HELP - FreeSwitch again, now from a clean slate

  • Hi All

    Ok, so I started over with FreeSwitch, and got all the old config out.
    I've followed the 'multi home tutorial'.
    I've gotten to "Applying your changes and checking your work"
    I've started up the Freeswitch from the console, and I see this message at the bottom of the startup:
    2010-01-12 12:44:10.875104 [NOTICE] switch_core.c:923 Adding 83.89.x.x/ (allow) to list
    2010-01-12 12:44:10.875122 [CONSOLE] switch_core.c:961 Created ip list lan default (allow)
    2010-01-12 12:44:10.875136 [NOTICE] switch_core.c:1064 Adding (deny) to list lan
    2010-01-12 12:44:10.875149 [NOTICE] switch_core.c:1064 Adding (allow) to list lan
    2010-01-12 12:44:10.875212 [CONSOLE] switch_core.c:961 Created ip list domains default (deny)
    2010-01-12 12:44:10.875304 [WARNING] switch_core.c:990 Cannot locate domain 83.89.x.x

    The 83.89.x.x is my WAN ip, and I haven't got the faintest where 192.168.x.x comes from (my internal is

    When I try to register a phone I get this message:
    2010-01-12 12:49:22.527258 [WARNING] sofia_reg.c:1755 Can't find user [1000@83.89.x.x]
    You must define a domain called '83.89.x.x' in your directory and add a user with the id="1000" attribute
    and you must configure your device to use the proper domain in it's authentication credentials.

    For some reason it doesn't react to me setting the domain in the directory/default.xml???

  • I actually got that same class c in my logs tonight while working on freeswitch…  Ive got mine on 172.x.x.x here...

  • Ok, got some of the errors out of the list. There is an acl xml that lists that network.
    I've changed it to reflect my own IP range.

    It still didn't change anything in regards to the registration of sip phones.

  • I'm the author of the freeSWITCH package for pfSense.

    I regret creating the LAN profile it makes it confusing and harder to understand. I recommend removing the lan.xml sip profile. The LAN profile is simply a copy of the internal profile renamed and set to bind to the LAN IP Address.

    FreeSWITCH will automatically bind the internal and external profile to the external ip address. The internal profile is what handles the registrations of the phones or soft phones. You register to providers they don't register to you that is where the external profile comes in.

    The external profile handles anonymous inbound connections that come from providers that don't register to your system.

    Hopefully this helps.  Have questions be specific I will try and help.

  • Is there a way to keep freeswitch from loading the lan profile after removing the xml file?  It still shows up in profiles…

  • To remove the lan profile do the following.
    rm -R /usr/local/freeswitch/conf/sip_profiles/lan
    rm /usr/local/freeswitch/conf/sip_profiles/lan.xml

    Then restart freeswitch. Now look at the status page and the lan profile should be gone.

  • Yep Worked!    Thanks!!

  • I got a lot further, thanks also to the freeswitch mailinglist :-)
    I've gotten the phones registered, I've got multiple DID's registered, and I've created groups and everything.
    Works very smootly.
    Still a bit of work to be done to get all the way there, but it's getting closer.

  • It really isn't that hard but mis-conceptions about certain things can make it a lot harder. I think the lan profile caused confusion. I will remove the lan profile from the package.

  • One thing that isn't mentioned in the 'multi-homed guide' as far as I can see it is that the:
    contains some acl lists, I changed those to my own LAN.
    I'l not really sure what it does as of yet, but I didn't like some foreign IP's appearing :-)
    And also in the vars.xml I had to set
      <x-pre-process cmd="set" data="domain=">(my pfsense lan address)
    otherwise the phones wouldn't be allowed to register.</x-pre-process>

  • Could you add the
    statement to the 'extensions' defining in the package?

    I'm moving all the config I've created directly in the config files to the pfsense, as I really want to have it in the pfsense (for backup purposes).

  • I think this is more a Freeswitch related question rather than a "Package" (or how Freeswitch interacts with and runs under pfSense) question but…

    acl.conf.xml seems to be related to clients connecting without authenticating... If I have all my clients authenticating, is there really a need for the acl file?

    Can reference to it be disabled?

    I have "Rejected by acl "domains". Falling back to Digest auth" showing up in my logs constantly and nothing I do seems to fix it...

  • No it's just a matter of the fields shown in the configing of extensions in the pfsense interface, and include the config in the pfsense.xml as well.

    acl…xml: Ahh, I see, well, I got rid of it by changing it to my local lan, and then just allow the server itself access.

  • From my log-
    [DEBUG] sofia.c:4628 IP Rejected by acl "domains". Falling back to Digest auth. is my ata.  Does this simply mean it needs to authenticate and not allowed otherwise?

  • If the SIP traffic is sent to the internal profile on port 5060 and its not registered it will check the ACL (access control list) to see if it is allowed. But that isn't usually necessary if you have someone remote that wants to connect to you with a SIP URI send them to the external profile which puts the call in the public context. The external profile doesn't require registration and the call can come in it simply needs to be told where to go (inbound route). The inbound routing in the pfSense FreeSWITCH package is handled with the 'Public' tab. In FusionPBX which could be considered version 2 of the pfSense FreeSWITCH package 'Public' has been named 'Inbound Routes'.

  • Cool- thanks guys!

    Ive got FusionPBX running on a windoes box for learning purposes…  Im real interested in trying to install it on my router as an upgrade to this but that for later...

