Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    HELP - FreeSwitch again, now from a clean slate

    pfSense Packages
    4
    33
    24760
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      fribert last edited by

      Hi All

      Ok, so I started over with FreeSwitch, and got all the old config out.
      I've followed the 'multi home tutorial'.
      I've gotten to "Applying your changes and checking your work"
      I've started up the Freeswitch from the console, and I see this message at the bottom of the startup:
      2010-01-12 12:44:10.875104 [NOTICE] switch_core.c:923 Adding 83.89.x.x/255.255.255.248 (allow) to list localnet.auto
      2010-01-12 12:44:10.875122 [CONSOLE] switch_core.c:961 Created ip list lan default (allow)
      2010-01-12 12:44:10.875136 [NOTICE] switch_core.c:1064 Adding 192.168.42.0/24 (deny) to list lan
      2010-01-12 12:44:10.875149 [NOTICE] switch_core.c:1064 Adding 192.168.42.42/32 (allow) to list lan
      2010-01-12 12:44:10.875212 [CONSOLE] switch_core.c:961 Created ip list domains default (deny)
      2010-01-12 12:44:10.875304 [WARNING] switch_core.c:990 Cannot locate domain 83.89.x.x

      The 83.89.x.x is my WAN ip, and I haven't got the faintest where 192.168.x.x comes from (my internal is 10.11.12.0).

      When I try to register a phone I get this message:
      2010-01-12 12:49:22.527258 [WARNING] sofia_reg.c:1755 Can't find user [1000@83.89.x.x]
      You must define a domain called '83.89.x.x' in your directory and add a user with the id="1000" attribute
      and you must configure your device to use the proper domain in it's authentication credentials.

      For some reason it doesn't react to me setting the domain in the directory/default.xml???

      1 Reply Last reply Reply Quote 0
      • chpalmer
        chpalmer last edited by

        I actually got that same class c in my logs tonight while working on freeswitch…  Ive got mine on 172.x.x.x here...

        1 Reply Last reply Reply Quote 0
        • F
          fribert last edited by

          Ok, got some of the errors out of the list. There is an acl xml that lists that network.
          I've changed it to reflect my own IP range.

          It still didn't change anything in regards to the registration of sip phones.

          1 Reply Last reply Reply Quote 0
          • C
            cybrsrfr last edited by

            I'm the author of the freeSWITCH package for pfSense.

            I regret creating the LAN profile it makes it confusing and harder to understand. I recommend removing the lan.xml sip profile. The LAN profile is simply a copy of the internal profile renamed and set to bind to the LAN IP Address.

            FreeSWITCH will automatically bind the internal and external profile to the external ip address. The internal profile is what handles the registrations of the phones or soft phones. You register to providers they don't register to you that is where the external profile comes in.

            The external profile handles anonymous inbound connections that come from providers that don't register to your system.

            Hopefully this helps.  Have questions be specific I will try and help.

            1 Reply Last reply Reply Quote 0
            • chpalmer
              chpalmer last edited by

              Is there a way to keep freeswitch from loading the lan profile after removing the xml file?  It still shows up in profiles…

              1 Reply Last reply Reply Quote 0
              • C
                cybrsrfr last edited by

                To remove the lan profile do the following.
                rm -R /usr/local/freeswitch/conf/sip_profiles/lan
                rm /usr/local/freeswitch/conf/sip_profiles/lan.xml

                Then restart freeswitch. Now look at the status page and the lan profile should be gone.

                1 Reply Last reply Reply Quote 0
                • chpalmer
                  chpalmer last edited by

                  Yep Worked!    Thanks!!

                  1 Reply Last reply Reply Quote 0
                  • F
                    fribert last edited by

                    I got a lot further, thanks also to the freeswitch mailinglist :-)
                    I've gotten the phones registered, I've got multiple DID's registered, and I've created groups and everything.
                    Works very smootly.
                    Still a bit of work to be done to get all the way there, but it's getting closer.

                    1 Reply Last reply Reply Quote 0
                    • C
                      cybrsrfr last edited by

                      It really isn't that hard but mis-conceptions about certain things can make it a lot harder. I think the lan profile caused confusion. I will remove the lan profile from the package.

