Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    FreeSWITCH package for pfSense 1.2.1 and 2.0 released. PBX or Proxy

    Scheduled Pinned Locked Moved pfSense Packages
    314 Posts 39 Posters 315.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C Offline
      cybrsrfr
      last edited by

      @Aderium:

      Does anybody have a pointer ?
      We already are running a PFSense Box as the main Firewall in our test environment. We now what to add a separate PFSense box with the Freeswitch package, and running just for that purpose.

      Sounds good.

      @Aderium:

      a "Transparent Firewall"
      b "Bridge w/th Outbound NAT'
      c "Router [Disable Firewall] + Bridge]" ?

      What you do for choice a, b, or c is dependent on you are trying to accomplish. For example if your phones are always going to be in the same network, and or you are using a point to point vpn between locations then setting the FreeSWITCH machine inside NAT should work fine.

      However if you want to have FreeSWITCH work inside your office and phones work outside the office without a VPN then the easiest way would be to give the FreeSWITCH machine a real world IP on the WAN. If it is static you can use the IP address or a domain. If the IP is dynamic then use a dynamic dns provider to provide a domain name. If you choose to use a domain name then you will need to set the domain= from the 'var' tab to the domain you are wanting to use.

      You can disable the firewall if you have a firewall in front of the FreeSWITCH machine. However my preference still leans toward a higher level of security by leaving the firewall on so that it firewalls itself. Really this depends on if its has a public IP then yes I would leave the firewall in tact. If FreeSWITCH machine is on the LAN IP and there are only a few people connected to the LAN then you might be okay with the firewall disabled.

      @Aderium:

      Sorry if these options don't make sense, but hopelly they will make you smile :). Point being is that I should be able to work all on the WAN as a single network device and not need all the extra NATing,

      At this moment you still need the LAN port. I have PHP communicating with the FreeSWITCH package over the LAN interface. However I be changing this soon so that it will work with one or more interfaces.

      @Aderium:

      Unfortunately my alternative if I cant get moving forward is to use askozia. I only have 5 days applied to this test. 3 to go.

      I will attempt to help you get this working before your deadline.

      1 Reply Last reply Reply Quote 0
      • C Offline
        cybrsrfr
        last edited by

        Announcing a few more features that I stayed up all night to add.

        1. Auto Attendant timeout. The recording plays one time and then the timeout is used to allow more time for dtmf to be detected. If no dtmf is detected during that time the system will direct the call to the timeout out option 't'.

        2. Backup and Restore feature I felt was an important feature.
        I have added a backup and restore buttons to the 'Status' tab. When you click on the backup button a /usr/local/freeswitch directory is tar gzipped and saved into /tmp/ directory as freeswitch.bak.tgz. When the file exists then the 'restore' button will be visible.

        The restore currently leaves the config directory alone allowing pfSense configuration to store all the configuration.
        However the restore does extract the backup files to the following folders.

        Internal Database files keep track of registrations, voicemail details, and more.
        /usr/local/freeswitch/db/

        Logs
        /usr/local/freeswitch/log/

        Recordings from the 'Rec' tab are saved here.
        /usr/local/freeswitch/recordings/

        Saves the javascript files most usefull if you have any custom scripts in this directory.
        /usr/local/freeswitch/scripts/

        Voicemail audio files are stored in this location
        /usr/local/freeswitch/storage/

        –-----------------------------------------------------
        If you are using a version less than 0.4.1 then you should
        manually create the backup before upgrading using the
        following command.

        Diagnostics->Command->PHP Execute->Command
        system('cd /usr/local/;tar cvzf /tmp/freeswitch.bak.tgz freeswitch');

        After you have upgraded to 0.4.1 or higher then you will have the
        backup button that you can use at any time.

        If /tmp/freeswitch.bak.tgz file exists during the install then the
        restore will automatically run directory content to /usr/local/freeswitch.


