From NBSWiki

Contents 1 Packages 1.1 Manually installing packages 2 Some quirks 2.1 Choppy Music On Hold (MOH) 2.2 Voice Prompts 2.3 Enabling Intercom 3 Polycom Specifics 3.1 Remote Rebooting 4 G729 4.1 Installing the codec 4.2 Enabling it globally as the preferred codec 5 DynDNS 6 Static Routes 7 Firewall 7.1 Routing 7.2 Rules Script 8 OpenVPN 8.1 Installing 8.2 Configuring 9 MOH too loud 10 Conference accessible from IVR 11 Some missing voice prompts/recordings 12 Multi-site notes

Packages

Manually installing packages

From The trixbox forum:

To see which packages are available for update: yum -v check-update | more

To see which packages are currently installed: yum -v list | more

To install all available updates (Not Recommneded IMHO): yum -v update

To install one Package: yum -v install (Package Name)

To update one Package: yum -v update (Package Name)

To remove a Package: yum -v erase (Package Name)

Some quirks

Choppy Music On Hold (MOH)

Most likely a missing timing source, edit /etc/asterisk/asterisk.conf:

[options]
 internal_timing = yes

Voice Prompts

I found it quite annoying to hunt down the following links and Trixbox/FreePBx doesn't make the installation any easier. The prompts can be downloaded here and should be installed in:

/var/lib/asterisk/sounds

with the proper ISO language prefix (fe for french and all...)

Enabling Intercom

More specifically, with Polycom phones, from the FreePBx web site:

Polycom 301, 501?, 601

You MUST provision the phone from a FTP server to
load the Polycom config files, then edit sip.cfg, search for
"alertInfo" and set "voIpProt.SIP.alertInfo.1.value" to equal "Ring
Answer". Now reboot your phone to load the new config option.

for example:

<alertInfo voIpProt.SIP.alertInfo.1.value="Ring Answer" voIpProt.SIP.alertInfo.1.class="4"/>

So...add/modify:

<alertInfo voIpProt.SIP.alertInfo.1.value="Ring Answer" voIpProt.SIP.alertInfo.1.class="4"/>

in /tftproot/sip.cfg

Polycom Specifics

Remote Rebooting

Add the following to sip_notify.conf

[polycom-reboot]
Event=>check-sync
Content-Length=>0

You can the reboot from the asterisk CLI with:

sip notify polycom-reboot 255 

where 255 is the name/username (from [1]) And, from [2],

Note, though, that there's a setting in sip.cfg where you can have it only reboot on a notify if the config files have changed (this is the default setting). If you prefer to always have the phone reboot when you issue a sip notify, you can change the following line:

<specialEvent ... voIpProt.SIP.specialEvent.checkSync.alwaysReboot="1">

G729

Installing the codec

Telegraphic setup for P3 system THIS MAY NOT BE LEGAL FOR YOUR COMMERCIAL USE!, check this site for the actual instructions and lisencing considerations:

cd /usr/lib/asterisk/modules
wget http://asterisk.hosting.lv/bin/codec_g729-ast14-gcc4-glibc-pentium3.so
mv codec_g729-ast14-gcc4-glibc-pentium3.so codec_g729.so

And restart asterisk for changes to take effect and make sure it now shows up the codec translation table:

voip*CLI> core show translation
         Translation times between formats (in milliseconds) for one second of data
          Source Format (Rows) Destination Format (Columns)

          g723 gsm ulaw alaw g726aal2 adpcm slin lpc10 g729 speex ilbc g726 g722
     g723    -   -    -    -        -     -    -     -    -     -    -    -    -
      gsm    -   -    5    5        7     5    4    10   22    39   39    7    -
     ulaw    -   7    -    1        4     2    1     7   19    36   36    4    -
     alaw    -   7    1    -        4     2    1     7   19    36   36    4    -
 g726aal2    -   9    4    4        -     4    3     9   21    38   38    1    -
    adpcm    -   7    2    2        4     -    1     7   19    36   36    4    -
     slin    -   6    1    1        3     1    -     6   18    35   35    3    -
    lpc10    -  11    6    6        8     6    5     -   23    40   40    8    -
     g729    -  12    7    7        9     7    6    12    -    41   41    9    -
    speex    -  12    7    7        9     7    6    12   24     -   41    9    -
     ilbc    -  12    7    7        9     7    6    12   24    41    -    9    -
     g726    -   9    4    4        1     4    3     9   21    38   38    -    -
     g722    -   -    -    -        -     -    -     -    -     -    -    -    -

Enabling it globally as the preferred codec

Using the Trixbox configuration file editor, change the sip_general_additional.conf AND/OR iax_general_additional.conf to have the following two lines (replacing all other similar, NOTE that I keep ulaw as a backup codec):

...
disallow=all 
allow=g729
allow=ulaw
...

