FreePBX_Distro latest version
Asterisk 11
Am I correct in understanding that if I have one SIP provider with multiple DID’s on the same account, as long as I leave the “DID” and “CID” fields empty on the FreePBX inbound route config, it will allow all those DID’s in?
is there any security issue with this?
Do I only need mulitple inbound routes if I need to route DID “A” to IVR “Z” and DID “B” to callgroup “X” etc?
thanks!
lol, the sum total of your advice in this thread adds up to “RTFM” and insults and you actually feel superior about yourself for that. SMH… That’s sad man… really.
do us both a favor and don’t waste your clearly superior intellect on my posts anymore. Thanks.
You should read the wiki carefully, you will need to define the destenation of each of your accepted DID’s, or “how will it know?”
No, I understand that if I want different DID’s to go to different destination that I need different inbound routes defined.
My current situation is that I’m converting from an analog provider with 4 numbers in a hunt group to SIP.
Now I technically only need the lead number but the client want’s all 4 ported over “just in case”
So my understanding is that if I leave the DID/CID empty on the one inbound route defined, calls made to any of those DID’s will go to that route’s destination.
Correct?
So, you didn’t read the wiki yet? It’s all in there.
I think you’re wise to port all 4 numbers over. Since they’re analog, when a person made an outgoing call, it could go out on any of those trunks, and the person called would get the CID of that line.
Anyway, most systems, have a catchall route as you describe, you just need to make sure it is the last inbound route.
I agree with dicko, though, make sure you have you examine the wiki. What you’re asking is one of the most basic things you have to do in an asterisk/FreePBX installation. By not being familiar with the wiki and/or other relevant documentation, you’re going to be quickly frustrated when someone asks “Can we do this or do that with this new fancy dancy phone system.” Or worse yet, you’ll not know and not be able to be the hero!
BF
I have read the wiki…
It doesn’t answer the question about a blank DID field in the inbound route. At least no clearly to me.
It’s clear that if you want DID A to do X you need to specify that with an inbound route. What it doesn’t specify is if you have mulitple DID’s and only one inbound route, is that proper, kinda ok, really bad etc.
The closest thing I saw as the DeadRestricted section but still that doesn’t specify if my scenario.
I agree about porting all the rollover numbers as once in a blue moon someone always uses your caller ID to return a call (especially with a cell phone) instead of your “official” number. And honestly it’s no real big deal $ wise to do it.
What I’m asking for here is a best practices advice. I have RTFM… a lot of them. Still theory and wiki information are one thing, actually dealing with it in real life is another…
I must be very dumb, because I thought I answered the question:
“…most systems, have a catchall route as you describe…”
Really don’t know what answer you want.
Yep, someones dumb around here I don’[t think it’s you though Bill 
Dicko, I now completely understand where you got your screen name… Seriously… be a little more of a dick why don’t you?
Bill,
I’m sorry, you are correct, I was reading and responding via my phone and I missed that one sentence in the larger context of your response. Sorry I didn’t catch it. Now that you point it out, yeah, my bad. So thank you for graciously pointing that out.
Back to Dicko… Your a big fish in a little pond… and an insecure one at that… sad really because someone with your knowledge on this subject could really be an asset to people. Too bad your insecurities get in the way.
If you find my questions beneath you, simply don’t answer them. No need to be an asshole.
You hurt my feelings 
but all my systems work and I was only trying to help you learn to read and comprehend so yours can too, I’m so sorry I upset you.
Ashcortech - Actually Dicko didn’t give you some salient advice, in post #2.
Since this is becoming a bitch fest, you know what I can’t stand? Lazy, entitled users that won’t bother to read the documentations that 100’s if not 1000’s of hours have been spent on to make this package easier to manage.
10 years ago when I started with Asterisk and AMPortal (wasn’t FreePBX then) we had to install Linux, Asterisk, then AMPortal. Information was scarce, it was all trial and error. We pushed through and realized the power and potential.
Today you can slip an ISO in and the install is completed for you. Very little has to be done in the command line. Commercial applications that used to be only available with a very expensive closed source PBX are now available for purchase “ala carte” from the app store. Literally Schmooze risked a major revenue stream to add more value to a free project.
Yet, it’s never enough. Ungrateful, entitled, intellectually lazy users post before they have spent any time asking for fixes and providing little in the way of supporting documentation. Users install distro’s from other sources then expect us to support them because they include FreePBX. Even more galling is people with o knowledge of telephony put this system in their business, won’t purchase support and demand "step by step instructions. So called IT guys come in here and ask for solutions and charge their customers for them, expect us to support them yet won’t even purchase Sysadmin Pro for their installs. Nes flash if your post starts with “I have a customer” I usually move on. Tony produces video’s out of his own pocket, they barely get watched. I could go on and on. So any resources today to tap.
This is the world we live in. To the bright, curious individuals that take the time to learn the software and exploit the unlimited capabilities, my hat’s off to you. To the rest of you, I will point you in the right direction but don’t exactly expect a rousing response to your laziness.
So where to start:
1 - Any introduction to IP Voice, know how SIP, RTCP and RTP work together to complete calls.
2 - Learn basic linux, how to navigate, move files, check permissions
3 - Learn networking. Do you know what a subnet mask is or is it just numbers? What is a gateway? When do you use static routes? What layer is a MAC address? What layer is an IP address? What layer do VLAN’s work at? What is 802.1q tagging? What are RFC 1918 addresses? What does NAT do? Why is SIP so pesky (hint, address and session data is sent in the SIP message)?
4 - Understand what Asterisk’s role is. Read the most recent official Asterisk book from O’Reilly. Look at all the sample configs from Digium for the version Asterisk you are running. Realize these aren’t specific for FreePBX so you have to relate the information to your FreePBX experience. Mostly context information.