        Upgrading the FreeSWITCH pfSense package:

        System-> Package Manager-> Installed Packages
        Update at this time the any of the 'Reinstall' buttons will not likely work. Its working now

        At this time the upgrade procedure is to make the backup and then remove the FreeSWITCH package.
        Then install the package again. During the installation it will detect the backup and restore the additional directories.

        1 Reply Last reply Reply Quote 0
        • A Offline
          Aderium
          last edited by

          Thanks for the advise, so let me understand

          For now I will setup the FreeSwitch box behind the NAT [ Other pfsense box ] inside the LAN network.

          1. I can have Firewall on … got that ...
          2. I can connect just the LAN of FreeSwitch Box and give it a static private IP part of our existing network and move on, no need for bridging or anything else
          3. I suppose when you update the package we can choose which network port to use. In either case with just the LAN network port and an ethernet cable I should be fine, ... but what about NATing on that box ? will that interfere ?

          Thanks in advance

          Anthony Palermo

          1 Reply Last reply Reply Quote 0
          • C Offline
            cybrsrfr
            last edited by

            @Aderium:

            To clarify the previous message about NAT it is possible to setup FreeSwitch behind NAT as well have phones on the inside and the outside of the network. However there is more of a learning curve for to do it for starters you would want to configure NAT to direct the traffic to the FreeSwitch Server, configure Rules to allow the traffic, and then finally there are additional changes required to make FreeSWITCH work. See wiki.freeswitch.org for additional NAT details.

            1. I can connect just the LAN of FreeSwitch Box and give it a static private IP part of our existing network and move on, no need for bridging or anything else

            Honestly I have not tried it from the LAN. When I have run it as a dedicated device I ran it on the WAN with the IP on the WAN using a local network IP. Then on the LAN I left that interface unplugged.

            If you use the static IP on the LAN make sure to go to the 'var' tab as previously described and set the domain = to the lan ip.
            Then restart the FreeSWITCH service.

            @Aderium:

            1. I suppose when you update the package we can choose which network port to use. In either case with just the LAN network port and an ethernet cable I should be fine, … but what about NATing on that box ? will that interfere ?

            If you use the WAN interface only then no traffic travels from the WAN to the LAN and so there is no NAT involved. This may be the case with the using only the LAN interface I haven't tried it. I think you might run into a problem on the LAN side with the LAN trying to find the Gateway to the internet that is defined on the WAN in pfSense 1.2.1.

            1 Reply Last reply Reply Quote 0
            • T Offline
              thekod
              last edited by

              I'm pretty sure the sip useragent binds to all interfaces, so it won't matter what interface you have plugged in…

              1 Reply Last reply Reply Quote 0
              • A Offline
                Aderium
                last edited by

                First off thank you for all the help. I think that once this is all setup and tested it may make sense to provide you documentation of how we have set it up and add your settings to it and present it as a tutorial to share to others for configuring Freeswitch with this case scenario.

                So after reading your response I will follow your direction and plug the Ethernet into the WAN network interface, as you explained that it will eliminate that whole NAT stuff.

                So…
                We have a PFSENSE firewall and then in the network we have a PFSENSE / Freeswitch device with 2 Network interfaces but we use just the WAN set with DHCP [ the address is static given from the DHCP Server ]

                Now I suppose that we still need to open ports and add port forwarders to direct traffic to the FREESwitch box…
                Where can I find all that Jazz ? and do I need to follow the steps of implementing the sipproxy package on either the PFSENSE box or the Freeswitch box ?

                Regards,

                Anthony Palermo

                1 Reply Last reply Reply Quote 0
                • C Offline
                  cybrsrfr
                  last edited by

                  @Aderium:

                  First off thank you for all the help. I think that once this is all setup and tested it may make sense to provide you documentation of how we have set it up and add your settings to it and present it as a tutorial to share to others for configuring Freeswitch with this case scenario.

                  A variety of tutorials is a good thing. No one is likely to complain about too much documentation. Keep in mind much of the information at wiki.freeswitch.org still applies to this package.

