Tag: support

Categories
Asterisk Support Elastix Support Knowledge Base Support

Multiple Dynamic features with Asterisk Applicationmaps

Dynamic features are very useful for allowing users access to custom features during calls. These can be loaded individually via the dialplan, but in freepbx based solutions this will mean a bit of hacking of the dialplan using overides and making sure all still works afterwards, or as a global varible.

The easiest way is to load them as a global as is done with apprecord, But if you want to add lots of features then you will have to use a Application Map group. This is done by editing the features_applicationmap_custom.conf  file so it looks like below for example, at the top are your application maps then your group

testfeature => #9,callee,Playback,tt-monkeys 
calleehangup => #8,callee,Hangup()
callerhangup => #7,caller,Hangup()
[mymapgroup]
testfeature => #9
calleehangup => #8
callerhangup => #7
apprecord => *1

DO NOT FORGET to add the apprecord to your group.

You then need to edit the globals_custom.conf file and add a line like below

DYNAMIC_FEATURES => mymapgroup

Then reload asterisk and issue the command “features show”

Dynamic Feature           Default Current
---------------           ------- -------
callerhangup              no def  #7     
calleehangup              no def  #8     
testfeature               no def  #9     
apprecord                 no def  *1     
Feature Groups:
---------------
===> Group: mymapgroup
===> --> apprecord (*1,caller,Macro,one-touch-record)
===> --> callerhangup (#7)
===> --> calleehangup (#8)

and to check that they are loaded as a global variable do “dialplan show globals” and near or at the top you will see:-

 DYNAMIC_FEATURES=mymapgroup

And thats all there is to it.

Categories
Elastix Support Knowledge Base Technical

Setting the server domain in elastix correct for scripted email

We run many scripts on customer servers to email cdrs, backups etc, one problem with some mail servers is the mail gets rejected as it comes from root@elastixserver.yourdomain.com by default to fix this is simple and only takes a few lines.

Postfix MTA offers smtp_generic_maps parameter. You can specify lookup tables that replace local mail addresses by valid Internet addresses when mail leaves the machine via SMTP.

Open your main.cf file

# vi /etc/postfix/main.cf

Append following parameter

smtp_generic_maps = hash:/etc/postfix/generic

Save and close the file. Open /etc/postfix/generic file:

# vi /etc/postfix/generic

Make sure root@elastixserver.yourdomain.com change to elastixserver@yourdomain.com add :

root@elastixserver.yourdomain.com  elastixserver@yourdomain.com

Save and close the file. Create or update generic postfix table:

# postmap /etc/postfix/generic

Restart postfix:

# /etc/init.d/postfix restart

When mail is sent to a remote host via SMTP this replaces root@elastixserver.yourdomain.com by elastixserver@yourdomain.com mail address. You can use this trick to replace address with your ISP address if you are connected via local SMTP.

To set up gmail for delivery look at this

Categories
Asterisk Support Elastix Support Knowledge Base

Installing DynDns update script on Centos

The following is a simple run-through on installing the dyndns client for updating the ip address on your hosts.

cd /usr/src

wget  http://cdn.dyndns.com/ddclient.tar.gz
tar -xzvf ddclient.tar.gz

cd ddclient-3.7.3/

mkdir /etc/ddclient

mkdir /var/cache/ddclient
cp ddclient /usr/local/sbin

cp sample-etc_ddclient.conf /etc/ddclient/ddclient.conf

cp sample-etc_rc.d_init.d_ddclient /etc/rc.d/init.d/ddclient
chkconfig --add ddclient

cd ..

vi  /etc/ddclient/ddclient.conf

add at the bottom of file

#
use=web
login=USERNAME
password=PASSWORD
server=members.dyndns.org  
protocol=dyndns2
# add your DNS name here as below 
DNSNAME.dyndns.biz
#
/etc/init.d/ddclient start

You will then need to check that your host address has updated on the dyndns site.

If you get perl io ssl errors in the logfile then:

yum install perl-IO-Socket-SSL
Categories
Asterisk Support Elastix Support FreePBX Knowledge Base

Using Gmail to send Voicemail emails

We have seen more and more ISPs blocking Port 25.  This means that sending emails natively from FreePBX or any Asterisk based IPBX for things such as voicemail notification can time out or be rejected.

To get round this you can send your email notifications via Gmail.

Firstly you need a Gmail account, once you have this jot down the user and password, you will need this later.

You now need to connect to your server via ssh as you have a couple of files to edit.