DynDNS

Short version of the instructions given here

yum install -y unzip
cd /tmp
wget http://mi-telecom.org/inadyn.v1.96.2.zip
unzip inadyn.v1.96.2.zip
cd inadyn
cp bin/linux/inadyn /usr/bin/
cp man/inadyn.8 /usr/share/man/man8
cp man/inadyn.conf.5 /usr/share/man/man5
vi /etc/inadyn.conf

Add the following to /etc/inadyn.conf:

username username
password password
alias yourdomain.dyndns.org
update_period_sec 300
forced_update_period 2419200
verbose 2
#syslog
log_file /var/log/inadyn.log
background

Some security and corrections:

chmod 600 /etc/inadyn.conf
chmod ug+x /usr/bin/inadyn
echo "/usr/bin/inadyn" >> /etc/rc.local

Static Routes

Firewall

Routing

Setting up firewall rules might imply you have 2NICs on your box, this migh also imply setting up static routes for the internal NIC. Here we assume eth0 as internal NIC and 2 local nets to reach via the internal router at 192.168.2.1. Add the following to /etc/sysconfig/network-scripts/route-eth0 :

192.168.0.0/24 via 192.168.2.1
192.168.3.0/24 via 192.168.2.1

Rules Script

Indicative notes only (inspired by Asterisk firewall rules):

#!/bin/bash
LO_IFACE="lo"
LO_IFACE1="eth0"
INET_IFACE="eth1"

SSH=1234
SSL_WEB=443
IAX2=4569
SIP=5060

IPT="/sbin/iptables"

$IPT -F

# Allow all on localhost interface
$IPT -A INPUT -p ALL -i $LO_IFACE  -j ACCEPT
$IPT -A INPUT -p ALL -i $LO_IFACE1 -j ACCEPT

for port in $SSL_WEB $SSH $IAX2
do
    $IPT -A INPUT -p TCP -i $INET_IFACE --destination-port $port -j ACCEPT
done

# SIP on UDP port 5060. Other SIP servers may need TCP port 5060 as well
#$IPT -A -p udp -m udp --dport $SIP -j ACCEPT

# IAX2- the IAX protocol
$IPT -A INPUT -p udp -m udp --dport $IAX2 -j ACCEPT
#$IPT -A INPUT -p udp --dport 4569 -j ACCEPT

# IAX - most have switched to IAX v2, or ought to
#$IPT -A tcp_inbound -p udp -m udp --dport 5036 -j ACCEPT

# RTP - the media stream (for SIP)
#$IPT -A tcp_inbound -p udp -m udp --dport 10000:20000 -j ACCEPT

# MGCP - if you use media gateway control protocol in your configuration
#$IPT -A tcp_inbound -p udp -m udp --dport 2727 -j ACCEPT

# DNS queries:
iptables -A OUTPUT -o $INET_IFACE -p udp --sport 53 -j ACCEPT
iptables -A INPUT -i $INET_IFACE -p udp --dport 53 -j ACCEPT

# DENY incoming internet access otherwise
$IPT -A INPUT -i $INET_IFACE -j DROP

And CHECK THE RULES with:

iptables -L -v -n

And save:

/etc/init.d/iptables save

OpenVPN

Well...if you're going to use your VoIP server as router, might as well make it more intelligent.

Installing

wget ftp://ftp.pbone.net/mirror/centos.karan.org/el5/extras/testing/i386/RPMS/openvpn-2.1-0.20.rc4.el5.kb.i386.rpm \
wget ftp://ftp.pbone.net/mirror/centos.karan.org/el5/extras/testing/i386/RPMS/openvpn-2.1-0.20.rc4.el5.kb.i386.rpm
yum localinstall lzo-2.02-3.el5.kb.i386.rpm openvpn-2.1-0.20.rc4.el5.kb.i386.rpm --nogpgcheck
 

Configuring

Now...that's up to you ;) Config files for each connection go into /etc/openvpn and have to be named [something].conf

MOH too loud

...you'll have to resample it...

Conference accessible from IVR

Not enabled by design, one has to include the conference's extension in extensions_custom.conf. Copied over from the forum thread Cannot enter conference from IVR :

FIRST, open your extension_additional.conf file locate in that file the IVR script that reflects your IVR that you've configured in FreePBX GUI. The 'heading' will be [IVR-2] , [IVR-3], etc etc depending on how many IVR's you have.

...There is a easy fix for those that do not care about having security like I stated above.

create and/or edit extensions_custom.conf and add the following:

[ivr-2-custom] ;change number to match the IVR you want it included in
include =>ext-meetme

Some missing voice prompts/recordings

cd /var/lib/asterisk/sounds
 wget http://downloads.asterisk.org/pub/telephony/sounds/asterisk-core-sounds-en-ulaw-current.tar.gz \
http://downloads.asterisk.org/pub/telephony/sounds/asterisk-core-sounds-fr-ulaw-current.tar.gz \
http://downloads.asterisk.org/pub/telephony/sounds/asterisk-extra-sounds-en-ulaw-current.tar.gz \
http://downloads.asterisk.org/pub/telephony/sounds/asterisk-extra-sounds-fr-ulaw-current.tar.gz \
http://downloads.asterisk.org/pub/telephony/sounds/asterisk-core-sounds-en-wav-current.tar.gz \
http://downloads.asterisk.org/pub/telephony/sounds/asterisk-core-sounds-fr-wav-current.tar.gz \
http://downloads.asterisk.org/pub/telephony/sounds/asterisk-extra-sounds-en-wav-current.tar.gz \
http://downloads.asterisk.org/pub/telephony/sounds/asterisk-extra-sounds-fr-wav-current.tar.gz
mkdir fr
mv -f *fr*tar.gz fr/
tar -xf asterisk-core-sounds-en-ulaw-current.tar.gz
tar -xf asterisk-extra-sounds-en-ulaw-current.tar.gz
tar -xf asterisk-core-sounds-en-wav-current.tar.gz
tar -xf asterisk-extra-sounds-en-wav-current.tar.gz
cd fr
tar -xf asterisk-core-sounds-fr-ulaw-current.tar.gz 
tar -xf asterisk-extra-sounds-fr-ulaw-current.tar.gz
tar -xf asterisk-core-sounds-fr-wav-current.tar.gz 
tar -xf asterisk-extra-sounds-fr-wav-current.tar.gz

Multi-site notes

Gotta read and implement this