                  @Aderium:

                  So after reading your response I will follow your direction and plug the Ethernet into the WAN network interface, as you explained that it will eliminate that whole NAT stuff.

                  Ok.

                  @Aderium:

                  So…
                  We have a PFSENSE firewall and then in the network we have a PFSENSE / Freeswitch device with 2 Network interfaces but we use just the WAN set with DHCP [ the address is static given from the DHCP Server ]

                  DHCP is fine as long as its is reserved static IP.

                  @Aderium:

                  Now I suppose that we still need to open ports and add port forwarders to direct traffic to the FREESwitch box…
                  Where can I find all that Jazz ? and do I need to follow the steps of implementing the sipproxy package on either the PFSENSE box or the Freeswitch box ?

                  You don't need to over complicate things add more complexity if you need it. So for example siproxd may not be needed. I would only through it in the mix if I needed it. Your phones will all be talking to the phone system as in the pfSense FreeSWITCH box. It is the only thing that will talk outside of the network to a VoIP provider (ITSP). If there is someone that knows Siproxd better than me feel free to share your knowledge but as far as I'm aware siproxd is most useful for situations where you have multiple devices in one network going out to an offsite PBX or VoIP provider.

                  On the machine that is the dedicated pfSense FreeSWITCH box set some 'Rules' on it to allow the VoIP traffic to the WAN interface.  SIP protocol on FreeSWITCH uses 5060 - 5090 and can communicate over TCP or UDP. RTP (Real time protocol) uses ports 16384 - 32768 UDP. You do not need to configure NAT. It is not necessary to configure because FreeSWITCH will bind to the WAN a translation of the WAN address to LAN is not needed in this case unless you make FreeSWITCH bind to the LAN.

                  1 Reply Last reply Reply Quote 0
                  • C Offline
                    cybrsrfr
                    last edited by

                    tusc notified me of some bugs he had found today. An issue where in some cases you would see an error on the 'Rec' tab. And there was a problem on the 'Dialplan' tab if you edited and then saved the dialplan the dialplan information was being saved to the wrong position xml path in pfSense. These bugs have been fixed. It is highly recommended you upgrade your install.

                    Make sure you are using version 0.4.2 or higher. To do this use the backup button on the status tab then remove the package and install it again.

                    Please feel free to post suggestions, encouragement, or bugs so they can be fixed immediately.

                    Best Regards,

                    Mark

                    1 Reply Last reply Reply Quote 0
                    • C Offline
                      cybrsrfr
                      last edited by

                      Another improvement to note the FreeSWITCH package no longer requires the LAN interface to drive the 'Status' page and some of the other socket communication. This clears the way for appliance support.

                      Conference:
                      Default config has three sets of conference lines one for 8khz, 16khz and 32khz audio.

                      8khz extension 3001-3099
                      16khz extensions 3101-3199
                      32khz extensions 3201-3299

                      IVR example:
                      5000

                      Call Park:
                      park 5900
                      unpark 5901

                      Echo Test:
                      9996

                      Hold Music:
                      9999

                      Call Groups
                      Ring several phones at once. Ring all phone extensions in a group all at once or in order. Any two digit group number may be used. The following example will use group number 01.

                      Add to Group
                      81[2 digit group number]
                      Calling Extension 8101 will add the current phone to group 01.

                      Delete from Group
                      80[2 digit group number]

                      Calling Extension 8001 will remove the current phone extension from group 01.

                      Ring Group Simultaneous
                      82[2 digit group number]

                      Calling Extension 8201 will ring all phone extensions in group 01.

                      Ring Group Order
                      83[2 digit group number]

                      Calling Extension 8201 will ring the first phone extensions in group 01 followed by the next phone in the group and then ring the next phone extension in the group until the call is answered.

                      More options available they are defined under the 'Dialplan' 'default.xml' button.

