer; dozens of other programmers have contributed features and functionality. Originally designed for the Linux operating system, Asterisk now also runs on OpenBSD, FreeBSD, Mac OS X, Sun Solaris, and Microsoft Windows, although as the "native" platform, Linux is the best-supported of these. The basic Asterisk software includes many features previously only available in expensive proprietary PBX

systems voice mail, conference calling, interactive voice response (phone menus), and automatic call distribution. Users can create new functionality by writing dial plan scripts in Asterisk's own language, by adding custom modules written in C, or by writing Asterisk Gateway Interface scripts in Perl or other languages. To attach ordinary telephones to a Linux server running Asterisk, or to connect to PSTN trunk lines, the server must be fitted with special hardware. (An ordinary modem will not suffice.) Digium and a number of other firms sell PCI cards to attach telephones, telephone lines, T1 and E1 lines, and other analog and digital phone services to a server. Perhaps of more interest to many deployers today, Asterisk also supports a wide range of Voice over IP protocols, including SIP and H.323. Asterisk can interoperate with most SIP telephones, acting both as registrar and as a gateway between IP phones and the PSTN. Asterisk developers have also designed a new protocol, IAX, for efficient trunking of calls among Asterisk PBXes. By supporting a mix of traditional and VoIP telephony services, Asterisk allows deployers to build new telephone systems efficiently, or gradually migrate existing systems to new technologies. Some sites are using Asterisk servers to replace aging proprietary PBXes; others to provide additional features (such as voice mail or phone menus) or to cut costs by carrying long-distance calls over the Internet (toll bypass).

1.2 What is Asterisk@Home

Asterisk@Home was created to make installing Asterisk easy. Experimenting with Asterisk should be fun and not take hours, days or asterisk experts to set up. Don't let the name Asterisk@Home fool you either. Asterisk@Home contains the full version of asterisk and other pre-configured software that makes this self installing/configuring CD a fully functional PBX upon installation. Ward Mundy's Nerd Vittles site quoted someone from Voxilla who put it nicely: Why Use Asterisk@Home and Not Roll Your Own? One of our favorite pundits on Voxilla summed it up this way: After using Asterisk@Home for three months, we havent found a single thing we couldnt do that someone with a roll-your-own version of Asterisk could. Asterisk@Home is not crippled in any way. In fact, its just the opposite. Its not only full-blown Asterisk but its also AMP (Asterisk Management Panel, think of it as PHPmyAdmin for Asterisk) plus functioning music on hold (just try to get it working on a vanilla Linux box!) plus voice support for any speech application you can dream up plus a Flash Operator Panel plus ring groups plus calling queues plus conferencing plus DID routing plus SQL-compliant Call Detail Reporting plus SugarCRM contact management with integrated dialing plus SpanDSP fax support plus Microsoft Outlook TAPI integration with a Microsoft TAPI gateway (that works!) plus Apache, PHP, SSH, SFTP, sendmail, Web Mail, and MySQL integration plus Cisco XML support (to load your contact management info into your Cisco IP phones) plus xPL for Home Automation plus H.323 NetMeeting support plus turnkey support for SIP, IAX2, auto-configuring ZAP channels, and ENUM. What we have found is that we can implement solutions for clients in a couple of minutes or hours that would have taken weeks or months to learn to do had we gone the roll-your-own route. That includes building IVR and AutoAttendant solutions literally in minutes, supporting five or more VoIP providers and numerous departments each with numerous phones of all flavors, implementing complex dialing rules, remote phone access, voicemail with email and SMS alerts, and out-of-the-box support for virtually every 3-digit calling feature provided by local Baby Bells. Are there folks that want to master calling plans, extension syntax, contexts, Linux, Apache, sendmail, MySQL, PHPmyAdmin, WebMin, Web Mail, Asterisk and all its add-ons plus Linux dependency hell? Absolutely. But Asterisk@Home doesnt preclude your using anything you learn. It just gives you an incredible, leveraged head start. Asterisk@Home is a deceptive moniker. Its not stripped-down, crippled, or condensed in any way. Quite the contrary, its Asterisk on Steroids, plain and simple. Worked great for Major League Baseball, didnt it? Some people, however, have complained over the name of the project. It IS possible that using this product would be difficult --if only decision makers at a company don't take well to installing their mission critical PBX by the name "Asterisk@Home". No big deal. Please read the part of the wiki that explains how to change the associated gifs and jpgs to something more "Corporate" or "Clueless Manager/Executive Friendly". Remember, this is an open source project. You cannot pull this off with Avaya or Cisco equipment. You can edit the A@H source as much as you like to meet your needs.

1.3 Current list of software in Asterisk@Home The software that is currently installed as of Asterisk@Home version 2.7 (03/13/06) is:

Asterisk (1.2.5) - http://www.asterisk.org/ An open source software implementation of a telephone private branch exchange (PBX). A PBX connects one or more telephones on one side to one or more telephone lines on the other side. A good example of this is a small company with 100 internal telephones sharing 20 outgoing/incoming telephone lines. A PBX can be more cost effective then having 100 direct telephone lines. AMP (1.10.010) - http://www.coalescentsystems.ca - Asterisk Management Panel is a web based GUI that allows you to easily manage Asterisk without having to edit sometimes complicated text configuration files. This package can really make a difference in learning and configuring asterisk easily. Flash Operator Panel (023.001) - http://www.asternic.org/ - Flash Operator Panel is a switchboard type application for the Asterisk PBX. It runs on a web browser with the flash plugin. It is able to display information about your PBX activity in real time. You can see what all of your extensions, trunks, and conferences are doing. You can also hang up, transfer, initiate a call or create a conference call. MPG123 Music On Hold (0.59r) - Asterisk@Home now uses native music on hold so the MP3 music on hold interface in AMP will not work. The old mpg123 is still running. If you change the config files to use MP3s you can upload with AMP. SugarCRM (4.0.1a)with Cisco XML Services interface + Click to Dial http://www.sugarcrm.com/crm/ - SugarCRM is designed to be a complete customer/contact manager. Using SugarCRM we can manage all types of communications (faxes, text messages, phone calls, emails, and even tasks and scheduling) within one single system. Otherwise all these systems are separate and isolated from each other. One way it is integrated with A@H is once you enter all your contacts all you need to do to dial them is use the "click to dial" feature without having to dial the numbers manually. Your phone rings and when you pick up, A@H calls the contact you've requested. Festival Speech Engine version (1.96) - http://festvox.org/festival/ - Festival is a speech synthesis system. It allows you to enter text that the Asterisk@Home server "reads out loud" to anyone calling the server. Using this, you can be sure the same voice is used across the whole asterisk server. Asterisk Span DSP (0.0.2pre25) (Fax Support) - Optional Software based FAX. Automatically detects and receives incoming fax (on zaptel hardware). It sends the fax as e-mail with a MIME .PDF attachment. Open A2Billing () http://www.areski.net/a2billing/ - A2Billing with Asterisk is trying to complete the needs for large, medium-sized companies and start-up who appreciate the Calling Cards business model. A2Billing allows you to craft a calling card management system over your Asterisk Server. Its powerful callingcard platform can be easily deployed with Asterisk, providing wide set of tools to manage a complex & advanced callingcard system! With A2Billing & Asterisk, prepaid/postpaid calling card services are easy to implement via a user-friendly web interface with powerful/advanced functionality. Linux CentOS (4.2 Final) - http://www.centos.org/ - CentOS is 100% compatible rebuild of the Red Hat Enterprise Linux (RHEL), in full compliance with Red Hat's redistribution requirements. CentOS 2, 3, and 4 are built from publicly available open source SRPMS provided by Red Hat. CentOS conforms fully to the upstream vendor's redistribution policies and aims to be 100% binary compatible. CentOS mainly changes packages to remove upstream vendor branding and artwork. CentOS is for people who need an enterprise level operating system with stability to match without the associated cost and support. Apache Web Server (2.0.52-22.ent.centos4) - http://www.apache.org/ - The Apache HTTP Server Project is a collaborative software development effort aimed at creating a robust, commercial-grade, feature rich, and freely-available source code implementation of an HTTP (Web) server. The project is jointly managed by a group of volunteers located around the world, using the Internet and the Web to communicate, plan, and develop the server and its related documentation. PHP (4.3.9) - http://www.php.net/ PHP is an open-source, reflective programming language used mainly for developing server-side applications and dynamic web content, and more recently, other software. PHPMyAdmin (2.7.0-pl2) - http://www.phpmyadmin.net/ phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Internet. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, and manage keys on fields. MySQL Database (4.1.12-3.RHEL4.1) - http://www.mysql.com/ MySQL is a multithreaded, multiuser, SQL (Structured Query Language) Database Management System (DBMS) with an estimated six million installations. MySQL AB makes MySQL available as free software under the GNU General Public License (GPL), but they also sell it under traditional commercial licensing arrangements for cases where the intended use is incompatible with use of the GPL. It is used in A@H Call Detail Reports and optional configuration information. VSFTPD (2.0.1-5.EL4.3) - http://vsftpd.beasts.org/ Very Secure FTPD is a GPL licensed FTP server for UNIX systems, including Linux. It is very secure, stable and extremely fast. sendmail (8.13.1-2) - http://www.sendmail.org/ - Sendmail is an open source mail transfer agent. A mail transfer agent or MTA (also called a mail server, or a mail exchange server in the context of the Domain Name System) is a computer program or software agent that transfers electronic mail messages from one computer to another.

OpenSSH (_3.9p1) - http://www.openssh.com/ - OpenSSH (Open Secure Shell) is a set of computer programs providing encrypted communication sessions over a computer network using the SSH protocol. It was created as an open alternative to the proprietary Secure Shell software. xPL () - We have a built in xPL connector that sends out information on Voicemail and CallerID. Integrated WebMeetMe GUI (A@H 2.7) - WebMeetMe is a front end to the MeetMe add-on. It gives users full control and the ability to monitor telephone conferences over on a web browser. Digium card auto-config (A@H 2.7) Weather agi scripts (A@H 2.7) - Weather agi scripts Fetch the weather from weather.noaa.gov. At weather.noaa.gov is the weather stored in a text file that this script downloads and converts to a sound that is sent to the phone call. Default is Andrew's home city New York;-) This covers only US locations. Wakeup calls (1.11) - Wakeup calls This is a wake up call feature. By dialing a phone number you can set the wakeup time when you would like to get a wakeup call. Cisco SIP phone support () - We have a web interface and TFTP server that can configure Cisco SIP phones like the 7960 uLaw Sound Files Java based SSH client Samba Auto-Setup Script VMware support -

1.4 Licensing for Asterisk@Home As you can see by the above list, Asterisk@Home contains many different software packages that do not "belong" to A@H. A@H installs & configures them all using scripts that are written and maintained by Andrew. The A@H installation also configures features to make the different packages easily accessible (a good example is the A@H splash screen, the A@H password changer etc). However, you may want to make changes to fit your particular needs. This is where GPLed Open Source Software beats the pants off of ANY proprietary solutions. You can make as many changes you like as long as it fits within the licensing agreement that covers the software package you want to modify (for example AMP). This usually means releasing the changes you've made to the public. Obviously you'll have to look up the type of licensing that each of the software packages uses to understand the rules of making any changes. Most software in A@H is GPLed but it doesn't hurt to find their web sites and make absolutely sure. When it comes down to the A@H side of things, you can make as many changes as you like. Even though Andrew's scripts are not officially GPLed (yet), they are Open Sourced (you can view the scripts) and can be changed as needed. However please submit the changed scripts to Andrew so he can consider using them or not. The same goes for any A@H branding. You can change the A@H branding and turn around and sell it with your services if you like. Remember, if you make any changes to the scripts, please act as if the scripts are GPLed and release them publicly if you do improve upon them. 1.5 Licensing for the Asterisk@Home Handbook Wiki With community involvement, this handbook is growing by leaps and bounds and truly starting to shape up into a professional piece of documentation. That makes it more and more valuable which makes it also a target for wholesale copying. I've spoken to Andrew (The Project Leader and the original Author of the A@H Handbook) and we've agreed to release this handbook under the "GNU Free Documentation License". Please read this CAREFULLY before using the Handbook for any reason other than using it as a reference (selling it, copying it, etc). The licence is easy to read and will not confuse you like some EULA's I've come across. For an excellent explanation of the GPL Licence, please read http://www.gnu.org/copyleft/fdl.html. The preamble from the "GNU Free Documentation License" gives a brief description of the licence: PREAMBLE The purpose of this License is to make a manual, textbook, or other functional and useful document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or non-commercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference.

As per Voip-info.org's terms of service, we are releasing the Asterisk@Home Handbook Wiki releasing the under the "GNU Free Documentation License". This way the community can be assured that any work that is put into this handbook cannot be claimed by any one person or web site and is protected against wholesale copying. Voip-info's terms of service http://www.voip-info.org/terms_of_service.html states that "When you enter content into any area of this web site, unless stated otherwise, you grant voip-info.org and its affiliates a nonexclusive, royalty-free, perpetual, irrevocable, and fully sublicensable right to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, and display such content throughout the world in any media." 1.6 Please do not contact Digium for support. Asterisk is a trademark of Digium Inc., and is used by permission. The Asterisk@Home project is not sponsored, endorsed, or supported by Digium, and its authors and maintainers are not affiliated with Digium. Digium does not provide free technical support for Asterisk@Home and has asked us to make sure our users understand this. Please do not contact Digium for support or post on their forums. Thanks.

Chapter 2 Installation of Asterisk@Home 2.1 Hardware Requirements The faster the system you use to run Asterisk the more simultaneous calls it will be able to handle. A 500MHz PIII with 128 Megs of RAM should easily meet the needs of the average home use. 2Gb Hard Disk minimum.

2.2 Install from an .ISO Download the latest .ISO from http://asteriskathome.sourceforge.net and burn it to a CD. Most CD burning software can burn .ISO (In Side Out) images. If anyone knows of a free CD burning utility that can burn ISO images, please list it here. a free CD burning utility that can burn ISO's: DeepBurner (www.deepburner.com) a free ISO burning utility that will burn ISO's from Windows: ISORecorder http://isorecorder.alexfeinman.com/isorecorder.htm ImgBurn is a free and very fast ISO burning utility for Windows. http://www.imgburn.com On Mac OS X 10.3/4.x use the provided Disk Utilities to burn an ISO disk. If you would perfer to purchase pre-made CDs, use this link:

Asterisk@Home CD's Shipped anywhere in the US for only $10.

Insert the newly created Asterisk CD into the CD-ROM or DVD-ROM drive of the system on which you want to install Asterisk@Home. Reboot the soon to be Asterisk system and make sure the bios of the system is set up to boot off the CD or DVD drive. Press Enter when prompted. Warning: By pressing enter, you will erase all the data on the hard drive of the PC!!! Either remove the network wire from the back of the PC or plug it into a hub or switch that has nothing else connected to it. This way we can be certain that a newly loaded A@H server is not hacked by using default passwords. After Linux has loaded, the CD will eject. Remove the CD from the system and wait for the system to reboot. Booting the system might take a while, depending on the speed of your computer. It is necessary for the system to build Asterisk from source, so be patient. Once this process is complete, log in to your new Asterisk@Home system with the following: username: root password: password

2.2.1 Editing files for non-Linux users To go much further you're going to have to start editing files. Many guides refer to nano which as about intelligible as Wordstar (for those who remember it). You can also edit files from the file manager in Webmin but I had a lot of problems with the Java editor locking up on me. Seking something better I found http://michigantelephone.mi.org/blog/2006/03/asteriskhome-27-unabridged.html, the appropriate part of which is reproduced here: The first thing is, after you complete the installation, do the upgrades, install Webmin, etc. you will find that you need to make changes to some configuration files. Nerd Vittles wants you to do it using a Linux text editor called nano, which I'm sure is a fine editor if you're used to it, but it can drive you a bit crazy at first if you are used to working in Windows. So bear in mind that there are a couple of things you can do at this point. One is to get Samba (support for Windows-style networking) up and running, and in this version of Asterisk@Home they actually give you a way to do that without having to resort to doing it through Webmin (which, by the way, is still considerably easier than trying to configure Samba to work on your own). Once Samba is configured, you can then treat your Asterisk@Home box as a shared resource on your local network, and you can edit files using a text editor on your Windows box, but if you do that, there are a couple of pitfalls to watch out for. The first is a thing called permissions - this is a form of security in Linux, which is a derivation of Unix, which was originally designed back in the days of time-sharing computers, when many users and many unrelated processes might be sharing the same system. Permissions are designed as a way to keep files restricted to only those people and processes that are supposed to have access to them. It would take far too much space here to go into greater detail about permissions but suffice it to say that when the permissions aren't set correctly on a file, things break. If you plan on learning anything about Linux, permissions should probably be one of the first subjects you study. Normally, if you use your Windows-based text editor to load a file in from your Asterisk box over the local network, make some changes, and save it back, the permissions won't change (but beware of changed line endings - we'll get to that in a moment). However, if you create a new file, or change the filename before saving it, or delete the original file before saving the changes, that may (probably will) change either the permissions, or the owner and user, and suddenly the file may become inaccessible to the software. Yeah, I really hate this, while folks who love Linux seem to think it's one of the best features of that operating system. Get bitten by permissions a few times (when you are scratching your head wondering why Asterisk seems to be ignoring a file that you know is there) and you will probably wish the software ran under Windows. I don't think most Linux users have any idea how foreign the concept of permissions is to a typical Windows user. So, changing a file on your Windows box may not always be such a great idea. Fortunately, there are still easier ways of doing things than sitting right at your Asterisk box and using nano. The trick is to set up a SSH client on your Windows box such as PuTTY, assuming you are not in a country where where encryption is outlawed (if you are, there are probably components of Asterisk@Home itself that may be illegal in your country). Install PuTTY and use it to connect to your Asterisk@Home box, using an appropriate user name and password (root will let you do anything on the system, but it's also the most dangerous way to operate if you don't know what you're doing). Before you connect for the first time, you may want to change a couple of configuration settings in PuTTY, so that your numeric keypad works as expected. In PuTTY configuration, open up the Terminal settings and click on Keyboard. Then make sure you have the following settings checked: The Backspace key: Control-? (127) The Home and End keys: Standard The Function keys and keypad: Xterm R6 Application keypad settings: Both should be Normal Enable extra keyboard features: Check Control-Alt is different from AltGr Click on Window and look at the scrollback buffer size - you may want to expand this a bit beyond the default (if you don't see the need now, you can always come back and do it later). Then click on Translation and look to see which option is used for "Handling of line drawing characters" - if you get display weirdness in some situations you can try changing this around (I use "Use Unicode line drawing code points" but I will not guarantee that's the best setting). Then click on Selection and note the mouse options - again you may want to change these as you get more familiar with the program, or if you already have a personal preference. You really shouldn't have to change anything else unless you're operating under special circumstances. Once you have PuTTY configured, click on Session, put the IP address of your Asterisk box in the Host name field, give this configuration a name (in the Saved Sessions text box - I suggest using the name Asterisk), then click the button to save this configuration. Now click the Open button and you should get a login prompt. Login using one of your user names and passwords that you set during installation. Once you login and are at a command prompt, it's just as if you are sitting in front of your Asterisk@Home box.

10

Now, whether you are connecting through PuTTY, or actually at your Asterisk@Home box keyboard, you can make changes to the text files from within Linux itself. You could use nano, but there's another way that many from a Windows background will consider easier, especially if you've ever used a dual-pane file manager like Norton/Windows/Total Commander (or a similar program). From the Linux command prompt, type mc -a (mc stands for Midnight Commander) and you will find yourself in front of a (hopefully) familiar environment. The -a option makes it render the line drawing characters as something at least a little more presentable when using PuTTY; you probably don't need (or want) to use that option if you're actually at your Asterisk box. In Midnight Commander, as in the Windows variants, you can highlight a file, then press or click on F4 to bring up an editor, which is probably going to work a lot more as you'd expect it to work than nano if you come from a Windows/DOS background. Remember how I talked about permissions above, and how they can give you fits? Well, you can use Midnight Commander to manage them, also. Highlight a file, then click on File (in the top menu bar), then I suggest using Advanced chown which shows both the permissions, and the owner and group settings, and allows you to easily change them. If you want to learn more about Midnight Commander, there's a FAQ here. Should you decide to edit configuration files on your Windows box, be aware that Windows normally saves text files with a carriage return and a linefeed at the end of each line, while the Linux/Unix convention is to use a linefeed only (this is the other pitfall I was referring to). If you save a configuration file with carriage returns in it, you may get all sort of unpredictable (and bad) results. So, be sure to use a text editor that will let you save files in the format Linux prefers, and then remember to save the files that way (you may have to use the "Save As" command rather than just doing a simple "Save"). Just to confuse matters, I'll mention that some other types of systems (Macs, I think) use a carriage return only to end a line. If your text editor doesn't give you an option to save files in the Linux/Unix format, it might not be able to do it. That's why it's probably better to use nano or the Midnight Commander editor to make changes in the configuration files.

2.3 Setting up your Time Zone and Keyboard layout At the CentOS command prompt, type in the following command to change your time zone and/or keyboard layout: config This script is calling two other applications : redhat-config-date CentOS 3.x system-config-date CentOS 4.x and redhat-config-keyboard CentOS 3.x system-config-keyboard CentOS 4.x Note: CentOS has changed the syntax on all configuration tools from the CentOS 4.x versions.

2.4 Install to an existing CentOS 4.2 system If you have problems with the ISO you can install onto an existing CentOS server. You can also enable other options like software RAID. Note: you will need to disable selinux for Asterisk to run. (edit /etc/selinux/config) Download CentOS 4.2 ISOs from the CentOS Mirrors. Make a directory to install from, put the install file there, and install. mkdir /var/aah_load cp asteriskathome-2.4.tar.gz /var/aah_load cd /var/aah_load tar xvfz asteriskathome-2.4.tar.gz ./install.sh

2.5 Setting up your router/firewall to work with Asterisk@Home

11

If your Asterisk@Home server isn't going to be directly connected to the internet with a permanent IP address, it will be behind some kind of router/firewall. This means your Asterisk@Home server is going to receive a private IP address (example: 192.168.*.*) and will be using NAT to communicate with the rest of the world.

2.5.1 What is NAT? According to the Wikipedia http://en.wikipedia.org/wiki/NAT the process of network address translation (NAT, also known as network masquerading or IP-masquerading) involves re-writing the source and/or destination addresses of IP packets as they pass through a router or firewall. Most systems using NAT do so in order to enable multiple hosts on a private network to access the Internet using a single public IP address. According to specifications, routers should not act in this way, but many network administrators find NAT a convenient technique and use it widely. Nonetheless, NAT can introduce complications in communication between hosts. In other words your home/work router/firewall has only 1 internet IP address even though you may have 5 computers behind it. Those 5 PCs can communicate with the world at the same time only if your router/firewall is using NAT. Otherwise you'd be out of luck. The down side is sometimes NAT breaks things.

2.5.2 What is a STUN Server? From http://www.voip-info.org/wiki-STUN STUN (Simple Traversal of UDP through NATs (Network Address Translation)) is a protocol for assisting devices behind a NAT firewall or router with their packet routing. STUN enables a device to find out its public IP address and the type of NAT service its sitting behind. STUN operates on TCP and UDP port 3478. STUN is not widely supported by VOIP devices yet. STUN may use DNS SRV records to find STUN servers attached to a domain. The service name is _stun._udp or _stun._tcp Please note: The STUN RFC states: This protocol is not a cure-all for the problems associated with NAT. The problems with STUN are not design flaws in STUN. The problems in STUN have to do with the lack of standardized behaviors and controls in NATs. The result of this lack of standardization has been a proliferation of devices whose behavior is highly unpredictable, extremely variable, and uncontrollable. STUN does the best it can in such a hostile environment. Ultimately, the solution is to make the environment less hostile, and to introduce controls and standardized behaviors into NAT. However, until such time as that happens, STUN provides a good short term solution given the terrible conditions under which it is forced to operate. List of public STUN Servers that you can use stun.fwd.org (no DNS SRV record) stun01.sipphone.com (no DNS SRV record) stun.softjoys.com (no DNS SRV record) stun.voipbuster.com (no DNS SRV record) stun.voxgratia.org (no DNS SRV record) stun.xten.com stun1.noc.ams-ix.net By using a stun server in your configuration, you may avoid some NAT issues that occur. (Hey guys, when you enter a stun server on either end's configuration (asterisk & the remote phone), do you still need to mess with router/firewall port forwarding? Hell, I can't even find where to put the STUN info on the asterisk side -ginellipan) (This section needs to be flushed out. Examples of how to use/setup STUN would be most helpful. As is, not very useful to a newbie which it seem like this wiki is geared towards. filmo) 2.5.3 What is SIP? According to the Wikipedia http://en.wikipedia.org/wiki/SIP Session Initiation Protocol (SIP) is a protocol developed by the IETF MMUSIC Working Group and proposed standard for initiating, modifying, and terminating an interactive user session that involves multimedia elements such as video, voice, instant messaging, online games, and virtual reality. In November 2000, SIP was accepted as a 3GPP signalling protocol and permanent element of the IMS architecture . It is one of the leading signalling protocols for Voice over IP, along with H.323. In other words, SIP is the protocol that most VOIP conversations are transmitted over. All you need to know is NAT breaks SIP. This is how you fix it.

12

2.5.3.1 Setting up your router/firewall so A@H can communicate with a VOIP Provider via SIP through a NAT For Asterisk@Home to communicate successfully with a VOIP provider using SIP through a NAT, you have to make sure your router/firewall forwards the following ports to your LAN/Private IP address assigned to the Asterisk@Home server. Be sure the LAN/Private address is statically assigned to the Asterisk@Home server and it is not assigned dynamically via DHCP. (see Chapter 3 for directions) Some of the following port information was garnered from http://www.voip-info.org/tiki-index.php?page=Asterisk+firewall+rules. UDP Port 5060 is for SIP communication. This is only used for setting up calls, taking down calls and so on. Some SIP resources also need the TCP ports. UDP Port 5060-5082 range is also for SIP communications but only if you have multiple SIP providers. This is why you may want to include a range instead of just the UDP 5060 port. Some phones (ie. Grandstream GXP2000) don't use the same SIP port for each subsequent line (line 1 registers with 5060, line 2 5062, line 3 5064 and line 4 5066) (thanks Alan Smith). TCP Port 5060 is for SIP but thought to be rarely used. (thanks Alan Smith) UDP Port 8000 is for "Free World Dialup" to work with the asterisk server. Any subsequent lines will use 8002, 8003, etc etc. (thanks Alan Smith). UDP Port 10000 - 20000 is for RTP - the media stream aka the voice/video channel. Here is our example: The DNS Name (or you can enter the IP Address) of the VOIP SIP provider is sip.voipcompany.com. The static LAN/Private IP address of your Asterisk@Home server is 192.168.1.2. The static WAN/Public IP address of your router is 1.2.3.4 (if you use DynamicDNS, we'll use your domain name) Enter your router/firewall configuration and add: Forward UDP Port 5060-5082 to 192.168.1.2 Forward UDP Port 10000 to 20000 to 192.168.1.2 You also need to edit the sip_nat.conf file. Inside of AMP, click Maintenance ----> Config Edit ----> sip_nat.conf. Inside of sip_nat.conf add the following and click "Update": externip = 1.2.3.4 (enter your permanent WAN/Public internet address here. Or you if you have one, you can use a DynamicDNS domain name. Obviously it's easier to get a static IP address and avoid using DynamicDNS altogether.) localnet = internal.network.address.0/255.255.255.0 (put your LAN/Private NETWORK address of your Asterisk@Home server, this is NOT the IP address of the server!!!!) To determine your local NETWORK address (NOT mask (255.255.255.0 numbers). If the IP address of the Asterisk@Home server is 192.168.1.0 If the IP address of the Asterisk@Home server is 192.168.7.0 If the IP address of the Asterisk@Home server is is 192.168.100.0 the IP address!!) you have to know a little about your subnet 192.168.1.5 255.255.255.0, then the NETWORK address is 192.168.7.2 255.255.255.0, then the NETWORK address is 192.168.100.84 255.255.255.0, then the NETWORK address

To make it really secure (some routers/firewalls may not be able to do this), try to configure the router/firewall to ONLY forward those ports from the VOIP SIP provider IP address or DNS name. This way only your VOIP SIP provider traffic gets forwarded to your NATed Asterisk@Home server. HOWEVER, if you want to have remote phones floating around on the internet (example: Your sales person has a SoftPhone that he uses to make calls and check his voicemail from hotels, other companies, hotspots, etc.) don't institute the following example!! You will obviously cut off that remote phone from being able to speak to your asterisk server. Forward UDP Port 5060-5082 to 192.168.1.2 only from sip.voipcompany.com Forward UDP Port 10,000 to 20,000 to 192.168.1.2 only from sip.voipcompany.com Here is a visual look at the setup we've created

13

(click on the picture for a full version)

2.5.3.2 Setting up your router/firewall so your remote SIP phones can communicate with your A@H Server via SIP through a NAT There will be times when you want a travelling user to be able to use their soft or hard phones with your Asterisk@Home Server. For example, your employees travel around and have a software based SIP Phone on their laptops. You want your employees to be able to connect to your asterisk server to make phone calls, listen to their messages, etc etc. I can imagine a time where hardphones will be as small and portable as cell phones but all you need to do is plug it into a network connection anywhere in the world and it'll be as if you were sitting in your office. Just wait until the hardphones also have WIFI (or cell phones with WIFI built in) and all you need to call is an open Hotspot. In this case you will need a Static Internet IP Address (or Dynamic DNS domain name) for your Asterisk@Home Server and program that info into your phones. You also have to make sure their phone's configuration knows that it may be behind a NAT when it makes the phone call to the asterisk server. Other then that, the port forwarding you did on the router/firewall that the Asterisk@Home server is behind will be enough to allow your remote users to make calls from anywhere. This is the only way SIP will work through a NAT. In the Asterisk@Home server, you will need to set the following in the extension's configuration in AMP. To do this in AMP, create an extension, THEN click on the extension after you've created it and you will see fields for "Nat" and "Qualify". You will not see these fields when you first create the extension. Please see our AMP Chapter in the handbook for more information. nat=yes This option causes Asterisk to ignore the address information in the SIP and SDP headers, and reply to the sender's IP address and port. NAT=yes enables a form of Symmetric RTP in Asterisk. set qualify=yes Syntax: qualify=xxx|no|yes Where XXX is the number of milliseconds used. If yes the default timeout is used, 2 seconds. If you turn on qualify in the configuration of a SIP device in sip.conf, Asterisk will send a SIP OPTIONS command regularly to check that the device is still online. If the device does not answer within the configured (or default) period (in ms) Asterisk considers the device off-line for future calls. This feature may also be used to keep a UDP session open to a device that is located behind a network address translator (NAT). By sending the OPTIONS request, the UDP port binding in the NAT (on the outside address of the NAT/firewall device) is maintained by sending traffic through it. If the binding were to expire, there would be no way for Asterisk to initiate a call to the SIP device. Most of the time, these softphones/hardphones have a STUN server setting you can input. Test the soft/hardphones with this setting first and see how it responds. In one case, I found that there was a significant delay when I used the STUN server on my hardphone. When I removed the STUN server, the delay disappeared. Testing is important. Here's a visual look at how your SIP Phone will connect from outside your LAN

14

(click on the picture for a full version) Here are some good examples of what you would need to do with some SIP phones (thanks Alan Smith): Xten-lite In the Sip Proxy definition Domain/Realm=1.2.3.4 (Public/WAN IP address of your router/firewall) STUN Server= (before entering your STUN server, test to see if it works without it) Sipura SPA-841 From the Advanced Admin Web page, in the SIP tab NAT Support Parameters Substitute VIA Addr:=yes EXT IP:=(Public/WAN IP address of the router/firewall that the PHONE is behind) Then in the Ext 1/2 page: NAT Settings NAT Mapping Enable:=yes Grandstream GXP-2000 Logged in as Admin, Advanced options tab: Use NAT IP = (Public/WAN IP address of the router/firewall that the PHONE is behind) Then in the ACCOUNT 1/2/3/4 page: NAT Traversal (STUN): yes 2.5.4 What is IAX? According to Wikipedia http://en.wikipedia.org/wiki/IAX IAX is the Inter-Asterisk eXchange protocol used by Asterisk. It is used to enable VoIP connections between Asterisk servers, and between servers and clients that also use the IAX protocol. IAX now most commonly refers to IAX2, the second version of the IAX protocol. The original IAX protocol has been deprecated almost universally in favor of IAX2. It is a very robust and fullfeatured yet simple as far as protocols go. It is agnostic to codecs and number of streams, meaning that it can be used as a transport for virtually any type of data. (This capability will be useful as videophones become common.) IAX2 uses a single UDP data stream (usually on port 4569) to communicate between endpoints, both for signalling and data. The voice traffic is transmitted in-band, making IAX2 easier to firewall and more likely to work behind network address translation. (This is in contrast to SIP, which uses an out-of-band RTP stream to deliver information.) IAX2 supports trunking, wherein a single link carries data and signalling for multiple channels. When trunking, data from multiple calls are merged into a single set of packets, meaning that one IP datagram can deliver information for more than one call, reducing the effective IP overhead without creating additional latency. This is a big advantage for VoIP users, where IP headers are large percentage of the bandwidth usage. The IAX2 Protocol or Inter-Asterisk Exchange Protocol was created by Mark Spencer for Asterisk for VoIP signalling. The protocol sets up internal sessions and these sessions can use whichever codec they want for voice transmission. The Inter-Asterisk Exchange protocol essentially provides control and transmission of streaming media over IP (Internet Protocol) networks. IAX is extremely flexible and can be used with any type of streaming media including video however it is mainly designed for control of IP voice calls. IAXs design was based on many common control and transmission standards today including Session Initiation Protocol (SIP, which is the most common), Media Gateway Control Protocol (MGCP) and Real-time Transfer Protocol (RTP). The Primary goals for IAX was to minimize bandwidth used in media transmissions with particular attention

15

drawn to control and individual voice calls and to provide native support for NAT (Network Address Translation) transparency. The basic structure of IAX is that it multiplexes signalling and multiple media streams over a single UDP (user datagram protocol) stream between two computers. IAX is a binary protocol and is designed and organized in a manner to reduce overhead especially in regards to voice streams. Bandwidth efficiency in some places is sacrificed in order for bandwidth efficiency for individual voice calls.

