Correct Settings For Hosted FreePBX 13
-
@bigbear said in Correct Settings For Hosted FreePBX 13:
I have configured everything as best as I can figure based on what I think the developers are intending to manipulate ipchains. My remote yealink thinks its registered, but it shows offline in reports - asterisk info - peers.
Start here
https://mangolassi.it/topic/12322/configure-the-freepbx-smart-firewallSince this is not a new install, goto this screen and click the button to rerun the wizard.
-
@aaronstuder I have been wondering that. Or least about a $5 or $10 vm, just scary given the current cost I am paying. $20 seems like such a deal.
Literally going to save thousands per month switching to Vultr from everything else we are doing.
-
@bigbear said in Correct Settings For Hosted FreePBX 13:
@scottalanmiller said in Correct Settings For Hosted FreePBX 13:
@bigbear said in Correct Settings For Hosted FreePBX 13:
@aaronstuder said in Correct Settings For Hosted FreePBX 13:
@bigbear said in Correct Settings For Hosted FreePBX 13:
Running a vultr $20 instance.
Why? o_0
Cause? What do you suggest?
How big is your deployment? That's huge.
Only about 50 phones on this one. Maybe time to destroy and start over. I just disabled the firewall again and still getting offline peers. I feel like something is blacklisted from the beginning when was incorrectly placing the password in the yealink feilds. Switching to another yealink phone now...
I have this location currently running off a cyberlynk freepbx 12 install with no problems. Its some newer Linksys with all the junk (like SIP ALG) disabled. All the other phones here are registered to the Cyberlynk and working no problem for about a year.
Its the same cheap router setup I have at several other customers, no issues connecting to hosted FreePBX 12 on cyberlynk.
You'll be okay with the $2.50 size as @aaronstuder said, but I'd splurge for the $5. Anything more than that is likely wasted. We've had bigger companies than you on 256MB for most of a decade without an issue.
-
@bigbear said in Correct Settings For Hosted FreePBX 13:
@scottalanmiller said in Correct Settings For Hosted FreePBX 13:
@bigbear said in Correct Settings For Hosted FreePBX 13:
@aaronstuder said in Correct Settings For Hosted FreePBX 13:
@bigbear said in Correct Settings For Hosted FreePBX 13:
Running a vultr $20 instance.
Why? o_0
Cause? What do you suggest?
How big is your deployment? That's huge.
Only about 50 phones on this one. Maybe time to destroy and start over. I just disabled the firewall again and still getting offline peers. I feel like something is blacklisted from the beginning when was incorrectly placing the password in the yealink feilds. Switching to another yealink phone now...
I have this location currently running off a cyberlynk freepbx 12 install with no problems. Its some newer Linksys with all the junk (like SIP ALG) disabled. All the other phones here are registered to the Cyberlynk and working no problem for about a year.
Its the same cheap router setup I have at several other customers, no issues connecting to hosted FreePBX 12 on cyberlynk.
How many concurrent calls are you going to average? Are you going to use any compression codecs?
Those are the reasons that could require more power. You can have 1000 extensions on a $2.50 install if the concurrent call count is low and you are using the default ulaw/alaw codecs.
-
@JaredBusch said in Correct Settings For Hosted FreePBX 13:
@bigbear said in Correct Settings For Hosted FreePBX 13:
I have configured everything as best as I can figure based on what I think the developers are intending to manipulate ipchains. My remote yealink thinks its registered, but it shows offline in reports - asterisk info - peers.
Start here
https://mangolassi.it/topic/12322/configure-the-freepbx-smart-firewallSince this is not a new install, goto this screen and click the button to rerun the wizard.
Actually this is a new install, but I will definitely re-run the wizard. Hooking up another phone now as I disabled the firewall and realized the phone still doesnt show up under peers, although it says its registered and my line buttons are green...
-
@bigbear said in Correct Settings For Hosted FreePBX 13:
@aaronstuder I have been wondering that. Or least about a $5 or $10 vm, just scary given the current cost I am paying. $20 seems like such a deal.
Sounds wasteful around here
-
@bigbear said in Correct Settings For Hosted FreePBX 13:
@JaredBusch said in Correct Settings For Hosted FreePBX 13:
@bigbear said in Correct Settings For Hosted FreePBX 13:
I have configured everything as best as I can figure based on what I think the developers are intending to manipulate ipchains. My remote yealink thinks its registered, but it shows offline in reports - asterisk info - peers.
Start here
https://mangolassi.it/topic/12322/configure-the-freepbx-smart-firewallSince this is not a new install, goto this screen and click the button to rerun the wizard.
