We have a number of clients that we’ve deployed FreePBX for (say 30-40), and our firm also uses FreePBX for our own internal phone calls. Is there a way to make a web-based phone call from FreePBX-A directly over to FreePBX-B without traversing a SIP trunk or PSTN?
What I’m ultimately hoping to achieve is to program our client’s PBXs so that anyone who presses “00” on their phone system, will directly dial our HelpDesk (Ring Group 300 in our PBX). I should be able to place a call to [email protected], no?
I’m hoping to avoid programming direct IAX trunks - that sounds like the wrong tool for the job, right?
The only way to do that without creating a direct sip or iax connection between the PBXs would be to setup sip uri calls. My guess it that it will be quicker and easier to go the way of the direct connection.
Is it a process to setup SIP URI calling? Is there a tutorial out there that you know of that explains how to set this up? I’d ultimately like to setup a specific SIP URI destination in our client PBXs and allow incoming SIP URI calls in our PBX?
So a SIP URI is easy enough to set up on the sending PBX, but the receiving PBX needs to be able to distinguish the incoming INVITE from all of the spurious internet SIP traffic that it’s hard at work keeping out. This is done by setting up a SIP trunk, the thing you are trying to avoid. There is nothing special about a trunk, in it’s most basic form it’s identifying a peer to Asterisk saying “calls from this IP are trusted and go to xxx context”. That’s what you need on the receiving PBX.
I don’t mind setting up a single SIP trunk on the receiving side. What I really want to avoid is setting up DEDICATED IAX trunks for each client PBX that may call into our PBX. The only tutorials I’ve read describe how to configure a trunk directly between two PBXs. This would be a nightmare if I had to manually setup a trunk between us and each of our 40 clients.
But a single trunk for all URI traffic would be fine for me. Couldn’t I program a Shared Secret that our client PBXs would need to allow a call into our PBX?
I don’t know about your definition of “manual”, but Trunks are the way to go and setting them up manually is the right way.
Now, if you have nothing but dedicated IP addresses, you can set up a single PJ-SIP trunk that accepts traffic from all of your “client” PBXes and controls their access by their destination IP address. Your client machines will also need to set up trunks to your central system, so this is going to be a pain no matter how you do it.
Rest assured though, that setting up SIP URI for all of your systems will be an even more enormous pain.
As @lgaetz already pointed out, each Asterisk system needs to allow the other side to send it calls and accept them. This means a peer (chan_sip) or an endpoint (pjsip) needs to be involved. You cannot get around this without opening your PBX to accept requests from anywhere.
It doesn’t matter how the Dial() is done the end result is always sip:user@domain:port ← That is a SIP URI. All calls leave the PBX in a full SIP URI format. Just like all requests from your IP phone leave the phone in a full SIP URI format.
The only thing SIP URI Dialing does on the phone is lets you enter a full SIP URI vs the phone using what is in the host/proxy settings.
@BlazeStudios, I realize that all calls leaving the PBX are in a full SIP URI format, but up until now all calls (on PBXs we’ve setup) are required to traverse a PSTN trunk. What I’m trying to achieve is to allow our client’s to call us directly without having to tie up a PSTN trunk.
Let me illustrate the challenge with a bit more detail:
We are a decent sized MSP/IT consulting firm. We have several hundred client organizations that we manage, of which we have about 50 clients that we provide high-level HelpDesk services for - meaning the employees at these organizations will pickup the phone and call us at any time, for any reason. About 30/40 of those HelpDesk clients have FreePBX deployments that we manage. So at any time our PBX could be handling calls to several of these 30/40 HelpDesk clients at once, and occupying space on our PSTN trunks (for which there is a limited capacity and we pay per minute for additional connections above our “limit”). My thinking is that we can minimize our PSTN trunk costs by giving these HelpDesk clients’ PBX’s a “direct connection” to our phone system without having to go out on the PSTN and come back in on the PSTN, effectively saving 2 PSTN trunk channels.
The goal is for our clients to dial “00” for the IT HelpDesk and they would automatically be put into a priority queue on our end that gets them to the department they are looking for fast and efficiently - without tying up 2 PSTN channels.