                      1 Reply Last reply Reply Quote 0
                      • C Offline
                        cybrsrfr
                        last edited by

                        pfSense user: tusc has found a bug that is now fixed in the latest version 0.4.5. It has to do with using multiple conditions when working with the 'Public' tab. This issue also affected and has been fixed for the 'Dialplan'. Thanks tusc for finding and notifying me so that this could be improved.

                        1 Reply Last reply Reply Quote 0
                        • C Offline
                          cybrsrfr
                          last edited by

                          FreeSWITCH package is now working on pfSense 2.0 even when run with only 1 interface (appliance mode).

                          1 Reply Last reply Reply Quote 0
                          • T Offline
                            tester_02
                            last edited by

                            I just want to say that having this package is awesome.
                            I've always been intimidated by SIP, except to get a PAP2 running at home.
                            I know a lot of us newbs looking at this are still overwhelmed, but I know after some more reading I will try it out.  For a newb to sip, there are so many options that I don't exactly know where to start.  Ok, ok, I do know, more reading :)

                            I will say that making this available here is extremely encouraging.  I am finally starting to see the light at then end of the tunnel.

                            Thank you for all your hard work  "mcrane"

                            1 Reply Last reply Reply Quote 0
                            • S Offline
                              scottnguyen
                              last edited by

                              Sorry if this is a bit off topic…but is there a reason you (MCCRANE) chose FreeSWITCH vs something like sipXecs as a package?

                              1 Reply Last reply Reply Quote 0
                              • C Offline
                                cybrsrfr
                                last edited by

                                scottnguyen:

                                sipXecs looked pretty good here is my reasons for not going with it.
                                1. sipXecs already has a GUI and a company backing it. I'm not sure what language the GUI was in by I wanted one in PHP.
                                2. I'm not an expert on sipXecs but my impression is its limited to SIP only.
                                3. sipXecs is LGPL which I like better than the GPL however I like the MPL even better than the LGPL.

                                Spend some time to learn more about FreeSWITCH it will be worth your time.

                                FreeSWITCH configuration by default is XML. pfSense's config is stored in XML. So it seemed a good fit.

                                FreeSWITCH is also modular, extensible, scalable, multi-platform, can interface with multiple languages, remote access is possible over xml rpc, over a network socket, can be a VoIP SWITCH, Proxy, soft phone, and/or PBX.

                                1 Reply Last reply Reply Quote 0
                                • C Offline
                                  cybrsrfr
                                  last edited by

                                  tester_02: Configuring the linksys pap2t is a good start. Reading about FreeSWITCH here on the forum should help. In addition to that take a look at http://wiki.freeswitch.org. Do your best to read through the information then feel free to ask questions. Good Luck!

                                  I mentioned this in a comment on the blog but want to make sure it gets noticed.

                                  Voicemail.

                                  To access your voicemail you can dial extension 4000 then your id (extension number) then the voicemail password. This can be accessed from any extension on the system or from any phone through the IVR (auto attendant).

                                  In addition to that if your extension is 1001 and you were currently on that extension you simply call extension 1001 and it will go to your voicemail.

                                  1 Reply Last reply Reply Quote 0
                                  • A Offline
                                    adrianhensler
                                    last edited by

                                    I'm pretty interested in this package.  I've had an asterisk server running for … years? behind a pfsense box; it works great.

                                    I'm a little leary of having to learn freeSwitch; I've got all my steps and knowledge down for installing ubuntu server and then asterisk / FreePBX on top of it.

                                    But reducing the number of manchines running in my house by one is very appealing.  My config is pretty simlpe too; so I don't forsee any problems migrating.  I do have a couple 'if this line rings; call my cell / voip phone / house phone until one of them picks up' - I'd hate to lose that sort of functionality.

                                    And with FreePBX just putting freeSwitch on their coming soon page; this could all get very interesting fast.

                                    Just wanted to state my interest as well; I look forward to trying this out soon.