Actually this is a new install, but I will definitely re-run the wizard. Hooking up another phone now as I disabled the firewall and realized the phone still doesnt show up under peers, although it says its registered and my line buttons are green...
$5 says your local DHCP server is sending TFTP info and you are registering to your current system.
-
@bigbear here is the index to my guide if that helps.
https://mangolassi.it/topic/11805/freepbx-13-setup-guide -
this is completely wrong. You never want anything trusted except maybe one IP for access. Putting something in trusted defeats the purpose of the firewall.
That second line, you trusted the entire /24 that your office is on (the 70.60.148.0/24)? That is crazy, do you own the entire /24?
Why would you put in the unroutable class subnets as trusted when this is a hosted solution and everything will be connecting over the WAN IP and showing their public IP?
Then you put in your entire IPv6 subnets?
-
@JaredBusch said in Correct Settings For Hosted FreePBX 13:
@bigbear here is the index to my guide if that helps.
https://mangolassi.it/topic/11805/freepbx-13-setup-guideIm gonna check DHCP but we dont use it typically. Will report back. However its fresh user accounts that arent duplicated from the old install.
-
@JaredBusch said in Correct Settings For Hosted FreePBX 13:
this is completely wrong. You never want anything trusted except maybe one IP for access. Putting something in trusted defeats the purpose of the firewall.
That second line, you trusted the entire /24 that your office is on (the 70.60.148.0/24)? That is crazy, do you own the entire /24?
Why would you put in the unroutable class subnets as trusted when this is a hosted solution and everything will be connecting over the WAN IP and showing their public IP?
Then you put in your entire IPv6 subnets?
LOL - I didnt enter any of those, but none of it looks right to me. I am just trying to do things the "freepbx responsive firewall way". However none of these would be blocking me so I thought I would circle back to it later.
-
extensions use PJSIP by default in FreePBX 13
so in the asterisk command line (
asterisk -rvvvvvv
)use
pjsip show endpoints
core show help pjsip
will list all the commands. -
@JaredBusch said in Correct Settings For Hosted FreePBX 13:
@bigbear said in Correct Settings For Hosted FreePBX 13:
@JaredBusch said in Correct Settings For Hosted FreePBX 13:
@bigbear said in Correct Settings For Hosted FreePBX 13:
I have configured everything as best as I can figure based on what I think the developers are intending to manipulate ipchains. My remote yealink thinks its registered, but it shows offline in reports - asterisk info - peers.
Start here
https://mangolassi.it/topic/12322/configure-the-freepbx-smart-firewallSince this is not a new install, goto this screen and click the button to rerun the wizard.
Actually this is a new install, but I will definitely re-run the wizard. Hooking up another phone now as I disabled the firewall and realized the phone still doesnt show up under peers, although it says its registered and my line buttons are green...
$5 says your local DHCP server is sending TFTP info and you are registering to your current system.
No special DHCP options or TFTP boot servers, actually the Linksys router is serving up DHCP now. A change someone else here must have made.
The yealink thinks its registered to the freepbx install I just spun up. Also why cant I login to admin GUI from anywhere but my office? I think I see why, but the freepbx instructions say "surely you want to trust the responsive firewall" and not to touch those options.
-
@bigbear said in Correct Settings For Hosted FreePBX 13:
@JaredBusch said in Correct Settings For Hosted FreePBX 13:
@bigbear said in Correct Settings For Hosted FreePBX 13:
@JaredBusch said in Correct Settings For Hosted FreePBX 13:
@bigbear said in Correct Settings For Hosted FreePBX 13:
I have configured everything as best as I can figure based on what I think the developers are intending to manipulate ipchains. My remote yealink thinks its registered, but it shows offline in reports - asterisk info - peers.
Start here
https://mangolassi.it/topic/12322/configure-the-freepbx-smart-firewallSince this is not a new install, goto this screen and click the button to rerun the wizard.
Actually this is a new install, but I will definitely re-run the wizard. Hooking up another phone now as I disabled the firewall and realized the phone still doesnt show up under peers, although it says its registered and my line buttons are green...
$5 says your local DHCP server is sending TFTP info and you are registering to your current system.
No special DHCP options or TFTP boot servers, actually the Linksys router is serving up DHCP now. A change someone else here must have made.
The yealink thinks its registered to the freepbx install I just spun up. Also why cant I login to admin GUI from anywhere but my office? I think I see why, but the freepbx instructions say "surely you want to trust the responsive firewall" and not to touch those options.
You can log in from anywhere if you setup the firewall to allow it. By default it does not over HTTP.
Use HTTPS and it should work from anywhere.