                      1 Reply Last reply Reply Quote 0
                      • F
                        fribert last edited by

                        One thing that isn't mentioned in the 'multi-homed guide' as far as I can see it is that the:
                        autoload_configs/acl.conf.xml
                        contains some acl lists, I changed those to my own LAN.
                        I'l not really sure what it does as of yet, but I didn't like some foreign IP's appearing :-)
                        And also in the vars.xml I had to set
                          <x-pre-process cmd="set" data="domain=10.11.12.25">(my pfsense lan address)
                        otherwise the phones wouldn't be allowed to register.</x-pre-process>

                        1 Reply Last reply Reply Quote 0
                        • F
                          fribert last edited by

                          Could you add the
                          vm-notify-email-all-messages
                          statement to the 'extensions' defining in the package?

                          I'm moving all the config I've created directly in the config files to the pfsense, as I really want to have it in the pfsense (for backup purposes).

                          1 Reply Last reply Reply Quote 0
                          • chpalmer
                            chpalmer last edited by

                            I think this is more a Freeswitch related question rather than a "Package" (or how Freeswitch interacts with and runs under pfSense) question but…

                            acl.conf.xml seems to be related to clients connecting without authenticating... If I have all my clients authenticating, is there really a need for the acl file?

                            Can reference to it be disabled?

                            I have "Rejected by acl "domains". Falling back to Digest auth" showing up in my logs constantly and nothing I do seems to fix it...

                            1 Reply Last reply Reply Quote 0
                            • F
                              fribert last edited by

                              No it's just a matter of the fields shown in the configing of extensions in the pfsense interface, and include the config in the pfsense.xml as well.

                              acl…xml: Ahh, I see, well, I got rid of it by changing it to my local lan, and then just allow the server itself access.

                              1 Reply Last reply Reply Quote 0
                              • chpalmer
                                chpalmer last edited by

                                From my log-
                                [DEBUG] sofia.c:4628 IP 172.31.125.15 Rejected by acl "domains". Falling back to Digest auth.

                                172.31.125.15 is my ata.  Does this simply mean it needs to authenticate and not allowed otherwise?

                                1 Reply Last reply Reply Quote 0
                                • C
                                  cybrsrfr last edited by

                                  If the SIP traffic is sent to the internal profile on port 5060 and its not registered it will check the ACL (access control list) to see if it is allowed. But that isn't usually necessary if you have someone remote that wants to connect to you with a SIP URI send them to the external profile which puts the call in the public context. The external profile doesn't require registration and the call can come in it simply needs to be told where to go (inbound route). The inbound routing in the pfSense FreeSWITCH package is handled with the 'Public' tab. In FusionPBX which could be considered version 2 of the pfSense FreeSWITCH package 'Public' has been named 'Inbound Routes'.

                                  1 Reply Last reply Reply Quote 0
                                  • chpalmer
                                    chpalmer last edited by

                                    Cool- thanks guys!

                                    Ive got FusionPBX running on a windoes box for learning purposes…  Im real interested in trying to install it on my router as an upgrade to this but that for later...

                                    But referring to FusionPBX configs and the way you have things set up default has helped me allot with configuring the package on the router in the last day...

                                    1 Reply Last reply Reply Quote 0
                                    • C
                                      cybrsrfr last edited by

                                      Thats good that is why I put in some default settings to make getting started a little easier.
                                      Note: Using the vHosts package which I created for this purpose you can get FusionPBX running on pfSense now if desired. I made the vHosts generic so that it will benefit other peoples needs as well.

                                      1 Reply Last reply Reply Quote 0
                                      • T
                                        TreeTopFlyer last edited by

                                        Mark,

                                        Without trying to show too much of my ignorance here, do you have a "quick & dirty" install guide for FusionPBX on pfSense?  Like chpalmer I've installed FusionPBX on a 2k3 server to look at but would like to install it on a pfSense box running Freeswitch.  I do understand that I would need to do the vHost package install first.  I couldn't find any info on the FusionPBX site for this. Thanx.

