How to set up an IAX2 trunk in FreePBX

JaredBusch

If you have more than one Asterisk based PBX that you want to have talk to each other, the best solution is to use an IAX2 trunk.

IAX stands for Inter-Asterisk eXchange. The protocol was developed specifically for Asterisk and has a huge benefit over SIP in that it only needs a single port (UDP 4569). The Wikipedia article is pretty solid for IAX2.

The most common use for an IAX2 trunk is for interoffice calling, but it can most certainly be used for trunking in other contexts. VoIP.ms offers IAX2 as an option for their trunks as long as you setup a sub-account.

So what to do?

Mentally tag the TWO PBX systems as PBX1 and PBX2 and keep them straight. You have to put things from one side in the other side as you go.

Go to Connectivity -> Trunks

Click the Add Trunk drop down and select IAX2.

One the General tab of PBX1 name it something that makes sense like To_PBX2 or IAX2_To_PBX2. This name does not matter technically, but does have to be selected when you make your routes later, so it is better to use something that makes sense at a glance.

Leave the manipulation rules tab empty.

On the iax2 Settings tab you will need to populate the Trunk Name and Peer Details fields on the Outgoing tab. You will not put anything in the Incoming tab.

This is where you now have to make some decisions. If you trust your firewalls, you can simply create a trunk without username/passwords and move on. I do this all the time. If you do this, the Trunk Name can be anything, no spaces, and the Peer Details are simple.
On PBX1

type=friend
qualify=yes
host=pbx2.domain.com
context=from-internal
disallow=all
allow=ulaw

And the opposite on PBX2

type=friend
qualify=yes
host=pbx1.domain.com
context=from-internal
disallow=all
allow=ulaw

Note: The qualify=yes really only matters if one side is behind NAT. I put it in out of habit, and it does not usually hurt anything. Details here is you are curious.

You can use IP address instead of the FQDN for the host in the PEER Details

Now, for a more secure method, where you are worried about possible spoofing of IP addresses and such, you can add authentication to an IAX2 trunk. This is how the FreePBX Wiki tells you to set up an IAX2 trunk in the first place.

In this case, the Trunk Name is important and the Peer Details are more complex. You will use the Trunk Name from PBX1 as the username in the PEER Details of PBX2, so it can sometimes be confusing when looking at PBX1 and PBX2. I suggest making a scratchpad of the settings.

The secret must be the same on both PBX1 and PBX2.

On PBX1. As mentioned, notice that the Trunk Name looks backwards for PBX1 compared to the username.

host=pbx2.domain.com
username=pbx1_to_pbx2
secret=UseALongPasswordNumbersLike1234AreOk
forceencryption=yes
encryption=yes
auth=md5
type=friend
qualify=yes
context=from-internal
disallow=all
allow=ulaw

Reverse things on PBX2

host=pbx1.domain.com
username=pbx2_to_pbx1
secret=UseALongPasswordNumbersLike1234AreOk
forceencryption=yes
encryption=yes
auth=md5
type=friend
qualify=yes
context=from-internal
disallow=all
allow=ulaw

Now that the trunks are created, you need to create an outbound route on each system to route calls to the other system.

Assuming that you planned ahead and your extension range on each system does not overlap, you can add a simple outbound rule and everyone will just dial extensions.

As before, you have to do this on both PBX1 and PBX2.

Go to Connectivity -> Outbound Routes

Click Add Outbound Route

One the Route Settings tab, give it a descriptive name. Click the Intra-Company button, and then choose the appropriate trunk you previously created. Using the name from before, I would use To_PBX2 on PBX1 and To_PBX1 on PBX2.

On the Dial Patterns tab you will make a pattern that matches the extension range on the opposite PBX.
Assuming that PBX1 uses extensions 1000 through 1999 and that PBX2 uses extensions 2000 through 2999, this is what it would look like.

On PBX1

On PBX2

If you do not have the luxury of designing the extension ranges to not overlap, you can still use a trunk like this. You will simply need to add a prefix for interoffice calling.

Assuming that PBX1 uses extensions 1000 through 1999 and that PBX2 uses extensions 1000 through 1099 (not even the same full range is common), you would simply setup a prefix and match pattern like this.

On both PBX1 and PBX2

The 6 will get stripped and only the 4 digit extension will be passed over the IAX2 trunk.

JaredBusch

The FreePBX wiki article had a few optional settings that can be used with either version of the Trunk PEER Details I showed above.

qualifyfreqok=25000
transfer=no
trunk=yes

The default qualifyfreqok is 60000. This just makes it qualify more often. This is usually less important on a trunk than an endpoint that uses IAX2.
If you are setting up an IAX2 trunk, you already have tested your internet connection and know it is stable. If not, call me.. I'm more than happy to consult...

The transfer=no is the same as the SIP allow reinvite that hands off a SIP call letting the endpoints not pass the call through the PBX any longer. Not applicable to an interoffice trunk.

The trunk=yes will shave a few Kbps off of each call after the first going over the trunk as it reduces IP header information. You can read all the gory details here. Basically it is not enough to worry about.