-
@JaredBusch said in Correct Settings For Hosted FreePBX 13:
extensions use PJSIP by default in FreePBX 13
so in the asterisk command line (
asterisk -rvvvvvv
)use
pjsip show endpoints
core show help pjsip
will list all the commands.I am using freepbx 12 chan_sip for 30+ phones here on freepbx 12 hosted by cyberlynk.
My test freepbx 13 I am registering with pjsip.
BUT, both installs are using port 5060 (12 for chan_sip, 13 for pjsip).
Not sure how NAT coning works on the linksys, maybe an issue?
-
These are not default settings.. just blow it up and follow my guide.
-
@bigbear said in Correct Settings For Hosted FreePBX 13:
@JaredBusch said in Correct Settings For Hosted FreePBX 13:
extensions use PJSIP by default in FreePBX 13
so in the asterisk command line (
asterisk -rvvvvvv
)use
pjsip show endpoints
core show help pjsip
will list all the commands.I am using freepbx 12 chan_sip for 30+ phones here on freepbx 12 hosted by cyberlynk.
My test freepbx 13 I am registering with pjsip.
BUT, both installs are using port 5060 (12 for chan_sip, 13 for pjsip).
Not sure how NAT coning works on the linksys, maybe an issue?
Okay and actually now I hooked up another Yealink and it registered up just fine.
On the first extension I had started as chan_sip and moved to pjsip -- maybe that was the whole issue.
Re-enabling firewall. Will see how it works. Hope you add a firewall guide to your guide...
-
@bigbear said in Correct Settings For Hosted FreePBX 13:
Not sure how NAT coning works on the linksys, maybe an issue?
Poorly. Is your current system in house or external also?
-
@bigbear said in Correct Settings For Hosted FreePBX 13:
@bigbear said in Correct Settings For Hosted FreePBX 13:
@JaredBusch said in Correct Settings For Hosted FreePBX 13:
extensions use PJSIP by default in FreePBX 13
so in the asterisk command line (
asterisk -rvvvvvv
)use
pjsip show endpoints
core show help pjsip
will list all the commands.I am using freepbx 12 chan_sip for 30+ phones here on freepbx 12 hosted by cyberlynk.
My test freepbx 13 I am registering with pjsip.
BUT, both installs are using port 5060 (12 for chan_sip, 13 for pjsip).
Not sure how NAT coning works on the linksys, maybe an issue?
Okay and actually now I hooked up another Yealink and it registered up just fine.
On the first extension I had started as chan_sip and moved to pjsip -- maybe that was the whole issue.
Re-enabling firewall. Will see how it works. Hope you add a firewall guide to your guide...
I linked to the firewall page already. You need more details?
-
@JaredBusch said in Correct Settings For Hosted FreePBX 13:
@bigbear said in Correct Settings For Hosted FreePBX 13:
@bigbear said in Correct Settings For Hosted FreePBX 13:
@JaredBusch said in Correct Settings For Hosted FreePBX 13:
extensions use PJSIP by default in FreePBX 13
so in the asterisk command line (
asterisk -rvvvvvv
)use
pjsip show endpoints
core show help pjsip
will list all the commands.I am using freepbx 12 chan_sip for 30+ phones here on freepbx 12 hosted by cyberlynk.
My test freepbx 13 I am registering with pjsip.
BUT, both installs are using port 5060 (12 for chan_sip, 13 for pjsip).
Not sure how NAT coning works on the linksys, maybe an issue?
Okay and actually now I hooked up another Yealink and it registered up just fine.
On the first extension I had started as chan_sip and moved to pjsip -- maybe that was the whole issue.
Re-enabling firewall. Will see how it works. Hope you add a firewall guide to your guide...
I linked to the firewall page already. You need more details?
That was the guide I followed while doing this. I will just start over though. I am a hardcore pfsense guy so using this auto-firewall business goes against everything in me!
We use the crappy linksys here because many of our customers have the crappy linksys setup. We are a wireless ISP and transitioning to do more voice. Kind of a long story.
Anyway I have a smart ass developer two doors down who has been giving me crap for two days about not being able to get this up, and who wants to continue with our freeswitch setup we've developed in house. I think its turned into bloatware and I am planning to exit all our customers from that to freepbx hosted, possibly now on vultr.
Ive never been a freepbx person until it was mentioned to me a year ago or so by Scott on SW. And just in the last month I decided I need to learn it inside and out so I can make the transition.
Really appreciate your help. Will let you know the net of following the firewall wizard. I am guess switching from chan_sip to pjsip using the GUI for my first test extension needed some addition changes.