                                        1 Reply Last reply Reply Quote 0
                                        • chpalmer
                                          chpalmer last edited by

                                          Without trying to show too much of my ignorance here,

                                          Not me!  Ill totally claim ignorance…    ;D

                                          I would also love to see some form of a how to...  Need to do some googling to get started but figured Id at least get a little more familiar with what config does what on Freeswitch...

                                          1 Reply Last reply Reply Quote 0
                                          • chpalmer
                                            chpalmer last edited by

                                            Looks like I need to familiarize myself a bunch more with FreeBSD commands….    :P ;D

                                            1 Reply Last reply Reply Quote 0
                                            • C
                                              cybrsrfr last edited by

                                              FusionPBX on pfSense

                                              1. Install FreeSWITCH easiest way is to install the FreeSWITCH pfSense package.
                                              2. Install the vHosts pacakge. (vHosts - virtual hosts)
                                              3. Setup fusionpbx.local in the dns forwarder package to point to the LAN IP of pfSense.
                                              4. Setup 'fusionpbx' website in the vHosts package with port 8001 or the port of your choice that is not used.
                                              5. After adding fusionpbx restart the vhosts web service. Then make sure you can view the phpinfo example page.
                                              6. From the console via ssh run the following or from Diagnostics -> Command
                                              cd /usr/local/vhosts/;fetch http://fusionpbx.com/downloads/fusionpbx-1.0.tar.gz
                                              cd /usr/local/vhosts/;tar xvf fusionpbx-1.0.tar.gz
                                              7. Open the web browser and you should see the install page. By default SQLite will be selected. The defaults should be fine.
                                              8. From the install page press save.
                                              9. Login to the FusionPBX with superadmin or admin with a password of FusionPBX.
                                              10. For configurations help please see.
                                              http://www.fusionpbx.com
                                              http://wiki.fusionpbx.com
                                              http://fusionpbx.com/support.php
                                              http://doc.pfsense.org/index.php/FreeSWITCH
                                              http://wiki.freeswitch.org

                                              1 Reply Last reply Reply Quote 0
                                              • F
                                                fribert last edited by

                                                Not a lot of new features in the fusionpbx compared to the pfsense package, but it looks a bit better.
                                                Is the fusionpbx going to be made a package as well (nudge nudge  :P)

                                                1 Reply Last reply Reply Quote 0
                                                • chpalmer
                                                  chpalmer last edited by

                                                  Thanks Mark!

                                                  Appreciate all the help….    :)

                                                  1 Reply Last reply Reply Quote 0
                                                  • C
                                                    cybrsrfr last edited by

                                                    There is a lot of new tools too give you greater access to FreeSWITCH, and make it easier to use.

                                                    • Public is now called 'Inbound Routes'
                                                    • Template manager allows you to change the look and feel.
                                                    • Menu manager allows you to change
                                                    • XML Editor is for advanced users that want access to FreeSWITCH on a deeper level.
                                                    • PHP Editor again for advanced users that know PHP
                                                    • Script Editor allowing advanced users ability to add or modify scripts.
                                                    • Dialplan and Inbound routes has a tool for 'add' that makes adding new entries much easier and faster.
                                                    • Users can log into view their voicemail's
                                                    • Users can be assigned to one or more extensions.
                                                    • Database backend that can use SQLite, PostgreSQL, or MySQL. On pfSense it requires SQLite.

                                                    And some new features. Keep in mind this took months to make multi-platform.

                                                    • Additional features in Hunt groups
                                                    • Additional features in the Auto Attendant
                                                    • Conference interface to make it easier to add voice conference rooms with or without a pin number
                                                    • Softphone that is if you have a have a sound card installed on the system
                                                    • Ability to run multi-tenant with multiple instances of FreeSWITCH
                                                    • Contact list

                                                    Features that I'm currently working on.
                                                    Call Broadcast make a recording and send it to a group of contacts.
                                                    Call Forward transfer calls destined for an extension out to a cell phone.
                                                    Call Queues possible before but this interface will make it easier.
                                                    Automatic Phone provisioning

                                                    1 Reply Last reply Reply Quote 0
                                                    • T
                                                      TreeTopFlyer last edited by

                                                      FusionPBX install on pfSense worked like a charm Mark.  Mucho gracias mi amigo.

