Installing OpenVPN on your Asterisk Server (PBX in a Flash Distribution)

For all of you that are looking to secure communications for softphones OpenSSL looks to be a good option. Right now we are in the process of testing it and ran through the OpenSSL installation. We provided a set of instructions on getting it installed on your PBX in a Flash Server. (Cent O.S 5.2)
Download openvpn
wget http://openvpn.net/release/openvpn-2.0.9.tar.gz

Download LZO and install the rpm
wget http://dag.wieers.com/rpm/packages/lzo/lzo-1.08-4.2.el5.rf.i386.rpm
rpm -ivh lzo-1.08-4.2.el5.rf.i386.rpm

You can try to build the rpm package from the tarball (but it will probably fail).
rpmbuild -tb openvpn-2.0.9.tar.gz

It will probably tell you it requires certain dependencies and will not allow you to continue. The dependencies are listed below.
– openssl
– pam
– lzo – you’ll probably have to download it
– openssl-devel
– pam-devel
– lzo-devel – you’ll probably have to download it

If you dont have openssl, openssl-devel, pam and pam-devel installed you can use yum to install them.
yum install openssl pam openssl-devel pam-devel

You can download lzo-devel and install it.
wget ftp://ftp.pbone.net/mirror/download.fedora.redhat.com/pub/fedora/epel/5/i386/lzo-devel-2.02-2.el5.1.i386.rpm
rpm -ivh lzo-devel-2.02-2.el5.1.i386.rpm

If for some reason when you try to install the lzo-devel package it complains that the dependencies are not available you can download the following

lzo2-devel
wget ftp://ftp.pbone.net/mirror/dag.wieers.com/packages/lzo2/lzo2-2.02-3.el5.rf.i386.rpm
rpm -ivh lzo2-2.02-3.el5.rf.i386.rpm

liblzo2_2
wget ftp://ftp.pbone.net/mirror/atrpms.net/el5-i386/atrpms/stable/liblzo2_2-2.03-6.el5.i386.rpm
rpm -ivh liblzo2_2-2.03-6.el5.i386.rpm

libminilzo.so.2
wget http://dl.atrpms.net/all/libminilzo2-2.03-6.el5.i386.rpm
rpm -i libminilzo2-2.03-6.el5.i386.rpm.

You can now try to install lzo-devel. It should install now with no problems.
rpm -i lzo-devel-2.02-2.el5.1.i386.rpm

After you install all of the dependencies you can try to rebuild the openvpn rpm.
rpmbuild -tb openvpn-2.0.9.tar.gz

After building it you’ll find it in the following directory
/usr/src/redhat/RPMS/i386/openvpn-2.0.9-1.i386.rpm

Now try to install it. It should run successfully.
rpm -ivh /usr/src/redhat/RPMS/i386/openvpn-2.0.9-1.i386.rpm

Thats it.

This was installed on a 32bit system so if you do install it on a 64-bit machine please make sure to download all of the correct rpms and tarballs.

Linksys RTP300 unlocked and setup with Asterisk

This information is already floating around the internet, due to the fact that there are so many curious people that got rid of vonage and wanted to use their routers for other reasons, and or with other providers.

So here’s our take on it.

We dug up an old RTP300 with the vonage firmware. As we attempted to “hack” away at the unit we found that all the username combinations we found scattered across the good ole’ internet didn’t work so we used (probably by now) the infamous cyt tool. What does the cyt tool do you ask? It simply resets the “admin” and “user” accounts with default passwords. This basically allows you to clear all of the pre-configured sip settings and upgrade to the latest firmware. It does this by creating a socket session using port 2400 to reconfigure the xml settings on the box.

So how do you get it? Well we provide it right here for you. It includes all the instructions that you’ll need to run the tool in the readme file.

[download#6#size]

Now that you have the passwords changed you can log into the http://192.168.15.1/upgrade.html interface with the new username and password combination. The username and password should be “user”. (Don’t forget you’ll have to log in to the router first with the username and password “admin”.)

Next go to Linksys website and download the firmware release 3.1.24. You’ll find that if you attempt to upgrade the router with this file you’ll run into some trouble.  No worries, there are a couple more steps before you are up and running. All you have to do is download a hex editor, open the .img file in it and make a couple of changes.

The following changes will need to be made.

On the second line the eight value or pair it will say 4d – change it to 4c. So to the far right you should see “….CYLL@0…..”

On the very last line you need to change the 5th, 6th, 7th and 8th values. Change them from 85 da 20 bb – to 3b a5 4d da. Save it and now upgrade the firmware on your router.

At this point your router should be upgraded and you should be running the latest firmware. Cool huh.