2.5.4.1 Setting up your router/firewall so A@H can communicate with a VOIP Provider or another A@H server via IAX through a NAT For A@H to communicate successfully with a VOIP provider using IAX, you have to make sure your router/firewall forwards the following ports to the interior private IP address of the Asterisk@Home server. Unlike SIP, IAX only uses one UDP port (4569) to communicate and is very NAT friendly. This is gonna be simple. Forward UDP Port 4569 to 192.168.1.2 To make it really secure (some routers/firewalls may not be able to do this), try to configure the router/firewall to ONLY forward those ports from the VOIP IAX provider IP address or DNS name. This way only your VOIP IAX provider traffic gets forwarded to your Asterisk@Home server. For example: Forward UDP Port 4569 to 192.168.1.2 only from iax.voipcompany.com

2.5.4.2 Setting a remote router/firewall so your remote IAX phones can communicate with your A@H Server via IAX through a NAT There will be times when you want a travelling user to be able to use their soft or hard phones with your Asterisk@Home Server. For example, your employees travel around and have a software based IAX Phone on their laptops. You want your employees to be able to connect to your asterisk server to make phone calls, listen to their messages, etc etc. In this case you will need a Static Internet IP Address (or Dynamic DNS domain name) for your Asterisk@Home Server and program that info into your phones under its IAX settings. You also have to make sure their phone's configuration knows that it may be behind a NAT when it makes the phone call to the asterisk server. Other then that, the port forwarding you did on the router/firewall that the Asterisk@Home server is behind will be enough to allow your remote users to make calls from anywhere.

2.5.5 How to deal with changing internet IP addresses Some broadband ISPs use DHCP to hand out public IP addresses to their customers. This means that their customers do not receive a permanent IP address. This also means that their customers will now have a tougher time running server (like Asterisk@Home). In true internet fashion, there is a way around this. It's called Dynamic DNS.

2.5.5.1 What is DNS? According to the Wikipedia http://en.wikipedia.org/wiki/DNS the Domain Name System or DNS is a system that stores information about hostnames and domain names in a type of distributed database on networks, such as the Internet. Of the many types of information that can be stored, most importantly it provides a physical location (IP address) for each domain name, and lists the mail exchange servers accepting e-mail for each domain. The DNS provides a vital service on the Internet as it allows the transmission of technical information in a userfriendly way. While computers and network hardware work with IP addresses to perform tasks such as addressing and routing, humans generally find it easier to work with hostnames and domain names (such as www.example.com) in URLs and e-mail addresses. The DNS therefore mediates between the needs and preferences of humans and of software. In other words, instead of having to remember google's IP address (64.233.161.99) to be able to view it in a web browser, you can use www.google.com and DNS translates it into an IP address for you. This is purely a human need.

2.5.5.2 What is Dynamic DNS? According to the Wikipedia http://en.wikipedia.org/wiki/Dynamic_DNS Dynamic DNS is a system for allowing an Internet domain name to be assigned to a varying IP address. This makes it possible for other sites on the Internet to establish connections to the machine without needing to track the IP address themselves. A common use is for running server software on a computer that has a dynamic IP address (e.g., a dialup connection where a new address is assigned at each connection, or a cable or DSL service where the address is

16

changed by the internet service provider occasionally). To implement dynamic DNS it is necessary to set the maximum caching time of the domain to an unusually short period (typically a few minutes). This prevents other sites on the Internet from retaining the old address in their cache, so that they will typically contact the name server of the domain for each new connection. Dynamic DNS service is provided on a large scale by various organizations, which retain the current addresses in a database and provide a means for the user to update it as required. Some "client" programs will, when installed, operate in the background and check the IP address of the computer every few minutes. If it has changed, then it will send an update request to the service. Many routers and other networking components contain a feature such as this in their firmware. In other words, you can use a Dynamic DNS service that always points to your most recent Internet IP address that has been assigned to you by your ISP.

2.5.5.3 How do I get Dynamic DNS to work? Boy, these chapter numbers are getting long aren't they? How do you get Dynamic DNS to work? 1) Register a domain name (shameless plug: http://www.godaddy.com is really really cheap and easy) for example: mydomain.com 2) Buy a router/firewall that is compatible with Dynamic DNS. You may get lucky and find out all you need to do is upgrade your router/firewall's firmware to get this ability. 3) Head over to a web site that handles Dynamic DNS (shameless plug: http://www.dyndns.org works just fine) 4) Register mydomain.com with the site (sometimes they charge a 1 time fee for each domain name) 5) Setup your domain name according to the Dynamic DNS's sites instructions. 5) Enter your router/firewall and configure it to point its Dynamic DNS settings to the site of your choice. This way if your DHCP IP address lease runs out, and your router gets an entirely different IP address, your router will contact DynamicDNS and make the change on the fly. This way mydomain.com ALWAYS points to your router no matter what. 6) Now test to make sure mydomain.com points to the Internet IP address of your firewall/router. Call your friend and see if he can ping mydomain.com or something. 7) Now let's say you own another router (your kid's router at college). You can edit your domain at dyndns.org so college.mydomain.com points to your kid's IP address and home.mydomain.com points to your home router IP address. Both your router and your kid's router have DynamicDNS configured to update Dyndns.org if there are any changes in IP address. Pretty nifty no?

2.5.5.4 How do I use Dynamic DNS with Asterisk@Home You need to edit the sip_nat.conf file. Inside of AMP, click Maintenance ----> Config Edit ----> sip_nat.conf. Inside of sip_nat.conf add the following and click "Update": externip = home.mydomain.com (Enter your DynamicDNS domain name. Obviously it's just easier to get a static IP address and avoid using DynamicDNS altogether.) localnet = internal.network.address.0/255.255.255.0 (put your LAN/Private NETWORK address of your Asterisk@Home server, this is NOT the IP address of the server!!!!) To determine your local NETWORK address (NOT mask (255.255.255.0 numbers). If the IP address of the Asterisk@Home server is 192.168.1.0 If the IP address of the Asterisk@Home server is 192.168.7.0 If the IP address of the Asterisk@Home server is is 192.168.100.0 the IP address!!) you have to know a little about your subnet 192.168.1.5 255.255.255.0, then the NETWORK address is 192.168.7.2 255.255.255.0, then the NETWORK address is 192.168.100.84 255.255.255.0, then the NETWORK address

2.6 Putting your Asterisk@Home Server directly on the internet As you can see, it can get pretty complicated trying to get your Asterisk@Home server behind a router/firewall that is using NAT. Some people may seriously consider placing their Asterisk server directly on the internet with a static IP address. Now remember, CentOS is a very secure and stable operating system but you still have to use a firewall on the Asterisk@Home server none-the-less. Please read the IPCop or Shorewall section under Asterisk@Home add-ons.

17

2.7 How do I know what versions of software are installed on my Asterisk@Home Server? There are times when you really need to know what version of the software that is installed in A@H. Especially when you're troubleshooting a problem. Here is a quick list of instructions on how to determine that

Asterisk - First enter the Asterisk CLI (Command Line Interface) Asterisk -r then type show version then exit using quit AMP - Enter the A@H Splash Page by typing HTTP://PutYourAsterisk@HomeIpaddressHere into a browser and click on AMP. The version is displayed in the Welcome Screen. Flash Operator Panel - Type this at the CentOS Command Line: /var/www/html/panel/op_server.pl v Music On Hold (mpg123) - Type this at the CentOS Command Line mpg123 --help SugarCRM - Enter the A@H Splash Page by typing HTTP://PutYourAsterisk@HomeIpaddressHere and click on CRM. Login to SugarCRM. Click About on the top right. The version information will then be displayed. Festival Speech Engine - Type this at the CentOS Command Line: Festival The version is at the top. Type (quit) (literally WITH the parenthesis!!!) to exit. Asterisk Span DSP Faxing - At the CentOS Command Line type: cd /var/aah_load and look for the file that begins with spandsp- and the rest is the version #. Open A2Billing - (Someone please fill this part out, I couldn't find this information) Linux CentOS - Type cat /etc/redhat-release at the command line Apache Web Server - Type this at the CentOS Command Line: rpm -q httpd PHP - Type this at the CentOS Command Line: PHP: echo "<?php phpversion('tidy'); ?>" | php PhPMyAdmin - Enter the A@H Splash Page by typing HTTP://PutYourAsterisk@HomeIpaddressHere into a browser and click on AMP, then Maintenance, then phpmyadmin. MySQL Database - Enter the A@H Splash Page by typing HTTP://PutYourAsterisk@HomeIpaddressHere into a browser and click on AMP, then Maintenance, then phpmyadmin. The MySQL version will be displayed. Another method is to type the following into your CentOS Command Line rpm -q mysql Very Secure FTPD (VSFTPD) - Type this at the CentOS Command Line: rpm -q vsftpd SendMail - Type this at the CentOS Command Line: rpm -q sendmail OpenSSH - Type ssh -V xPL - (Someone please fill this part out, I couldn't find this information) Integrated WebMeetMe GUI - This is Andrew's Code and has the same version as Asterisk@Home Digium card auto-config - This is Andrew's Code and has the same version as Asterisk@Home Weather agi scripts - This is Andrew's Code and has the same version as Asterisk@Home Wakeup calls - This is Andrew's Code and has the same version as Asterisk@Home From what I can see it's created by Andy Wysocki (Se reference under section 1.3) and the version used in A@H 2.2 is 1.02 and current version is 1.11. Comment by MatsK Cisco SIP phone support - (Someone please fill this part out, I couldn't find this information) Complete List of all Software Installed - For a complete list of all software installed in A@H type the following at the CentOS Command Line rpm -qa

2.8 Modifying the A@H branding to something more Corporate friendly There has been a long rambunctious discussion in the forums over the naming of "Asterisk@Home" or even forking the project (gasp!). Even though we all know that A@H is really asterisk on steroids, non-technical Executives or Managers may not feel secure in using a product that has the name @Home in it. There is an easy way to handle this. Change the branding on the A@H install.

If you want to replace the Asterisk@Home logo with this one just follow the instructions below. note: this script is currently busted as the .png doesnt exist on the server. At the console type : wget http://www.voip-info.org/users/415/415/images/396/aah-change-logo.sh.txt dos2unix aah-change-logo.sh.txt sh aah-change-logo.sh.txt The script does the following. - Download the Asterisk@Work logo

18

- Replace the logos - Does text search and replace

Here is the script for A@H 2.4:

(you can click on this icon, and view the file contents)

2.9 Quick Set Up guide. This is to assist with re installs The following is not for beginners. It is simply a check list for moving from one version to another. The content was originally posted on the Asterisk@Home forum on sourceforge. 2.9.1 Securing asterisk: change default passwords, enable HTTPS and update system. passwd admin passwd-maint passwd-amp passwd-meetme nano /var/www/html/panel/op_server.cfg http://asteriskathomeip/crm login:admin/password, my account upper right hand corner yum -y install mod_ssl /etc/init.d/httpd restart yum -y update reboot

2.9.2 Rebuid zaptel driver and disable uneeded modules: (needs to be done after upgrading kernel) rebuild_zaptel genzaptelconf nano /etc/sysconfig/zaptel and uncomment your devices (use ztdummy if you do not have any hardware installed) reboot

2.9.3 When asterisk is behind a NAT do not forget to specify: in sip_nat.conf externip = X.X.X.X ;(substitute your public ip address) localnet = 192.168.X.0/255.255.255.0 ;(substitute your lan subnet address) nat=yes Ports to forward on router: 4569 TCP/UDP - iax 5004-5082 TCP/UDP - sip 10000-20000 TCP/UDP - sip

2.9.4 Choose only one trunk config. I recommend IAX2, but its only available through request at support@telasip.com. SIP is enabled by default by telasip Telasip trunk configuration (SIP): Oubound caller ID: "j smith" <5212314214> (substitute with your name and DID) Maximum channels: 2 Dialing rules: (substituting your local area code for 404 below) 404+NXXXXXX Outgoing Settings: Trunk Name: telasip-gw Peer details (using your own account name/password): allow=g726 disallow=all type=peer host=gw4.telasip.com qualify=yes insecure=very context=telasip-in username=<username>

19

secret=<secret> Registration: youraccountname:yourpassword@gw4.telasip.com Telasip trunk configuration (IAX2): Oubound caller ID: "j smith" <5212314214> (substitute with your name and DID) Maximum channels: 2 Dialing rules: (substituting your local area code for 404 below) 404+NXXXXXX Outgoing Settings: Trunk Name: telasip-gw Peer details (using your own account name/password): allow=g726 disallow=all host=gw4.telasip.com insecure=very qualify=yes secret=<your-password> trunk=yes type=peer username=<your-user-id> Incoming Settings: User Context:<username> User details: context=telasip-in type=user Registration: youraccountname:yourpassword@gw4.telasip.com

2.9.5 Configure outbound routing: Add route: outgoing Dial patterns: 1NXXNXXXXXX NXXNXXXXXX NXXXXXX Trunk sequence: 0=SIP/telasip-gw

2.9.6 Configure auto attendant to answer, play music on hold, then transfer to ring group 1 (basic): in extensions_custom.conf (under from-external-custom: ring set to ringgroup1, voicemail set to extension 200, change as needed) [from-pstn-custom] exten => _.,1,Goto(from-external-custom,attendant,1) [telasip-in] exten => _.,1,Goto(from-external-custom,attendant,1) [from-external-custom] exten => attendant,1,Answer exten => attendant,2,Wait(1) exten => attendant,3,Background(pls-wait-connect-call) exten => attendant,4,Dial(local/1@from-internal,30,mt) exten => attendant,5,VoiceMail(200@default) Configure auto attendant to answer, perform reverse lookup on incoming number, play music on hold, then transfer to ring group 1 (intermediate): cd /var/lib/asterisk/agi-bin nano calleridname.agi copy/paste/save the following: ------------------------------#!/usr/bin/perl -w use Asterisk::AGI; use LWP::UserAgent; $AGI = new Asterisk::AGI; my %input = $AGI->ReadParse();

20

my $callerid = $input{'calleridnum'}; if($callerid eq ''){ $callerid=$input{'callerid'}; } $AGI->verbose("CALLERID IS: $callerid\n"); if ($callerid =~ /^(\d{3})(\d{3})(\d{4})$/) { $npa = $1; $nxx = $2; $station = $3; $AGI->verbose("Checking $npa $nxx $station...\n"); } elsif($callerid=~/\<(\d{3})(\d{3})(\d{4})\>/){ $npa = $1; $nxx = $2; $station = $3; $AGI->verbose("Checking $npa $nxx $station...\n"); } else { $AGI->verbose("Unable to parse phone number for NPA/NXX/station. Phone number is: $callerid\n"); exit(0); } #$npa='641'; #$nxx='892'; #$station='8019'; if ($name = &anywho_lookup ($npa, $nxx, $station)) { $newcallerid = "\"$name <$npa$nxx$station>\""; $AGI->set_callerid($newcallerid); } else{ $AGI->verbose("Unable to find a lookup."); } exit(0); sub anywho_lookup { my ($npa, $nxx, $station) = @_; my $ua = LWP::UserAgent->new( timeout => 45); my $URL = 'http://www.anywho.com/qry/wp_rl'; $URL .= '?npa=' . $npa . '&telephone=' . $nxx . $station; $ua->agent('AsteriskAGIQuery/1'); my $req = new HTTP::Request GET => $URL; my $res = $ua->request($req); if ($res->is_success()) { if ($res->content =~ /<!-- listing -->(.*)<!-- \/listing -->/s) { my $listing = $1; if ($listing =~ /<B>(.*)<\/B>/) { my $clidname = $1; return $clidname; } } } return ''; } --------------------------------------chown asterisk:asterisk calleridname.agi chmod 755 calleridname.agi in extensions_custom.conf (under from-external-custom: ring set to ringgroup1, voicemail set to extension 200, change as needed) ;create extension for chanspy exten => *888,1,Answer exten => *888,2,Wait(1)

21

exten => *888,3,ChanSpy(SIP/,q) exten => *888,4,Hangup [from-pstn-custom] exten => _.,1,Goto(from-external-custom,attendant,1) ;the zap channel skips calleridname. [telasip-in] exten => _.,1,Goto(from-external-custom,calleridname,1) [from-external-custom] exten => calleridname,1,Answer exten => calleridname,2,Wait(1) exten => calleridname,3,Background(pls-wait-connect-call) exten => calleridname,4,AGI(calleridname.agi) exten => calleridname,5,Goto(from-external-custom,attendant,4) exten => attendant,1,Answer exten => attendant,2,Wait(1) exten => attendant,3,Background(pls-wait-connect-call) exten => attendant,4,Dial(local/1@from-internal,30,mt) exten => attendant,5,VoiceMail(200@default)

2.9.7 Updating Asterisk manually (preferred so you know you are getting stable releases) *note this was put in place in case of a critical update to the Asterisk source, otherwise its not needed and only meant for advanced configurations. #clean modules rm -f /usr/lib/asterisk/modules/* #asterisk 1.2.7.1 cd /usr/src rm -rf asterisk wget http://ftp.digium.com/pub/asterisk/releases/asterisk-1.2.7.1.tar.gz tar -zxvf asterisk-1.2.7.1.tar.gz mv asterisk-1.2.7.1 asterisk #zaptel 1.2.5 cd /usr/src rm -rf zaptel wget http://ftp.digium.com/pub/zaptel/releases/zaptel-1.2.5.tar.gz tar -zxvf zaptel-1.2.5.tar.gz mv zaptel-1.2.5 zaptel #libpri 1.2.2 cd /usr/src rm -rf libpri wget http://ftp.digium.com/pub/libpri/releases/libpri-1.2.2.tar.gz tar -zxvf libpri-1.2.2.tar.gz mv libpri-1.2.2 libpri #addons 1.2.2 cd /usr/src rm -rf asterisk-addons wget http://ftp.digium.com/pub/asterisk/releases/asterisk-addons-1.2.2.tar.gz tar -zxvf asterisk-addons-1.2.2.tar.gz mv asterisk-addons-1.2.2 asterisk-addons #sounds 1.2.1 cd /usr/src rm -rf asterisk-sounds wget http://ftp.digium.com/pub/asterisk/releases/asterisk-sounds-1.2.1.tar.gz tar -zxvf asterisk-sounds-1.2.1.tar.gz mv asterisk-sounds-1.2.1 asterisk-sounds #now rebuild and reboot cd /usr/src ./rebuildastsrc.sh reboot #freepbx 2.0.1

22

cd /usr/src wget http://internap.dl.sourceforge.net/sourceforge/amportal/freepbx-2.0.1.tar.gz tar -zxvf freepbx-2.0.1.tar.gz cd freepbx-2.0.1 ./install_amp amportal restart *note: you will loose the maintenance feature. use may still use "http://server/maint/index.php?" Steps for updating SVN HEAD (bleeding edge stable, not recommended?): cd /usr/src rm -f /usr/lib/asterisk/modules/* ./rm_astsrc.sh ./getastsrc_head.sh ./rebuildastsrc.sh reboot

2.9.8 Steps for installing VMWare tools: mount /media/cdrom rpm -ivh /media/cdrom/VMwareTools-e.x.p-20925.rpm (2095 might not be the latest anymore, check /media/cdrom) /etc/init.d/vmware-tools start cd /usr/bin ./vmware-config-tools.pl use listed instructions to install the vmware tools net driver nano /boot/grub/grub.conf add clock=pit to the end of the kernel initialize line configure startup/shutdown features on image 'power on virtual machine' and 'shutdown guest operating system'

2.9.9 Steps for Backup/Migrate and Restoring your server: *note: This is a minimal guide that backs up only extension/trunks and call records. Dont forget to copy over your _custom.conf files. You must first upgrade to freepbx if your still running asterisk media portal, use the script under the "manual upgrade steps" section of this guide. from your old server: install/enable the phpmyadmin module http://oldserver/admin/modules/phpmyadmin/phpMyAdmin click export hold cntrl select asterisk and asteriskcdrdb enable "save as file", click go and save the .sql file then on your new server: install/enable the phpmyadmin module http://newserver/admin/modules/phpmyadmin/phpMyAdmin use dropdown on the left frame, select asterisk. click the "drop" tab. use dropdown again, select asteriskcdrdb click the "drop" tab click import browse for your sql file, click go. php /var/www/html/admin/config.php clk_reload=true /var/www/html/admin/bounce_op.sh re-establish your *_custom files if you used them.

Chapter 3 Securing your Asterisk@Home Server While the network connection is unplugged or at least connected to a hub or switch with nothing else connected to it, we can now change our default passwords without worrying about being hacked. It's very easy to enter and control ANY type of server that have their default logins and passwords unchanged. Asterisk@Home is no different. It would be a good idea to write these passwords down and store them in a VERY secure location. It's not such a good idea to store them on your PC. 3.1 Giving your Asterisk@Home Server a static IP address

23

To change all of our default passwords, we need to give our Asterisk@Home server a static IP address. You can give it a temporary one now and change it later. It's all up to you. At the CentOS command line type: netconfig A semi-graphical screen appears that can be explored by using the "tab" button. Enter all the requested information and tab to OK once you're done. After returning to the CentOS command prompt, type: reboot To reboot the server. NOTE: Lets say you aren't confortable in just listing 1 DNS server. After all, that one DNS server in there may go down leaving A@H nothing to resolve names with. To add another DNS server (or as many as you would like) type this at the command line: nano /etc/resolv.conf This file lists the name servers for the A@H server. Go ahead and enter your name servers. For example: nameserver 64.232.128.2 nameserver 209.125.236.3 Than press CTRL-X, and type in Y, hit enter. You'll be asked for the file name you want "File Name To Write: resolv.conf", so hit enter.

3.2 Changing your default CentOS Password A@H has a nice script that helps you configure some of these passwords. The default login and password for a newly installed CentOS operating system is: Username: root Password: password At the CentOS command prompt type the following command to change your password for the root user. You'll be asked to enter your old password and to type in your new password twice. passwd

3.3 Changing your default AMP Password To access AMP type the following into your web browser: HTTP://PutYourAsterisk@HomeIpaddressHere The default login and password for a newly installed AMP is Username: maint Password: password To change the default password at the CentOS command prompt type the following command. (note, this command is not really part of CentOS but a script that comes with A@H) passwd-maint You will see the following appear: ------------------------------------------Set password for AMP web GUI and maint GUI User: maint ------------------------------------------New password: Re-type new password: Updating password for user maint It will ask for a new password. Then it will ask to confirm your new password.

24

You can also change your wwwadmin password by using passwd-amp You will see the following appear: ------------------------------------------Set password for AMP web GUI and maint GUI User: wwwadmin ------------------------------------------New password: Re-type new password: Updating password for user wwwadmin (The difference between the maint and wwwadmin accounts is that the maint will allow you full access in AMP. wwwadmin will not allow you to see the maintenance tab.)

3.4 Changing your default FOP Password The default password for a newly installed Flash Operator Panel is: (yes the letter "o" is a "zero") Password: passw0rd To change this password, log into your CentOS machine using the root login and password and enter the FOP directory by typing: cd /var/www/html/panel Using nano as the editor, open the configuration file op_server.cfg nano op_server.cfg Go to the line that says security code=passw0rd. Replace the passw0rd with the password of your choice. security_code=whateverpasswordyouwant Then do a CTRL-X to exit and then a "Y" to save changes. Now restart the FOP server. amportal restart

3.5 Changing your default MeetMe Password To change the default password for MeetMe type the following into the CentOS command prompt. (note, this command is not really part of CentOS but a script that comes with A@H) passwd-meetme It will ask you for your new password twice.

3.6 Changing your default System Mail Password To change the default password for System Mail type the following into the CentOS command prompt. passwd admin It will ask you for your new password twice.

3.7 Changing your default Sugar CRM Password You can access SugarCRM from your splash page by typing HTTP://PutYourAsterisk@HomeIpaddressHere into your web browser. The default login and password is as follows:

25

Login: admin Password: password To change this, click on My Account in the upper right corner, and then click the Change Password button to change your CRM password.

3.8 Securing the ALT-F9 into the Asterisk CLI console #9 feature/security risk Asterisk has a hidden feature/security risk. On the keyboard you can just press down Alt & F9 simultaneously, then you get access to Asterisk console without having to logon to the actual system and with no * restrictions. This little feature can be considered a security risk if you cannot guarantee the physical security of your asterisk@home server. Go ahead and try on your console to confirm this. At your CentOS console, let's edit the "safeasterisk" file by typing the following: nano /usr/sbin/safe_asterisk change CONSOLE=yes to CONSOLE=no And while you are at it, change the email address as well so you get emails when Asterisk crashes. The line to change is #NOTIFY=ben@alkaloid.net change it to: NOTIFY=your@emailadress.com And you might want to change the hostname variable which specifies which machine has crashed when sending the mail notification. Make sure to remove the quotes from the line. MACHINE=yourhostname Now restart asterisk with the following command: amportal stop and then amportal start Example from /usr/sbin/safe_asterisk CONSOLE=no # Whether or not you want a console (yes/no) NOTIFY=your@email-adr.com # Who to notify about crashes MACHINE=yourhostname #Specify which machine has crashed in email

3.9 Placing a password on the Asterisk@Home Splash page NEW NOTE: It would be a much better idea to just install Web Admin Interface Upgrade (Admin-UI) (click for very easy step by step instructions). The Admin-UI allows you to choose what links are on the start page (I usually just have the voice mail and meetme conference on the homepage) and a password protected admin page. This is a VERY nice thing to add on to your server. The Asterisk@Home splash page is the first thing that appears in your browser when you browse to your asterisk@home's IP address. This splash page was added in Asterisk@Home to make it easier to jump to different services that are running. The splash page contains:

Web-access to Voicemail CRM Flash Operator Panel Web MeetMe Control Asterisk Management Portal

26

It wouldn't be a bad idea to place a password on this page to stop any "curious" employees. The idea behind it this requiring Apache (the web server doing all the heavy lifting for us in CentOS) to get a login and password from a user browsing to the Asterisk@Home Splash Page. Use your own user name instead of "NewUserName". (Note: this can be a real pain because you will be constantly asked for this password when you try to navigate through these pages. Example, to access the splash page you have to enter this new password, to then click other parts of the admin and splash pages, you will find yourself retyping passwords. It can get a bit confusing). htpasswd /usr/local/apache/passwd/wwwpasswd NewUserName (Apache will prompt you for a new password for the user name you've just indicated.) New password: (Apache will prompt you to retype your new password) Re-type new password: (Apache will then confirm the new user) Adding password for user NewUserName Now you have to add the user name you've just created to the "httpd.conf" file. To edit that file in "nano" type: nano /etc/httpd/conf/httpd.conf Now do a CTRL-W to search for "AuthUser" and you'll find the area where all the users are listed (for example: "maint", your AMP user). Now add the following lines: #Password protect the Asterisk@Home Splash Page /var/www/html <Directory /var/www/html> AuthType Basic AuthName "Restricted Area" AuthUserFile /usr/local/apache/passwd/wwwpasswd Require user NewUserName1 NewUserName2 NewUserName3 yaddayaddayadda </Directory> To delete an Apache user, type in the following and then remove the user from the "httpd.conf" file. htpasswd -D /usr/local/apache/passwd/wwwpasswd NewUserName Then restart apache. /etc/init.d/httpd restart

3.10 Changing your default MySQL Password The default password for root is: passw0rd Enter AMP by using typing HTTP://PutYourAsterisk@HomeIpaddressHere into your web browser Click On AMP --> Click on Maintenance ---> Click on phpMyAdmin ---> Click on the Database pulldown in the left pane and choose mysql. When the tables display, click on the user table (and a check mark appears by the "user" under the "table" column). Now click the Browse Icon (the first icon under the "Action" Column. If you hover your mouse over it, it will say "Browse". The entry we care about is the second one: asterisk1.local for root user access. If your password field is blank, youve got a serious security problem. What this entry means in laymans terms is anyone on the Internet can connect to your MySQL databases as root with no password. Click on the pencil beside the second record (asterisk1.local - root). When the record displays, click on the function pulldown in the password row and choose PASSWORD. Then make up a password thats secure and enter it in the password value field. Click Go to save your update. Now click the Browse tab again and be sure an encrypted password is shown for both root user entries in the table. We dont care about the blank password for the blank user because youll note that all the database privileges are set to N for this account. You are not yet complete. myphpadmin will no longer work. To repair this simply go to /var/www/html/maint/phpMyAdmin and edit the file config.default.php. Look for : $cfg<a href=>Servers>'Servers'<a href='$i'>$i<a href=>password>'password' = 'passw0rd'; // MySQL pass word (only needed </a href=></a href='$i'></a href=> Change this to match what was done above, reboot and all is right in the world again

27

(This was cut and copied from Ward's Site. It explains what the problem is) MySQL Security Alert. Recently, we happened to look at how security was set up on MySQL with Asterisk@Home. This may also apply to those using plain-old Asterisk with the Asterisk Management Portal. In any case, you need to check your system NOW! Using the Asterisk Management Portal, go to AMP>Maintenance->phpMyAdmin. Then click on the Database pulldown in the left pane and choose mysql. When the tables display, click on the user table. Now click the Browse tab at the top of the right pane. The entry we care about is the second one: asterisk1.local for root user access. If your password field is blank, you've got a potential security problem. What this entry means in layman's terms is anyone on the Internet can connect to your MySQL databases as root with no password. The only roadblock is being able to spoof the default hostname of your Asterisk@Home server. And hostname spoofing has been a reported vulnerability of MySQL so it's just not worth taking a chance. Keep in mind that all of your VoIP account usernames and passwords are stored in a MySQL table when you use the Asterisk Management Portal (AMP). Not a healthy situation when it's your wallet that's at risk. To fix the problem permanently, just click on the pencil beside the second record. When the record displays, click on the function pulldown in the password row and choose Encrypt. Then make up a password that's secure and enter it in the password value field. Click Go to save your update. Now click the Browse tab again and be sure an encrypted password is shown for both root user entries in the table. We don't care about the blank password for the blank user because you'll note that all the database privileges are set to N for this account. Fixed! 3.11 Changing your ARI (Asterisk Recording Interface) Password ARI is a new voicemail/recording utility that comes with AMP. Users can login using their extensions and voicemail passwords by using http://Asterisk-IP-address/recordings/. To change the administrator password, in CentOS execute the following command: nano -w /var/www/html/recordings/includes/main.conf And on line 53, change your admin password within the quotes. $ari_admin_password = "ari_password";

3.11 Changing your A2Billing Password To login to Open A2Billing, go to http://Asterisk-IP-Address/a2billing Default login details are "root" and "myroot".