                                                      1 Reply Last reply Reply Quote 0
                                                      • F
                                                        fribert last edited by

                                                        Ok, got fusionpbx up and running.
                                                        Is there an way to import the current config, or is it entering all over again?

                                                        1 Reply Last reply Reply Quote 0
                                                        • F
                                                          fribert last edited by

                                                          Grrrr, a warning on the fusionpbx install, it smashes up your existing config, damnation, thank god for frequent backups.
                                                          So this is a warning if you want to use this and have a working config!
                                                          An import of the existing would be appropriate.

                                                          1 Reply Last reply Reply Quote 0
                                                          • C
                                                            cybrsrfr last edited by

                                                            It should be obvious that making a backup before doing such a thing is always a good idea to make a backup. However, the install should make a backup of your config and call into a directory called config.orig.

                                                            There isn't an import yet.  No one has offered to help with the import either monetarily or with developer help. I do get complaints that it isn't there. Complaints don't provide me any motivation. You have no idea what I've sacrificed over the past year and a half to build this and make it available for you and others.

                                                            I may still build the import but it isn't my first priority. A future FusionPBX pfSense package is higher priority and features to get or stay ahead of competition, and provide tools that make FusionPBX fit more peoples needs are all a higher priority.

                                                            1 Reply Last reply Reply Quote 0
                                                            • C
                                                              cybrsrfr last edited by

                                                              Improved the vhosts package several minor improvements. The major change is that it now works on pfSense 2.0 with FreeBSD 8.0. vhosts on pfsense 2.0 will now make it much easier to run FusionPBX on pfSense 2.0.

                                                              1 Reply Last reply Reply Quote 0
                                                              • chpalmer
                                                                chpalmer last edited by

                                                                @mcrane:

                                                                Improved the vhosts package several minor improvements. The major change is that it now works on pfSense 2.0 with FreeBSD 8.0. vhosts on pfsense 2.0 will now make it much easier to run FusionPBX on pfSense 2.0.

                                                                Thank You!    :)

                                                                1 Reply Last reply Reply Quote 0
                                                                • F
                                                                  fribert last edited by

                                                                  Hi mcrane

                                                                  Don't take my grrr, as a complaint, but a warning on the install would be nice  ;D
                                                                  And the excuse with 'you should alway backup' just doesn't do! That's simply a cop out for failing to do the warning.

                                                                  1 Reply Last reply Reply Quote 0
                                                                  • chpalmer
                                                                    chpalmer last edited by

                                                                    came off wrong. Struck comment

                                                                    1 Reply Last reply Reply Quote 0
                                                                    • F
                                                                      fribert last edited by

                                                                      He he he, or version 2 or…
                                                                      Oh well, I'm going to ponder on the idea of reentering everything :-)

                                                                      1 Reply Last reply Reply Quote 0
                                                                      • First post
                                                                        Last post

                                                                      Products

                                                                      • Platform Overview
                                                                      • TNSR
                                                                      • pfSense
                                                                      • Appliances

                                                                      Services

                                                                      • Training
                                                                      • Professional Services

                                                                      Support

                                                                      • Subscription Plans
                                                                      • Contact Support
                                                                      • Product Lifecycle
                                                                      • Documentation

                                                                      News

                                                                      • Media Coverage
                                                                      • Press
                                                                      • Events

                                                                      Resources

                                                                      • Blog
                                                                      • FAQ
                                                                      • Find a Partner
                                                                      • Resource Library
                                                                      • Security Information

                                                                      Company

                                                                      • About Us
                                                                      • Careers
                                                                      • Partners
                                                                      • Contact Us
                                                                      • Legal
                                                                      Our Mission

                                                                      We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                                                                      Subscribe to our Newsletter

                                                                      Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                                                                      © 2021 Rubicon Communications, LLC | Privacy Policy