4 location VOIP system: Infrastructure

Dear FreePBX community!

I have 4 locations that I would like to connect with VOIP. Geographically, I am based in Europe with 3 of the locations being in one country and the 4th - could be considered the HQ in a different one. 3 locations have regular copper internet connections with unlimited data, while one uses a 4G cellular signal. I would also prefer all communications to be encrypted and if that means increasing the upfront cost by choosing more powerful CPUs I would be willing to do so.

On stage 1 of this project I would like to achieve the following:

Installing 1-3 phones at HQ and a 2nd location. Using an ATA FXO device/converter to connect an existing POTS line at location 2 to the system, so I can avoid paying for international calling from my HQ to the country with the 3 other locations.

Stage 2:

I would like to add the ability to use my POTS line at location 2 from anywhere with an iPhone

Stage 3: adding the remaining two locations(with 1-3 phones) and perhaps adding a two more POTS lines one at HQ and one at one of the locations.

I have some knowledge about FreePBX thanks to youtube videos. I’m assuming that I would need to setup VPNs between the 4 locations and have a central FreePBX server at the HQ. I’m assuming that this needs to be setup using the routers at each of these location, currently I’m using an edge router at HQ and basic router AP combos at the other locations, however I have considered upgrading all locations to Ubiquiti USGs as these would seem to be easier to manage remotely.

I would like to ask for help for choosing the correct infrastructure and software and hardware to achieve these goals.

Please excuse me, if I made any technical mistakes or posted this in the wrong subforum. Thank you in advance for your help

The CPU resources you need depend on the the number of concurrent calls you wish to support, as well as what processing each call requires. Encryption adds little to the load. Call recording adds more; transcoding Opus takes a lot more.

Even a Raspberry Pi 3 would be adequate for a small system with 4 encrypted concurrent calls, one of which is transcoded.

Your system could run on a cloud server, or a virtual or physical machine at HQ. For the latter, you should have a static IP address, or at least one that changes very infrequently, as well as reliable power and internet.

Encryption can be handled either with a VPN, or with SIP over TLS and SRTP. Most recent IP phones support both, so you most likely won’t need to replace routers at the branch locations. Small FXO devices such as Grandstream HT813 and Polycom/Obihai OBi212 can do TLS/SRTP but not VPN. You probably don’t want to run a VPN continuously on the iPhone, because of additional battery consumption.

For more specific advice, please let us know: HQ country? Branch country? Are the POTS lines also used locally? If your calls will be mostly to mobiles, does the POTS service offer ‘free’ calling to them? How stable is the 4G connection? How much data is included? If you will be using the iPhone to receive VoIP calls, will you often be in areas where mobile data coverage may be inadequate for VoIP?

My own system is cloud based with 4 locations, two of which have FXO devices connected to pseudo-POTS (ISP-supplied VoIP), so I am aware of most of the problems.

Thank you very much for your thorough reply!

Based on the fact that even a Pi 3 would be sufficient for around 4 calls(which I see as certainly sufficient for my use case), I assume that to avoid running out and buying dedicated appliances, I can start by rebuilding some of our old mail servers from the 2007-2009 era, which were based on dual core Xeons.

My HQ already has a static IP address and if I’m not mistaken a cloud server introduces additional running costs, so if this doesn’t affect the setup process of the actual FreePBX server I would prefer to go the physical machine route(the process of installing a linux based OS on it isn’t a challenge for me)

Please correct me if I misunderstood you, so your point is that modern phones have built-in features that would allow them to tunnel to my PBX, just based on an internet connection, thus eliminating the need for a router-setup VPN for the whole network. However, you mentioned that basic ATA FXO devices(please remember that these would be at a different locations, but not the HQ) are likely to not have such capabilities, so a VPN may be beneficial after all. If this is the case, then having router-based VPNs between the locations seems like a good option.

I am not quite sure what you mean by POTS lines being used locally, however it would be better to have the ability to use the POTS line at the 2nd location by the 2nd location and the other locations.
The plans for the 4G connection as well as the POTS line are easy to change, however both include sufficient number of internet traffic(30 GB) and minutes correspondingly. I have already requested more details about the POTS lines at those locations from my colleagues, as I myself am based at HQ

As for the iPhone usage, it would be intended more for outgoing calls, rather than receiving them, so at the initial stage connecting to a VPN prior to using the softphone app seems more than acceptable to me.

Thank you again for helping me

While cloud servers are generally not free, old servers require considerable energy and are likely more costly. For example, if your old server draws 100 watts, that’s ~72 kWh per month. If electricity costs €0.15/kWh (including fees and taxes), it comes to €10.80/mo., about twice what a suitable cloud server would cost. In addition, the old server has fans and hard drives that will eventually need replacement.

If your FXO devices and smartphone apps support TLS and SRTP, there is no need for a VPN. For example, see https://www.counterpath.com/security/ .

If you connect an FXO device and an analog phone in parallel to the same POTS line, there can be various problems. If the analog phone is in use and and the PBX attempts a call on the line, the FXO will see it’s in use and reject the call. If you have a SIP trunk (or another FXO device) as backup, the PBX can use the alternate route to complete the call. However, if the PBX is using the line and the analog phone is picked up, the FXO device will drop the call and the analog user will be connected to the remote party. This could be avoided if the analog phone has a ‘line in use’ indicator and the user obeys it. On incoming, there could be issues if calls ring the local phone and are also handled by the PBX.

While you can get around the above problems by dedicating the POTS line to the PBX and provide the local user with an extension for making and receiving calls, this reduces quality and reliability. For example, an internet outage may cause an emergency call to fail.

For experimenting, you can get some really cheap cloud servers, though they are often oversold, causing occasional voice quality issues. For example, see http://www.lowendstock.com/ . Higher quality options include https://www.vultr.com/ and https://www.ramnode.com/ , as well as of course https://cloud.google.com/free/ and https://aws.amazon.com/free/, who offer 1-year free trials and low end servers at very low cost.

Unless you’re in a place where VoIP is illegal, please let us know what countries are involved, so we can intelligently compare VoIP, POTS, mobile and cloud services.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.