3.11 Changing your host name Asterisk@Home installs with a default Hostname of Asterisk1. You might want to change this to something more meaningful to you. To do this, you must edit the hostname in two files in CentOS First, edit the hosts file: nano etc/hosts You will see a line: 127.0.0.1 asterisk1.local asterisk1 localhost you can change this to: 127.0.0.1 yourname.yourdomain.com yourname localhost Second, edit the network file: nano etc/sysconfig/network Change HOSTNAME=asterisk1.local to HOSTNAME=yourname.yourdomain.com reboot

3.12 Updating patches to CentOS

28

Every OS has patches that need to be applied. Wouldn't be a bad idea to make a ghost or backup your server at this point. From the CentOS command line, run the following command: yum -y update Additionally, you could setup automatic updating; however, be aware that this could cause issues with a production system. chkconfig yum on service yum start

3.13 Backup and restore of Asterisk@Home Now when you have invested some hours and work, now it's time to secure it for the unpreventable hard disk crash. As a wise man said, "there are two types of hard drives, the one that has crashed and the one that is going to..." Backups created by AMP is stored un the folder /var/lib/asterisk/backups/daily This folder has to be created and rights have to be set. mkdir /var/lib/asterisk/backups/daily chown asterisk:asterisk /var/lib/asterisk/backups/daily

3.13.1 Backup How to create backups with AMPortal Under the menu Setup there is a submenu Backup and Restore, choose Add Backup Schedule Give the backup schedule a name and choose what parts of the system you would like it to backup. From the pulldown menu below the choices, choose Now to make a backup as soon as you push the Submit Changes button (but remember that you may want to go back and set up a regular backup schedule), choose one of the pre-made schedules to backup at a later and repetitive time, or choose Follow schedule below to make your own schedule from the menus below. Click Submit Changes to activate your backup schedule. How to manually create backups Using AMP, go to Maintenance, then Backup. Click on Download Backup. You will download an "asteriskathome_backup.tar.gz" file to your usual internet download directory. This does not backup the root, maint, amp, admin, meetme passwords but does save the FOP, SugarCRM, A2Billing, and SQL DB passwords. It also does not backup custom recordings or custom music on hold files.

3.13.2 Restore From AMP, from a scheduled backup To restore a scheduled backup, in AMP click Maintenance, then Backup & Restore, then Restore from Backup. A list of backup schedule names should appear. Find the backup you would like to restore, then click on the backup file. Choose which set of data you would like to restore, then click yes when prompted. From an asteriskathome_backup.tar.gz file Make sure you have a backup downloaded from AMP - maintenance - backup... asteriskathome_backup.tar.gz . Use Winscp(or some other file transfer) to copy the backup to the /var/lib/asterisk/backups directory on your * box. Log in as root and navigate to the directory in which you placed the backup. This next step is immediate and doesn't ask for confirmation! At the command line enter this command: restore-aah asteriskathome_backup.tar.gz

3.13.3 Backup storage Store backups on a NFS file system How to export NFS file system isn't covered here. mount linux.box.com:/var/backup /mnt/backup Connects to NFS /var/backup on linux box linux.box.com and mount it in the local directory /mnt/backup/.

29

OBS the directory /mnt/backup/ must exist! Not complete! Store backups on a Windows share How to create windows shares isn't covered here. Note by default smbclient / smbmount is not installed, run the following at the shell to install: yum -y install samba-client Smbmount is assuming that the user that is used to connect to the windows user is the user specified in the variable USER. smbmount //winbox/c /mnt/backup Connects to Windows share c on the PC winbox and mount it in the local directory /mnt/backup/. After enter the user is prompted for password. OBS the directory /mnt/backup/ must exist! smbmount //winbox/c /mnt/backup -U=WINUSER Same as the example above but here we also specify the user with the parameter -U=WINUSER After enter the user is prompted for password. smbmount //WINUSER:PASSWORD@workgroup/winbox/c /mnt/backup This example is most suited for script because there is no need to type the password

Chapter 4 Using AMP to Configure your Asterisk@Home Server 4.1 What is AMP? Using AMP (Asterisk Management Portal) we can easily configure our asterisk server. AMP provides a graphical method (through a web browser) to configure the textual configuration files that Asterisk needs to function.

4.2 How does AMP work? Here is what AMP can configure in asterisk: Incoming Calls Specify where to send calls coming from the outside Extensions Add extensions and set voicemail properties Ring Groups Group extensions that should ring simultaneously Queues Place calls into queues and allow them to be answered in order Digital Receptionist Create voice menus to greet callers Trunks Set up trunks to connect to the outside world Outbound Routing Manage which trunks outbound calls go out DID Routes Specify the destination for calls if their trunk supports direct inward dial On Hold Music Upload MP3 files to be played while users are on hold System Recordings Record or upload messages for specific extensions Backup and Restore Create, back up, and restore profiles of your system General Settings Set basic dialing, company directory, and fax settings

4.3 How to Log into AMP To log into AMP and begin making your changes, point your browser to the IP address of the Asterisk@Home Server HTTP://PutYourAsterisk@HomeIpaddressHere The default login and password of AMP is Login: maint Password: password Hopefully by this point you've already changed your password! (See Chapter 3 Securing your Asterisk@Home server)

4.3 Configuring an extension

30

1) Use a pc on your network that has a web browser and connect to your Asterisk@Home box using HTTP://PutYourAsterisk@HomeIpaddressHere. 2) Click on Asterisk Management Portal and then click setup. 3) Click Extensions then Add Extension. 4) Select the type of extension.

A. SIP = Session Initiation Protocol o 1a) Use the default extension 200 and type in a password for registration like "abc123". Then enter the name of the person using this extension. If you can't find the password box to enter a password, create the user, you'll then need to set the password manually in the MySQL database. Click on Maintenance and PhpMyAdmin. Go to the Asterisk database and click on the users table. Click browse and find the extension you want to set the password on. Edit the entry, select 'Password' in the row Function pulldown and enter a password. o 2a) Go down to the voicemail section, select enable, and enter a voicemail password. Use something you can type on a phone keypad like '1234'. Enter an e-mail address where you would like your voice messages sent and click add extension. Then click on the red apply bar at the top of the screen. o 3a) Set up a phone for this extension. Get a SIP phone, an X-Ten soft phone is good for testing. See the section on the X-Ten phone. remember to use your extension and extension password. o 4a) Make a call from your phone. (try *45 this is a local echo test) (correction *43) B) IAX2 = Inter Asterisk Transport version 2 C) ZAP = PSTN based hardware providing FXO/FXS operations D) Custom = Used for special types of extensions o 1d) To create a custom extension which calls an external number enter the extension number for the new extension, 1234 will work nicely. o 2d) Enter the display name for the extension, "Joe's Cell Phone" will do nicely for this o 3d) Skip down to the "Dial" field. Enter the dial details in this format: TYPE/NUMBER@TRUNK OR TYPE/TRUNK/NUMBER. For example: SIP/5555551212@telasip-gw or ZAP/4/5555551212 (both formats seem to work) o 4d) Click Submit. Click the Red Bar that appears at the top of the screen o 5d) Try calling your new extension.

There appears to be a problem defining a custom extension (AAH ver 2.6). To have an extension call an outside number, create a custom extension with the following dial string Local/phonenumber_to_call@outbound-allroutes eg A call to a UK phone might use the following dial string: Local/01144xxxxxxxxx@outbound-allroutes Here is a discussion about this issue: http://sourceforge.net/forum/forum.php?thread_id=1434318&forum_id=420324 4.4 Configuring a trunk for outbound and inbound calls Using AMP (user: admin, pass: password) (A@Hv1.5 user: wwwadmin) select setup then trunks. Click on the type of trunk you want to create. See the VOIP Service Providers section for how to configure a trunk for your provider. See Example 6 for IAX trunking to a non A@H 2.5 host.

4.5 Configuring Outbound Routing Next you need a route to allow calls from your phones to go out on a trunk. If you have more than one trunk you can set up rules to determine how a trunk is chosen for each call. Here we will set all calls to go out one trunk. Using AMP (user: admin, pass: password) (A@Hv1.5 user: wwwadmin) select setup then Outbound Routing. Type in a name for your route. Then enter the following in the dial pattern box.

1NXXNXXXXXX NXXNXXXXXX NXXXXXX

31

This will set all calls to use this route. Next go to the Trunk Sequence section. Drop down the box and select the trunk you configured earlier. Click add. That's it. Click Submit Changes and then click on the red apply bar at the top of the screen. Try dialing a number on your phone like 19197543700 (RedHat customer support) and you should hear "Welcome to RedHat" In South America, we use 00+country+areacode+number but USA use 011+country+areacode+number To replace the 011 and start dialing with 00 and have the ability to dial local numbers, you have to add the Outgoing Dial Rules in your trunk: Outgoing Dial Rules for the trunk voip: 1+NXXNXXXXXX ; this is to call to USA 011+N. ; this is to call to rest of the world 0115935+2XXXXXX ; this is for local dialing at my area 011593+NNXXXXXX ; this is for regional calls at my country Next, create 3 outbound routing (localdialing, USA, restoftheworld) For localdialing: Dial Patterns: 0|2XXXXXXX 0|3XXXXXXX 0|4XXXXXXX 0|5XXXXXXX 0|6XXXXXXX 0|7XXXXXXX 0|8XXXXXXX 0|9XXXXXXX ; this if for mobile 2XXXXXX ; this is for dialing local city numbers --Trunk Sequence: voip for USA: Dial Patterns: 001|NXXNXXXXXX 001|800XXXXXXX ; toll free numbers Trunk Sequence: voip For restoftheworld : Dial Patterns: 00|Z. Trunk Sequence: voip

4.6 Configuring Incoming Calls

32

Next you need a route to allow calls from your provider to go someplace. Using AMP (user: maint, pass: password) select setup then Incoming Calls. Under the Send Incoming Calls from the PSTN to: section drop down the box next to Extension: and select the extension 200 you created earlier. Click Submit Changes and then click on the red apply bar at the top of the screen. Call the phone number from your provider with a cell phone or other non-IP phone. Your SIP phone at extension 200 should ring.

4.7 Configuring the digital receptionist

Go to the setup-digital receptionist page. digit your extension number (ie. the number of the phone you are going to use to record the message for the receptionist). Give a name to your menu (ex. business_hours) and write the text of the message in the box below, so when recording you'll "only" have to read. By default you can give # as an option to access the directory or dial the extension wanted you know it. Remember: you have to use options numbered 1, 2 3 and so on, not real extensions (ie: ... dial 3 for the marketing ... dial 550 for the marketing is wrong). a good(tm) example would be: Welcome to Acme! Thank you for your call. Dial the extension number if you know it or dial 1 to talk with administrators, 2 for the tech zone, 3 for the store, 4 to talk with an operator or 5 to leave a message in our mailbox. dial # to access the directory. Or zero for an operator. Thank You. Note: you can have 2 digital receptionists, one for business hours and one for night hours. ex: Welcome to Acme! Thank you for your call. Our offices are open from 8 to 5, Dial 1 to talk 24/24 support 5 to leave a message in our mailbox. Thank you. dial *77 and record your message. you can listen to your just recorded message via *99. repeat until satisfied and press continue. Insert the number of options you gave on the messages (in the example 5, dial extension and # does not count) and press continue. now associate every option with the corresponding action ... (ex. 1 goes to extension 545, 2 to the queue 600, 3 to the ring group 650, 4 to 211 and 5 211's mailbox). press continue and your first digital receptionist is created. now go to the setup-incoming-call and associate this digital receptionist to wanted incoming calls.

4.7.1 How to connect a caller to a default extension when one is not chosen Currently when caller does not make a choice from the options the call is disconnected after second message. To send the caller to a default extension, add the letter "t" to the Digital Receptionist ---> Options for Menu --> Dialed Option # ----> "T" ----> Then the extension you want the caller to be sent to. 4.8 Trunking two Asterisk@Home Servers There are many ways to trunk two asterisk servers together that offer different features and ability. Below is one such configuration using IAX2. Assumptions:

The two Asterisk@Home servers are named: SystemA and SystemB SystemA uses 2XX series extensions SystemB uses 3XX series extensions

SystemA Configuration

33

1. 2.

Add extension 201 (if needed) Add new IAX2 Trunk: 1. Trunk Name: systemb 2. Peer Details:

context=from-internal host=systemb.ip qualify=yes secret=systemb-pass type=peer username=systemb-user 1. 2. User Context: systema-user User Details:

context=from-internal host=systemb.ip secret=systema-pass type=user 1. Create outbound route: 1. Dial Patterns: 3XX 2. trunk Sequence: IAX2/systemb

SystemB Configuration 1. 2. Add extension 201 (if needed) Add new IAX2 Trunk: 1. Trunk Name: systema 2. Peer Details:

context=from-internal host=systema.ip qualify=yes secret=systema-pass type=peer username=systema-user 1. 2. User Context: systemb-user User Details:

context=from-internal host=systema.ip secret=systemb-pass type=user 1. Create outbound route: 1. Dial Patterns: 2XX 2. trunk Sequence: IAX2/systema

Note: Change "systema.ip" and "systemb.ip" to the ip addresses of your respective servers. At this point, from extension 201, dialing 301, it will trunk through IAX2 to the next extension. 4.9 "Extension Mobility" "Phone Sharing" or "Disconnecting the extension from the phone". This little AMP custimization allows the administrator to disconnect the extension from the phone. In other words, users can now "Log Into" a phone will all the associated benefits. A good example when this would be great would be when there is a day and night shift using the same phones. The night shift comes in and logs into the same phone that a day shift person had just used. Another example would be a user that skips around your compan's remote sites. They won't have to lug the hard phone with them if all they need to do is log into the nearest hard phone to gain access to their extension. Another benefit to this custimization is if you have 1 hard phone at work and 1 soft phone on your laptop with

34

the same extension (example x1234). Usually, when the hard phone registers with the asterisk server, the registration would be "stolen" away by the soft phone when the soft phone is started. All incoming calls would go straight to the soft phone. The only way to get around this OTHER than this customization would be to assign your hard phone an extension (example: x12341) and your soft phone an extesion (x12342) and then tie them together with ring group with the extension that you want (x1234). This way both phones will ring if x1234 is called. AMP fuses the user and the device into an object called an extension. We are going to un-fuse it. 4.9.1 Editing the AMP config file We have to edit the AMP configuration file. At the CentOS command line, type the following: nano /etc/amportal.conf Look for an find the AMPEXTENSIONS= setting. Right now it is set for: AMPEXTENSIONS=extensions Change this to: AMPEXTENSIONS=deviceanduser Save the file, and restart AMP by typing the following at the CentOS command line: amportal restart

4.9.2 Configuring our Users and Devices If you login to AMP, you will notice that instead of the "Extensions" menu option in "Setup", there is now "Devices" and "Users". Chapter 5 PSTN interface cards There are many types of PSTN interface cards. These can include a single FXO card to allow 1 home telephone line to be connected to Asterisk, or a T1 card that allows a digital trunk to be connected to Asterisk. All of these cards allow you to make calls directly on the Public Switch Telephone Network without having to use a VOIP phone service provider. PSTN cards can also be used to connect a PSTN (Non VOIP) phone to Asterisk. These can include a single FXS card to allow 1 home telephone to be connected to Asterisk, or a T1 card that allows a channel bank with 24 phones or a tie line to a PBX to be connected to Asterisk.

5.1 FXO Cards These cards allow you to connect a POTS (plain Old Telephone System) line to your Asterisk@Home box.

5.1.1 Digium Wildcard X100P OEM FXO PCI Card These voice modems are available on e-bay for about $10.00 They are not made by Digium and are of low quality. Having said this they can work very well in many situations. If your phone line is well balanced they will work well. If its not you can get some bad echoes. We recommend them only for testing not for a production system. To configure these cards for use with Asterisk@Home first use the zaptel card auto-config utility to set up the zaptel driver. Type genzaptelconf -s -d from the command line (if the card was in the system when you installed aah this already done) Next go into the AMP web interface and create a trunk. There is already a trunk called ZAP/g0 edit this Enter the phone number for you pots line in the Caller ID field Enter 1 for Maximum channels

35

Set a dial rule if you want for this trunk Select an outbound dial prefix to select this trunk when dialing Set the Zap Identifier to 1 (the default is g0) This trunk is now configured you must add a route for incoming calls or asterisk will not answer this line click on incoming calls in amp and set up an incoming route. to make outbound calls you will need an outbound route. set one up in AMP Hardware Conflicts This card is especially sensistive to hardware conflicts. I had a problem where I was unable to make outbound or inbound calls and would hear static on the POTS line when asterisk tried to play its error message. I got errors like: "Everyone is busy/congested at this time", "ZT_CHANCONFIG failed on channel 1: No such device or address", and "wcfxo: probe of 0000:00:09.0 failed with error -5". I moved the PCI card from slot 1 to slot 2 and now everything works out-of-the-box. One symptom was that the card was listed in lspci (as a Tiger Jet Network Inc. Tiger3XX Modem/ISDN interface) but wcfxo had no interrupt assigned in /proc/interrupts. If one wanted to add an automated check for this problem in the installation or a debug tool, that might be a good criterion. 5.1.2 Cisco / Linksys / Sipura SPA-3000 FXO/FXS Device The device is available for less than $100. Sipura was bought by Linksys, Linksys was bought by Cisco. The device can be used as a stand-alone item, or with Asterisk@Home. When used with Asterisk@Home, it can be used to connect to the PSTN via its FXO interface, and can also act as an ATA for an analog phone connected to its FXS interface. The following instructions have ***NO SECURITY*** features enabled. Anyone who can access the IP address of the Sipura device could make calls using your PSTN, including long-distance, international and 900 lines. You have been warned! Again, there are no security measures in place in the following instructions! Do NOT use them as-is! They are only to initially get you started with a basic, no-frills, bare-bones, quick-and-dirty, setup to get Asterisk to talk to the FXO (PSTN) interface of your Sipura SPA-3000. So... Are you going to leave them running unattended? NO!!! Are you going to use them in a testing environment for more than 2 seconds? NO!! Are you going to use them in a production environment? NO!!! NO!!! NO!!! Assumptions: 1. The devices are on the same network (1.2.3.x) 2. No physical connection to any other network, or the internet exists (no security = isolated test lab environment is a must) 3. The PSTN service is from a provider in the United States 4. The PSTN service has Caller ID 5. You only want a starting point to get the devices to communicate. Then, you'll delve in deeper and setup your own security. Prerequisites: 1. Asterisk@Home 2.5 2. Sipura SPA-3000 with the 3.1.7(GWg) firmware installed, and reset to factory defaults IP Numbering Conventions used in this example: 1.2.3.4 represents Asterisk@Home 1.2.3.5 represents Sipura SPA-3000 Here goes... For the Sipura SPA-3000 1. Access the Sipura SPA-3000's Advanced Admin page at "http://1.2.3.5/admin/advanced" 2. Click on the "PSTN Line" tab 3. Scroll down to the "Proxy and Registration" settings 4. Set "Make Call Without Reg:" to "yes" 5. Set "Ans Call Without Reg:" to "yes" 6. Scroll down to the "Dial Plans" setting 7. Set "Dial Plan 2:" to read "(S0<:1.2.3.4>)" 8. Scroll down to "PSTN-To-VoIP Gateway Setup" 9. Set "PSTN Ring Thru Line 1:" to "no" 10. Set "PSTN CID for VoIP CID:" to "yes"

36

11. 12. 13. 14.

Set "PSTN Caller Default DP:" to "2" Scroll down to the "FXO Timer Values (sec)" settings Set "PSTN Answer Delay" to "3" Scroll down to the bottom of the page and click "Submit All Changes"

For Asterisk@Home 1. From the AMP main page, click "Setup" 2. Click "Trunks" 3. Click "Add Trunk" 4. Click "Add SIP Trunk" 5. Scroll down to the "Outgoing Settings" section 6. Set "Trunk Name:" to "1.2.3.5" 7. Replace the default entries in "Peer Details" with: context=from-pstn host=1.2.3.5 port=5061 type=peer 8. Scroll down to the "Incoming Settings" section 9. Delete the default "User Details:", leaving it blank 10. Scroll down to the bottom of the page and click "Submit Changes" 11. Click the "You have made changes - when finished, click here to APPLY them" at the top of the page. If all goes according to plan, the SPA-3000 will detect the PSTN line when it rings, and forward it to the configuration you've set in the AMP "Incoming Calls" section. For example, if you've set it to send incoming calls to ext. 200, then ext. 200 should ring when the PSTN line rings. To avoid having Asterisk tell the Sipura to pickup the ringing line, from the Asterisk management portal "General Settings" screen set the "extension of fax machine receiving faxes" to disabled. The PSTN line will not be answered (if the PSTN caller is calling from long-distance, the PSTN caller won't be charged) until ext. 200 answers (or if you have voicemail, until the call gets routed there). If the fax option is not set to disabled, Asterisk will answer the line itself in an attempt to determine if the call is a fax, before ringing the call through to ext. 200. To make outbound calls, you'll need to configure "Outbound Routing". Instructions for outboind routing are covered elsewhere in this handbook. Remember to secure the SPA-3000 now that you've got it talking to Asterisk@Home! 5.2 FXS Cards These cards allow you to connect an Analog phone to your Asterisk@Home box.

5.2.1 Digium TDM400P FXO/FXS Card This card has 4 module ports that can be loaded with FXS or FXO modules. You can auto config this card just like the X100P. Channel 1 is the top RJ-45 on the back of the TDM400P card. Note: On some cards with only two active ports the lower two ports may be the active ones. You can check before you install the cards by noting the position of the small daughter cards adjacent to each port. Otherwise you can check after installation by noting which LED's are active on back of the card. Start by installing the card into a free PCI slot. Make certain that you connect a power cable into the card. FXO and FXS cards require power in order to power the telephone line or extension. The TDM400P range of cards use the standard 4 pin harddrive power connector, if you don't have a free power connector you can always buy the equivalent of a double adaptor. Once installed close the box up and plug a telephone line (or extension) into each port of the card (I'm not certain this is actually required). Note: the TDM400P range of cards ALL have four ports on the back, however depending on which model you bought not all ports may be usable. For instance if you purchased a two port FXO card then only the top two ports are usable. Close the PC up and turn the power on. Note: the LED's adjacent to each port will not come on util the the device has been properly configured. You can check that your Operating System recognized the card by running the following command: lspci The TDM cards are recognized as: (don't ask me why) Network controller: Tiger Jet Network Inc. Tiger3XX Modem/ISDN interface

37

Note: The easiest way to install a TDM400P card is to install it before installing Asterisk@Home. If you installed the cards after installing Asterisk@home you may have to do some additional work: The two errors I recieved are (during boot): loading Zaptel framework: FATAL: Module zaptel not found. Missing /dev/zap/ctl The following actions overcame the problem. 1. edit /etc/udev/rules.d/50-udev.rules 2. add the following lines to the bottom of the file (first check that they don't exists elsewhere) 1. Section for zaptel device

KERNEL="zapctl", NAME="zap/ctl" KERNEL="zaptimer", NAME="zap/timer" KERNEL="zapchannel", NAME="zap/channel" KERNEL="zappseudo", NAME="zap/pseudo" KERNEL="zap0-9*", NAME="zap/%n" 3. reboot 4. execute the following command: rebuild_zaptel 5. genzaptelconf Asterisk should now be up and running. Check that the TDM card has been recongnized by running the following from the Asterisk command prompt: zap show channels You should see something simliar to : Chan Extension Context Language pseudo from-internal en 1 from-internal en 2 from-internal en MusicOnHold

You can find some of the details describing part of the above problem here: Details on fixing the problem with a messing /dev/zap/ctl can be found here. Next check that each card is running on its own IRQ. Asterisk is quite sensitive to IRQ response times so sharing an IRQ just isn't going to work. You can check what IRQ each TDM card is operating on by running: cat /proc/interrupts TDM cards show up as 'wctdm'. If the card is on the same line as any other device then you will need to reconfigure your systems IRQ. You can also refer to http://www.asteriskguru.com/tutorials/wildcard_tdm400p.html for a good article on getting the TDM400P range of cards operating. To configure these cards for use with Asterisk@Home first use the zaptel card auto-config utility to set up the zaptel driver. Type genzaptelconf -s -d from the command line (if the card was in the system when you installed aah this is already done). Check out what the config has with: Note: -s -d arn't supported in Asterisk 1.2. Just running genzaptelconf appears to be sufficent. ztcfg -vv HINT: If you cannot see the TDM400 card's resources you must make sure it has its own UNSHARED IRQ (interrupt). It must not share an IRQ with any other device or onboard resource. There may be a way in your BIOS to change IRQs. Using a different PCI slot can also resolve this issue. Next, using config edit, look in the zapata-auto.conf file you will see a list of all your channels. Set up the trunks as trunks and the extensions as extensions in AMP. For example if your zapata-auto.conf file looks like this Span 1

38

WCTDM/0 "Wildcard TDM400P REV E/F Board 1" signalling=fxo_ks Note this is an extension. Create a ZAP extension in AMP for Channel 1 channel => 1 signalling=fxs_ks Note this is a trunk. Create a ZAP trunk in AMP for Channel 2 context=from-pstn channel => 2 then add a zap extension for channel 1 and a zap trunk for channel 2 you may have to reboot your system to get everything going. you must add a route for incoming calls or asterisk will not answer your trunk click on incoming calls in amp and set up an incoming route. to make outbound calls you will need an outbound route. Set one up in AMP.

5.3 T1/PRI Cards Setup for Digium T100P and a PRI login to the CLI as root root@asterisk1 /# cd /etc root@asterisk1 etc# nano -w zaptel.conf Add these lines to /etc/zaptel.conf span=1,1,0,esf,b8zs bchan=1-23 # set this to 1-15,17-31 for E1 dchan=24 # set this to 16 for E1 Add # to front of fxsks=1 so it looks like this: span=1,1,0,esf,b8zs bchan=1-23 # set this to 1-15,17-31 for E1 dchan=24 # set this to 16 for E1 1. fxsks=1

loadzone = us defaultzone=us Control-X then Y to save zaptel.conf Log into Asterisk@home using a browser http://-asterisk-ip-adress/admin Then click on Maintenance Then click on Config Edit Then click on zapata.conf Comment out with ; to signalling=fxs_ks: ;signalling=fxs_ks Then copy just below it: signalling=pri_cpe ; pri_cpe = PRI slave ; pri_net = PRI master

39

switchtype=national Then add this callerid=asreceived under ;usedistinctiveringdetection=yes Change echocancelwhenbridged=yes Change echotraining=400 ; Asterisk trains to the beginning of the call, number is in milliseconds at the end of the file copy and past: channel => 1-23 ; Set this to 1-15,17-31 for E1 Click Update and Click Re-Read Config Go back to SSH root root@asterisk1 etc# modprobe wct1xxp root@asterisk1 etc# ztcfg -vv Do a shutdown and restart the system root@asterisk1 etc# shutdown -r now You just need to login via web and make your setup.

5.4 ISDN Cards Integrated Services Digital Network (ISDN) is an international standard that defines a worldwide, completely digital switched telephone network. There are many different ISDN cards and there is two main types of ISDN and they are BRI and PRI. ISDN Basic Rate Interface, or BRI. On a single pair of ordinary phone wires, BRI offers two "bearer" channels at a 64kbps or 56kbps transmission rate and one "data" channel at 16kbps. This configuration is often referred to as 2B+D. "B" is the channel that transports, in this case, the voice traffic and the "D" channel is used for signalling. There is also ISDN Primary Rate Interface or PRI. There is mainly two types of PRI, American PRI and European PRI. An American PRI offers 23 "B" channels and one "D" channel. In Europe and Asia, this service offers 30 "B" channels and one "D" channel.

5.4.1 ISDN BRI Cards There is one main difference between card types, passive cards and active cards and how do you tell the difference ? The active card has its own cpu that offload the PC's cpu and therefore they are expensive. There are also BRI cards with multiple ports.