If you click on the voice link and click on the admin login you’ll see line 1, line 2, etc. All you have to do is enter the asterisk extension and password. Simply register the RTP300 like any other sip device; plugin any regular phone and your good to go.

Asterisk and Mitel 5340 myth Demystified

We have our pbx in a flash server (Asterisk) running with a bunch of softphones (because they’re free), and it works great but what is a sip based pbx if you can’t use it with a real sip based hard phone?

With that said all we had available to us were a bunch of Mitel dual mode 5340 phones sitting on our desk running the Minet protocol. We figured why not take advantage of the fact that we had some really cool sip based phones at our disposal. And that’s just what we did, we got the 5340 phone working with our asterisk server. (really cool stuff)

Now your probably wondering how we did it? Well in searching for answers across the internet we found very little information, but lucky for you we figured it out. We know knowledge transfer is one of our civic duties, so sit back and let us show you how to get your mitel phones working on your Asterisk system.

Disclaimer: Unfortunantely we were only able to test this on the Mitel 5340 model phone running firmware version R7.0.01.02.01.08 but we believe this will run for most of the newer model phones running version 7.0 and up.

Step 1.

Setup your dhcp server (we used a microsoft dhcp server but you can use whatever you like) with the following options

Typical DHCP Options

Option 003 Router – IP address of your default gateway

Option 006 DNS Servers – IP address of your dns servers

Mitel Dependent Options

Option 042 NTP Servers – ip address of your ntp servers

Option 066 Boot Server Host name – ip address of your asterisk server

Option 128 Asterisk Tftp server – ip address of your asterisk server or wherever your hosting tftp files.

Option 138 Mitel Sip ID – 200

After you’ve completed your dhcp settings its on to learning a bit about configuring the mitel 5340 phones.

For those of you that aren’t using dhcp and want to set static values for your phone all you have to do is hold down on the super key (the blue key on the Mitel 5340) while your phone is powering up. Make sure you follow the onscreen prompts and don’t forget to add your proxy (asterisk) server and the tftp server. Without these your phone will never register.

Step 2.

In order to change the Mitel 5340 to use sip you have to hold down the * 7 (that would be the star and number 7 keys at the same time) while the phone is powering on. Hold down on those two keys until the change is confirmed.

Now reboot it to confirm that it is in sip mode. You can either do this by holding down the *7 keys and wait for the message that says “already in sip mode” or wait until the phone boots and says “Starting Sip…”

Once you’ve confirmed its running in sip mode all you technically need is a user that is setup on your asterisk server. Just enter your user id when the phone prompts you to login. Here’s the not so nice part about it, because Mitel doesn’t allow you to enter the password for the extension or user that you have setup your phone will never register properly. Lucky for you there is an easy fix, all you need to do is log into the web admin interface of the phone. Type in the ip address of the phone in any standard browser and enter “admin” as the username and “5340” as the password. (This can be changed at anytime through the browser or your config file) Click on “Users and Passcodes” and change the passcode there. Now click on “Registration” and hit Re-register. You should now see your phone registered to the asterisk server and be able to make and receive calls on it.

Simple right!!

Now on to the even cooler stuff. Its up to you at this point if you want to go any further. The next section will tell you how to setup config files and firmware so you can deploy multiple phones all at the same time.

Unfortunately we cannot download firmware from Mitel’s site because we are not a partner so unless you are a Mitel partner you’ll have to use the existing firmware on your phone.

If you plan on upgrading phones and applying configurations to individual phones you’ll need to upload the firmware and create the individual config files for your phones to use.

Mitel config files are pretty cool in that they are easy to use and understand because of the xml based structure.

Step 3.

Here are the files that you will need create or just download from here:

Download “MC_(Mac_Address).cfg.zip” MN_Mac_Address.cfg_.zip – Downloaded 932 times – 508 B

Download “MN_(User).cfg.zip” MN_User.cfg_.zip – Downloaded 729 times – 494 B

Download “MN_Generic.cfg.zip” MN_Generic.cfg_.zip – Downloaded 855 times – 483 B

Complete xml config file example: 

Download “Sample_Complete_MN_Generic.cfg.zip” Sample_Complete_MN_Generic.cfg_.zip – Downloaded 875 times – 3 KB

Note: The phone will boot and look for those configuration files in that exact order.

We found that a good base to start with is configure a complete NM_Generic.cfg file that will allow to setup and configure all of the buttons, and all the necessary options to get the phone up and running. Then create a MN_<Mac Address>.cfg file for each individual phone that will contain all display name and line information.

And thats all there is to it. You should be on your way to rolling out hundreds of mitel phones on your asterisk system in no time.

1 2