                                    1 Reply Last reply Reply Quote 0
                                    • A Offline
                                      adrianhensler
                                      last edited by

                                      Installed the freeswitch package, upgraded to Rc3, saw these errors at the bottom of the page during the reinstall after upgrade:

                                      Warning: fsockopen(): unable to connect to 76.11.76.41:8021 in /usr/local/pkg/freeswitch.inc on line 92 Warning: socket_set_blocking(): supplied argument is not a valid stream resource in /usr/local/pkg/freeswitch.inc on line 93 Warning: fsockopen(): unable to connect to 192.168.1.1:8021 in /usr/local/pkg/freeswitch.inc on line 92 Warning: socket_set_blocking(): supplied argument is not a valid stream resource in /usr/local/pkg/freeswitch.inc on line 93 no handle 
                                      

                                      I'm guessing this is just because there is no rule for the event socket.  Solution is to surpress these warnings?  Or warn that ports should be opened?  Or option 3, I missed the mark completely.

                                      1 Reply Last reply Reply Quote 0
                                      • C Offline
                                        cybrsrfr
                                        last edited by

                                        @adrianhensler:

                                        Installed the freeswitch package, upgraded to Rc3, saw these errors at the bottom of the page during the reinstall after upgrade:

                                        I'm guessing this is just because there is no rule for the event socket.  Solution is to surpress these warnings?  Or warn that ports should be opened?  Or option 3, I missed the mark completely.

                                        A rule is not necessary for the even socket unless there are strict rules for outbound access. Supressing the warning would hide the problem but not fix it.

                                        The problem is that it tries to connect to the socket for only 1 second before giving up. In some cases 1 second isn't long enough. FreeSWITCH package 0.4.7 will now try for 3 seconds hopefully this will be sufficient. Also removed some necessary files from the default config.

                                        1 Reply Last reply Reply Quote 0
                                        • T Offline
                                          thekod
                                          last edited by

                                          adrianhensler, Freeswitch can do everything you're talking about with the bridge application in the dialplan…check it out!  :)
                                          http://wiki.freeswitch.org/wiki/Misc._Dialplan_Tools_bridgecall

                                          1 Reply Last reply Reply Quote 0
                                          • A Offline
                                            adrianhensler
                                            last edited by

                                            Okay, in for a penny in for a pound.  I just disabled the asterisk and figured I'd go nuts.

                                            The package works great and I got it set up and calling working between two phones (a local grandstream 2020 and a remote linksys voip router; also a remote pap2)

                                            Having some issues that I'm sure someone can assist with - I've been dealing with voip for a long time but not ever with freeswitch.

                                            1.  Outgoing calling to a pots (cell phone in this case) results in crazy static as soon as the cell starts ringing - the phone line is all static; I don't hear a ring just noise.  It continues after I answer the cell phone.  I'm thinking codec mismatch but it's confusing to me - I thought the call would just fail in that case?

                                            2. Trickier problem due to me not understanding where to fix this in freeswitch.  I don't have a proper static IP.  It's pretty close to static - but it's not static.  I had a workaround in asterisk that seemed to work pretty well - a SynDNS dns name and the externip / externhost commands.

                                            In freeswitch, how do I make this work correctly: if I edit the vars to force my domain to be a name; ie myDynDNSname.org instead of the default $${local_ip_v4} this happens (as seen in the logs):

                                            I call in, I hear "goodbye" and my transfer to phone doesn't work because it is looking for 2000@123.123.123.123 which doesn't exist because the line is registered as 2000@myDynDNSname.org

                                            If I leave it as the default; then the incoming call works to get to voicemail - but then my phone doesn't ring because it says it's not registered - it's registered as 2000@myDynDNSname.org and not as 2000@123.123.123.123.

                                            If I change the external devices to register by IP rather than DynDNS name I think everything will work; but when my IP changes I'll haev to update all the devices so I think that the DynDNS name is the way to go.

                                            Someone please show me the error of my ways.  I'm so close.

                                            The other interesting bit to this is that while outgoing calling connects but results in noise (problem #1 above)  the incoming calling on the same gateway has audio but just doesn't connect correctly due to dns versus ip configurations.

                                            Thanks for listening.

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.