5.4.1.1 ISDN BRI Cards with HFC chipset

5.4.1.2 ISDN BRI Cards with HFC chipset

5.4.2 ISDN PRI Cards

5.4.2.1 ISDN PRI Cards, Digium

40

5.4.2.2 ISDN PRI Cards, Sangoma

5.5 Channel banks 5.6 Tips and trick for ZAP Trunks 5.6.1 Outgoing ZAP calls missing first dialed digit

Sometimes Asterisk Dials before the Dial tone is ready. This causes the first digit to be lost and the call to fail. Usually you get a massage from the phone company telling you to "dial 1 before the number" To fix this add a "w+" to the dialing prefix in the Zap trunk this forces hardware to wait a half-second (for each "w" you put) for the dial tone before dialing digits. Chapter 6 VOIP Service Providers

There are many service providers. Some provide proxy server that make it possible to connect to other members of that provider. Other providers offer both incoming and outgoing PSTN to VOIP termination. Here are a few common providers and how to make the work with Asterisk@Home. Most providers will give you phone number and a password for that provider some will also give you a user name. If you get a real PSTN number from the provider it will be a normal 10 digit number (US providers). some providers give out shorter number that can only be used by other members of that provider. The following site provides alot of useful information regarding VOIP providers rates, connection types, and county availability VOIP Charges

6.1 Free World Dialup (FWD) Contact: http://www.freeworlddialup.com/ Service: proxy to other FWD users, Gateway to other providers Protocol: SIP or IAX Cost: free You should have a phone number (123456) and a password (wibble). You also need to have your FWD account setup for IAX. This is achieved by visiting http://www.freeworlddialup.com, logging in and turning on IAX. This is done in the "Extra Features" area of your account page. It does take a little bit of time to be set up (10 mins or so), so do that first. Once you've turned it on and clicked 'Submit' enough times (I noticed I had to click Submit two or three times before it came up with 'Changes Successful', that may have just been a temporary glitch) you're ready to proceed below. Once again, you need to be in AMP, the Asterisk Management Portal. Click on Setup up the top, but this time click on Trunks on the left. Click on Add IAX2 Trunk Outbound Caller ID should (but doesn't have to be) set to your FWD Number. This is what is displayed when you call someone else through FWD. They'd normally just see your Extension (200). Outgoing Settings Trunk Name: fwd (This is just a descriptive name, and is what appears on the left of the screen) PEER Details: (Change '123456' and 'wibble' to be your FWD Number and Password)

host=iax2.fwdnet.net type=peer username=123456 secret=wibble

41

Incoming Settings USER Context: iaxfwd (Pay attention here. Don't change it. or it won't work) USER Details (Nothing needs to be changed here, this can be pasted straight in)

allow=ulaw auth=rsa context=from-pstn disallow=all inkeys=freeworlddialup type=user Register String: should be set to yournumber:yourpassword@iax2.fwdnet.net, using our examples above, it would be 123456:wibble@iax2.fwdnet.net Click 'Outbound Routing' from the menu, and then click 'Add Route' Name your route something like 'fwd' The dial prefix is, usually, 393 That's 'FWD' on your phones pad. Dial Patterns: 393|X. Trunk Sequence: IAX2/fwd Click 'Submit Changes' You may have to move the trunk further up the priority list. from the asterisk command line type the following to see if the new connection is registered. iax2 show registry Assuming you've got your username and password correct, you should now be able to dial '393612', Which will read out the time to you. IF you're feeling exceptionally brave, call '393613', which is a useful little echo tester - it'll just bounce back to you everything you say to it. You can then try '393514' which is FWD's 'Coffee Lounge' - I've never actually successfully had a conversation with anyone there, however, or '39355555', which calls a random volunteer, so you can actually speak to a live person!

6.2 Free World Dialup OUT (FWD) Contact: http://www.fwdout.net/web/ Service: Gateway to other providers Protocol: IAX Cost: Share and Share Alike FWDout is The Service Formerly Known as <name withheld> You must read the documentation carefully and be aware that a poorly configured *@Home box can be used by other people on the fwdOUT network to make long distance calls that you may end up paying dearly for. Create an account on http://www.fwdout.net/bell-cgi/signup.cgi Once again, you need to be in AMP, the Asterisk Management Portal. Click on Setup up the top, and click on Trunks on the left. Click on Add IAX2 Trunk Outbound Caller ID should left blank Outgoing Settings Trunk Name: fwdOUT (This is just a descriptive name, and is what appears on the left of the screen) PEER Details: (Change '123456' and 'wibble' to be your fwdOUT Number and Password)

username=123456 type=peer secret=wibble host=iax.fwdOUT.net

42

Incoming Settings USER Context: iaxfwdOUT (Pay attention here. Don't change it. or it won't work) USER Details (Nothing needs to be changed here, this can be pasted straight in)

type=user inkeys=freeworlddialup disallow=all context=from-pstn auth=rsa allow=ulaw allow=gsm Register String: should be set to yournumber:yourpassword@iax2.fwdOUT.net, using our examples above, it would be 123456:wibble@iax2.fwdnet.net Click 'Outbound Routing' from the menu, and then click 'Add Route' Name your route something like 'fwdOUT' The suggested Dial prefix for fwdOUT is 394, although this is optional Dial Patterns: 394|X. Trunk Sequence: IAX2/fwdOUT Click 'Submit Changes' You may have to move the trunk further up the priority list. from the asterisk command line type the following to see if the new connection is registered. iax2 show registry If you have another provider for long distance place the fwdOUT before your providers Trunk so that outbound calls are routed through fwdOUT fwdOUT will allow you to make long distance phone calls using other people's asterisk boxes, while allowing other people to route calls through your asterisk box. The idea is that you do not pay for calls in your local area, so you can let people route calls through your server, and other people do the same for you. 6.3 VoicePulse Contact: http://connect.voicepulse.com/ Service: PSTN termination Protocol: IAX Cost: pay Once again, you need to be in AMP, the Asterisk Management Portal. Click on Setup up the top, but this time click on Trunks on the left. Click on Add IAX2 Trunk Dial Prefix 9 if you're not already Leave Default Trunk switched off (or make this the default if you want all your calls to use it) Outbound Caller ID should (but doesn't have to be) set to your VoicePulse Number. Outgoing Settings Trunk Name: voicepulse-out-01 (This is just a descriptive name) PEER Details: (Change <your username> and <your password> to be your VoicePulse Number and Password)

host=gwiaxt01.voicepulse.com secret=<your password> type=peer username=<your username> Incoming Settings USER Context: voicepulse-in-01 (Pay attention here. Don't change it. or it won't work) USER Details (Nothing needs to be changed here, this can be pasted straight in)

43

auth=rsa context=from-pstn inkeys=voicepulse01 type=user Register String: should be set to <your username>:<your password>@gwiax-in-01.voicepulse.com example (bob:abc123 @gwiax-in-01.voicepulse.com) That's it. Click on Submit Changes, and then on the big red 'You have made changes' bar and you're done. For a test make a call (try 1-800-555-1212) 6.4 Sixtel Contact: http://www.iax.cc/ Service: PSTN termination Protocol: IAX Cost: pay Iax.cc, also known as sixTel is a small VOIP termination provider that offers very low rates for inbound and outbound calls. With rates at low as 1.43 cents per minute and a good number of local and toll free numbers to choose from, sixTel is a popular choice for home and small business users. Once again, you need to be in AMP, the Asterisk Management Portal. Click on Setup up the top, but this time click on Trunks on the left. Click on Add IAX2 Trunk Use the following example to get you up and going: Outbound caller ID: "Your Name" <1XXXXXXX> Maximum Channels: 4 Trunk Name: sixTel Peer Details: allow=all context=ext-did host=iax2.sixtel.net secret=myPassword type=friend username=myUserName User Context: <<blank>> User Details: <<blank>> Registration String: myusername:mypassword@iax2.sixtel.net On the DID tab, create a new DID DID: 949XXXXXXX <- use sixtel DID number Set this new DID to use your "Normal Incoming Calls Setting". Finally, on your "Outbound Routes" tab, you will need to add the sixTel trunk to one of your outbound trunks. Once you save your settings, click on the red bar at the top of the screen, wait a few seconds, and you should be able to send and receive calls through Iax.cc/sixTel. For a test make a call (try 1-800-555-1212)

6.5 VoipJet Contact: http://www.voipjet.com/ Service: PSTN termination Protocol: IAX Cost: trial/pay VoipJet allows you to create a free trial account to test your system. Once you have things working and have made a call you can buy extra credit. Once you have registered, for free, and received your free credit to do some basic testing, VoipJet provides instructions on how to configure asterix to use your new account.

44

In the Asterix@home management portal, Click on: Setup at the top, Trunks on the left, add IAX2 Trunk in the middle. General Settings, leave this section blank. Outgoing Dial Rules, leave this section blank. Outgoing Settings, edit this section: Trunk Name: 7374@voipjet (7374 is the userID given to you, you can get it from the VoipJet page which helps with the settings) PEER Details: auth=md5 context=ext-did host=64.34.45.100 notransfer=yes username=7374 secret=ecbf7ffca7631227 (this is the MD5 hash that is given to you, on the help page) type=peer Incoming settings User Context: voipjet User Details: auth=md5 context=ext-did host=64.34.45.100 notransfer=yes username=7374 secret=ecbf7ffca7631227 (this is the MD5 hash that is given to you, on the help page) type=peer Registration, leave this section blank Submit and click the red save bar at the top.

6.6 MyNetfone - AUSTRALIA Contact: http://www.mynetfone.com.au// Service: PSTN termination Protocol: SIP Cost: pay MyNetfone provides free user to user calls and A$0.10 (~US$0.065) untimed calls to Australian landline numbers (+6113 +612, +613, +617 +619). Check their plans here: http://www.mynetfone.com.au/plans/ Outgoing settings are: allow=alaw&ulaw&g729 authname=0911XXXX canreinvite=no disallow=all dtmfmode=rfc2833 fromuser=0911XXXX host=sip.myfone.com.au insecure=very pedantic=no qualify=yes secret=<your password> type=peer username=0911XXXX They also provide indial numbers to people with an Australian address (yes that's still regulated in Australia). Incoming settings are: You don't need this to make outgoing calls only Registration: You don't need this to make outgoing calls only Submit and click the red save bar at the top.

45

6.7 Telasip Contact: http://www.telasip.com/ Service: PTSN Termination Protocol: SIP Cost:pay Telasip trunk configuration: Oubound caller ID: "j smith" <5212314214> (substitute with your name and DID) Maximum channels: 2 Dialing rules: (substituting your local area code for 404 below) 1|NXXNXXXXXX NXXNXXXXXX 404+NXXXXXX Outgoing Settings: Trunk Name: telasip-gw Peer details (using your own account name/password): type=peer host=gw4.telasip.com qualify=yes insecure=very context=telasip-in username=<username> secret=<secret> Registration: youraccountname:yourpassword@telasip-gw Configure outbound routing Add route: outgoing Dial patterns: 1NXXNXXXXXX NXXNXXXXXX NXXXXXX Trunk sequence: 0=SIP/telasip-gw in extensions_custom.conf [telasip-in] exten => _.,1,Goto(from-pstn-timecheck,s,1)

6.8 Exgn LLC Contact: http://www.exgn.net Service: PTSN Termination Protocol: SIP, IAX Cost: Pay Exgn is a VOIP service provider that uses Asterisk themselves and is very Asterisk friendly. Supports both SIP and IAX protocols. Provides failover forwarding and voicemail in case your Asterisk server is offline. Their user portal is one of the best seen in this industry which allows instant activation for DIDs in hundreds of ratecenters across the country along with a pool of toll free numbers to choose from. As of March 5, 2006 they also offer e911 service for their DIDs in the USA with Canadian e911 service coming soon. These instructions are for AMP (Asterisk Management Portal). Click on 'Setup' at the top of the page, then click on 'Trunks' on the left, Then click 'Add IAX2 Trunk'. Enter the following information in the appropriate fields: Outbound Caller ID: "Your-Name" <NPANXXNXXX> Maximum Channels: 2 Trunk Name: exgn Peer Details: allow=all context=ext-did host=iax.exgn.net secret=your-password type=friend

46

username=your-username User Context: <blank> User Details: <blank> Registration String: your-username:your-password@iax.exgn.net This DID should be set to use your "Normal Incoming Calls Setting" Lastly, on your "Outbound Routes" tab, you will need to add the exgn trunk to one of your outbound trunks. Now you should be able to make and receive calls! If you cannot, please feel free to email support@exgn.net or open a trouble ticket within our user portal/control panel.

6.9 Gizmo Project / SIPphone Contributed by: Casey Contact: http://www.gizmoproject.com Service: DID, PTSN Termination, Gateway to other providers and universities Protocol: SIP Cost: Gateway is free. DID and PSTN termination are pay. Its free to setup an account on the Gizmo Project. It's free to use as a gateway to other providers. Gizmo In provides DID service (a standard telephone phone number others can call from traditional phones that rings in to your Asterisk@Home box) . And Gizmo Out offers PSTN termination to most countries. The following setting work with both the Gizmo IN / DID service, and the Gizmo Out long-distance service. I try to use the minimal settings to get things working, then add the bells and whistles later. Here are the basic settings I've used to setup A@H with Gizmo Project/SIPphone with Asterisk@Home 2.7. In the settings below 17470000000 should be replaced with your Gizmo or SIPphone number. And abcdef should be replaced with your Gizmo or SIPphone password. In Asterisk@Home, add a new SIP trunk. Remove any pre-filled text from the fields, then only add: Trunk name: proxy01.sipphone.com Peer Details: allow=ulaw context=from-pstn dtmfmode=rfc2833 fromdomain=proxy01.sipphone.com fromuser=17470000000 host=proxy01.sipphone.com insecure=very secret=abcdef type=peer username=17470000000 Register String: 17470000000:abcdef@proxy01.sipphone.com Submit the changes, then click the red link at the top of the page to apply the changes. That's it. If you're interested in how/why I set the items I did, read on... First, I had read that beginning with recent versions of Asterisk, the User Context/Details (Incoming Settings) have been depreciated. Instead, it had been combined with the Peer Details (Outgoing Settings). I've eliminated the User Context/Details completely from my configuration, and it continues to work. I found that if I didn't specify insecure=very and allow=ulaw that DID would not work. Instead, the incoming caller would be greeted with Gizmo / SIPphone's "the person you are calling has not setup voice mail" message. FYI allow=ilbc will also work. The context=from-pstn makes the incoming DID calls get handled according to the settings in the AMP Incoming Calls tab. If you don't have Gizmo Out (long-distance) minutes, you don't need the

47

fromdomain=proxy01.sipphone.com and the fromuser=17470000000 settings. You'll be limited to the gateway features, and toll-free calls, without those settings.

6.10 Iristel Contact: http://www.iristel.ca Service: DID, PTSN Termination Protocol: SIP Cost: $15.95/month CAD for one DID with unlimited local termination. When you first sign up with Iristel, select the "I will use my own SIP gateway" option. When your account is activated, they will e-mail you a PDF document with sample Asterisk configuration. Use that document for reference. It has on it your assigned DID, you user ID number, and your password to access the service. To setup Iristel's service using the AMP GUI, follow these instructions: 1. 2. 3. 4. Click on Setup in the menu at the top of the page. Click on Trunks in the menu on the left of the page. Click on the Add SIP Trunk link. Under Outbound Caller ID, enter the following: "You Name" <11231234567> (replacing Your Name with your desired caller ID name, and 11231234567 with your assigned DID. Make sure this DID is in international dialing format (re: Include the leading one!). Also ensure that you do enclose your name in quotes, as this is the format Asterisk is expecting. Under Dialing Rules, enter the following: 1+NXXNXXXXXX This will add a leading one to locally dialed outgoing calls on this trunk. Locally dialed calls must be dialed in international dialing format or Iristel's SIP proxy will reject the call. Under Trunk Name enter: irisbax.iristel.net Under Peer Details enter:

5. 6. 7.

callerid=1416xxxxxxx dtmfmode=rfc2833 host=irisbax.iristel.net insecure=very secret=1111 type=peer username=40932998 Leave the Incoming settings boxes blank. Under Register String, enter: 11231234567:<password>:<userID>@irisbax.iristel.net/11231234567 (replacing 11231234567 with your assigned DID, <password> with your password (excluding the angle brackets) and <userID> with your assigned user ID number (without the angle brackets) This string is provided to you in the setup PDF, you may copy and paste it here). Your Iristel trunk is now ready to send and receive calls. Simply setup an outbound route to match your local area code, or all long distance calls if you wish. Just make sure that any call being sent to the Iristel SIP proxy is in international dialing format.

6.11 Voxee Contributed by: Casey Contact: http://www.voxee.com Service: PTSN Termination Protocol: IAX or SIP Cost: Pay Voxee provides outbound call termination to the PSTN. At the time of this handbook entry, Voxee's rate for the U.S. was 1.1-cents per minute, with 6-second (1/10-minute) billing. Here is the basic IAX configuration to get you started: Add a new IAX trunk to Asterisk. Delete any pre-filled information, then add only the following (replace 123456 with your username, and abcdef with your password): Trunk Name: 66.246.246.52 Peer Details:

48

context=from-pstn host=66.246.246.52 secret=abcdef type=peer username=123456 Register String: 123456:abcdef@66.246.246.52 6.12 Gafachi Contact: http://gafachi.com/ Service: PSTN termination Protocol: SIP Cost: pay Get your GAFACHI_USER+GAFACHI_SECRET from the gafachi page, they are different from your login! Once again, you need to be in AMP, the Asterisk Management Portal. Click on Setup up the top, but this time click on Trunks on the left. Click on Add SIP Trunk. Empty out the values. Outbound Caller ID should be set without the country code. E.g 212XXXXXXX instead of 1212XXXXXXX Outgoing Settings Trunk Name: gafachi PEER Details: allow=ulaw canreinvite=no context=from-pstn dtmfmode=rfc2833 fromuser=GAFACHI_USER host=GAFACHI_USER.sip.gafachi.com secret=GAFACHI_SECRET type=friend user= GAFACHI_USER username=GAFACHI_USER Incoming Settings Leave blank (Took time before I got that far) Register String: GAFACHI_USER:GAFACHI_SECRET@GAFACHI_USER.sip.gafachi.com 6.13 Acanac Contact: http://www.acanac.ca/ or http://www.acanac.com/ Service: DID, PSTN termination Protocol: SIP Cost: pay Asterisk@Home Ver. Tested: 2.7 You will need your username (your phone number) and your password from Acanac 1. Click on Setup in the menu at the top of the page. 2. Click on Trunks in the menu on the left of the page. 3. Click on the Add SIP Trunk link. 4. Under Outbound Caller ID, enter the following: "You Name" <1231234567> (replacing Your Name with your desired caller ID name, and 1231234567 with your assigned DID. Ensure that you do enclose your name in quotes, as this is the format Asterisk is expecting.) 5. Under Trunk Name enter: acanac 6. Under Peer Details enter: Note: that the ip provided here is for East server 1, there are many servers so choose the correct ip. callerid=<your acanac phone number> dtmfmode=inband host=66.49.255.38

49

insecure=very secret=<your acanac password> type=peer username=<your acanac phone number> 1. Under User Context enter: <Your acanac phone number> 2. Under User Details enter: callerid=<your acanac phone number> context=from-pstn host=66.49.255.38 insecure=very secret=<your acanac password> type=user username=<your acanac phone number> 1. Under Register String, enter: <your acanac phone number>:<your acanacpassword>@66.49.255.38/<you r acanac phone number> 2. Click "Submit Settings At this time you can receive calls and send calls; however, you still need to set your Inbound Routing with your acanac phone number as your "DID Number"

6.14 Stanaphone Contact: http://www.stanaphone.com/ Service: DID, PSTN termination Protocol: SIP Cost: free(inbound), pay(outbound) You will need your username (your phone number) and your password from Stanaphone. Use the information provided in the SIP Settings section of the Account Information page. 1. Click on Setup in the menu at the top of the page. 2. Click on Trunks in the menu on the left of the page. 3. Click on the Add SIP Trunk link. 4. Under Outbound Caller ID, enter the following: "Your Name" <1231234567> (replacing Your Name with your desired caller ID name, and 1231234567 with your assigned DID. Ensure that you do enclose your name in quotes, as this is the format Asterisk is expecting) 5. Under Maximum Channels enter: 2 6. Under Dial Rules enter: 1+NXXNXXXXXX (or whatever other dial rules would be appropriate for your locale) 7. Under Trunk Name enter: stanaphone-out (or whatever you want to call this trunk) 8. Under Peer Details enter: canreinvite=no dtmfmode=rfc2833 fromdomain=sip.stanaphone.com fromuser=<your stanaphone username NOTE: Not your account login> host=sip.stanaphone.com insecure=very nat=yes (if you are behind a router which you probably are) qualify=yes secret=<your stanaphone password> type=friend username=<your stanaphone username> 9. Under User Context enter: <your stanaphone username> 10. Under User Details enter: auth=md5,plaintext canreinvite=no context=from-pstn fromuser=<your stanaphone username>

50

host=sip.stanaphone.com insecure=very nat=yes qualify=yes secret=<your stanaphone password> type=peer 11. Under Register String, enter: <your stana username>:<your stana password>@sip.stanaphone.com/<your stana username> example: 08123456:randomletterpasswd@sip.stanaphone.com/08123456 12. Click "Submit Settings At this time you can receive calls and send calls; however, you still need to set your Inbound Routing with your stanaphone phone number as your "DID Number". You can then route this as any other route (most likely to the "Use Incoming Calls Setting") 6.15 VBuzzer Contact: http://www.VBuzzer.com/ Service: DID, PSTN termination Protocol: SIP Cost: free(inbound), free(local outbound), pay(outbound) Asterisk@Home Ver. Tested: 2.7 You will need your username, your phone number, and your password from VBuzzer. Note that I had to install thier software and connect for the first time in order to activate the DID. After such time, the software was unnecessary. 1. 2. 3. 4. 5. 6. Click on Setup in the menu at the top of the page. Click on Trunks in the menu on the left of the page. Click on the Add SIP Trunk link. Leave "outbound caller ID" blank Under Trunk Name enter: vbuzzer Under Peer Details enter:

allow=ulaw&gsm authname=<your username> canreinvite=no context=from-pstn disallow=all dtmf=rfc2833 dtmfmode=rfc2833 fromdomain=vbuzzer.com fromuser=<your username> hidecallerid=yes host=vbuzzer.com insecure=very nat=no port=80 qualify=yes secret=<your password> type=peer user=<your username> useragent=VBuzzer/1.1.0.9 username=<your username> 1. Under User Context enter: <Your vbuzzer phone number> 2. Under User Details enter: authname=<your password> canreinvite=no context=from-pstn dtmfmode=inband fromdomain=vbuzzer.com fromuser=<your password> host=vbuzzer.com insecure=very nat=yes

51

port=80 secret=<your password> type=user user=<your password> useragent=vbuzzer/1.1.1.0 username=<your password>

1. Under Register String, enter: <your username>:<your password>:<your username>@vbuzzer/<your pho ne number> 2. Click "Submit Settings NOTE: For the registration Asterisk has a bug where if you put vbuzzer.com:80, it will continue to try and register on 5060. you must put the context in the register string.. (in this case vbuzzer) NOTE 2: All your phone number entries should have the leading 1 on the number NOTE 3: You will need to work your dialplans a bit as to dial out you must have the leading 1 or 011. At this time you can receive calls and send calls; however, you still need to set your Inbound Routing with your acanac phone number as your "DID Number"

6.16 Broadvoice Contact: http://www.broadvoice.com/ Service: DID, PSTN termination Protocol: SIP Cost: pay Asterisk@Home Ver. Tested: 2.7 You will need to determine which of broadvoice's sip servers is closest to your location and then set it in your hosts file as sip.broadvoice.com. 1. 2. 3. 4. 5. 6. Click on Setup in the menu at the top of the page. Click on Trunks in the menu on the left of the page. Click on the Add SIP Trunk link. Leave "outbound caller ID" blank Under Trunk Name enter: sip.broadvoice.com Under Peer Details enter:

authname=<your phone number> canreinvite=no context=from-pstn dtmf=inband dtmfmode=inband fromdomain=sip.broadvoice.com fromuser=<your phone number> host=sip.broadvoice.com insecure=very qualify=yes secret=<your password> type=peer user=phone username=<your phone number> 1. Under User Context enter: <your phone number> 2. Under User Details enter: authname=<your phone number> canreinvite=no context=from-pstn dtmf=inband dtmfmode=inband fromdomain=sip.broadvoice.com fromuser=<your phone number> host=sip.broadvoice.com insecure=very secret=<your password>

52

type=user user=phone username=<your phone number>

1. Under Register String, enter: <your phone number>@sip.broadvoice.com:<your password>:<your phone number>@sip.broadvoice.com 2. Click "Submit Settings At this time you can receive calls and send calls; however, you still need to set your Inbound Routing with your broadvoice phone number as your "DID Number" Chapter 7 Phones VOIP phones vary widely in price, features, and sound quality. Phones support either SIP or IAX protocol. For simple testing a free soft phone like X-ten is good. For day to day use a good hard phone is the best. Grandstream makes a cheap easy to configure phone with good quality and feature. Polycom and Cisco make the best phones with the highest sound quality and feature. If you have and existing analog phone like a cordless that you want to use and ATA will convert an analog phone to SIP.

7.1 Soft phones Soft Phones run on a host computer and use the computer speaker and mic or a headset for voice. Soft phones are available for most operating system.

7.1.1 X-Ten Lite One of the easiest to setup is X-Lite. X-Lite is available for free from http://www.xten.com. Plus its VERY NAT friendly! (sends out tiny NAT keepalives every 10 seconds to the server) If X-Lite cannot connect, the setup screen should open, if not, click on the "drop down" icon just to the left of the green Off-Hook icon. Under System Settings, select the SIP Proxy settings, then double-click on the first entry. You will see the SIP Proxy settings as shown here. The settings I changed are as follows: Username: 200 (my extension) Authorization User: 200 (my extension again) Password: abc123 (my extension password) DomainRealm: 192.168.5.50 (PBX IP address) SIP Proxy: 192.168.5.50 (PBX IP address)

7.1.2 sipXphone The sipXphone project, formerly known as Pingtel's instant xpressa soft phone, is a fully functional SIP soft phone that runs on Microsoft Windows and Linux. The Pingtel's xpressa phone (no longer a Pingtel product) is based on this same source base. Windows Download from http://www.sipfoundry.org/pub/sipXphone/win32/ 7.1.3 Express Talk http://www.nch.com.au/talk/ (they have a freeware version)

7.1.4 Yate GPL SIP Softphone http://yate.null.ro/pmwiki/index.php/Main/YateClient 7.1.5 Idefisk Idefisk Softphone - A softphone that supports the Inter-Asterisk Exchange (IAX2) protocol. http://www.asteriskguru.com/tools/idefisk_beta.php http://asteriskguru.org/tutorials/idefisk_softphone.html (Tutorial)

7.2 Hard phones

53

7.2.1 Cisco 7960/7940 The Cisco SIP IP Phone software allows businesses and service providers to use the Cisco 7940 and 7960 IP Phone platforms in any standard SIP network. The SIP software provides for both on-board traditional desktop services such as Caller-ID, Call Hold, Call Transfer, 3-Way Calling, and Call Waiting as well as an XML interface to allow for enhanced web based services. The XML interface allows the phone to transcend the traditional phone paradigm and become a true Internet appliance. By supporting web browsing type functionality as well as allowing for application developers to directly control the user interaction on the phone and integrate tightly with the Cisco SIP phone, the Cisco SIP phone is a key enabler of enhanced and rapid application deployment in any SIP customer's network. Type setup-cisco from the command line to set up a basic SIPDefault.cnf in the /tftpboot directory. Copy your Cisco 7.4 SIP firmware into the /tftpboot directory using WinSCP. using the Cisco config tool in the maint menu to set up your phone.

7.2.1.1 Setting up a Cisco phone step by step Connecting a Cisco 7960/7940 to your Asterisk@Home. The easiest way to use these phones with Asterisk@Home is with the SIP firmware. Power on your phone and connect it to your network. You will need to change the IP address of your phone to a free one on your network or enable DHCP is you have a DHCP server. Unlock your phone by pressing **# (for old firmware) or selecting unlock config from the config menu and type in the password (default is 'cisco') Change the IP address or enable DHCP. Enter the IP address of your Asterisk@Home box in the TFTP server field. If DHCP is enabled you will have to select alternate TFTP server = yes so you can edit the TFTP field. Get the latest firmware for the Cisco phone (7.4) and copy the files firmware files to your Asterisk@Home box. Put them in the /tftpboot directory. Create a SIPDefault.cnf file by using the setup-cisco command and change the file permissions on the firmware files that you uploaded in the last step. Type the following.

setup-cisco chmod 777 /tftpboot/* Add a Cisco config file for your phone. Use the web GUI and click maintenance -> Cisco Config -> Create a new phone configuration file. Type in the mac address of your phone. Its located on the bottom of your phone. (starts with 00) Enter a name for your phone in the Phone Label box. Enter 200 in the Line Name and the Display Name fields for Line 1. Click add. Click on Edit phone configuration files and click edit next to your phone. Go to Line 1 and type 200 in the Auth Name box. Then enter a password like abc123 in the password box. Click change. Create extension 200. setup -> extensions use abc123 for the extension password. Reboot your phone by disconnecting the power or pressing *-6-settings. Your phone should upload the new firmware and extension. Make a test call like *65. Trouble shooting: The Cisco phone can be difficult to upgrade. If your phone does not seem to upload the firmware try this. From command line.

cp /tftpboot/cisco_util/* /tftpboot Then reboot the phone. After the phone has upgraded the firmware. Type the following so the phone will boot normally.

54

rm /tftpboot/xmlDefault.CNF.XML rm /tftpboot/XMLDefault.cnf.xml

7.2.1.3 Configuring Services The Services button is configured by default to point to /var/www/html/cisco/services/index_cisco.php The 4th item on that list, RSS feeds is configured to point to rssfeeds.php in the same directory. This is an XML list of sites than can be accessed from the phone. RSS sites can, in theory, be translated to XML by xml.rssparse.php though in practice most of those I tried don't work well giving junky displays or XML parsing errors. YMMV. 7.2.1.3 Configuring Directories By default the "External Directory" ships integrated with SugarCRM. Just log into Sugar and add your contact information. Don't use any funny symbols though: an ampersand will cause an XML parsing error. Accented characters and are ok though. 7.2.2 Polycom According to Polycom's site: Founded in 1990, Polycom is the only company today delivering end-to-end rich media collaborative applications for voice, video, data and the web from desktop and mobile personal systems to room systems to the network core. Our vision is to enable people to connect anytime, anyplace and with any device in a virtual experience as natural as being there. In addition to being the worldwide leader in market share for best in class group and personal video systems, video and voice collaboration infrastructures and conference phones, Polycom also has the only solution for delivering Unified Collaborative Communications the convergence of voice, video, data and web known as The Polycom Office. Polycom is at the center of the industry shift to broadband networks. IP networks enable the proliferation and convergence of richer communications, including video, which enhance the quality of our lives, create new opportunities, and are fast becoming the foundation for how we work. Our full range of high-quality, easy to deploy, manage and use voice and video communications endpoints, video management software, web conferencing software, multi-network gateways and multipoint conferencing enable organizations of all sizes to increase productivity and agility. Polycom delivers business value by cutting costs, simplifying system management, fostering real time collaboration and decision making, and improving relationships with employees, customers and partners.

