Show some love, do like our FB page www.fb.com/Astiostech |
[UPDATED: 03 FEB 2015]
Here’s a VMDK image to run a full featured Asterisk PaBX with FreePBX as the management UI using our default and secure install practices. No registrations, no username/password, no signing up for newsletter.
Get it from Sourceforge: https://sourceforge.net/projects/debianasterisk/[Select SWSterisk11 folder, then download the zip file therein]
After extracting, You either need VirtualBox or VMPlayer/VMWare or any Virtualization products that supports VMDK files or if you’re using Hypervisor, convert the image to VHD using MVMC from here. This is to give you a feel of Asterisk with FreePBX without worrying about installation etc., its plug and play, literally. Just start up to your VirtualBox/VMplayer nd get it up and running in seconds. Go in to FreePBX and start creating extensions and enable other features. This image is free from any lockdowns or customizations that you cannot reverse or disable or enable as you wish. It is completely FREE from any personal restrictions. This image does not trace usage, or “dials home” or anything strange like that. Totally clean, totally lean and totally fast. It is functional and you can hook it up to a real production environment and you almost have a full fledge PBX, just add a Digium VoIP Gateway or another IP based PSTN.
- While it is enterprise ready, it should rather be used for “playing” or “testing”….
- DISCLAIMER: By using this VIRTUAL MACHINE IMAGE, i disclaim any sorts of liability whatsoever. What you do with this image is purely your choice/actions.
- This is not "another disto", nothing proprietary, i don't claim any copyrights, just make it look and feel like its mine for fun, but of course any of those customizations can be reversed. All other trademarks are properties of their respective owners. All rights reserved.
- It’s in ZIP compression, just get WinRAR or 7-ZIP to extract. After extracting, there should be one vmdk just mount the vmdk into VMWare/VMPlayer or Virtualbox and start the image
- Username: root (the other non root user is swsterisk with same password as below)
- Password: asteriskrocks (change this!)
- FreePBX(admin), MySQL(root), AMI(admin): usernames and passwords;
password: @steriskRocks1 (change this, here’s a good guide to start you off with http://www.freepbx.org/support/documentation/installation/first-steps-after-installation)
- REMEMBER REMEMBER REMEMBER: CHANGE PASSWORDS!
- The network adapter is set to auto on eth0.
- Image needs at least 384M memory (or more if you have more)
- All source files except kernel-headers are removed to save disk space for downloading, you need to download them manually
- Be sure your image can access internet when starting otherwise NTP and EXIM will start slow, don’t blame me!
- Debian 6.0.7 64bit (Source AMD64 netinstall) – UPDATED, Bash Vulnerability Fixed with latest patch no33, SSLV3 disabled and Ghost Vulnerability fixed. All binaries are retrieved from Debian’s 6 LTS repos. So they are up to date.
- The interface, extX, is set to use DHCP, so be sure to hook up DHCP or manually. In case you can’t bring the interface up, run #ifconfig –a . Then edit the file in /etc/network/interfaces and set all values to correspond to the interface shown when you run ifconfig –a (not loopback of course)
- IPV6 disabled
- MySQL backend (performance tuned)
- Webmin installed but not started (# /etc/init.d/webmin start , then access using https://<ipaddress>:10000) - UPDATED!
- Apache as webserver with enforced HTTPS
- MySQL administration with Adminer in https://<ipaddress>/dbmanager - UPDATED!
- DHCP and TFTP server downloaded, not installed
- Firewalled with IPTables (be sure to see /bin/wallfire.sh) – UPDATED and fixed wallfire.sh script …can be stopped and started #wallfire stop #wallfire start
- Time i.e NTP autosyncs with ntp.org daily, when starting and when stopping
- Exim4 (mailserver) configured to relay, configure your email appropriately #dpkg-reconfigure exim4-config
- fail2ban for Asterisk and SSH with enhancement to the log checking facility which includes asterisk security channel inside messages log (modify notification email here /etc/fail2ban/jail.conf) – UPDATED to 0.9.1!
- Munin for monitoring in https://<ipaddress>/munin
- Phpsysinfo for server information in https://<ipaddress>/phpsysinfo
- Many CLI tools for troubleshooting like tcpdump, ntop, htop…
- Astribank support [if ever u need it]
- Removed VirtualBox OSE support to make it more cross platform compatible.
- Asterisk 11.15.1 (Dahdi tools/linux 18.104.22.168/LibPRI) – UPDATED!
- Asterisk runs as high priority (Nice = 10)
- New version of g711 selected
- H323 Enabled
- SRTP enabled (GoogleTalk/XMPP/Jingle + Secure RTP)
- Iksemel for GoogleTalk/XMPP/Jingle
- Asterisk-CEL logging enabled (in DB/table asteriskcdr/cel)
- Log rotation enabled for files inside /var/log/asterisk/
- Extra codecs: Speex, optimzed open-g729 and optimized-SILK (Support Digium and the Asterisk project, please purchase and use the high quality official g729 codec for Asterisk)
- WebRTC ready (install as seen in http://highsecurity.blogspot.com/2012/12/webrtc-and-asterisk-11-using-sipml5.html )
- SipML5 digium guide - https://wiki.asterisk.org/wiki/display/AST/WebRTC+tutorial+using+SIPML5
- This is the proper guide since enforcement of certificates therefore making the below one to not work. You need to setup certs and do as below to continue configuring SipML5 via browser (not by hand as specified in the digium’s guide above)
- SipML5 – https://wiki.asterisk.org/wiki/display/AST/WebRTC+tutorial+using+SIPML5is installed and can used at https://<ipaddress>/myphone/call.htm when you configure it properly like below
- https://<ipaddress> to access FreePBX
- FreePBX 22.214.171.124 (with only basic modules pre-installed) - UPDATED
- Enhanced FreePBX security built in
- SIP defaults to NAT yes (avoid all one way audio issue)
- Security basic hardening in extensions
- CEL support in FreePBX CDR
- Enabled g729, speex and silk (enabled for IAX and SIP)
- Most services are started with /etc/init.d/btelsvc
As usual do give me your feedback. ==> sanjay(the at symbol)astiostech.com