5 - Lastly check out the wiki Entries on every module, a getting started guide and lot’s of application tips
6 - Load up a softphone on your portable device and computer. Learn the call flows and what they do
7 - But supported phones that many people use. Just because you got a SIPMASTER 5000 on Flea Bay does not mean it was a good deal.
Remember there are going to be lots of setbacks. Install in a VM so you can start again easily. I use KVM on top of CentOS.
Remember people this is supposed to be fun. If you need someone invested in the outcome you really need to hire them. Make sure you have a written statement of work. If the consultant you are considering can’t write a SOW run, don’t walk away.
Scott aka “Skyking” - Tirelessly supporting Open Source Telephony since 2002 when I used Asterisk as a feature server for an IMS proof of concept at Motorola (my previous Gig before plunging full time into my ISP).
I am off my soap box and turning from tech expert to sound guy. The bands playing tonight!
Well said Scott, as is said “You can lead a horse to water . . .” what happens then is up to the quality of equine of which we speak
SkykingOH,
I agree with you 100%. I didn’t take issue to Dicko’s original response, as useless as it was to my actual query. I took exception to his, not only useless but insulting subsequent responses.
I understand your frustration but I wasn’t looking for any hand holding or step by step instruction. I was asking if something was proper the way I had it set up and WORKING and what, if any security issues there may be. These are questions that go beyond the wiki.
Just so you know, while I’m relatively new to Asterisk and FreePBX, I’m not a lazy user by any stretch. I’ve only been working with these systems for about 6 months. The first 3 of which were spent building and breaking, building and breaking and rebuilding. The first systems I built were from scratch with different versions of linux, originally OpenSUSE. I tried several canned versions and eventually came to FreePBX_Distro which I’ve personally found to be the best most mature one.
I have read asterisk books. They get way down into the weeds of the dialplan and I’m still wrapping my head around that but it takes time.
Dicko’s responses were insulting, unhelpful and completely unnecessary.
I have several systems, all working fine. Working with them often leads to questions that I’d like to explore in order to gain a deeper understanding. These aren’t questions that warrant nor require the waste of resources on paid support for.
My question was beyond that which I found the wiki answered. The forum is the place to go to discuss issues and get help with a deeper understanding of the subject.
Nobody is forcing anyone here to answer anybody’s post, therefore a lecture (as good as the advice may be in general) is wholly unnecessary.
offline someone else from this forum did answer may question in a proper way, they took the time to understand my actual question instead of just jumping on RTFM and saw my concern was more about the security and unintended consequences of a “catchall” inbound route than how to set up an inbound route.
As a very experience IT tech in many disciplines, I completely understand your frustration with people looking for handouts. I’ve mentored many people in my career and have weeded out many more by answering their question with guiding questions which got rid of the lazy people. RTFM isn’t a guided question.
What I’ve never done is insult someone for asking a question or not understanding an answer that was given.
I posted my question under “FreePBX - GENERAL HELP” section. Was that somehow improper? Perhaps the name of the forum section should be changed?
Bottom line, be frustrated with “dumb users” if you want and simply don’t bother replying to them if you feel their effort or understanding is beneath you.
Insulting someone for asking a question is completely inappropriate in any forum situation.
I hope your gig went well.
Yes, and my comments were not directed at you. Sometimes I just like to hear myself talk.
WRT Dicko. Have you ever been to Durgin Park (a restaurant) in Boston? Now it is a schtick but in the day (80’s)the waitress’s were off the hook rude. You would ask for Ketchup and you would get “You lazy f***, get your own ketchup you fat f***” anyway look it up and you will see what I am talking about. However they always took good care of you.
Right or wrong, his British, G* Fc Yourself comes through in every post. It’s like Durgin Park.
Gig was good, busy, thanks for asking.
Understood and thanks.
Never been there but back in the day (way back) I used to go to the meat packing district in NYC to the original “hogs and Heffers” bar when it was a true dive (before it became a tourist trap). I believe this was the bar that inspired the movie “Coyote Ugly.”
It was the same thing there, the bartenders were all smoking hot biker chics and over the top rude was an understatement. So I think I know what you mean about Durgin Park.
Busy is good, Glad your gig went well!
Back to the original point of my post (which looking back, yes could have been worded better), I’ve been able to find plenty of security info on trunks and outbound routes but very little (nothing actually) in regards to the possible security risk of a catchall inbound route as opposed to having specific inbound routes per DID.
Do you know of any sources for this information or if, in your opinion, it’s even a concern worth pursuing (from a security standpoint)?
Thanks Again.
There is no risk because you would have to have a peer to get the call to the trunk.
Make sure that you have “anonymous SIP” turned off in SIP settings. Even that is not really a direct security issue but it is annoying because as your system is probed your phones will ring.
Thanks, that’s kinda what I had thought was the case but wanted to be sure, as I had heard advice to the contrary but seen no real data explaining any specific security concerns.
BTW, during my research I came across an review of this device that looked interesting from a voip security standpoint:
http://www.pikatechnologies.com/english/View.asp?x=1294
200bps in the UK which seemed a bit steep but if you have to have your system open to making international calling it would be worth it if it stops one weekend’s worth of fraudulent calls. Couldn’t find pricing here in the US. I know many SIP providers place daily monetary limits on international calls these days so it may be a bit late to the game.
Holy smokes batman, not multiple LED’s sign me up
Could be snake oil. It has no UI, no reports etc. I’ll hang on to the IDS for now if you don’t mind.
Actually there is reporting, if you connect up a USB flash drive it will write logs and config files you can edit although the config options are limited.