7.2.2.1 Why choose Polycom VOIP Phones? Polycom has a few VOIP phones (or just called IP phones). It's better to visit these links to see the differences. Polycom SoundPoint IP Phones http://www.polycom.com/products_services/0,1443,pw-34-182,00.html Polycom VoIP Products - Family Brochure (nice chart of the differences between the phones). http://www.polycom.com/common/pw_item_show_doc/1,1276,4884,00.pdf I've chosen the 501 for my company because it is relatively cheap (compared to those Ciscos!), have some very nice features (provisioning!!!), and a nice big old LCD display, a great speaker phone. The following instructions can be used for other Polycoms but don't just blindly follow them. Check to be sure you UNDERSTAND what is occuring before just cutting and pasting everything.

7.2.2.2 How to get Polycom Firmware and SIP Updates Right now Polycom doesn't allow just anyone to download the latest software updates from their sites. Only CERTIFIED resellers can distribute the software updates. You could also only call these resellers for support. Polycom only offers email support but I hope you have a LOT of patience. They take a long time to reply. I believe Polycom will allow you to download the old updates, just not the new ones. What I did was buy a bunch of phones, but on 2 of them I purchased 3 year maintenance contracts so I will have access to their latest updates and tech support. I then put those 2 phones aside and used them for troubleshooting and testing and calling in for questions.

55

Polycom Voice Products Download List http://www.polycom.com/resource_center/1,,pw-492,00.html Plycom Resource Web Site http://extranet.polycom.com/csnprod/signon.html This is the site everyone used to grab the files when Polycom didn't allow downloads: http://www.freedomphones.net/polycom/files

7.2.2.3 Polycom and NATS. Welcome to hell (at least as of 01/20/06) Polycoms are just not made with NATS in mind. Yeah sure, they have a couple of settings you can try but simply put, they suck on a NAT. These phone were made to exist on the same network as the PBX. In that case, they work great. The second you have to go over a NAT, whamo. Welcome to hell. These phones are IP phones. No matter where in the world I plug these guys in, they should work. Period. With 98% of businesses and 100% of homes with cable/dsl routers using NAT, you'd think Polycom would of tried harder. Unfortunately, that is not the case. The options the polycoms need are: 1) STUN Server setting 2) NAT Keep Alive setting 3) IAX Support Most users (like me) have been forced to make the Polycom Re-register SIP to their servers every 30-60 seconds. This way, the NAT holes that are created stay open. Xten's (now called CounterPath) softphone sends out this tiny little NAT keep alive message to the server that does a great job of keeping those NAT holes open. Unfortunately, there is no option to do this on the Polycom. Obviously this isn't a perfect solution but for now, it is the ONLY solution other than forcing the Polycom and the A@H server to communicate over a pre-configured port. Pre-configuring ports on the server and the polycom phones are not what I would call a smart idea when you have a large roll out. Individual configurations should be seriously frowned upon when you have lots of phones to deal with. Provisioning exists to minimize the amount of administration, not increase it. The funny thing is, when you force the phone to re-register every 30-60 seconds, it checks the voicemail right after SIP registration. When it sees you have voicemail, it will give a voice mail "Chirp". I can assure you, a room full of polycom phones chirping every 30-60 seconds will drive you nuts. Thank goodness there's a way to turn off the voicemail chirp.

7.2.2.4 How to use Provisioning (Central Boot Server) to deploy a fleet of Polycoms If you are planning to deploy a fleet of polycoms, you better read and understand the following instructions. There are a couple sites on Voi-info.org that deal with Polycom phones. This one is more general. http://www.voip-info.org/wiki-Polycom+Phones This one is specifically for the 501. The more I learn though, the less I like either guide. You can use it for reference if you want. http://www.voip-info.org/wiki/index.php?page=Polycom+Soundpoint+IP+501 Both these page's instructions is nice, however, I found them very limited on the serious nitty-gritty of polycom configurations. Escpecially when it comes down to Provisioning a whole lot of phones. Even in a small deployment you want to use the provisioning capability of this phone. You'd be crazy not to. Yes its a bit complicated, but that why I'm posting this information here. Trust me, you will thank me.

7.2.2.4.1 Contents of the Polycom SIP update & Bootrom Zip file As of the writing of this part of the Chapter, the latest SIP update version is 1.6.4 and a Bootrom version of 3.1.2. This guide should work for future updates as well. This is what you will see inside the zip files: SIP Update Zip File Contents \SoundPointIPLocalization\Chinese_China\SoundPointIP-dictionary.xml \SoundPointIPLocalization\Danish_Denmark\SoundPointIP-dictionary.xml \SoundPointIPLocalization\Dutch_Netherlands\SoundPointIP-dictionary.xml \SoundPointIPLocalization\English_Canada\SoundPointIP-dictionary.xml \SoundPointIPLocalization\English_United_Kingdom\SoundPointIP-dictionary.xml \SoundPointIPLocalization\English_United_States\SoundPointIP-dictionary.xml

56

\SoundPointIPLocalization\French_France\SoundPointIP-dictionary.xml \SoundPointIPLocalization\German_Germany\SoundPointIP-dictionary.xml \SoundPointIPLocalization\talian_Italy\SoundPointIP-dictionary.xml \SoundPointIPLocalization\Japanese_Japan\SoundPointIP-dictionary.xml \SoundPointIPLocalization\Korean_Korea\SoundPointIP-dictionary.xml \SoundPointIPLocalization\Norwegian_Norway\SoundPointIP-dictionary.xml \SoundPointIPLocalization\Portuguese_Portugal\SoundPointIP-dictionary.xml \SoundPointIPLocalization\Russian_Russia\SoundPointIP-dictionary.xml \SoundPointIPLocalization\Spanish_Spain\SoundPointIP-dictionary.xml \SoundPointIPLocalization\Swedish_Sweden\SoundPointIP-dictionary.xml \000000000000.cfg \000000000000-directory~.xml \phone1.cfg \sip.cfg \sip.ld \sip.ver \SoundPointIPWelcome.wav

\SoundPointIPLocalization\LANGUAGE\SoundPointIP-dictionary.xml - dictionary files for multilingual support (some languages wont work with certain phones) \000000000000.cfg - example master configuration file \000000000000-directory~.xml - example per-phone local contact directory XML file \phone1.cfg - example per-phone SIP configuration \sip.ld - SIP application executable (always leave this in this directory) \sip.ver - contains version information about the sip.ld file (always leave this in this directory) \SoundPointIPWelcome.wav - start up welcome sound effect (always leave this in this directory)

BootRom Update Zip File Contents \bootrom.ld

\bootrom.ld - updated bootrom.ld

7.2.2.4.2 Create an FTP site and configure your phone to connect to it First, lets make sure your phone is completely wiped and clear. Here are some different ways of resetting your polycom. The option I want you to use is "Format File System".

If you hold down 4, 6, 8, and * for a few seconds you'll be asked for the admin password. If you do not know the admin password, you can use the phone's MAC address using ONLY lower cases for any letters. Please note, unfortunately this isn't a full wipe to factory default. As per the Polycom Site, 4, 6, 8, * will reset: All IP Parameters, FTP User Name and PW, Custom SSL Certificates, User and Admin Passwords. 4, 6, 8, * will NOT affect: bootROM, Application, Configuration Files, Config Overrides There are 3 options in the "Reset to Default" menu. Unfortunately, I cannot find ANYTHING specificly explaining these options in the manual or the knowledgebase. I'd like to know EXACTLY what these reset. Does anyone know? To access the "Reset to Default" menu, from the keypad, press Menu, (3) settings, (2) advanced, enter the password, (1) Admin Settings, (4) Reset to Default.

Reset Local Config - Nothing in the knowledgebase and nothing in the manual. Tech support states: "Changes are saved to local flash and backed up to <Ethernet address>-phone.cfg on the boot server. These changes will permanently override global settings unless deleted via the Reset User Settings menu selection. Reset Device Setting - Nothing in the knowledgebase and nothing in the manual. Tech support states: "Resets all the network and sever information back to factory defaults" Format File System - Nothing in the knowledgebase and nothing in the manual with specific information on this option. Tech support states: "Formats the file system as formating a computers hard drive would do." Please note my experience: When I did the Format File System, the phone rebooted, did the format and then rebooted again. I saw that it could not reach the boot server. After it stated that it couldn't reach the boot server, it said "Using existing configuration" and tried to boot the MACADDRESS.CFG at which point it failed and rebooted. Since the ftp server information has been wiped, it needs to be re-inserted into the phone. Upon reboot, press "Setup" and enter the admin password (456). Then go down to

57

server menu and enter the ftp server address, the ftp user name and ftp user password. Then reboot your polycom.

3) I'm not going to go into how to setup an FTP site. If you've come this far, I HOPE you know how already. Some people use the asterisk server as the FTP site but unfortunately, it is not graphical. You'd have to know how to set it up from the command line. It's really up to you. Its a good idea to make sure this FTP server is reachable from your internal network and the internet. These phones should be roam-able and should be configured to check the ftp site no matter where on earth the phone is. Even better would be to use a DNS name, for example: ftp.COMPANYNAME.com and have your ISP update their DNS servers to point to the correct IP address. I'm assuming that your ISP is already the official "DNS Name Server" for your domain name you are using (COMPANYNAME.com). Here is an example: COMPANYNAME.com gets a T1 from an ISP. The company has a mail server, a vpn server and an ftp server. COMPANYNAME goes to where they registered their domain name and makes their ISP's DNS server the main "DNS Name Server" for their domain. The company then contacts their ISP and tells them the IP addresses to associate with which server inside the ISP's DNS server. Now, no matter where in the world you are, if someone tries to contact those servers, they will get the correct IP address from the ISP's DNS Server. All the company's VPN clients point to vpn.COMPANYNAME.com and all their Polycom phones point to ftp.COMPANYNAME.com etc etc. Now lets say the ftp & vpn IP address needs to change for some reason. All that really needs to be done is call the ISP with the new IP addresses and you're done. The client settings do NOT have to be changed. You won't need to manually change that information in 100 Polycom Phones (or how many you have). 4) Dump all those files into a directory on your FTP Server that will be servicing all your Polycoms (I have the home directory as /FTProot/Polycom). \SoundPointIPLocalization\Chinese_China\SoundPointIP-dictionary.xml \SoundPointIPLocalization\Danish_Denmark\SoundPointIP-dictionary.xml \SoundPointIPLocalization\Dutch_Netherlands\SoundPointIP-dictionary.xml \SoundPointIPLocalization\English_Canada\SoundPointIP-dictionary.xml \SoundPointIPLocalization\English_United_Kingdom\SoundPointIP-dictionary.xml \SoundPointIPLocalization\English_United_States\SoundPointIP-dictionary.xml \SoundPointIPLocalization\French_France\SoundPointIP-dictionary.xml \SoundPointIPLocalization\German_Germany\SoundPointIP-dictionary.xml \SoundPointIPLocalization\talian_Italy\SoundPointIP-dictionary.xml \SoundPointIPLocalization\Japanese_Japan\SoundPointIP-dictionary.xml \SoundPointIPLocalization\Korean_Korea\SoundPointIP-dictionary.xml \SoundPointIPLocalization\Norwegian_Norway\SoundPointIP-dictionary.xml \SoundPointIPLocalization\Portuguese_Portugal\SoundPointIP-dictionary.xml \SoundPointIPLocalization\Russian_Russia\SoundPointIP-dictionary.xml \SoundPointIPLocalization\Spanish_Spain\SoundPointIP-dictionary.xml \SoundPointIPLocalization\Swedish_Sweden\SoundPointIP-dictionary.xml \000000000000.cfg \000000000000-directory~.xml \phone1.cfg \sip.cfg \sip.ld \sip.ver \SoundPointIPWelcome.wav \bootrom.ld 5) Now lets point the Polycom's FTP server address to our FTP server and give it a login and password to access the FTP server. BEWARE, after entering this information, your Polycom will reboot and log into the FTP server and download the new sip.ld and bootrom.ld files and do a complete update and wipe of your phone!

Press the Menu button, 3 Settings, 2 Advanced, Enter the Admin Pass, 1 Admin Settings, 1 Network Config Arrow down to "Server Menu" and hit enter o Server Type: FTP o Server Address: ftp.COMPANYNAME.com (or you can just use an IP address) o Server Name: FTPUSERNAME o Server Password: FTPUSERPASSWORD o Prov. Method: Default

58

6) Save your config and reboot. 7.2.2.4.3 Updating the SIP Application and the Bootrom 1) After rebooting you can watch your ftp server and see the phone logging in and logging out. Its doing several things (checking the size of the bootrom.ld and sip.ld files and seeing if an update is necessary, etc etc) that I will go over later. It will reboot a couple of times to finish off the update. 2) After the reboots, lets be absolutely sure and lets check the bootrom and SIP versions.

Press the Menu button, 2 Status, 1 Platform, 1 Phone. Arrow down to view the BootRom version here. Press the Menu button, 2 Status, 1 Platform, 2 Application, 1 Main. You will be able to view the "Version" number here.

If you did everything right, you should see the latest versions of the bootrom and SIP app that you had placed on your ftp site. Now check your FTP site. You will notice that there are files being uploaded to your directory with *.log extensions. You guess it, these are just logs that the Phone dumps so you can trouble shoot when need be. If everything was done right, your phone will of seen the new bootrom.ld file and downloaded it, rebooted, and installed it. Next it will download your new sip.ld file and use it. 7.2.2.4.4 What are those MACADDRESS-*.log files in my FTP Polycom root directory? As per the Polycom site: The phones maintain both boot and application event log files. These files can be helpful when diagnosing problems. The event log files are stored in the phones flash file system and are periodically uploaded to the provisioning boot server if permitted by security policy. The files are stored in the phones home directory or a user-configurable directory on the boot server. Both overwrite and append modes are supported for the application event log. The boot log file is uploaded to the boot server after every reboot. The application log file is uploaded periodically or when the local copy reaches a predetermined size. The log files are named as follows:

MACADDRESS-appFlash.log - Will appear if there was some problem with the flashing of the BootRom (i think). I can't find anything about this file on the Polycom site, the Polycom Admin handbook or even google. Good job polycom. MACADDRESS-app.log - The application log file is uploaded periodically or when the local copy reaches a predetermined size. MACADDRESS-boot.log - The boot log file is uploaded to the boot server after every reboot. MACADDRESS-now-app.log - Same as the app.log but gets sent when an immeidate log request button sequence is pressed on the phone. MACADDRESS-now-boot.log - Same as the boot.log but gets sent when an immeidate log request button sequence is pressed on the phone.

You can even force send the log files by pressing the following keys for 3 seconds (pretty cool huh?): SoundPoint SoundPoint SoundPoint SoundPoint IP IP IP IP 300 and 301 - Line1, Line2, Arrow Up, Arrow Down 500 and 501 - The four arrow keys 600 and 601 - The four arrow keys 4000 - Menu, exit, off-hook/hands free, redial

Obviously the root directory would turn into a nightmare if all your phones would upload these logs and files into your FTP Polycom root directory. We'll be learning how to change that later. 7.2.2.4.5 Master Configuration Files Please note, the following files were probably named by a Polycom programmer with an IQ of 210. The programmer may glance all all those files in the ftp directory and know exactly what they are for but anyone looking at these file names would certainly have no idea. Polycom did a really crappy job in naming these files something intuitive and easy to understand by just glancing at the file name. Instead I have found them to be named in a confusing manner, making all our lives harder. Please be very careful in configuring these files. Read these instructions carefully and UNDERSTAND what you are editing. Polycom phone configurations consist of "Master Configuration" files and "Application Configuration" files. Master configuration files is a file the phone uses to see what are the files it is required to load and if there are any specific directories to use. ALWAYS USE LOWER CASE WHEN TYPING IN YOUR MACADDRESSES. For A-F

59

hexadecimal digits, use lower case only, for example, 0036d20a109c.cfg

MACADDRESS.cfg - is a Administrator Created Per-Phone "Master Configuration File". You can specify individual file loading and ftp directory settings for your phones here. Use 000000000000.cfg as a template for these files. We'll be creating this file for each phone we have so we can point the Polycom Phones in the right direction when it looks for startup information. (They should of just called this file MACADDRESS-bootup.cfg or something of a sort). 000000000000.cfg - This is your DEFAULT "Master Configuration File". Simply put, If a phone does not find its own MACADDRESS.cfg file, it will use this one, and establish a baseline configuration. It should be used as the template for the MACADDRESS.cfg file. The phone uses this file to figure out what file it needs to load. For systems in which the configuration is identical for all phones (no perphone MACADDRESS.cfg files), the default master configuration file may be used to set the configuration for all phones. (They should of just called this file 000000000000-defaultbootup.cfg or something of a sort.).

Here is what it looks like: <?xml version="1.0" standalone="yes"?> <!-- Default Master SIP Configuration File--> <!-- Edit and rename this file to <Ethernet-address>.cfg for each phone.--> <!-- $Revision: 1.14 $ $Date: 2005/07/27 18:43:30 $ --> <APPLICATION APP_FILE_PATH="sip.ld" CONFIG_FILES="phone1.cfg, sip.cfg" MISC_FILES="" LOG_FILE_DIRECTORY="" OVERRIDES_DIRECTORY="" CONTACTS_DIRECTORY=""/> Ok, it's important to understand what is happening on the last line in this file.

o o

APPLICATION APP_FILE_PATH="" - Tells the phone where the sip.ld file is. CONFIG_FILES="" - Tells the phone where to grab the sip.cfg from. Its comma-seperated if you want to load more than 1 file. The order of the files you place on this line is important. The files are processessed in the order listed from left to right. The same parameters can be used in more than one file. The parameter FIRST found in the list of files is the one that is used. This makes it a convenient way of overriding the behavior of one or more phones without altering the baseline configuration for an entire system.

IMPORTANT NOTE TO OLD FOLKS If your vision is like mine and is not as good as it used to be, you might not notice that there are commas between the file names in the CONFIG_FILES parameter. If you forget to put a comma in here when adding an additional config file, your phone will crash with an obscure "Error 0x10100" and then reboot. The -boot.log will not help you here, either. It took me HOURS of work and perhaps 200 reboots to figure this little bugger out.

o o o o

MISC_FILES="" - Who knows. (As per their manual = A comma-separated list of other required files. MISC_FILES is not normally used.) LOG_FILE_DIRECTORY="" - An alternative directory to use for log files if required. This is left blank by default. OVERRIDES_DIRECTORY="" - New entry as of 1.6.3 - A place where you can specify a directory on the boot server in which configuration overrides (MACADDRESS-phone.cfg) should be stored. CONTACTS_DIRECTORY="" - New entry as of 1.6.3 - A place where you can specify a directory on the boot server in which contact overrides (MACADDRESS-directory.xml) should be stored.

7.2.2.4.6 Application Configuration Files Application configuration files dictate the behavior of the phone once it loads the files that are specified in the "Master Configuration File". It has parameters that affect the basic operation of the phone like voice codecs, gains, and tones and the IP address of an application server.

sip.cfg - Contains parameters that affect the basic operation of the phone such as voice codecs, gains, and tones and the IP address of an application server. All phones in an installation usually share this category of files. This file would normally be modified from Polycom templates. The file contents are to large to just cut and paste here to show you what it looks like.

60

phone1.cfg - This file is normally used as a template for the Administrator Created Per-Phone Configuration files named phoneMACADDRESS.cfg. This file can be named anyway you want (I suggest naming it the extension of the phone), as long as it it pointed to by the MACADDRESS.cfg file. Here is what it looks like at SIP 1.6.4 (please note, the original file has many of the settings lumped together in big blocks and its not easy on the eyes. I've edited the following file ONLY by putting in tabs, returns, and spaces and nothing more. I would suggest doing the same for your phone1.cfg also.):

<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <!-- $Polycom Revision: 1.67 $ $Date: 2005/03/11 17:05:46 $ --> <phone1> <reg reg.1.displayName="" reg.1.address="" reg.1.label="" reg.1.type="private" reg.1.thirdPartyName="" reg.1.auth.userId="" reg.1.auth.password="" reg.1.server.1.address="" reg.1.server.1.port="" reg.1.server.1.transport="DNSnaptr" reg.1.server.2.transport="DNSnaptr" reg.1.server.1.expires="" reg.1.server.1.register="" reg.1.server.1.retryTimeOut="" reg.1.server.1.retryMaxCount="" reg.1.server.1.expires.lineSeize="" reg.1.acd-login-logout="0" reg.1.acd-agent-available="0" reg.1.ringType="2" reg.1.lineKeys="" reg.1.callsPerLineKey="" reg.2.displayName="" reg.2.address="" reg.2.label="" reg.2.type="private" reg.2.thirdPartyName="" reg.2.auth.userId="" reg.2.auth.password="" reg.2.server.1.address="" reg.2.server.1.port="" reg.2.server.1.transport="DNSnaptr" reg.2.server.2.transport="DNSnaptr" reg.2.server.1.expires="" reg.2.server.1.register="" reg.2.server.1.retryTimeOut="" reg.2.server.1.retryMaxCount="" reg.2.server.1.expires.lineSeize="" reg.2.acd-login-logout="0" reg.2.acd-agent-available="0" reg.2.ringType="2" reg.2.lineKeys="" reg.2.callsPerLineKey="" reg.3.displayName="" reg.3.address="" reg.3.label="" reg.3.type="private" reg.3.thirdPartyName="" reg.3.auth.userId="" reg.3.auth.password="" reg.3.server.1.address="" reg.3.server.1.port=""

61

reg.3.server.1.transport="DNSnaptr" reg.3.server.2.transport="DNSnaptr" reg.3.server.1.expires="" reg.3.server.1.register="" reg.3.server.1.retryTimeOut="" reg.3.server.1.retryMaxCount="" reg.3.server.1.expires.lineSeize="" reg.3.acd-login-logout="0" reg.3.acd-agent-available="0" reg.3.ringType="2" reg.3.lineKeys="" reg.3.callsPerLineKey="" reg.4.displayName="" reg.4.address="" reg.4.label="" reg.4.type="private" reg.4.thirdPartyName="" reg.4.auth.userId="" reg.4.auth.password="" reg.4.server.1.address="" reg.4.server.1.port="" reg.4.server.1.transport="DNSnaptr" reg.4.server.2.transport="DNSnaptr" reg.4.server.1.expires="" reg.4.server.1.register="" reg.4.server.1.retryTimeOut="" reg.4.server.1.retryMaxCount="" reg.4.server.1.expires.lineSeize="" reg.4.acd-login-logout="0" reg.4.acd-agent-available="0" reg.4.ringType="2" reg.4.lineKeys="" reg.4.callsPerLineKey="" reg.5.displayName="" reg.5.address="" reg.5.label="" reg.5.type="private" reg.5.thirdPartyName="" reg.5.auth.userId="" reg.5.auth.password="" reg.5.server.1.address="" reg.5.server.1.port="" reg.5.server.1.transport="DNSnaptr" reg.5.server.2.transport="DNSnaptr" reg.5.server.1.expires="" reg.5.server.1.register="" reg.5.server.1.retryTimeOut="" reg.5.server.1.retryMaxCount="" reg.5.server.1.expires.lineSeize="" reg.5.acd-login-logout="0" reg.5.acd-agent-available="0" reg.5.ringType="2" reg.5.lineKeys="" reg.5.callsPerLineKey="" reg.6.displayName="" reg.6.address="" reg.6.label="" reg.6.type="private" reg.6.thirdPartyName="" reg.6.auth.userId="" reg.6.auth.password="" reg.6.server.1.address="" reg.6.server.1.port="" reg.6.server.1.transport="DNSnaptr" reg.6.server.2.transport="DNSnaptr" reg.6.server.1.expires="" reg.6.server.1.register=""

62

reg.6.server.1.retryTimeOut="" reg.6.server.1.retryMaxCount="" reg.6.server.1.expires.lineSeize="" reg.6.acd-login-logout="0" reg.6.acd-agent-available="0" reg.6.ringType="2" reg.6.lineKeys="" reg.6.callsPerLineKey="" />

<call> <donotdisturb call.donotdisturb.perReg="0"/> <autoOffHook call.autoOffHook.1.enabled="0" call.autoOffHook.1.contact="" call.autoOffHook.2.enabled="0" call.autoOffHook.2.contact="" call.autoOffHook.3.enabled="0" call.autoOffHook.3.contact="" call.autoOffHook.4.enabled="0" call.autoOffHook.4.contact="" call.autoOffHook.5.enabled="0" call.autoOffHook.5.contact="" call.autoOffHook.6.enabled="0" call.autoOffHook.6.contact=""/> <serverMissedCall call.serverMissedCall.1.enabled="0" call.serverMissedCall.2.enabled="0" call.serverMissedCall.3.enabled="0" call.serverMissedCall.4.enabled="0" call.serverMissedCall.5.enabled="0" call.serverMissedCall.6.enabled="0"/> </call>

<divert divert.1.contact="" divert.1.autoOnSpecificCaller="1" divert.1.sharedDisabled="1" divert.2.contact="" divert.2.autoOnSpecificCaller="1" divert.2.sharedDisabled="1" divert.3.contact="" divert.3.autoOnSpecificCaller="1" divert.3.sharedDisabled="1" divert.4.contact="" divert.4.autoOnSpecificCaller="1" divert.4.sharedDisabled="1" divert.5.contact="" divert.5.autoOnSpecificCaller="1" divert.5.sharedDisabled="1" divert.6.contact="" divert.6.autoOnSpecificCaller="1" divert.6.sharedDisabled="1"> <fwd

63

divert.fwd.1.enabled="1" divert.fwd.2.enabled="1" divert.fwd.3.enabled="1" divert.fwd.4.enabled="1" divert.fwd.5.enabled="1" divert.fwd.6.enabled="1"/> <busy divert.busy.1.enabled="1" divert.busy.1.contact="" divert.busy.2.enabled="1" divert.busy.2.contact="" divert.busy.3.enabled="1" divert.busy.3.contact="" divert.busy.4.enabled="1" divert.busy.4.contact="" divert.busy.5.enabled="1" divert.busy.5.contact="" divert.busy.6.enabled="1" divert.busy.6.contact=""/> <noanswer divert.noanswer.1.enabled="1" divert.noanswer.1.timeout="60" divert.noanswer.1.contact="" divert.noanswer.2.enabled="1" divert.noanswer.2.timeout="60" divert.noanswer.2.contact="" divert.noanswer.3.enabled="1" divert.noanswer.3.timeout="60" divert.noanswer.3.contact="" divert.noanswer.4.enabled="1" divert.noanswer.4.timeout="60" divert.noanswer.4.contact="" divert.noanswer.5.enabled="1" divert.noanswer.5.timeout="60" divert.noanswer.5.contact="" divert.noanswer.6.enabled="1" divert.noanswer.6.timeout="60" divert.noanswer.6.contact=""/> <dnd divert.dnd.1.enabled="0" divert.dnd.1.contact="" divert.dnd.2.enabled="0" divert.dnd.2.contact="" divert.dnd.3.enabled="0" divert.dnd.3.contact="" divert.dnd.4.enabled="0" divert.dnd.4.contact="" divert.dnd.5.enabled="0" divert.dnd.5.contact="" divert.dnd.6.enabled="0" divert.dnd.6.contact=""/> </divert> <dialplan dialplan.1.impossibleMatchHandling="0" dialplan.1.removeEndOfDial="1" dialplan.2.impossibleMatchHandling="0" dialplan.2.removeEndOfDial="1" dialplan.3.impossibleMatchHandling="0" dialplan.3.removeEndOfDial="1" dialplan.4.impossibleMatchHandling="0"

64

dialplan.4.removeEndOfDial="1" dialplan.5.impossibleMatchHandling="0" dialplan.5.removeEndOfDial="1" dialplan.6.impossibleMatchHandling="0" dialplan.6.removeEndOfDial="1"> <digitmap dialplan.1.digitmap="" dialplan.1.digitmap.timeOut="" dialplan.2.digitmap="" dialplan.2.digitmap.timeOut="" dialplan.3.digitmap="" dialplan.3.digitmap.timeOut="" dialplan.4.digitmap="" dialplan.4.digitmap.timeOut="" dialplan.5.digitmap="" dialplan.5.digitmap.timeOut="" dialplan.6.digitmap="" dialplan.6.digitmap.timeOut=""/> <routing> <server dialplan.1.routing.server.1.address="" dialplan.1.routing.server.1.port="" dialplan.2.routing.server.1.address="" dialplan.2.routing.server.1.port="" dialplan.3.routing.server.1.address="" dialplan.3.routing.server.1.port="" dialplan.4.routing.server.1.address="" dialplan.4.routing.server.1.port="" dialplan.5.routing.server.1.address="" dialplan.5.routing.server.1.port="" dialplan.6.routing.server.1.address="" dialplan.6.routing.server.1.port=""/> <emergency dialplan.1.routing.emergency.1.value="" dialplan.1.routing.emergency.1.server.1="" dialplan.2.routing.emergency.1.value="" dialplan.2.routing.emergency.1.server.1="" dialplan.3.routing.emergency.1.value="" dialplan.3.routing.emergency.1.server.1="" dialplan.4.routing.emergency.1.value="" dialplan.4.routing.emergency.1.server.1="" dialplan.5.routing.emergency.1.value="" dialplan.5.routing.emergency.1.server.1="" dialplan.6.routing.emergency.1.value="" dialplan.6.routing.emergency.1.server.1=""/> </routing> </dialplan> <msg msg.bypassInstantMessage="0"> <mwi msg.mwi.1.subscribe="" msg.mwi.1.callBackMode="registration" msg.mwi.1.callBack="" msg.mwi.2.subscribe="" msg.mwi.2.callBackMode="disabled" msg.mwi.2.callBack="" msg.mwi.3.subscribe="" msg.mwi.3.callBackMode="disabled"

65

msg.mwi.3.callBack="" msg.mwi.4.subscribe="" msg.mwi.4.callBackMode="disabled" msg.mwi.4.callBack="" msg.mwi.5.subscribe="" msg.mwi.5.callBackMode="disabled" msg.mwi.5.callBack="" msg.mwi.6.subscribe="" msg.mwi.6.callBackMode="disabled" msg.mwi.6.callBack=""/> </msg> <nat nat.ip="" nat.signalPort="" nat.mediaPortStart=""/> </phone1>

phoneMACADDRESS.cfg - This is an "Administrator Created Per-Phone Configuration File" that uses phone1.cfg as a template. Remember, you have to edit your MACADDRESS.cfg file to point to your newly created phoneMACADDRESS.cfg file (delete where phone1.cfg is and put in your phoneMACADDRESS.cfg entry). (They should of just called this file MACADDRESS-phoneconfig.cfg or something of a sort) MACADDRESS-phone.cfg - Any changes that are made locally on the phone are uploaded to the boot server using this file. Changes made via the web server or local user interface are stored internally as overrides. These overrides take precedence over settings contained in the configuration obtained from the boot server that existed previously within the phone. If the boot server permits uploads, these override settings will be saved in this file on the boot server. Changes will permanently override global settings unless deleted via the Reset User Settings menu selection. The phone treats the boot server copy as the original when it boots. (They should of just called this file MACADDRESS-phoneoverrides.cfg or something of a sort. This is really BADLY NAMED)

I found this part kinda confusing when I first read it. Here is what it comes down to. If you make any changes on the phone or via Web Browser on the phone, those settings become "OVERRIDES". So if a user makes a change to a ring or something specific to that phone, it goes into this file. No matter what your global settings say, the settings ON THE PHONE are the settings that the phone uses. Once you make the change on the phone, those settings go into the memory of the phone and get uploaded into this file. If you want to change those settings from the FTP server, you can change the settings IN THIS FILE. Remember, the phone treats the boot server copy of this file as the original when it boots. Here is what it looks like with no changes: <?xml version="1.0" standalone="yes"?> <PHONE_CONFIG> <OVERRIDES/> </PHONE_CONFIG>

7.2.2.4.7 Contact Directory Files The contact directory file 000000000000-directory~.xml - is a sample file (note the extra tilde "~" in the file name) that comes with the SIP update zip file. This file can be used as a template for the Per-Phone MACADDRESS-directory.xml file. The 000000000000-directory.xml file can also be used to seed new phones with and initial directory (remember to remove the "~" from the file name). Phones without a local directory (like new Polycom phones) will download the "00000000000-directory.xml" and base their initial directory on it. You should use an XML

66

editor to edit these files. I like to use a free one called "Open XML Editor" you can download from http://www.philo.de/xmledit/ MACADDRESS-directory.xml - is a Per-Phone contact directory file.