    But referring to FusionPBX configs and the way you have things set up default has helped me allot with configuring the package on the router in the last day...

  • Thats good that is why I put in some default settings to make getting started a little easier.
    Note: Using the vHosts package which I created for this purpose you can get FusionPBX running on pfSense now if desired. I made the vHosts generic so that it will benefit other peoples needs as well.

  • Mark,

    Without trying to show too much of my ignorance here, do you have a "quick & dirty" install guide for FusionPBX on pfSense?  Like chpalmer I've installed FusionPBX on a 2k3 server to look at but would like to install it on a pfSense box running Freeswitch.  I do understand that I would need to do the vHost package install first.  I couldn't find any info on the FusionPBX site for this. Thanx.

  • Without trying to show too much of my ignorance here,

    Not me!  Ill totally claim ignorance…    ;D

    I would also love to see some form of a how to...  Need to do some googling to get started but figured Id at least get a little more familiar with what config does what on Freeswitch...

  • Looks like I need to familiarize myself a bunch more with FreeBSD commands….    :P ;D

  • FusionPBX on pfSense

    1. Install FreeSWITCH easiest way is to install the FreeSWITCH pfSense package.
    2. Install the vHosts pacakge. (vHosts - virtual hosts)
    3. Setup fusionpbx.local in the dns forwarder package to point to the LAN IP of pfSense.
    4. Setup 'fusionpbx' website in the vHosts package with port 8001 or the port of your choice that is not used.
    5. After adding fusionpbx restart the vhosts web service. Then make sure you can view the phpinfo example page.
    6. From the console via ssh run the following or from Diagnostics -> Command
    cd /usr/local/vhosts/;fetch
    cd /usr/local/vhosts/;tar xvf fusionpbx-1.0.tar.gz
    7. Open the web browser and you should see the install page. By default SQLite will be selected. The defaults should be fine.
    8. From the install page press save.
    9. Login to the FusionPBX with superadmin or admin with a password of FusionPBX.
    10. For configurations help please see.

  • Not a lot of new features in the fusionpbx compared to the pfsense package, but it looks a bit better.
    Is the fusionpbx going to be made a package as well (nudge nudge  :P)

  • Thanks Mark!

    Appreciate all the help….    :)

  • There is a lot of new tools too give you greater access to FreeSWITCH, and make it easier to use.

    • Public is now called 'Inbound Routes'
    • Template manager allows you to change the look and feel.
    • Menu manager allows you to change
    • XML Editor is for advanced users that want access to FreeSWITCH on a deeper level.
    • PHP Editor again for advanced users that know PHP
    • Script Editor allowing advanced users ability to add or modify scripts.
    • Dialplan and Inbound routes has a tool for 'add' that makes adding new entries much easier and faster.
    • Users can log into view their voicemail's
    • Users can be assigned to one or more extensions.
    • Database backend that can use SQLite, PostgreSQL, or MySQL. On pfSense it requires SQLite.

    And some new features. Keep in mind this took months to make multi-platform.

    • Additional features in Hunt groups
    • Additional features in the Auto Attendant
    • Conference interface to make it easier to add voice conference rooms with or without a pin number
    • Softphone that is if you have a have a sound card installed on the system
    • Ability to run multi-tenant with multiple instances of FreeSWITCH
    • Contact list

    Features that I'm currently working on.
    Call Broadcast make a recording and send it to a group of contacts.
    Call Forward transfer calls destined for an extension out to a cell phone.
    Call Queues possible before but this interface will make it easier.
    Automatic Phone provisioning

  • FusionPBX install on pfSense worked like a charm Mark.  Mucho gracias mi amigo.

  • Ok, got fusionpbx up and running.
    Is there an way to import the current config, or is it entering all over again?

  • Grrrr, a warning on the fusionpbx install, it smashes up your existing config, damnation, thank god for frequent backups.
    So this is a warning if you want to use this and have a working config!
    An import of the existing would be appropriate.

  • It should be obvious that making a backup before doing such a thing is always a good idea to make a backup. However, the install should make a backup of your config and call into a directory called config.orig.

    There isn't an import yet.  No one has offered to help with the import either monetarily or with developer help. I do get complaints that it isn't there. Complaints don't provide me any motivation. You have no idea what I've sacrificed over the past year and a half to build this and make it available for you and others.

    I may still build the import but it isn't my first priority. A future FusionPBX pfSense package is higher priority and features to get or stay ahead of competition, and provide tools that make FusionPBX fit more peoples needs are all a higher priority.

  • Improved the vhosts package several minor improvements. The major change is that it now works on pfSense 2.0 with FreeBSD 8.0. vhosts on pfsense 2.0 will now make it much easier to run FusionPBX on pfSense 2.0.

  • @mcrane:

    Improved the vhosts package several minor improvements. The major change is that it now works on pfSense 2.0 with FreeBSD 8.0. vhosts on pfsense 2.0 will now make it much easier to run FusionPBX on pfSense 2.0.

    Thank You!    :)

  • Hi mcrane

    Don't take my grrr, as a complaint, but a warning on the install would be nice  ;D
    And the excuse with 'you should alway backup' just doesn't do! That's simply a cop out for failing to do the warning.

  • came off wrong. Struck comment

  • He he he, or version 2 or…
    Oh well, I'm going to ponder on the idea of reentering everything :-)