Firstly you need to enter the account details in sasl_passwd

vi /etc/postfix/sasl_passwd

and add

smtp.gmail.com:587 yourmailaddress@gmail.com:password

Save it, then edit main.cf

vi  /etc/postfix/main.cf

Then add at the end:

masquerade_domains = yourdomain.com
# The servers hostname below
myhostname = Asterisk.yourdomain.com
mydomain = Asterisk.yourdomain.com
# The email account its being sent from below
myorigin = voicemail@yourdomain.com

relayhost = smtp.gmail.com:587
mynetworks = 127.0.0.0/8
inet_interfaces = loopback-only
smtp_use_tls = yes
smtp_always_send_ehlo = yes
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtp_tls_security_level = encrypt
smtp_generic_maps = hash:/etc/postfix/generic 
smtp_tls_security_level = secure
smtp_tls_mandatory_protocols = TLSv1
smtp_tls_mandatory_ciphers = high
smtp_tls_secure_cert_match = nexthop
smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt

Then enter the following commands at teh command line

postmap hash:/etc/postfix/sasl_passwd
/etc/init.d/postfix restart

Finally you need to make a change to your gmail account to “Allow users to manage their access to less secure apps” which is in the security section of the Gmail ‘Domain’ account setting if its a GSuite account then make sure “Less secure app access” is set to yes in the accounts ‘security section’ if you don’t do this you will see:

535-5.7.8 Username and Password not 
accepted. Learn more at?535 5.7.8 https://support.google.com/mail/?p=BadCredentials  

or 

530-5.7.0 Authentication Required. Learn more at 530 5.7.0 h
ttps://support.google.com/mail/?p=WantAuthError

Most likely the 535 error if ‘Less secure app access’ is not enabled.

You should now be able to send email via the gmail account.

It’s worth making a couple of changes to the gmail account, firstly set and out of office sayings it’s only a sending mailbox and another to delete messages in the inbox.

Categories
Knowledge Base Security

Remote ssh tunnel script

We have various customers that have firewalls that only allow known trusted IP addresses through. Normally our office and our monitoring platform for example.

But if we are out and about we still sometimes need to access a system and its GUI, so we have created the simple script below that makes a ssh connection to the customer server and also tunnel to access any web gui.

This script is in place on the monitoring server so we can just ssh in to the monitoring platform and run the script. all that is needed is a single tunnel setup on the ssh client that i’m accessing the monitoring platform from.

#!/bin/bash
echo ssh tunnel tool. 2013 cyber-cottage.co.uk
echo Setting up a tunnel to $1
whois $1 |grep netname
if [ "$1" = '' ]; then
 echo "You have no remote destination set"
 echo "usage: remotetunnel.sh <remote server> <remote ssh port> <remote system port>"
 echo "For example remotetunnel.sh 81.22.23.24 8022 80"
 exit
fi
if [ "$3" = '' ]; then
echo "usage: remotetunnel.sh <remote server> <remote ssh port> <remote system port>"
echo "For example remotetunnel.sh 81.22.23.24 8022 80"
if [ "$2" = '' ]; then
 echo "You have no remote ssh or system port set, Setting ssh to port 22"
 port="22"
else
 port="$2"
fi
 echo "You have no remote system port set, Setting remote to port 80"
 rport="80"
else
 rport="$3"
fi
if [ "$port" = '' ]; then
 port=$2
fi
echo Remote system IP is $1
echo Remote ssh port is $port
echo Remote system port is $rport
read -p "Is this correct? (y/n) " RESP
if [ "$RESP" = "y" ]; then
 echo "Glad to hear it"
else
 exit
fi
ssh -L 9999:localhost:$rport  $1 -oport=$port
Categories
Asterisk Support Elastix Support Knowledge Base Technical

IAX2 Peers going unreachable.

In the past we have found that IAX@ peers have been reliable and solid.

But lately with the advent of bonded ADSL lines and other forms of aggregated lines we have seen issues where the IAX2 trunk will go down and a simple reload of Asterisk or even a restart doesn’t fix it.

Taken from Voip-info

A report of the problem by another user :

This is something I’ve run into myself and my VOIP IAX2 provider has this issue with many clients running Asterisk on TrixBox or other custom made systems behing a NAT (Linux) router.

If our PPPoE goes down, we have to reboot our Asterisk server to get our IAX2 trunk to re-register otherwise, it will try and just keep timing out. I have the 4569 forwarded internal (Pierre Belanger adds: in many cases, the 4569 port forwarding useless unless your Asterisk server provides service to IAX2 phones from the Internet, i.e. not on your local LAN).

I have a dirty script that avoids having to reboot the TrixBox and restore our service within 2 minutes of a blip automatically, and logs the ‘blips’ so i can see how ‘reliable’ our service is.

We have take the original script posted and made some changes, Notably it checks a defined peer name as we have seen that the problem doesn’t always affect all peers on a system.