7.2.2.5 Suggestions on how to setup Polycom File Provisioning Here are my goals in this Chapter. Now that you understand what all those files are and how they work, we can begin editing the files.

REMEMBER to use lower case letter when naming the MACADDRESS portion of the file name. Change sip.cfg to COMPANYNAME_SIP.cfg Edit our COMPANYNAME_SIP.cfg to nail down several important GLOBAL settings. Create for each of our phones, per phone MACADDRESS.cfg startup files to nail down file loading and ftp directories. In this file we have to point to the xEXTENSION.cfg and COMPANYNAME_SIP.cfg files. Create for each of our phones, per phone xEXTENSION.cfg files to nail down several individual phone settings (extension numbers, names, etc). Keep the ftp site clean by creating directories named by extensions and making the polycom dump anything individual in there. our company directory contacts file ability for our users to create speed dial entries without messing up the company directory a directory and file listing of how the ftp site will look when we're done

As an example, lets say we have 5 Polycom HardPhones with the following extensions and MAC addresses (substitute the numbers for the phone's mac): x1001 x1002 x1003 x1004 x1005 111111111111 222222222222 333333333333 444444444444 555555555555

7.2.2.5.1 Suggestions on editing the sip.cfg file First we start with the sip.cfg file. Copy the original and put it somewhere safe. Rename your sip.cfg file to something like COMPANYNAME_SIP.cfg. This way you'll know it belongs to you. There are definately a bunch of settings in the COMPANYNAME_SIP.cfg that we want to change. These are the settings we want to be GLOBAL accross all our phones. 1) Turning off the annoying Voicemail Stutter. That Voicemail stutter drove me nuts. That dumb stutter shot off every 30 seconds. Remember the NAT hole issue? Everytime the phone re-registered SIP, it would check voicemail and give a stutter that the user has voicemail. Since the polycom has NAT issues, we are forced to make it register every 30 seconds to keep the NAT hole open. So the stutter would occur every 30 seconds and it drove me nuts. Go to this line <MESSAGE_WAITING se.pat.misc.1.name="message waiting" se.pat.misc.1.inst.1.type="chord" se.pat.misc.1.inst.1.value="1" se.pat.misc.1.inst.2.type="chord" se.pat.misc.1.inst.2.value="2" se.pat.misc.1.inst.3.type="chord" se.pat.misc.1.inst.3.value="1"/> and change it to: <MESSAGE_WAITING se.pat.misc.1.name="message waiting"/> That will get rid of the chirp. If you look closely you'll see that the phone is being told to chirp 3 very short times. Creating that "stutter" you hear. We are just going to remove that portion. 2) SNTP Server Setup. SNTP stand for "Simple Network Time Protocol". Your phone contacts a "Time" server and syncronizes its own time with the time server. The time and date displayed on the LCD uses this info. You need SNTP running too if you're using secure certificates for provisioning. You need to make sure the time and date on these phones match the server's time and date.

67

Go to this entry: tcpIpApp.sntp.address="" and change it to: (I'm pointing to columbia university "sundial.columbia.edu". You should put serve that is physically close to you in this entry) tcpIpApp.sntp.address="sundial.columbia.edu" 3) GMT Offset (Greenwich Mean Time. The time at Greenwich, England, which is used as the basis for standard time throughout the world.) Go to this entry: tcpIpApp.sntp.gmtOffset="" GMT offset for New York City which is "Standard time zone: UTC/GMT -5 hours". Offset in seconds of the local time zone from GMT. Note: 3600 seconds per hour. tcpIpApp.sntp.gmtOffset="-18000" 4) Change the SIP Expiration rate to "60" seconds. This doesn't necessarily mean that the phone will re-register every 60 seconds. The phone will re-register in half the time it negotiates (in this case 60 seconds). According to the manual: This is the phones requested registration period. The period negotiated with the server may be different. The phone will attempt to re-register when half the negotiated period has expired. Play with this setting as much as you need to make it work with your NATS and firewalls. Go to this entry: voIpProt.server.1.expires="" and change it to: voIpProt.server.1.expires="60" 5) Change the MediaPortStart to begin from 10000 because that what is configured on our firewall and thats what asterisk expects from its phones. Go to this entry: nat.mediaPortStart="" and change it to: nat.mediaPortStart="10000" 6) We gotta put the Internet IP address or Internet DNS name of the asterisk server. Go to this entry: voIpProt.server.1.address="" and change it to: voIpProt.server.1.address="pbx01.COMPANYNAME.com" 7) We do NOT want to force the Polycom to communicate ONLY over 5060. Yes, the default is 5060, but by putting it in there by hand, you literally force the phone to communicate ONLY over 5060 and that is BAD. We want 5060 to be the signaling port, but 10,000 and up to be the media ports. Here is what the Polycom manual has to say about it: Local port for sending and receiving SIP signaling packets. If set to 0 or Null, 5060 is used for the local port but it is not advertised in the SIP signaling. If set to some other value, that value is used for the local port and it is advertised in the SIP signaling. Go to this entry and make sure its blank (or in other words NULL): voIpProt.server.1.port="" 8) Volume Persistence - The users selection of the receive volume during a call can be remembered between calls. This can be configured per termination (handset, headset and hands-free/chassis). In some countries

68

regulations exist which dictate that receive volume should be reset to nominal at the start of each call on handset and headset. Go to this entry: <volume voice.volume.persist.handset="0" voice.volume.persist.headset="0" voice.volume.persist.handsfree="1"/> and change it to: <volume voice.volume.persist.handset="1" voice.volume.persist.headset="1" voice.volume.persist.handsfree="1"/>

7.2.2.5.2 Suggestions on editing the MACADDRESS.cfg file Remember that the MACADDRESS.cfg file is just a copy of the 000000000000.cfg file. We have to do some editing to make sure the right files are being loaded and the phone is pointed to the right directories on the FTP server. 1) On the FTP server, lets create folders under FTProot\Polycom with the names of the extensions we are creating. Lets make 5 folders. \Polycom\x1001 \Polycom\x1002 \Polycom\x1003 \Polycom\x1004 \Polycom\x1005 2) Now in the Polycom directory of the ftp server, we'll create the following files (substitute the numbers for the phone's mac): \Polycom\111111111111.cfg \Polycom\222222222222.cfg \Polycom\333333333333.cfg \Polycom\444444444444.cfg \Polycom\555555555555.cfg Edit these files and place the correct information in the correct entry. We're going to point the "LOG_FILE_DIRECTORY" and "OVERRIDES_DIRECTORY" to the new extension's directory too. For example 111111111111.cfg would look like: <?xml version="1.0" standalone="yes"?> <!-- Default Master SIP Configuration File--> <!-- Edit and rename this file to <Ethernet-address>.cfg for each phone.--> <!-- $Revision: 1.14 $ $Date: 2005/07/27 18:43:30 $ --> <APPLICATION APP_FILE_PATH="sip.ld" CONFIG_FILES="x1001\x1001.cfg, COMPANYNAME_SIP.cfg" MISC_FILES="" LOG_FILE_DIRECTORY="x1001" OVERRIDES_DIRECTORY="x1001" CONTACTS_DIRECTORY="x1001"/> 3) In each extension's directory we'll use the phone1.cfg file and create the following configuration files for each phone \Polycom\x1001\x1001.cfg \Polycom\x1002\x1002.cfg \Polycom\x1003\x1003.cfg \Polycom\x1004\x1004.cfg \Polycom\x1005\x1005.cfg

7.2.2.5.3 Suggestions on editing the x1001.cfg file Now we need to edit the individual phone's configuration file that we've created. Lets take \Polycom\x1001\x1001.cfg as an example: The specific settings we are concerned with are:

reg.1.displayName="Lipan, Ginel" - This is what is displayed on your phone. A@H's caller ID over rules this setting. As per their manual "Display name used for local user interface

as well as SIP signaling."

69

reg.1.auth.userId="1001" - The extension used on the phone. As per their manual "User ID to be used for authentication challenges for this registration." reg.1.address="1001" - The extension used on the phone. As per their manual "The actual address corresponding to this registration (userPart or user- Part@polycom.com). For user part only registration (reg.x.address=1002), the registration will be userPart@proxyHostNameOrIPAddress where userPart is reg.x.address and proxyHostNameOrIPAddress is either reg.x.server.1.address if non-Null or voIpProt.server.1.address specified in sip.cfg." reg.1.auth.password="1001" - This is the password to the extension itself. Would be a good idea to make it a random number or something. This is the "secret" entry in AMP under user extensions. reg.1.lineKeys="2" - This tells the phone to use 2 out of the 3 configurable buttons on the 501 (button number 35 and 34) as extensions. So if someone calls while a user is using their extension, As per the manual "max = the number of line keys on the phone. max = 1 on SoundStation IP 4000, max = 2 on IP 300 and 301, max = 3 on IP 500 and 501, max = 6 on IP 600, max = 24 on IP 601 (without any Expansion Modules attached, only 6 line keys are available) The number of line keys on the phone to be associated with registration x.

If you glance at your 501, you can see that there is no speed dial button. To access your speed dial button, you have to hit the "Up Arrow" which is just silly. I am reserving the 3rd button (number 33) to make into a speed dial button. The other 2 buttons will be extension buttons (with the extentions number appearing on the LCD right next to the physical button).

7.2.2.5.4 Suggestions on Speed Dial and Company Wide Contacts Directory Wouldn't it be great if there was one file you can leave in the Polycom FTP Directory that the phone grabs and uses as a company directory? Wouldn't it be great if thats the only file you would have to update everytime there was a change? Wouldn't it be great if that one file wasn't the SAME file as the speed dial file? Oh well. We're out of luck on this one. Heres a good post regarding this: http://voxilla.com/PNphpBB2-viewtopic-t-7252-sid-455bc30861aeb8f425e52c1aa6a83f7c.html

7.2.2.6 Polycom Cheat Sheet I whipped a little cheat sheet up that pretty much addresses all the important parts of the Polycom Setup. This is something I would have hanging on my bulletin board by my desk that I can use to look things up whenever I may need to.

7.2.2.7 Please put in a product enhancement request at the Polycom Site I've already put in a request (01/19/06) at polycom's web site asking for 01) Optional STUN setting - There is no option for a STUN entry on your Polycoms. Being able to point a polycom phone to a STUN server would do a lot to get around NAT issues that occur. Please consider adding this functionality to your polycom phones. 02) IAX2 support (for asterisk servers. IAX is VERY NAT friendly) - IAX2 is a VOIP protocol that Asterisk servers use. It is VERY NAT friendly and an excellent protocol all around. Please consider adding this functionality to your polycom phones. 03) NAT Heartbeat - The Polycom Phones should be globally roam-able. In other words, no matter where they are in the world, as long as the Polycoms can get onto the internet, they should work. When a phone is romaing (home users, users at hotels, etc etc), it is safe to assume that they will be behind a NAT. When a phone registers with the server, it will pass through the NAT, and communicate with the server. Unfortunately, the inbound/outbound hole that the NAT object (router) creates usually only stays open for 30-60 seconds, depending on the router and NAT implementation. If that hole closes, the server can no longer communicate with the phone to send incoming phone calls to the Polycom. To keep the NAT hole open between the phone and a VOIP server open, the Polycom should have an option to send tiny little "Keep Alive" traffic to the Voip Server. For example: XTEN (CounterPath) Softphone uses a tiny little 10 second NAT keep alive. This is an easy way to successfully keep the NAT hole open. Currently, many of your users (including me) are forced to make roaming Polycom phones re-register with the server every 30-60 seconds) to keep NAT holes open. A NAT heartbeat option is desperetaly needed for your phones. Please consider adding this functionality to your polycom phones. 04) Backlight for the LCD panel. - The Plolycom phones have a great big LCD. This is great, except if you need

70

to work in a low light area. The LCD desperately needs some kind of back lighting. Please consider adding this functionality to your polycom phones. 05) Make rebooting OPTIONAL after 'save'ing settings (webpage, phone ui) - Is there any way to be able to make SEVERAL changes to a Polycom phone's setting and THEN be able to reset instead of resetting after 1 change? It is frustrating to have to reset several times to be able to configure phones up to a desired point. 06) Add some kind of phone status to the webpage (registration status, call log, etc) - The web console that controls your Polycom Phones can use some help. There is no way to view registration status, call logs, and other real time information. Please consider adding this functionality to your polycom phones. 07) Allow editing phone book via webpage - The web console that controls your Polycom Phones has no way to edit any contact information or edit any speed dial information. Please consider adding this functionality to your polycom phones. 08) Create a "Company Directory" contacts list that is seperate from the "Speed Dial List" - There is no way to have a "Company Directory" on your Polycoms because the same file that would have the company directory is the same file as the Speed Dial List. There needs to be some kind of change that allows for 1 file on a FTP Provisioning server that allows for easy update of the Company directory that every phone can be pointed to. That file MUST be seperate from the speed dial file because administration would be impossible if I had to change 200 phone's contact file when there is a change to my company's directory. Please consider adding this functionality to your polycom phones. 09) More intuitively named files for easier configuration. - The file names used with the polycom are not intuative. Frankly, they're downright confusing. Please make the file names more intuative. Please consider adding this functionality to your polycom phones. 10) No way to turn off speaker phone using the .cfg files (or any other method). Our company doesn't allow for speakerphones in their cubicles because often it disrupts cubicle neighbors. Please consider adding this functionality to your polycom phones. 11) Make the 2 Ethernet ports on the back of the polycoms GIGABIT ports. 12) Serious improvements need to be made to the web console. Many users feel it is a poor implementation and can be done a lot better. In my opinion, every possible option should be linked to a full explanation of the option with examples. Even more important is to tell the web user what the option translates to in your .cfg files. To many times I've been forced to make the change on the phone, and view the cfg file that is uploaded to my ftp site with the over-ride info to see which option a field points to. The web console needs to be more intuative and helpful. Right now I feel like Polycom is forcing me to wing it. Don't hold your breath for the IAX2 support. I figure we'll be seeing the STUN setting coming soon but I have no idea about the NAT heartbeat option. I strongly suggest EVERYONE go to the polycom feedback demand they add these options to their phones. If they add these options, the Polycoms would be the perfect choice for a VOIP roll out. http://eknowledge.polycom.com/media/Forms/Enhancement_Requests/FER_emailform.html

Chapter 8 Configuring and using Asterisk@Home features 8.1 Conferencing Each extension you create will have its own conference. For example extension 200 has conference 8200. Just dial 8200 to get into your conference. If you dial from 8200 you are the moderator. You need to set a password for the meetme user. Type passwd-meetme from the Linux command line. Once you have started a conference you can manage it from the WebMeetme page. Just enter the extension for the conference. External access for conferences is disabled for security reasons. It is not always desirable for people outside the system to have access to conferences

8.1.1 External access to conferences If you want dial in access to conferences you need to be add an option on one of the auto attendants for this. First go into the Maintenance page and select Edit configs. The file you want to edit is extensions_custom.conf add these lines to the bottom of the file. Update the file and reload configs.

71

custom-meetme include => ext-meetme exten => s,1,BackGround(enter-conf-call-number) exten => h,1,Hangup() Next go into setup and Create a Digital receptionist if you have not already done so. Record a main message for your receptionist. Something like "press # for a company directory or press 1 to enter a conference" click continue and Select 1 for number of menu options. Next you will have to select an Action for this menu item. Click Custom App and type in custom-meetme,s,1 then click continue. That should be it when you dial in you select 1 from the main menu and you will be prompted for your conference number. You can dial 7777 from and extension to simulate an incoming call. 8.2 Weather Forecast Dialing When dialing *61 on a phone connected to a A@H server, a syntesized voice will tell you your local weather. This nifty feature has all been setup in A@H. You will need to make a few changes to point to your local area weather forcast. 1) Go to National Weather Service and find the zone for your city or state. Go to ftp://weather.noaa.gov/data/forecasts/city/ and choose your state, than city. If you click on one of the text files, you'll be able to view its contents. Lets use New York as an example. If we decide on New York, the address we will work with will look like this: ftp://weather.noaa.gov/data/forecasts/city/ny/new_york.txt 2) Now log into your CentOS command line and edit the following file to include the URL for your area: /var/lib/asterisk/agi-bin/weather.agi 8.3 DHCP server Asterisk@Home has a built in DHCP server. This can be used to configure your IP phones. The DHCP server is disabled by default. To make it active type setup-dhcp from the Linux command line. You must then edit the /etc/dhcp.conf file and set it to match your network. On line 4 set up your network address and netmask. On the next few lines enter the setting you want sent to your clients. Edit line 15 and add a range of IP address to give out. Remember to disable any other DHCP servers you have on your network. These may include a Linksys router or Windows internet sharing PC. Reboot your Asterisk@Home system.

8.4 Flash Operator Panel Flash Operator Panel is a real-time web interface to Asterisk. You can see what all of your extensions, trunks, and conferences are doing. The op_buttons.conf file has all of the configs for each button in Flash Operator Panel you can edit this using the Config Edit button on the maint menu. You must reboot the Asterisk or restart the panel service after you make changes. The normal config files for Flash Operator Panel end in .cfg we changed them to .conf so they would match the other Asterisk files. See the Flash Operator Panel we site for more info on Flash Operator Panel. http://www.asternic.org/ Open your web browser and go to FOP. You should now be able to click on the little lock, put in your password and you will see it lock up. Now you can begin manipulating items in the panel. The Flas Operator Panel can easily cause the Safari browser for Mac OS X to crash when it refreshes.

8.4.1 Hang-up on a Call You can end a call by clicking the big red button.

8.4.2 Transfering a Call

72

Simply drag the little telephone over to the new extension and it will transfer the call.

8.4.3 Initiating a Call You can drag and drop your little telephone to another extension. First it will start by ringing your phone then when you pick up and then it will ring the other extension. Once the destination phone is picked up it will initiate the call.

8.4.4 How to Create a Conference Before creating a conference, there needs to be a call between two extensions first. Then you can add another extension to the conversation (thereby creating a conference) by grabbing an extension in the flash panel and dropping it into the conversation and it will connect you.

8.5 FTP server (vsftpd) Asterisk@Home has an FTP server that is used primarily for configuring phones that use FTP such as Polycom. For security reasons only one user is configured by default to user ftp. This user is ftpuser (password: asteriskftp). It can access file in the /var/ftp directory. If you would like other users to have ftp access add them to the /etc/vsftpd.user_list file.

8.6 Cisco XML Services Asterisk@Home has a Cisco XML Services that can be used to look up contacts in a database. Click on CRM from the Asterisk@Home main menu. (user: admin password: password) and enter all of your contacts and their phone numbers. Use the setup-cisco command to set up SIPDefault.cnf for your Cisco phones. The setup-cisco script will set your Services URL to http://ipaddressofyourasteriskbox/cisco/directory/services.php you can then use the Services button of your Cisco phone to call your contacts.

8.7 Music On Hold (mpg123) Asterisk@Home has now uses mpg123 for music on hold. Put a call on hold and they hear music not dead air! See http://voip-info.org for more info. www.voip-info.org music on hold info 8.8 FAX to E-mail Type install-pdf from the Linux command line. This will install support for encoding incoming faxes as PDFs and e-mailing them. 8.8.1 Fax support (SpanDSP)

This section breaks away from the sections above (and below) since this exercise is more complex. Please note your current state of setup, so that you may revert to it after performing this short section, or better yet, just read the below as theory to be used at a later date when you have completed the rest of the manual. The very, very specific case we are going to cover here is a Digium card with 4 ports; Port 1 is for a real live, paper-eating, paper-spewing fax, and ports 2, 3 and 4 are voice lines from various PSTNs. Port one is an FXS port, while ports 2, 3, and 4 are FXO. Adjust to suit your environment.

create 3 separate Zap trunks for 2, 3, and 4, using their numerals in the "Zap Identifier" when you hunt an outgoing call, use these trunks, in the order you want to try them for availability make sure you don't use the Asterisk@home default Zap group (g0) when hunting, or you may end up calling your fax machine on Port 1 for outgoing calls since this default group (g0) does not make any distinction between FXS and FXO create 1 Zap extension for you fax port, using the number '1' for the "channel" field. When you review your changes, you will see the '1' has been expanded into a more complex data structure, btw

73

point your fax setting at the new Zap extension, for instance under your primary "Inbound Routing" set up test away, sending a fax to the previous steps "Inbound Routing" route

You may notice that fax call recognition by Asterisk seems flaky. This may be because Asterisk is listening on the answered in-coming call line for a fax beep from the sender, but the timing of this beep has a wide range of variability since the sending fax has no idea when the call picked up, it just blindly sends the fax tone every few seconds this may differ on newer fax machines and for various fax models, but then you can't ask your senders to all buy newer fax machines, can you? So if the call is picked up by Asterisk just after the fax tone is sent, Asterisk will probably not hear the tone the next time around before it figures the call is a voice call and starts executing the code to handle a voice call: your phones may ring, the call may be placed in a queue, etc, depending on how you programmed Asterisk to handle voice calls. All of this is very irritating. Unfortunately, the solution may call for a unique fax number with special programming to wait an extra long time when that line is picked up. Waiting an extra long time before sending the call to the voice programming phase will then cause your voice callers to hear dead air for that period unless you program in a fake ring. This working well would be a nice addition to Asterisk@Home possibly, but may introduce other kinds of confusion if not done well and documented. As for the tone Asterisk hears from the sending fax, you will see the recognition of the tone in the "full" log Asterisk@Home spews out by default under /var/log/asterisk. When you are done reverse all changes made in this short step to what they were previously, if you need to continue with the flow of this manual.

8.9 xPL xPL is a very simple and powerful home automation protocol. It can be used it interface Asterisk into an existing home automation system. For example if you get a call your TiVo can display the caller ID info on your TV screen and turn down the stereo. If you have a Microsoft based home automation system, see the xPL project page (http://www.xplproject.org.uk/). If you have a fully Linux based system MisterHouse (http://www.misterhouse.net) has a good xPL interface. One of the best features of xPL is the ability to mix and match applications. A few Windows apps, MisterHouse on Linux, Asterisk@Home on CentOS, and a TiVo can all be on the same network and share xPL information. xPL is not running be default. To enable it type cd /usr/src/xplast then type ./install.sh Once xPL is installed and running it will send out xPL heartbeat messages. xPL will also send out notification of new voicemail messages. xPL can also send out callerid info for any incoming calls. you must add a line to extensions.conf to make it do this. Add this line to extension.conf at a location where you want the callerid sent out. exten => s,1,AGI,xplring.agi For example a good place to add this line is to the from-pstn-timecheck section. Be sure to renumber the following lines.

from-pstn-timecheck exten => .,1,Goto(s,1) exten => s,1,AGI,xplring.agi exten => s,2,GotoIf($${IN_OVERRIDE} = forcereghours?from-pstn-reghours,s,1:) exten => s,3,GotoIf($${IN_OVERRIDE} = forceafthours?from-pstn-afthours,s,1:) exten => s,4,GotoIfTime(${REGTIME}|${REGDAYS}|*|*?from-pstn-reghours,s,1:) exten => s,5,Goto(from-pstn-afthours,s,1)

8.10 Sugar CRM SugarCRM is a complete CRM (Customer Relation Management) system. Although most of the features of this software package are beyond the needs of home users the contact management module in this package is the best we have ever seen in a web application. SugarCRM also has sophisticated user management. Asterisk@Home uses SugarCRM mainly to manage contacts. SugarCRM is integrated into the Cisco XML phone directory making it possible to look up CRM contacts from a Cisco phone.

74

We have also added a click-to-dial function to CRM so that you can dial contacts directly from the web interface. The default account for CRM is admin with a password of password. Once you have logged in you can create CRM users. You should make a CRM user for each extension. Enter the extension of a phone when you create a user so Asterisk will know where to send click-to-dial calls for that user. Use standard Asterisk notation for extensions. For example for sip extension 200 enter SIP/200 in the extension field.

8.12 VoiceMail To enable voicemail on an extension simply "enable" it in the extensions config from the AMP gui. To support sending of mail, refer to this entry: http://sourceforge.net/forum/message.php?msg_id=3387743 from the forums. Another good message from the forums to review is the following. http://sourceforge.net/forum/message.php?msg_id=3432175 But one item not mentioned in either of these messages is the need to first install the sendmail package with yum. yum install sendmail-cf Basic steps to be able to send your voice mail through email once you have enabled the feature in an extension. Login to asterisk server via ssh. yum install sendmail-cf This installs the necessary files for configuration of the snedmail client. nano /etc/mail/sendmail.mc Edit the following lines dnl define(`SMART_HOST',`smtp.yourprovider') to define(`SMART_HOST',`smtp.yourprovider') Then press CTRL-X, and type in Y, hit enter. You'll be asked for the file name you want "File Name To Write: /etc/mail/sendmail.mc", so hit enter. make -C /etc/mail This rebuilds your /etc/mail/sendmail.cf file. /etc/init.d/sendmail restart This restarts sendmail. You should now be able to have your voice mails sent to you via email.

8.12.1 Retrieving Voicemail To listen to voicemail, there are 4 ways: 1. Pick up your extension and dial *98. 2. Call your extension form an outside line, and press * when your hear your voicemail greeting. 3. Log in to the Asterisk Recording interface at http://your.asteriskbox.address/recordings/. Use your extension number and voicemail password to log in. 4. Receive it in an email if your system is configured to do so. Depending on system configuration, your voicemail may or may not be available on the Asterisk system after it is emailed to you.

8.13 Connecting to your CentOS Command Line Remotely

75

Being able to connect to your CentOS Command Line remotely can a vital part of administering Asterisk@Home. Being able to do so securely is an absolute requirement. Asterisk@Home uses OpenSSH to accomplish this.

8.13.1 What is OpenSSH According to Wikipedia and the OpenSSH web site http://www.openssh.com/ OpenSSH (Open Secure Shell) is a set of computer programs providing encrypted communication sessions over a computer network using the SSH protocol. It was created as an open alternative to the proprietary Secure Shell software. OpenSSH is a FREE version of the SSH protocol suite of network connectivity tools that increasing numbers of people on the Internet are coming to rely on. Many users of telnet, rlogin, ftp, and other such programs might not realize that their password is transmitted across the Internet unencrypted, but it is. OpenSSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other networklevel attacks. Additionally, OpenSSH provides a myriad of secure tunneling capabilities, as well as a variety of authentication methods. The OpenSSH suite includes the ssh program which replaces rlogin and telnet, scp which replaces rcp, and sftp which replaces ftp. Also included is sshd which is the server side of the package, and the other basic utilities like ssh-add, ssh-agent, ssh-keysign, ssh-keyscan, ssh-keygen and sftp-server. OpenSSH supports SSH protocol versions 1.3, 1.5, and 2.0. OpenSSH is primarily developed by the OpenBSD Project, and its first inclusion into an operating system was in OpenBSD 2.6. The software is developed outside the USA, using code from roughly 10 countries, and is freely useable and re-useable by everyone under a BSD license.

8.13.2 How do I begin using OpenSSH? Luckily OpenSSH is already installed on A@H. That means we don't have to worry about installing and configuring it (in other words, I won't be covering the installation in this handbook). Please note, you really don't have to create a Public/Private key pair. You can always use an SSH client to connect to your A@H Server without the keypair, however in the long run its more secure to do it this way. First we need to create a Public/Private key pair. OpenSSH uses this key pair to encrypt information between itself and the client software that connects to it. After you create the key pair, you should use the same file on all your Asterisk servers. At the CentOS command line, type the following command: ssh-keygen -t rsa and press ENTER 3 times. Note, you can put in a key passphrase if you want. When you use the file in your SSH client, you'll be asked to retype the passphrase. root@asterisk1 /# ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Created directory '/root/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: 5a:01:1a:20:6f:b9:54:68:b1:b1:d0:3e:e3:26:34:70 root@asterisk1.local 8.14 Open A2Billing To login to Open A2Billing, go to http://asteriskipaddress/a2billing Default login details are "root" and "myroot". 8.15 Bluetooth Presence Detection Imagine if your PBX can automatically forward calls to your bluetooth-enabled cellphone when you leave home (or wherever the PBX is installed). AAH 2.1+ lets you do just that and here's how...