That’s the end goal. How it get’s done is what I’m trying to figure out. Setting up a trunk in our PBX with a shared secret, etc isn’t a problem. What I’m trying to avoid is setting up a dedicated PBX <–> PBX trunk in our system solely for the use of each of our clients (30/40 dedicated trunks). Right?
PBX A wants to call PBX B and vice versa, they need trunks on each of them for the other. You have 40 PBXes you want to do this to and have all 40 call each other directly, you need to peer them all together.
As pointed out, PJSIP will let you match against multiple IPs/subnets on one trunk. So you need at least one trunk per PBX that has all the IPs/subnets it should accept calls for. Then you can Dial() in full SIP URI format so you don’t have to create 40 outbound endpoints. It just means you either have 40 Dial() lines or you are storing those 40 URIs in someplace like AstDB.
No, that’s my point. They don’t all need to call each other. It’s a one-way hub-and-spoke. They all need to be able to call us ONLY. We don’t even need to call them. If we need to call them we can place an outbound call on the PSTN, that happens RARELY. We receive inbound calls constantly. I just want client PBXs to be able to call into our PBX directly.
If the help-desk is in one location, you dont need a mesh of trunks , you need one trunk at the help desk location, all the other pbx’s need a trunk to that central location.they could be identically provisioned.
My thoughts exactly…
But how do we do this? This level of programming is beyond my ability. Is there a tutorial out there that describes how to set this sort of thing up?
The proper way to do this is by creating a peer for each IP from which you need to receive an INVITE.
I can think of another way to do this, but I’m reluctant to put it in writing due to the security implications. You could enable “Allow SIP Guests” (but not “Allow Anonymous Inbound SIP Calls”) in Asterisk SIP settings, and set the guest context to custom dialplan you control. Then create the dialplan to look for SIP invites to a random string that is highly unlikely to be guessable like lFuAs9HhgHeY8tq2. Send all other calls to hangup. You would not want to do this using normal SIP ports because spurious invites will no longer trigger any bans, but using a high random SIP port would probably be safe. Then SIP calls to lFuAs9HhgHeY8tq2@ipaddress:highrandomport can be sent to an inbound route.
Let someone else have the security headache. Get a trunk from e.g. Callcentric. Your account number is of the form 1777XXXXXXX. You register to them and anyone can call you with a SIP URI of [email protected] . If you use it for just that, there would be no cost, though you would probably fund the account for use as a backup trunk. On the client systems, define 00 as a Custom Extension with Dial string of SIP/[email protected]
Use the PSTN. Set up a Flowroute trunk on each client system, as first priority for toll-free outgoing. Such calls are rated at zero and if your clients have significant traffic to toll-free it will give them some extra capacity (unrelated to using it for HelpDesk calls). Again, this could be no cost, though you would probably fund the account for general backup use. At your end, get a toll-free number. For this application, you could use a cheap one such as AlcazarNetworks ($2/mo. + $0.0125/min.) Don’t grumble about the 1 1/4 cents per minute; my guess is that the people on each end have a burdened cost 100 times that, so you’re talking ~0.5% overhead. And if the trunk fails, route advance to send the call the old way.
Neither of the above have any channel limitations at your traffic level.
I deliberately discounted that method because I’m not sure what the line length limitations are for the conf file. A sting of dozens of IP addresses may be a problem.
Wrong! IAX Trunks are perfect FOR this situation. They allow you to directly connect the two FreePBX systems together and route calls from one PBX to another, usually without forwaring any ports on your router and thus avoiding creating unnecessary security risks to your system. SIP URI dialing, on the other hand, will generally require you to open ports, especially if your clients have dynamic IP addresses.
I wrote a whole guide on how to do this. You can find it here:
I’m also not entirely clear why you don’t want to use the PSTN for your situation. If you’ve got 40 potential clients who want to call you, that’s what PSTN is for. Just set-up a dedicated phone number for them to call the help desk, and give it a shortcut on their system so that they dial 00, it gets converted into the helpdesk phone number and routed over the PSTN.