======Code follows ======

#!/bin/sh
#We record the status of the IAX2 Trunk
cd /root/ # I have script live in root,
# Set the peer name to monitor here
# ******
peername="YOURIAX2PEERNAME"
# ******
date >> slap.log
echo "Testing $peername peer" >> slap.log
/usr/sbin/asterisk -rx 'iax2 show peers' |grep -i $peername >> slap.log
/usr/sbin/asterisk -rx 'iax2 show peers' |grep -i $peername > reg_status
sleep 1
#We then Scan the Status and see if we're online or not...
TEST="OK"
if grep $TEST reg_status > /dev/null
then
echo "All OK Here" >> slap.log
exit #Abort, we are online, all is well...
fi
#IF we're this far down, we've lost IAX. Log the incident.
echo "we have a problem with $peername, Restarting it" >> slap.log
#Restart the IAX2 trunk. Delay required for some reason.
/usr/sbin/asterisk -rx 'module unload chan_iax2.so' >> slap.log
sleep 90;
/usr/sbin/asterisk -rx 'module load chan_iax2.so' > /dev/null
echo "Restarted it Now lets check status" >> slap.log
sleep 5;
/usr/sbin/asterisk -rx 'iax2 show peers' |grep -i $peername >> slap.log
#We record the status of the IAX2 Trunk
/usr/sbin/asterisk -rx 'iax2 show peers' |grep -i $peername > reg_status
sleep 1
#We then Scan the Status and see if we're online or not...
TEST="OK"
if grep $TEST reg_status > /dev/null
then
echo "All OK Here" >> slap.log
exit #Abort, we are online, all is well...
fi
#IF we're this far down, we've lost IAX. Log the incident.
echo "we have a problem with $peername, Restarting it" >> slap.log
#Restart the IAX2 trunk. Delay required for some reason.
/usr/sbin/asterisk -rx 'module unload chan_iax2.so' >> slap.log
sleep 120;
/usr/sbin/asterisk -rx 'module load chan_iax2.so' > /dev/null
echo "Restarted it Now lets check status" >> slap.log
sleep 5;
/usr/sbin/asterisk -rx 'iax2 show peers' |grep -i $peername >> slap.log
#We record the status of the IAX2 Trunk

======Code ends======

This seems to do the trick and its cronned to run every night or hour in some cases.

UPDATE

on testing and speaking to suppliers. We would advise adding the following settings to your IAX2 peers

 

qualifysmoothing=yes
qualifyfreqnotok=30000
qualifyfreqok=120000
qualify=yes

With this added we have not seen any unexpected unreachables.

 

Categories
Knowledge Base Technical

Flushing your sendmail queue.

Whenever sendmail has to deliver mails to other hosts which cannot be reached at that time, the messages are kept in the queue and are marked as “Deferred: Connection timed out”. Although the other hosts could be reached again and you want to tell sendmail to flush the mail queue, the command

sendmail -q -v

does not really try to reconnect to these hosts and still assumes that the connection timed out. The reason is that the hoststatus is cached, per default for a period of 30 minutes. Using

sendmail -OTimeout.hoststatus=0m -q -v

you can re-run the mail queue and force sendmail to reconnect to the hosts. You may want to define an alias for that, say, ‘sendmail-flush-timeouts’.

You can set further options in /etc/sendmail.cf.

Categories
Knowledge Base

ETHERACCESS LA210

The unit is referred to as the Network Termination Equipment (NTE) or RAD box.

It is used to ‘bond’ the multiple lines that are used on an EFM connection into one circuit. There are RJ45 Network ports on the rear that allow you to plug your own equipment such as routers in.

Front View

The front of the LA-210 includes LED lights that can indicate the state of the unit and the connection.

LA210_front

Rear view

The LA-210 has 4 RJ-45 network ports that the you can plug your own router into.

LA210_rear

ls120led LED STATUS


Categories
Knowledge Base Support

Mitel SNMP Alarm monitoring

As part of our ongoing improvements to our Alarm and fault monitoring service we are now pleased to be able to offer proactive monitoring of the Mitel 3300ICP snmp alarm output.3300
This monitoring is proactive, meaning we check the system at regular intervals from our Nagios platform and will raise alarms on power failing as well as all mitel snmp alarm levels.

mitel alarm example

The alarm can be emailed or txt’d to single or group of addresses.

All that is required is fixed external hostname or IP address and port 161 or another random port forwarded to port 161 so we can connect and the snmp configuration on the Mitel system to allow our systems IP address to connect.

If you are interested in this service the standard charge £25 per site per year for more details please email or call us.

Categories
Knowledge Base Technical

Skype for SIP name to DDI with Asterisk

When using Skype for SIP trunks with Asterisk a simple an neat way to enable DDI calling for the skype names is to use the “extension” option.
This means that the ‘To’ in in the sip header is set to what you set.

This can then be picked out with a simple little bit of dialplan

exten => 99051000000000,1,Set(CALLERID(num)=${CALLERID(name)})
exten => 99051000000000,2,Set(cNum=${SIP_HEADER(TO):5:6})
exten => 99051000000000,3,Noop(${cNum})
exten => 99051000000000,4,Goto(from-pstn,${cNum}|1)

In the above example we have 6 digit ddi numbers in the context from-pstn.

Setting up the Skype end is as simple as logging into your BCP and then the relevent profile and clicking on the calling tab

and setting as below

Image

This lets you now use one account and have all your BCP accounts have DDI calls directed at the PBX