76

8.16 Setting up your NTP Time Server According to the wikipedia: The Network Time Protocol (NTP) is a protocol for synchronising the clocks of computer systems over packetswitched, variable-latency data networks. NTP uses UDP port 123 as its transport layer. It is designed particularly to resist the effects of variable latency. Using an NTP server entry, you can make absolutely sure that the time on your A@H server is the actual time according to whatever time authority is out there (US Naval Observatory?). Your A@H Server already has NTP installed by default. However you may want to change the default setting sometimes. For example, you want your A@H server to point to the same NTP server as your Polycom Phones, etc etc. For a list of NTP servers, please refer to: http://ntp.isc.org/bin/view/Main/WebHome Please avoid using Public NTP Primary (stratum 1) Time Servers. These servers are ONLY for use by the Public NTP Secondary (stratum 2) Time Servers. Please use a Secondary server listed here (I personally use a pool server): http://ntp.isc.org/bin/view/Servers/StratumTwoTimeServers Better yet, use a pool listing! That way if one NTP server ever goes down, it will send the A@H server to another server! Very cool! http://ntp.isc.org/bin/view/Servers/NTPPoolServers For example, since I'm in NYC, I will use a sub-zone of the North American servers (northamerica.pool.ntp.org). There are 171 servers in this zone so I know I'm good to go. The listing is as follows: server server server 0.us.pool.ntp.org 1.us.pool.ntp.org 2.us.pool.ntp.org

Once you've decided what server you want to use, login to your CentOS console and type in the following command to make sure you have NTP installed: rpm -qa | grep ntp If you see "ntp-4.2.0.a.20040617-4" (or something of a sort), then go ahead and type in the following to make sure you can even reach your server: ntpdate 0.us.pool.ntp.org If not, find out why. Maybe its your firewall, DNS is not resolving, etc etc. (My server was on a DMZ with very tight rules and I forgot to open up NTP). Once you get it to work, type in the following command to change your NTP servers: nano /etc/ntp.conf

8.17 Changing *60 to give the exact time

The time of day routine accessed by dialing *60 uses the phrase, "At the sound of the tone, the time will be exactly...", which conveys a false sense of accuracy - users might actually think that the beep tone falls on the turn of the minute, which is not the case. At the cost of quite a bit of extra code, you can make this routine give the time at ten second intervals, with a beep that falls within approximately one second of the stated time, which should be close enough for most applications. Of course this will not be accurate if the computer's clock is not synched to an accurate NTP server, as described in the previous paragraph. Here is a revised Time of Day routine, which replaces the existing one that is usually found in extensions_custom.conf in AAH:

exten => *60,1,ringing exten => *60,2,Set(FutureTime=$[${EPOCH} + 8]) exten => *60,3,Set(FutureTimeMod=$[${FutureTime} % 10])

77

exten => *60,4,Set(FutureTime=$[${FutureTime} - ${FutureTimeMod}]) ;180 in next line is max # seconds connection can be held open. Use multiples of 10. exten => *60,5,Set(MaxConnectTime=$[${FutureTime} + 180]) exten => *60,6,Set(FutureTimeMod=$[${FutureTime} - ${EPOCH}]) exten => *60,7,GotoIf($["${FutureTimeMod}" < "0"]?10:8) exten => *60,8,wait(1) exten => *60,9,goto(6) exten => *60,10,Answer exten => *60,11,Set(FutureTime=$[${FutureTime} + 10]) exten => *60,12,Set(FutureTimeMod=$[${FutureTime} % 60]) exten => *60,13,wait(1) exten => *60,14,playback(at-tone-time-exactly) exten => *60,15,SayUnixTime(${FutureTime},,I) exten => *60,16,SayUnixTime(${FutureTime},,M) exten => *60,17,GotoIf($["${FutureTimeMod}" = "0"]?18:20) exten => *60,18,SayUnixTime(${FutureTime},,p) exten => *60,19,goto(23) exten => *60,20,playback(and) exten => *60,21,SayUnixTime(${FutureTime},,S) exten => *60,22,playback(seconds) exten => *60,23,Set(FutureTimeMod=$[${FutureTime} - ${EPOCH}]) exten => *60,24,GotoIf($["${FutureTimeMod}" < "1"]?27:25) exten => *60,25,wait(1) exten => *60,26,goto(23) exten => *60,27,playback(beep) exten => *60,28,Set(FutureTimeMod=$[${MaxConnectTime} - ${EPOCH}]) exten => *60,29,GotoIf($["${FutureTimeMod}" < "1"]?30:11) exten => *60,30,Hangup Others have proposed modifying the time of day routine, for example at this page: http://www.planetwayne.com/forums/viewtopic.php?p=248&sid=fcbd6779fdc8f92ceac9232b9eb6ca55 However I believe the above routine is more accurate, if a bit longer. Note: Modified after original post to include timeout in case caller doesn't hang up & minor error corrections. Also the timeout as written may occasionally let the caller stay connected for an extra ten seconds; should that really bother anyone you can subtract one or two from the value used used in line 5, e.g. for a three minute (180 second) timeout, instead of using 180 try 179 or 178. The main reason the timeout was added was to prevent someone from parking the call or placing it on hold and consuming system resources.

Chapter 9 Software that is not installed with Asterisk@Home The following software is not installed with Astersik@Home but you definitely may want to consider using it.

9.1 Click-to-Dial using Microsoft Outlook and AstTapi AstTapi is a Microsoft TAPI to Asterisk bridge that makes it possible to do click-to-dial from Microsoft Outlook and other TAPI compliant applications. 9.1.1 Download AstTapi and install it Download this software from Sourceforge at http://sourceforge.net/projects/asttapi/. Be sure that outlook is turned OFF before installing it. When finished, reboot the PC as requested. 9.1.2 Modifying the "Manager_Custom.conf" file in A@H (don't panic! this is easy!) We need to make a quick edit to a A@H text file. You can do this from inside AMP or you can do this from the CentOS command line. First we have to make a login for AstTapi. Click Maintenance under "AMP" and then click "Config Edit" and then click manager_custom.conf. In this file there already is a default AstTapi account you can use. Just remove the # from the permit line and change the 192.168.1.0 to the network address your A@H server is on. This is NOT an IP address! It is the NETWORK address. Now there is a chance that your phone may not even BE on the same network as the asterisk server. If this is true, you'll have to use 0.0.0.0/0.0.0.0 (which means any IP address from any subnet that has access to port 5038 can login). If this is true, you better use a better password then what is already there. Remember this login and password. Save the file. Then reload Asterisk.

78

9.1.3 Configuring AstTapi in outlook Now we need to configure AstTapi inside of outlook. Start outlook and select and click on a contact. There is a phone icon on the bar above the contact. Click that phone icon. A small window will appear with the following (use your imagination): Number to dial Contact: (Contact Name Field) (Open Contact Button) Number: (Phone Number Field) (Dialing Properties Button) (CHECK BOX Create new Journal Entry when starting new call) (Start Call Button) (End Call Button) (Dialing Options Button) (Close Button) Now that you can see the name and number you want to dial, click the "Dialing Options Button". In the "Connect Using Line" field, arrow down to "Asterisk" and click the "Line Properties" button right next to it. Use the following entries in the next window: Asterisk Server: Host: ip of Asterisk server (you can use an IP address here or even a DNS address) Port: 5038 User Information: User: AstTapi (this might be case sensitive) Password: AstTapi (or the password which you have chosen in the "manager_custom.conf" file) User Channel: sip/200 (This is your extension. This is the number that will ring, requiring you to pick it up and get connected to the contact's number) Context: Select "Dial by 'Context'" Context: outbound-allroutes (note, this is in every guide I can find, but didn't work for me on a default install. I had to use "Caller ID" and use my extension's CID and also check off "Attempt to set outgoing ID") (your milage may vary). (If neither work, try empty "Contect - Dial by Contect" or "Dial - Dial out by using the Dial application" fields) Click Apply and OK and OK again Now Click "Start Call" in the "New Call" box to begin the call. Your extension will ring and once you pick it up, asterisk will connect you to the number of the contact you've chosen.

9.2 H.323 add-on This package adds H.323 support to Asterisk it also install the GnuGK H.323 gatekeeper. Installation Copy the asteriskathome-h323.zip file to you Asterisk@Home server using WinSCP. Unzip the file by typing unzip asteriskathome_h323.zip from the command line. Next type ./install.sh When the install is done reboot your Asterisk@Home system. Testing register a SIP phone with Asterisk@Home open Microsoft Netmeeting click on tools -> options -> Advanced calling Under Gateway Settings check off Use a gateway and enter the ipaddress of your Asterisk@Home system. Click OK The calls from the gatekeeper will be put in the from-pstn context. Make sure you have an incoming call route set up so the calls have some place to go. go back to the main NetMeeting screen and type in the extension of your sip phone. You should be connect to

79

your incoming call route. For support try The asterisk-oh323 project home page http://www.inaccessnetworks.com/projects/asterisk-oh323 GnuGK home page http://www.gnugk.org/

9.3 Webmin - Web Based Linux Management Webmin in a great package for managing a Linux box from the web. Webmin make it easy to manage all types of different service in a linux box (file manager, change passwords, etc). To install Webmin download the latest RPM from their web site and install it. http://www.webmin.com/ - Webmin Homepage http://sourceforge.net/projects/webadmin - Sourceforge Page From the CentOS command line type the following: (please note, check to see what is the LATEST version and file name of the webmin "noarch.rpm" file. If it is different from the example, be sure to use the latest file name. At the time of this edit, the file name was webmin-1.260-1.noarch.rpm) wget http://surfnet.dl.sourceforge.net/sourceforge/webadmin/webmin-1.260-1.noarch.rpm rpm -Uvh webmin-1.260-1.noarch.rpm Once it is installed, you can use the following to connect to the web console. HTTP://PutYourAsterisk@HomeIpaddressHere:10000 Once you are successfully connected, we must change the default Webmin port to one that is NOT used by SIP RTP and may cause a potential conflict. In this example we will use port 9999 (one less then the default port). (thanks Alan Mundy) 1) 2) 3) 4) Click on the Webmin Icon, then select "Webmin Configuration". Then click on "Ports and Addresses". In this screen you can change the bind to IP address to 9999 (one port less then the default) When you save this webmin it will connect automatically to the new port

An alternative method would be to edit the file /etc/webmin/miniserv.conf and change the value of: 1) At the command line type nano /etc/webmin/miniserv.conf 2) Change the value of port=10000 to port=9999 3) Save the file and connect using a web browser HTTP://PutYourAsterisk@HomeIpaddressHere:9999

9.4 How to use Shorewall Firewall to protect your A@H Server As you probably already know, SIP and NAT don't play well together. If you're like me, you don't even want to deal with that mess and would rather just place the asterisk directly on the net to avoid any NAT issues. If you decide to go that route you better use a firewall on your asterisk server. I know that CentOS is a very secure operating system. However, you must still use a firewall on the server itself to have some peace of mind. Shorewall is a robust solution for our firewall needs on the A@H server. I would like to thank Samy Antoun for his input. His tutorial on shorewall

80

http://samyantoun.50webs.com/asterisk/firewall/firewall.htm helped me write this section.

9.4.1 What is Shorewall According to the Shorewall Site: http://www.shorewall.net/ The Shoreline Firewall, more commonly known as "Shorewall", is a high-level tool for configuring Netfilter. You describe your firewall/gateway requirements using entries in a set of configuration files. Shorewall reads those configuration files and with the help of the iptables utility, Shorewall configures Netfilter to match your requirements. Shorewall can be used on a dedicated firewall system, a multi-function gateway/router/server or on a standalone GNU/Linux system. Shorewall does not use Netfilter's ipchains compatibility mode and can thus take advantage of Netfilter's connection state tracking capabilities.

9.4.2 How do I download and Install Shorewall? We will download shorewall to the tmp directory and install it from there. Please be sure to check the shorewall web site for the latest RPM file and edit the following commands according to the lastest versions they offer. At the CentOS Command Line type in the following commands to download and install Shorewall. cd /tmp wget http://www.invoca.ch/pub/packages/shorewall/2.2/shorewall-2.2.5/shorewall-2.2.5-1.noarch.rpm rpm -ivh shorewall-2.2.5-1.noarch.rpm

9.4.3 How do I configure Shorewall There are several files that need to be edited to setup our newly installed firewall. You can use nano at the command line to edit the files. They consist of the following files: /etc/shorewall/interfaces /etc/shorewall/masq /etc/shorewall/policy /etc/shorewall/routestopped /etc/shorewall/rules /etc/shorewall/shorewall.conf /etc/shorewall/start /etc/shorewall/zones Each file is a text file with a pretty good description of what options you have and examples of how to use those options. I will not be cut and pasting the descriptions here because the wiki would become pretty large. I will however cut and paste a simple network setup and how it would be configured. Our example will be a simple internet connection (it doesn't really matter if it's DSL, Cable, T1 or whatever). We will have a Static Internet IP address of Eth0 1.1.1.1 255.255.255.248. Remember, we don't.....

9.4.3.1 The Interfaces File You must add an entry in this file for each network interface on your firewall system. Our Example: 1. ZONE INTERFACE BROADCAST OPTIONS

net eth0 detect routefilter,norfc1918,tcpflags loc eth1 detect tcpflags 1. LAST LINE ADD YOUR ENTRIES BEFORE THIS ONE DO NOT REMOVE

9.4.3.2 The Masq File Use this file to define dynamic NAT (Masquerading) and to define Source NAT (SNAT). (not sure why eth0 and eth1 need to be listed that way since there is no NAT occuring).

81

Our Example: 1. INTERFACE SUBNET ADDRESS PROTO PORT(S) IPSEC

eth0 eth1 1. LAST LINE ADD YOUR ENTRIES ABOVE THIS LINE DO NOT REMOVE

9.5 How to use IPCOP firewall to protect the A@H Server

9.6 The definitive guide to Sound Card Installation A@H 2.0-2.1 I would like to thank Tracy Carlton for an amazing well done guide and code. Step 1: Edit the channels makefile to allow the compiling of chan_oss.so Open/Edit /usr/src/asterisk/channels/makefile On or about line 16 find: CHANNEL_LIBS=chan_sip.so chan_agent.so chan_mgcp.so chan_iax2.so chan_local.so chan_skinny.so chan_features.so Following chan_features.so add {space} chan_oss.so Save and exit the file. Step 2: Recompile Asterisk to build chan_oss.so From the linux command line (via SSH/Putty or console) change to the Asterisk source code directory: cd /usr/src/asterisk Execute the rebuild by typing the following: make clean {enter} make {enter} make install {enter} Step 3: Checking on the chan_oss.so file After the recompile completes verify that a chan_oss.so file exists in the correct directory: /usr/lib/asterisk/modules Step 4: Edit the Asterisk/AMP startup script to allow Asterisk access to the soundcard device. Open/Edit /usr/sbin/amportal On or about line 34 find: chown -R asterisk:asterisk /dev/zap chown asterisk /dev/tty9 Insert the following line between these two lines: chown -R asterisk:asterisk /dev/dsp After which the lines should exactly match this: chown -R asterisk:asterisk /dev/zap chown -R asterisk:asterisk /dev/dsp chown asterisk /dev/tty9 Now save and exit the file Step 5: Create the Asterisk configuration file for chan_oss.so: oss.conf Copy and paste exactly the text below:

82

; ; Open Sound System Console Driver Configuration File ; general ; ; Automatically answer incoming calls on the console? Choose yes if ; for example you want to use this as an intercom. ; autoanswer=yes ; ; Default context (is overridden with @context syntax) ; context=from-internal ; ; Set overridecontext to yes if you want the context specified above ; to override what someone places on the command line. ; overridecontext=yes ; ; Default extension to call ; extension=s ; ; Default language ; language=en ; ; Silence suppression can be enabled when sound is over a certain threshold. ; The value for the threshold should probably be between 500 and 2000 or so, ; but your mileage may vary. Use the echo test to evaluate the best setting. ;silencesuppression = yes ;silencethreshold = 1000 ; ; On half-duplex cards, the driver attempts to switch back and forth between ; read and write modes. Unfortunately, this fails sometimes on older hardware. ; To prevent the driver from switching (ie. only play files on your speakers), ; then set the playbackonly option to yes. Default is no. Note this option has ; no effect on full-duplex cards. playbackonly=yes ; Save this file to the Asterisk configuration directory via WinSCP or a Samba file share as: oss.conf in /etc/asterisk After saving the file change its permissions to allow Asterisk to access it. From the linux command line (via Putty or direct) type the following: cd /etc/asterisk {enter} chmod 0777 oss.conf {enter} chown asterisk:asterisk oss.conf {enter} Step 6: Enable Asterisk to automatically load chan_oss.so upon startup. From a web browser enter the following URL to directly access the Config Edit web editing utility: http://xxx.xxx.xxx.xxx/maint/phpconfig/phpconfig.php Substituting your Asterisk servers IP Address for xxx.xxx.xxx.xxx. Login as maint as you would normally. Find the file modules.conf and click to open it. On or about line 30 find: ; Load either OSS or ALSA, not both ; By default, load OSS only (automatically) and do not load ALSA ; noload => chan_alsa.so noload => chan_oss.so

83

; Change the line containing the reference to chan_oss.so from noload to load. load => chan_oss.so Verifiy that the line containing the reference to chan_alsa.so is set to noload as shown below: ; Load either OSS or ALSA, not both ; By default, load OSS only (automatically) and do not load ALSA ; noload => chan_alsa.so load => chan_oss.so ; Click the Update button but DO NOT click on the Re-Read Configs link yet. Step 7: Add a custom dial plan script to access the soundcard as a paging port. While still in the Config Edit web interface find and click to open: extensions_custom.conf On or about line 16 find: exten exten exten exten exten => => => => => *60,1,Answer *60,2,Playback(at-tone-time-exactly) *60,3,SayUnixTime(,,IMp) *60,4,Playback(beep) *60,5,Hangup

Insert the following lines directly ABOVE this block: exten => *52,1,Dial(console/dsp) exten => *52,2,Playback(custom/bosun) exten => *52,2,Hangup() Allow one blank line between each block. The custom/bosun.gsm file is the bosuns whistle sound effect used as an intercom/paging alert tone aboard the USS Enterprise from Classic Star Trek. Any short alert type sound such as the default beep.gsm can be used. Click on the Update button and then click on the Re-Read Configs link. Step 8: Hookup and Test the paging function. If not already connected, connect the soundcards primary speaker output (if it has more than one) to the inputs of the paging amplifier or for testing use common computer speakers or headphones. IMPORTANT NOTE: The soundcard may not produce ANY sound output unless there is some sort of resistance (load) being put on the output jack. For this reason always attach speakers, headphones, or an amplifier to the sound card and reboot before testing. Reboot the Asterisk server. After rebooting test the paging by dialing the Paging Code *52 from any handy telephone. If after adjusting volume levels on the speakers/headphones/amplifier you still have no sound at all skip to Step 10. Otherwise continue on to Step 9. Step 9: Finish the Installation. If not already connected to the final device do so now and adjust volume levels to suit. YOU ARE DONE! Congratulations!!! Step 10: Correcting Centos volume level issues. Centos 4.x appears to set the soundcards outputs to muted and also a zero volume level requiring a mixing/tuning utility to correct these issues. From the linux command line (via Putty or direct) execute the following command: yum list | grep alsa {enter} NOTE: This REQUIRES access to the internet. Due to the fluid nature of linux the list returned may not match exactly the list below:

84

alsa-lib.i386 alsa-lib-devel.i386 alsa-utils.i386 Execute the following command: yum y install {item 1} {item 2} {item 3} {item x} {enter} For example: yum y install alsa-lib.i386 alsa-lib-devel.i386 alsa-utils.i386 {enter} After the download and installation completes, reboot the Asterisk server. Step 11: Un-mute and tune the soundcard. It is suggested that a pair of headphone be used for this step for best results. After the reboot enter the following command from the linux command line (via Putty or direct) - For this step a keyboard and color monitor connected directly to the Asterisk server is highly recommended: alsamixer {enter} This SHOULD launch the alsamixer utility application. Alsamixer is a text based soundcard mixer/tuner. It is functionally identical and visually similar to the MS Windows sound card mixer/tuner. Each channel and/or feature is listed with it own control. Because of the large number of soundcard makes and models the exact number, labeling, and order of these channels will vary. However, there are only TWO channels that need to be adjusted and they are a constant: The MASTER channel and the PCM channel. NOTE: It is recommended that prior to adjusting the levels that the paging code be dialed and an active paging session be underway. This will allow for on-the-fly real-time volume level setting to be done. On-Screen, each channel consists of a Label Box at the base of a Slider Bar with a Mute Status indicator at the top. The channel currently being edited will have its name in the label box listed in red as opposed to white for all others. For switching or scrolling through channels use the left and right arrow keys. To adjust the level of a channel use the up and down arrows. To mute or un-mute a channel us the mute toggle key the M key. To exit and save you level adjustments press the ESC key. The levels of both the MASTER channel and the PCM channel must be adjusted for satisfactory volume levels and both channels MUST be UN-MUTED for correct functioning. Starting with the far left or first channel, this should be the MASTER channel. Use the M key to un-mute the channel if it is muted (It most likely is muted.). Adjust the level to 55. This is a good middle of the road value to start testing with. Using the left and right arrow keys scroll through the channels until you find the PCM channel and, if necessary, un-mute the channel then adjust its level to 55 as well. If headphones are being used, test this level as being of average loudness and not to loud and/or distorted. If the level is to high adjust each channel down slightly until a comfortable level is reached. If the sound level is too quiet then adjust up the level in the same fashion. After the levels have been adjusted to a satisfactory level press the ESC key to save the level settings and exit. These values are stored in a file that is parsed during startup making them, in effect, permanent. Once set, no changes should be required unless a hardware change occurs. Return to Step 9.

9.7 The definitive guide to Sound Card Installation, configuration and usage with A@H 2.2+ I would like to thank Tracy Carlton for writing this exceptional guide. Step 1: Edit the Asterisk/AMP startup script to allow Asterisk access to the soundcard device. Open/Edit /usr/sbin/amportal On or about line 34 find: chown -R asterisk:asterisk /dev/zap chown asterisk /dev/tty9 Insert the following line between these two lines:

85

chown -R asterisk:asterisk /dev/dsp After which the lines should exactly match this: chown -R asterisk:asterisk /dev/zap chown -R asterisk:asterisk /dev/dsp chown asterisk /dev/tty9 Now save and exit the file. Step 2: Create the Asterisk configuration file for chan_oss.so: oss.conf Copy and paste exactly the text below: ; ; Open Sound System Console Driver Configuration File ; general ; ; Automatically answer incoming calls on the console? Choose yes if ; for example you want to use this as an intercom. ; autoanswer=yes ; ; Default context (is overridden with @context syntax) ; context=from-internal ; ; Set overridecontext to yes if you want the context specified above ; to override what someone places on the command line. ; overridecontext=yes ; ; Default extension to call ; extension=s ; ; Default language ; language=en ; ; Silence suppression can be enabled when sound is over a certain threshold. ; The value for the threshold should probably be between 500 and 2000 or so, ; but your mileage may vary. Use the echo test to evaluate the best setting. ;silencesuppression = yes ;silencethreshold = 1000 ; ; On half-duplex cards, the driver attempts to switch back and forth between ; read and write modes. Unfortunately, this fails sometimes on older hardware. ; To prevent the driver from switching (ie. only play files on your speakers), ; then set the playbackonly option to yes. Default is no. Note this option has ; no effect on full-duplex cards. playbackonly=yes ; Save this file to the Asterisk configuration directory via WinSCP or a Samba file share as: oss.conf in /etc/asterisk After saving the file change its permissions to allow Asterisk to access it. From the linux command line (via Putty or direct) type the following: cd /etc/asterisk {enter} chmod 0777 oss.conf {enter} chown asterisk:asterisk oss.conf {enter} Step 3: Enable Asterisk to automatically load chan_oss.so upon startup. From a web browser enter the following URL to directly access the Config Edit web editing utility: http://xxx.xxx.xxx.xxx/maint/phpconfig/phpconfig.php

86

Substituting your Asterisk servers IP Address for xxx.xxx.xxx.xxx. Login as maint as you would normally. Find the file modules.conf and click to open it. On or about line 30 find: ; Load either OSS or ALSA, not both ; By default, load OSS only (automatically) and do not load ALSA ; noload => chan_alsa.so noload => chan_oss.so ; Change the line containing the reference to chan_oss.so from noload to load. load => chan_oss.so Verifiy that the line containing the reference to chan_alsa.so is set to noload as shown below: ; Load either OSS or ALSA, not both ; By default, load OSS only (automatically) and do not load ALSA ; noload => chan_alsa.so load => chan_oss.so ; Click the Update button but DO NOT click on the Re-Read Configs link yet. Step 4: Add a custom dial plan script to access the soundcard as a paging port. While still in the Config Edit web interface find and click to open: extensions_custom.conf On or about line 16 find: exten exten exten exten exten => => => => => *60,1,Answer *60,2,Playback(at-tone-time-exactly) *60,3,SayUnixTime(,,IMp) *60,4,Playback(beep) *60,5,Hangup

Insert the following lines directly ABOVE this block: exten => *52,1,Dial(console/dsp) exten => *52,2,Playback(custom/bosun) exten => *52,3,Hangup() Allow one blank line between each block. The custom/bosun.gsm file is the bosuns whistle sound effect used as an intercom/paging alert tone aboard the USS Enterprise from Classic Star Trek. Any short alert type sound such as the default beep.gsm can be used. Click on the Update button and then click on the Re-Read Configs link. Step 5: Hookup and Test the paging function. If not already connected, connect the soundcards primary speaker output (if it has more than one) to the inputs of the paging amplifier or for testing use common computer speakers or headphones. IMPORTANT NOTE: The soundcard may not produce ANY sound output unless there is some sort of resistance (load) being put on the output jack. For this reason always attach speakers, headphones, or an amplifier to the sound card and reboot before testing. Reboot the Asterisk server. After rebooting test the paging by dialing the Paging Code *52 from any handy telephone. If after adjusting volume levels on the speakers/headphones/amplifier you still have no sound at all skip to Step 10. Otherwise continue on to Step 9. Step 6: Finish the Installation. If not already connected to the final device do so now and adjust volume levels to suit.

87

YOU ARE DONE! Congratulations!!! Step 7: Correcting Centos volume level issues. Centos 4.x appears to set the soundcards outputs to muted and also a zero volume level requiring a mixing/tuning utility to correct these issues. From the linux command line (via Putty or direct) execute the following command: yum list | grep alsa {enter} NOTE: This REQUIRES access to the internet. Due to the fluid nature of linux the list returned may not match exactly the list below: alsa-lib.i386 alsa-lib-devel.i386 alsa-utils.i386 Execute the following command: yum y install {item 1} {item 2} {item 3} {item x} {enter} For example: yum y install alsa-lib.i386 alsa-lib-devel.i386 alsa-utils.i386 {enter} red: After the download and installation completes reboot the Asterisk server. Step 8: Un-mute and tune the soundcard. It is suggested that a pair of headphone be used for this step for best results. After the reboot enter the following command from the linux command line (via Putty or direct) - For this step a keyboard and color monitor connected directly to the Asterisk server is highly recommended: alsamixer {enter} This SHOULD launch the alsamixer utility application. Alsamixer is a text based soundcard mixer/tuner. It is functionally identical and visually similar to the MS Windows sound card mixer/tuner. Each channel and/or feature is listed with it own control. Because of the large number of soundcard makes and models the exact number, labeling, and order of these channels will vary. However, there are only TWO channels that need to be adjusted and they are a constant: The MASTER channel and the PCM channel. NOTE: It is recommended that prior to adjusting the levels that the paging code be dialed and an active paging session be underway. This will allow for on-the-fly real-time volume level setting to be done. On-Screen, each channel consists of a Label Box at the base of a Slider Bar with a Mute Status indicator at the top. The channel currently being edited will have its name in the label box listed in red as opposed to white for all others. For switching or scrolling through channels use the left and right arrow keys. To adjust the level of a channel use the up and down arrows. To mute or un-mute a channel us the mute toggle key the M key. To exit and save you level adjustments press the ESC key. The levels of both the MASTER channel and the PCM channel must be adjusted for satisfactory volume levels and both channels MUST be UN-MUTED for correct functioning. Starting with the far left or first channel, this should be the MASTER channel. Use the M key to un-mute the channel if it is muted (It most likely is muted.). Adjust the level to 55. This is a good middle of the road value to start testing with. Using the left and right arrow keys scroll through the channels until you find the PCM channel and, if necessary, un-mute the channel then adjust its level to 55 as well. If headphones are being used, test this level as being of average loudness and not to loud and/or distorted. If the level is to high adjust each channel down slightly until a comfortable level is reached. If the sound level is too quiet then adjust up the level in the same fashion. After the levels have been adjusted to a satisfactory level press the ESC key to save the level settings and exit. These values are stored in a file that is parsed during startup making them, in effect, permanent. Once set, no changes should be required unless a hardware change occurs. Return to Step 6.

9.8 AsteriDex

88

Work in progress Reference: Introducing AsteriDex: Free Web-Based RoboDialer for Asterisk PBX Systems

9.9 AsteriDex II Work in progress Reference: AsteriDex II: Free Web-Based RoboDialer for Asterisk This is a free software from Nerd Vittles. AsteriDex is a web-based AutoDialer. The AsteriDex autodialer placed calls to all your favorite callees using a web interface. It stores and manage phone numbers in a MySQL database. When you can click on a contact in a web interface, will AsteriDex initiate a call, AsteriDex will first call you at the number you designated for this contact, and then AsteriDex calls the number you clicked on. For those lucky enough to have GrandStream's GXP-2000 IP phone with AutoAnswer, you could even configure AsteriDex to automatically activate the speakerphone and then place the call to the contact you selected. In short, the original worked exactly like Microsoft's TAPI software without the configuration nightmare or your favorite (required) Micro$oft bloatware. Installation and configuration for your Asterisk@Home system was a snap and took less than 10 minutes. It also worked with vanilla Asterisk running the Asterisk Management Panel (AMP) software. AsteriDex was quick to implement and simple to use because it only did one thing, but did it well. The AsteriDex autodialer placed calls to all your favorite callees using a web interface. It's still simple to use, but today we've added two new features. First, you can use AsteriDex to automatically look up CallerID Names in your MySQL database for all your incoming calls. And, second, now you can dial the name of a person in your database by spelling up to five characters of the person's name using any phone in your home or office, and AsteriDex will automatically place the call for you just as if you'd use the web browser interface. Just dial 00 plus the one to five-digit code of the person to call.

9.10 Qmail install qmail on asterisk@home any idea if qmailtoaster.com or qmailrocks.org installer can works on a@h ???

9.11 Web Admin Interface Upgrade (Admin-UI v2.0) A common complaint of the Asterisk@Home distribution is the visual appeal, and functional use of the main web interface/portal. Besides showing all options as text links, it must be manually edited to account for services that have been removed or to accomodate the growing list of 3rd-Party additions built to operate with Asterisk@Home installations. To that end, the Open Source Projects initiative (http://www.kennonsoft.org/) at Kennon Software Corporation (http://www.kennonsoft.com/) created and continues to improve a drop-in replacement for the main Administration web interface of the Asterisk@Home installation. They have upgraded the visual styling to feel a bit more polished, made it dynamic so as to automatically detect which components are installed/running and adjust accordingly, as well as added support for a few common 3rd Party additions, and lastly added the ability to enable/customize an End-User Menu while still providing (optionally secured) access to the full Administration portal as needed. Reference: Full Article, Files and Instructions by Kennon Software Corporation, Open Source Projects

9.12 NetMrg Network Bandwidth Monitoring Its a good idea to look at your bandwidth usage to get a sense of how much of your pipe is being used by your server. Especially if you're using a purely IP solution. What you need is a good bandwidth monitor with fancy graphs showing you all the information you need to make good decisions. Netmrg is an excellent solution for this. A@H 2.7 and earlier does not have NetMgr installed in the ISO so we have to do it manually. Our project

89

manager has agreed to add it to the A@H repetoire for future versions. Netmgr Home Page http://www.netmrg.net/ Netmgr Screeen Shots http://www.netmrg.net/screenshots.php Netmgr Users Manual http://wiki.netmrg.net/wiki/Users_Manual 9.12.1 Installing NetMrg Run the following script from your CentOS command line. How do you get all the text into a file and get it onto your server? Well, there are a lot of ways of doing it but I'm only going to go over one way. 1) In windows, open up notepad and paste the following script into it and save it as install-mrg.dat. Here is the script: #!/bin/bash # Name: install-netmrg # Version: 1.0 # Date: 4/4/06 echo "Installing netmrg" echo"" yum -y install net-snmp net-snmp-utils mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.old echo "rocommunity asterisk" > /etc/snmp/snmpd.conf echo "disk / 100" >> /etc/snmp/snmpd.conf chkconfig snmpd on service snmpd start wget http://dag.wieers.com/packages/rrdtool/rrdtool-1.0.50-3.2.el4.rf.i386.rpm rpm -i rrdtool-1.0.50-3.2.el4.rf.i386.rpm wget http://www.netmrg.net/download/release/binary/netmrg-0.18.2-1.el4.i386.rpm rpm -i netmrg-0.18.2-1.el4.i386.rpm echo "Include /etc/netmrg.conf" >> /etc/httpd/conf/httpd.conf killall -HUP httpd mysqladmin create netmrg -ppassw0rd mysql -u root -ppassw0rd netmrg < /usr/share/netmrg/db/netmrg.mysql echo "grant all on netmrg.* to netmrguser@localhost identified by 'netmrgpass';" | mysql -u root ppassw0rd if ! grep netmrg /etc/crontab >/dev/null 2>&1; then echo "*/5 * * * * netmrg /usr/bin/netmrg_cron.sh" >> /etc/crontab fi chkconfig netmrg on service netmrg start echo echo echo echo echo echo echo echo echo echo "-------------------------------------------------------------------------" "netmrg installed." "" "goto http://asteriskboxip/netmrg" "" "The default login is admin and the default password is nimda" "Be sure to change the default password immediatley" "http://wiki.netmrg.net/wiki/Users_Manual" "HINT: the snmp comunity string is asterisk" "-------------------------------------------------------------------------"

2) Save the file, put it on your ftp server. Login to your CentOS Command line as root, ftp into your ftp server and get that script. Then type in the following command into your CentOS Command line: ~~red:sh install-mrg.dat 3) Now wait until it installs. You can now open up a browser and using your server's IP address or DNS name, browse to Netmrg by using the following:

90

HTTP://asterisk.athome.ip.address/netmrg The Default login is : admin The Default password is: nimda BE SURE TO CHANGE THAT DEFUALT PASSWORD! 4) However you are not done yet. You will find that you can log into NetMrg but the graphs will not render. Now follow these instructions.

Chapter 10 CentOS Tips, tricks and command line help Lots of times CentOS can feel overwhelming because a user may not be very literate on the command line level. Here are some key commands you will want to know 10.1 Helpful commands to know in CentOS help-aah Helpful commands that can be used to help administer A@H poweroff Shutdown command that turns of your computer reboot Reboot the computer ifconfig Shows the IP configuration for all interfaces on your computer dhclient Renews the DHCP IP adr. or request a DHCP adr. tail Shows the end of a file, excellent to use when troubleshooting. Has switches for showing NN rows (-n NN) and to monitor the file continuously (-f)

10.2 What if I use Non-Standard Hardware? Asterisk@Home is designed to work "out of the box" with standard PC hardware such as an Intel 1GIG PIII system. Here is some info on how to get it to work on other hardware.

10.2.1 VIA EPIA 800 mhz board (586 board) Asterisk@Home can run on 586 hardware. you must change the Asterisk Make file and recompile. Load Asterisk@Home on your system. Asterisk will not start. CD to /usr/src/asterisk and edit the Makefile Remove the # in front of the line "PROC=i586" type cd .. then ./rebuildastsrc.sh 10.2.2 Virtual Machines Asterisk@Home runs in virtual enviroment with some limitations. You cannot use any hardware with it because of the timing issues. But all VoIP protocols and services work. This setup might be useful for learning and experimentation. There are pre-installed and pre-configured images of Aserisk@Home are available for download on the Internet.

Chapter 11 Asterisk End User's Manual The purpose with this Chapter is to provide a printable manual that normal people can use as a guide for Asterisk's functions and features. 11.1 Asterisk's Basic Phone Feature List

Call Forwarding System Access - Dial *72 to access your call forwarding system and follow the voice prompts.

91

Call Forwarding Deactivation - Dial *73 to deactivate Call Forwarding.

Call Forwarding on Busy Activation - Dial *90 to forward your calls if the phone is busy.

Call Forwarding on Busy Deactivation - Dial *91 to deactivate Call Forwarding if the phone is busy.

Call Waiting Activation - Dial *70 to activate Call Waiting. This feature is deactivated by default.

Call Waiting Deactivation - Dial *71 to deactivate Call Waiting.

Directory Access - Dial *411 to access a directory that lists others on the PBX. Using someone's last name, you can find their number.

Do-Not-Disturb Activation - Dial *78 to activate Do-Not-Disturb

Do-Not-Disturb Deactivation - Dial *79 to deactivate Do-Not-Disturb

Extension Request using the Festival Voice Simulator - Dial *65 to hear your extension using the Festival Voice Simulator.

Message Center (won't ask for an extension) - Dial *97 to access your message center

92

Message Center (will ask for an extension) - Dial *98 to access your message center

Time Request - Dial *60 to hear the exact time as per Internet Time Servers.

Weather Request - Dial *61 for the weather in your area.

Wakeup Call Scheduling - Dial *62 to schedule a wakeup call.

11.2 Administrative Phone Feature List

Echo Test - Dial *43 Echo Test

Fax Test - Dial 666 to test your fax function

Incoming Call Simulation - Dial 7777 to simulate an incoming call

IVR Recording - Dial *77 for (I)nteractive (V)oice (R)ecording. IVR is used when you don't have anything elase to record voice messages. The file is saved in the Asterisk Directory once it is recorded and can be renamed and moved to where it needs to be.

IVR Recording Playback - Dial *99 to playback your IVR Recording

11.3 Asterisk@Home and Polycom 501 Phones User Guide

Placing an Outside Call . . .

93

Dial 9 (optional) and dial your number Press Dial, Speaker or Lift the handset

Last Number Redial . . .

Press the Redial key

Placing an Intercom Call . . .

Dial extension or Dial 1 + extension (auto answer) Press Dial or Speaker or Lift the handset

Transfer a call to a Co-worker (Screened)

Press the Trnsfer soft key Dial extension number and press # or Send Announce the call Press the Trnsfer soft key to complete the transfer If your co-worker doesnt want the call, press the cancel soft key to return to the call.

Transfer a call to a Co-worker (Unscreened)

Press the Trnsfer soft key Press the blind soft key Dial extension number and press # or Send

Conference . . .

Establish first call Press confrnc soft key Establish next call. When called party answers, press confrnc soft key

Pickup

Dial * 8 + the ringing phones extension number Press the # key or Send

Pickup Group

Dial * 8 Press the # key or Send

Do Not Disturb

Page

Press the Do Not Disturb Key (all call will go to voicemail)

Dial 50 for all zones or 51 for zone 1 or 52 for zone 2 Make your announcement Press the end call to end the page.

94

Parking a Call . . .

Press the Trnsfer soft key Dial 70 and press Send soft key or # Listen for the park position, most probably 71 or 72 Press the Trnsfer soft key to complete the call park

Parked Call pickup . . .

Dial the park position, most probably 71 or 72

To adjust the volume of incoming ringing

When the phone is idle press + or - keys

To change your extension's incoming ring tones . . .

Press the Menu key Press 3, 1, 3 Select the extension and ring type

Headset Operation mode. . .

Press the blue headset key

Call Forwarding

Press the Forward soft key Select which line to forward. Enter a number to forward all calls to. Press the Enable or Disable soft key to confirm

Polycom Station Speed Programming

Press Press Press Press

Directories 1 the More soft key the Add soft key

Polycom Station Speed Dial

Press Directories + 1 or press the blue up key Select your number and press the dial soft key

Station Speed Dial

To Program: Dial **4XX + 1NXXNXXXXXX + send To Check: Dial *4XX + send To Dial: Dial 4XX + send

System Speed Dial

95

To Program: Dial **3XX + 1NXXNXXXXXX + send To Check: Dial *3XX + send To Dial: Dial 3XX + send

AC

Polycom Features

blue up Speed Dial List blue < Missed Calls blue > Placed Calls blue V Received Calls

AC *62 *69 *60 *61 *70 *71 *90 *91 *72 *73 *78 *79 *97 *98

Asterisk End User Features Schedule wakeup call Last Caller Info Time Weather Call Waiting Activate Call Waiting Deactivate Call Forward on Busy Activate Call Forward on Busy Deactivate Call Forwarding Activate Call Forwarding Deactivate Do-Not-Disturb Activate Do-Not-Disturb Deactivate Dial to access your voicemail Dial to access your voicemail (will ask for your extension)

*411 Directory

AC *43 666 7777 *77 Echo Test Fax Test

Administrative Phone Features

Incoming Call Simulation IVR Recording (No indication is given to the other parties)

888XX Silent Monitoring - Listens to the conversation on a specified Zap channel 378XX Direct Trunk Select (Zap only)

Group pickup: In the Extension Setup put all the extensions in the same callgroup and pickupgroup Auto Answer for Page and Intercom: In the ftp directory edit the sip.cfg file <alertInfo voIpProt.SIP.alertInfo.1.value="Ring Answer" voIpProt.SIP.alertInfo.1.class="4"/> <RING_ANSWER se.rt.4.name="Ring Answer" se.rt.4.type="ringanswer" se.rt.4.timeout="2000" se.rt.4.ringer="11"

96

Edit /etc/asterisk/extensions_custom.conf Place at the TOP of the extensions_custom.conf just after: include => custom-speed-dial ; ---------------------------------------------------------------------; Call Pickup ; ---------------------------------------------------------------------exten => _*8XXX,1,Pickup(${EXTEN:2}) ; ---------------------------------------------------------------------; Page ; ---------------------------------------------------------------------exten => 50,1,SIPAddHeader(Alert-Info: Ring Answer) exten => 50,n,Page(sip/201&sip/202&sip/203&sip/204&sip/205&sip/206&sip/207) exten => 50,n,Hangup exten => 50,102,Hangup exten exten exten exten exten exten exten exten => => => => => => => => 51,1,SIPAddHeader(Alert-Info: Ring Answer) 51,n,Page(sip/205&sip/206&sip/207) 51,n,Hangup 51,102,Hangup 50,1,SIPAddHeader(Alert-Info: Ring Answer) 50,n,Page(sip/201&sip/202&sip/203) 50,n,Hangup 50,102,Hangup

; ---------------------------------------------------------------------; Intercom Auto Answer ; ---------------------------------------------------------------------exten => _1XXX,1,SIPAddHeader(Alert-Info: Ring Answer) exten => _1XXX,2,Dial(sip/${EXTEN:1:3}) exten => _1XXX,3,Hangup exten => _1XXX,102,Hangup ; ---------------------------------------------------------------------; At the sound of the tone the time will be ; ---------------------------------------------------------------------exten => *60,1,ringing exten => *60,2,Set(FutureTime=$${EPOCH} + 8) exten => *60,3,Set(FutureTimeMod=$${FutureTime} % 10) exten => *60,4,Set(FutureTime=$${FutureTime} - ${FutureTimeMod}) ;180 in next line is max # seconds connection can be held open. Use multiples of 10. exten => *60,5,Set(MaxConnectTime=$${FutureTime} + 180) exten => *60,6,Set(FutureTimeMod=$${FutureTime} - ${EPOCH}) exten => *60,7,GotoIf($"${FutureTimeMod}" < "0"?10:8) exten => *60,8,wait(1) exten => *60,9,goto(6) exten => *60,10,Answer exten => *60,11,Set(FutureTime=$${FutureTime} + 10) exten => *60,12,Set(FutureTimeMod=$${FutureTime} % 60) exten => *60,13,wait(1) exten => *60,14,playback(at-tone-time-exactly) exten => *60,15,SayUnixTime(${FutureTime},,I) exten => *60,16,SayUnixTime(${FutureTime},,M) exten => *60,17,GotoIf($"${FutureTimeMod}" = "0"?18:20) exten => *60,18,SayUnixTime(${FutureTime},,p) exten => *60,19,goto(23) exten => *60,20,playback(and) exten => *60,21,SayUnixTime(${FutureTime},,S) exten => *60,22,playback(seconds) exten => *60,23,Set(FutureTimeMod=$${FutureTime} - ${EPOCH}) exten => *60,24,GotoIf($"${FutureTimeMod}" < "1"?27:25) exten => *60,25,wait(1) exten => *60,26,goto(23) exten => *60,27,playback(beep) exten => *60,28,Set(FutureTimeMod=$${MaxConnectTime} - ${EPOCH}) exten => *60,29,GotoIf($"${FutureTimeMod}" < "1"?30:11) exten => *60,30,Hangup

97

; ---------------------------------------------------------------------; Direct Trunk Select ; ---------------------------------------------------------------------exten => _387XX,1,ChanIsAvail(Zap/${EXTEN:3} ) exten => _387XX,2,Dial(Zap/${EXTEN:3}/) exten => _387XX,3,Hangup() ; ---------------------------------------------------------------------; Personal Speed Dial ; ---------------------------------------------------------------------; --- DIAL --exten => _4XX,1,Macro(user-callerid) exten => _4XX,2,DBget(speedref=Speed${CALLERIDNUM}/${EXTEN}) exten => _4XX,3,playback(pls-wait-connect-call) exten => _4XX,4,Goto(outbound-allroutes,${speedref},1) exten => _4XX,103,playback(that-number) exten => _4XX,104,playback(is-not-in-the) exten => _4XX,105,playback(speed-dial) exten => _4XX,106,playback(system) exten => _4XX,107,Macro(hangupcall) ; --- PLAY --exten => _*4XX,1,Macro(user-callerid) exten => _*4XX,n,Answer exten => _*4XX,n,DBget(speedref=Speed${CALLERIDNUM}/${EXTEN:1}) exten => _*4XX,n,SetVar(speedreflocation=${EXTEN:1}) exten => _*4XX,n,background(speed-dial) exten => _*4XX,n,saydigits(${speedreflocation}) exten => _*4XX,n,background(has-been-set-to) exten => _*4XX,n,saydigits(${speedref}) exten => _*4XX,n,Macro(hangupcall) ; --- SET --exten => _**4XX.,1,Macro(user-callerid) exten => _**4XX.,n,DBput(Speed${CALLERIDNUM}/${EXTEN:2:3}=${EXTEN:5}) exten => _**4XX.,n,background(speed-dial) exten => _**4XX.,n,SayDigits(${EXTEN:2:3}) exten => _**4XX.,n,background(has-been-set-to) exten => _**4XX.,n,SayDigits(${EXTEN:5}) exten => _**4XX.,n,Hangup ; ---------------------------------------------------------------------; System Wide Speed Dial ; ---------------------------------------------------------------------; --- DIAL --exten => _3XX,1,DBget(speedref=SysSpeed/${EXTEN}) exten => _3XX,2,playback(pls-wait-connect-call) exten => _3XX,3,Goto(outbound-allroutes,${speedref},1) exten => _3XX,102,playback(that-number) exten => _3XX,103,playback(is-not-in-the) exten => _3XX,104,playback(speed-dial) exten => _3XX,105,playback(system) exten => _3XX,106,Macro(hangupcall) ; --- PLAY --exten => _*3XX,1,Answer exten => _*3XX,n,DBget(speedref=SysSpeed/${EXTEN:1}) exten => _*3XX,n,SetVar(speedreflocation=${EXTEN:1}) exten => _*3XX,n,playback(speed-dial) exten => _*3XX,n,saydigits(${speedreflocation}) exten => _*3XX,n,playback(has-been-set-to) exten => _*3XX,n,saydigits(${speedref}) exten => _*3XX,n,Macro(hangupcall) ; --- SET --exten => _**3XX.,1,DBput(SysSpeed/${EXTEN:2:3}=${EXTEN:5}) exten => _**3XX.,n,playback(speed-dial) exten => _**3XX.,n,SayDigits(${EXTEN:2:3})

98

exten => _**3XX.,n,playback(has-been-set-to) exten => _**3XX.,n,SayDigits(${EXTEN:5}) exten => _**3XX.,n,Hangup 11.3 Using Asterisk Voicemail with Polycom phones - User Guide

Transferring a call to voicemail

Press Transfer Press the Blind soft key Dial * plus the mailbox number

Calling your mailbox from your phone

Press the Message key then connect Key or dial *97 Wait for prompt to enter your password (2580)

Calling your mailbox from any phone in the office

Dial * plus your extension Wait for your greeting Press * and enter your password

Calling your mailbox from your Auto Attendant

Dial your main phone number and wait for the Auto Attendant to answer Dial * plus your extension Wait for your greeting Press * and enter your password

Calling your mailbox from outside the office

Ask to be transfer you to * plus your extension Wait for your greeting Enter your extension and password

From your browser

Enter http://<AAH_IP Address>/recordings Enter your extension as your Login Enter your password (default 2580)

Recording your name

Call your mailbox Press 0 Press 3 Record just your name Clark Kent Press # to end the recording

Recording a unavailable, busy, or temporary greeting for your mailbox

Call your mailbox Press 0 Press 1 Unavailable, 2 Busy or 4 Temporary

99

Record your greeting

You have reached voicemail for ___ To bypass the greeting press the pound key. To reach someone else press 0. Please leave your name, phone number and a brief message Voicemail Main Menu 1 Play voicemail messages 2 Change folders * Help # Exit 0 Mailbox options 1 Record your unavailable message 2 Record your busy message 3 Record your name 4 Record your temporary message 5 Change your password * Return to the main menu Voicemail Message Playback Menu 3 Advanced options 1 Reply 3 Envelope 4 Play previous message 5 Repeat current message 6 Next message 7 Delete current message 8 Forward messages to another mailbox 9 Save message in a folder * Rewind during message playback # Skip forward during message playback After recording a message (incoming message, greeting, or name) Press 1 Accept Press 2 Review Press 3 Re-record Press 0 Reach operator Add

hapter 12 Web Resources

Asterisk@Home Official Homepage Asterisk@Home FAQ Asterisk@Home Wiki Page Asterisk@Home Handbook Wiki - A must read Asterisk@Home Forums AMP - Asterisk Management Portal Home Page Web based configuration GUI for Asterisk AMP - Asterisk Management Portal FAQ Asterisk@Home Voip Provider Example Configs via AMP Run AsteriskHome on Windows VOIPSpeak article on using VMWare to run Asterisk@Home on Windows Building Your Own PBX using Asterisk@home by Kerry Garrison Asterisk@Home Tutorial Slides from presentation at Astricon 2005 by Kerry Garrison Setting Up Asterisk@Home v0.8 by Kerry Garrison Pre-configured VMware image with Asterisk@Home, Wildfire Jabber Server and Asterisk-IM by Serge Mankovski Nerd Nerd Nerd Nerd Nerd Nerd Vittles Vittles Vittles Vittles Vittles Vittles ISP-In-A-Box: Installing a Free Asterisk PBX Phone System - Part 1 by Ward Mundy ISP-In-A-Box: Installing a Free Asterisk PBX Phone System - Part 2 by Ward Mundy Tips & Tricks to Turbocharge Your Asterisk@Home PBX - Part 3 by Ward Mundy Turbocharging Your Asterisk@Home PBX - Part 4 by Ward Mundy Putting the Pedal to the Metal with Asterisk@Home - Part 5 by Ward Mundy Save Millions on VoIP Costs: Heres How - Part 6 by Ward Mundy

100

Setup your IP PBX by Charles Hayden Asterisk@Home For Dumb Me by Ben Sharif How to install an HFC Card for Asterisk@home 1.3 and European isdn by donDisperato Asterisk@Home As Shorewall Firewall, Router and Gatewayby Samy http://mach.e-sistemas.net/index.php?op=ViewArticle&articleId=2&blogId=1

Chapter 13 Consultants and Consulting Companies that support A@H The only thing that makes a Small/Medium Business IT Manager think twice about using Asterisk@Home in their enterprise would be the lack of support. There will be times when the forums will not be enough to solve a major A@H issue that may occur and we all know, THE CALLS MUST FLOW. The ability to make a call to get help immediately is very important. Luckily there are some enterprising companies and people who will step up to the plate and offer their assistance. Here is a list of them. (The following list is in no particular order. You will have to evaluate each company and person on your own). The big problem is, its just plain silly that some consulting companies wouldn't support A@H. I wonder if you told them that you have an asterisk server on CentOS with so-and-so software installed, would they help? Most likely. 13.1 Anteil, Inc. Company Name: Anteil, Inc. Company Web Site: http://www.anteil.com Company Email: info@anteil.com Company Address: 160 S Progress Ave STE 3D, Harrisburg, PA 17109 Company Phone Number: (877) OSLINUX Company Fax Number: (717) 657-6142 Type of Support: Per Hour and Contract / CRM Solutions, Asterisk Integration, Custom AJAX Web Applications sip:jcapp@shannon.anteil.com 13.2 Baldwin Technology Solutions Inc. Company Name: Baldwin Technology Solutions Inc. Company Web Site: http://baldwintechsolutions.com/ Company Email: http://baldwintechsolutions.com/contacts.php Company Address: 32 Baldwin Rd Glenville, NY 12302 Company Phone Number: (518) 631-2855 or 866-707-8133 Company Fax Number: (518) 631-2856 Type of Support: You can purchase 1/2 credits or support contracts at reduced rates. Prices: http://baldwintechsolutions.com/aahsupport.php We also have discounted pricing on all hardware we carry for AAH users. Please contact us before making a purchase and ask for AAH special pricing. 13.3 BESTEK - Computer Retail & Solutions Company Name: BESTEK - Computer Retail & Solutions Company Web Site: http://www.bestekpc.ca/ Company Email: sales@bestekpc.ca Company Phone Number: +1-519-653-3940 / FWD: 654015 Company Address: 449 King Street East, Cambridge, Ontario, Canada N3H3N1 Type of Support: Small/medium office deployment of Asterisk@Home; installation and support; End-user training; Equipment sales. 13.4 Dimi Telecom Company Name: Dimi Telecom Company Web Site: tba Company Email: tech@dimitel.com Company Address: Company Phone Number: (972) 9 9611226 Company Fax Number: (972) 9 9581739 Type of Support: Per Hour /ad hoc and Contract. Asterisk@Home. Onsite / Phone / Remote Support and Advice for SME's. Remote support using ssh. Demo system available by arrangement. Will provide training for client's

101

own staff. Custom designed Asterisk based appliances and applications. Tier-1 implementation of Asterisk based services and systems. 13.5 Enhanced Technology Solutions Company Name: Enhanced Technology Solutions Company Web Site: http://www.enhancedtechnologysolutions.com/ Company Email: sales_AT_enhancedtechnologysolutions.com Company Address: PO Box 65778, Albuquerque, NM 87193 Company Phone Number: 505-349-8139 Company Fax Number: 505-217-2330 Type of Support: Hourly consulting rates, full design, deployment, maintenance SLAs for Asterisk@Home and Asterisk systems; training; converged networking 13.6 Enterux Solutions Company Name: Enterux Solutions Company WebSite: http://www.enterux.com/ Company Email: info at enterux dot com Company Phone : +91-9867333566 / +1-302-691-0104 Type of Support: Need help with your Asterisk@Home server? We can provide remote support for you to get you up and running quickly. We can work Per Hour and Contract consulting; Asterisk@Home System design, installation and support. Support provided on-site, remote and over phone; End-user training; VoIP Provider Trunk Setup; Basic Troubleshooting; DID Routing setup; Call routing; custom modifications; digital receptionist; NAT issues with remote extensions; ATA or Hardphone setup. We have help many customers setup remote extensions, VoIP provider trunks, ATA's and custom applications. Support Forum: Indian Asterisk Support Forum, There are quite good chances for you to find your answers in the forum out there. 13.7 Gyantec Company Name: Gyantec Consulting Company Web Site: http://www.gyantec.co.in Company Email: support@gyantec.co.in Company Phone Number: +91-94440-72925 / +1-360-515-3983 Type of Support: Per Hour and Contract consulting; Asterisk@Home System design, installation and support. Support provided on-site, remote and over phone; End-user training; Demo available! 13.8 HealthTech Company Name: HealthTech Consulting Services Ltd Company Web Site: tba Company Email: voip AT healthtech.co.uk Company Address: 42 The Avenue, Alverstoke, Gosport. Hampshire. PO12 2JR. UK Company Phone Number: (44) 02392 586233 Company Fax Number: 07092 111516 Type of Support: Per Hour / Ad Hoc and Contract. Asterisk@Home. Onsite / Phone / Remote Support and Advice for SME's. Remote support using ssh and vnc. Demo systems available by arrangement. Advice, provision, installation and support for networks, asterisk hardware, SIP / IAX2 phones & power over ethernet. Using Smoothwall firewall with AAH. Using QoS for voice quality over adsl lines. Designing AAH for offices with remote homeworkers. Will provide training for client's own staff. Full range of Voip hardware available. 13.9 Jonathan Roper Company Name: Jonathan Roper Company Web Site: TBA Company Email: joe.roper@gmail.com Company Address: The Docks, Portishead, Bristol, BS20 7DF, UK Company Phone Number: +44 7974 245 885 Company Fax Number: N/A Type of Support: VoIP, Telecoms, Asterisk@home, Locustworld Mesh Wifi. Skype:jonathan_roper 13.10 MemonConsulting

102

Company Name: Memon Consulting Company Web Site: http://memoncorp.com Company Email: sales@memoncorp.com Company Phone Number: 866-504-7774 / +1-212-202-5511 Type of Support: Per Hour /ad hoc and Contract; Asterisk@Home System design, installation and support. A@H hosting. Support provided remotely; End-user training; Do you sell A@H? We'll support your clients for you, while representing your company. 13.11 OFB Consulting Company Name: Open for Business Consulting Company Web Site: http://www.ofbconsulting.com/ Company Email: chile at ofbconsulting.com Company Address: Roberto del Rio 1248, Providencia, Santiago-Chile Company Phone Number: (562) 334-2645 Company Fax Number: (562) 249-6552 Type of Support: Per Hour support, Turn key VoIP Consulting, Small / Medium / Large Scale Asterisk at Home based Deployment 13.12 Pibix Company Name: Pibix Telefona IP Company Web Site: http://www.pibix.cl/ Company Email: info at pibix.cl Company Address: Amapolas 3624, Providencia, Santiago-Chile Company Phone Number: (56-2) 223-4746 Company Fax Number: N/A Type of Support: Per Hour support, Turn key VoIP Consulting, Small / Medium / Large Scale Asterisk Deployment Prices: http://www.pibix.cl 13.13 Sound Choice Communications LLC Company Name: Sound Choice Communications LLC Company Web Site: http://www.soundchoicecomm.com/ Company Email: staff@soundchoicecomm.com Company Address: 7839 12th Ave S, Bloomington MN 55425 Company Phone Number: +1.(651)999-0888 Type of Support: DID, Termination, Hourly Support Rates: $90/hr Consulting 13.14 Tech Data Pros Company Name: Tech Data Pros Company Web Site: http://techdatapros.com/ Company Email: support@techdatapros.com Company Address: 5142 Yearling Ave. Irvine, Ca 92604 Company Phone Number: (888) I-DO-VOIP or (949) 502-7819 Company Fax Number: N/A Type of Support: Per Hour Support Prices: http://techdatapros.com/products.asp 13.15 TightWire Company Name: TightWire Company Web Site: http://www.tightwire.net Company Email: voip@tightwire.net Company Address: 212 Abilene, Vernon Hills, IL 60061 Company Phone Number: (847) 810-7600 Company Fax Number: (847) 574-0426 Type of Support: Per Hour and Contract consulting. Equipment sales, installation, and support for Asterisk@Home systems. Services provided onsite, by phone, or remote 13.16 Tinnio konsulting Company Name: Tinnio konsulting Company Web Site: www.tinnio.no In norwegian.

103

Company Email: tinnio.gmail.com Company Address: Solbergveien 11, 3057 Solbergelva, Norway Company SIP Number: 605878@fwd.pulver.com Company Phone Number: +47 94 32 34 63 Company Fax Number: Type of Support: Per hour support, turn key systems, VoIP consulting, small & medium scale Asterisk@Home deployment. 13.17 Centritech Solutions Company Name: Centritech Solutions, Inc. Company Web Site: http://www.centritechsolutions.com Company Email: sales@centritechsolutions.com Company Address: Pump Road, Richmond VA, USA Company Phone Number: (804) 360-9753 Type of Support: Per Hour and Contract Consulting. New Equipment Sales, Installation, and Support for Asterisk@Home systems. 13.18 Net Primates Ltd Company Name: Net Primates Ltd Company Web Site: http://netprimates.com Company Email: sales@netprimates.com Company Address: Southampton, UK Company Phone Number: 0870 9309181 Type of Support: Per Hour, Contract and Consulting. Sales, Project Design, Installation and Support of Asterisk & A@H. Full Cisco Phone implementation and Support.

13.19 ServicePointe Company Name: ServicePointe Company Web Site: http://servicepointe.net/ Company Email: sales@servicepointe.net Company Phone Number: (949) 579-2005 Company Fax Number: (949) 579-2006 Type of Support: Per Hour Support

13.20 SEAQ Company Name: SEAQ SERVICIOS CIA LTDA Company Web Site: http://www.seaq.com.co Company Email: serviciosit@seaq.com.co Company Address: Bogota, Colombia Company Phone Number: 571 655 98 00 Type of Support: Per Hour, Contract and Consulting. Sales, Project Design, Installation and Support of Asterisk & A@H. Full Cisco Phone implementation and Support. Integration of Asterisk IM, AsterFAX and VtigerCRM/SugarCRM Here are the asterisk consultants list that has been compiled in voip-info.org. However, it is not clear if they support A@H or not. Links to http://www.voip-info.org overview over Asterisk consultants.

Asterisk consultants: o Africa o Asia o Australia o Canada o Central and South America o Eastern Europe and Russia o Western Europe o USA

104