default

pfSense 2.01 and sipXecs

Uncategorized
on February 5th, 2012 by - Comments Off

We find pfSense to be an excellent free firewall. We do also find with the 2.0 release that the traffic shaping capabilities are still not fixed (worked great in 1.23 though). We don’t let this dissuade us from using it as a firewall, though we now shpae bandwidth with a commercial appliance that gives us much better control and sits between the LAN port of the firewall and SWITCH transparently.

If you organization needs much more infinite control, oversight and monitoring/reporting of bandwidth, we can help!

Installing pfSense is still recommended for organizations on a budget that need to put “something” in front of sipXecs and use the sipXecs built-in remote user and/or sip trunking functions.

Remember to configure the outbound NAT and MANUAL and STATIC PORT, and this is uber important, BEFORE YOU ADD ANY NAT RULES.

If you need a rate limiting function, once you create the NAT rule, go to:

Firewall, Rules and edit the rule for the port (i.e. 5060) and click the ADVANCED button. There you will see:

Maximum new connections / per second(s).

Also, if you need something to block inbound requests from other countries,

System>Packages” click the “+” next to “pfBlocker”, install that and configure it to deny inbound traffic to all countries you don’t have remote users of traffic coming from for you network!

default

Revisiting an OLD PBX

Cloud Services sipXecs
on January 30th, 2012 by - Comments Off

OLD PBX. Actually it’s an OLD linux based SIP system. It’s fun though, read on…

I was contacted by a firm running an old sipxecs system, running version 3.10.3. They want to upgrade it and find someone they could use to make sure it works properly. It was easy-peasy.

After doing a backup and export, we put new drives in their otherwise healthy base model Dell server (the drives had been running with the system for over 3 years, so good idea to update them).

We built a new system off-site on its own subdomain and imported their data, then manually restored their voicemail (fix some permission issues) and manually move the auto attendant and music on hold greetings. We also installed a new firewall and vlan capable POE switch.

What did they get? Phone with DHCP (not static IP assignments) and sipx managing its own DHCP and DNS while their Windows server simply forwarded requests for their subdomain to sipx. At the same time, we adjusted the PC’s DHCP to point to the firewall for DNS (not the windows server). This is an ideal way to address this because now EITHER the data or the voice network can be worked on without affecting overall functionality within their organization.

New functionalities:

  • Sip Trunking – Which they are using for outbound calls at the moment.
  •  IM (which they use in office where they had no solution before)
  • IM integration for phone status of other users, oncluding call information.
  • Using a “phantom user” and “schedules” incoming calls for the office are routed to either a huntgroup or auto attendant, instead of in their POTS gateway. When they switch to incoming calls via sip trunk, their is not additional programming needed to maintain this consistency!
  • FAX, which they will be implementing in a few weeks.
  • EFK and custom ringtones for the Polycom handsets.

After the system we provided was in for a week and determined there was no cause to revert or get any data off the old system, we wiped it using the new drives and reinstalled the phone system and restored their data from our loaner.

See how they extend their capabilities in our next post by integrating IM and mobility and implement fax!

default

The price of early adoption…

Cloud Services Google
on December 24th, 2011 by - Comments Off

OK, so buying a new cell phone is going to cost me. It’s the REALLY buried charges you have to watch out for though.

On a new phone model, with a new software stack and new hardware features it can be fun or problematic.

The new Samsung Galaxy Nexus is nice, but it lacks some core documentation from both Samsung and Google. I tried to talk to verizon about it, but they really seem to treat the device like a red headed stepchild. When I went in to pick it up, it was in the back corner. No signs in the window or anything else. I went in days after they started selling the device and they thought my choice unusual saying, “we’ve only sold two of these…”, plus they had zero accessories (cases, holsters) specific to the model.

Once you encrypt the phone, the new feature to face unlock the phone disappears. No documentation tells you this directly and we had to contact Google Enterprise support to confirm it. We also suggested they update their documentation (silence from them).

***

Device: Samsung Galaxy Nexus

Carrier: Verizon
Country / Language: USA/English
OS / Browser / build number (if applicable): n/a (stock image)

If I make a call that requires me to use the keypad, I get the following behavior when I talk: The screen “blanks” (proximity sensor turns screen off). If I look in the mirror I can see the screen is not turning on, but it “dials” digits randomly.
When I give the phone to my daughter it doesn’t do that.  So here is the thing, I called Verizon and opened a case with them, because it’s really unuseable if i call somewhere that needs me to use the keypad during the call (all workdays are like that), and since I have encrypted the phone locking the screen makes it cumbersome to lock it and unlock it during the call (some systems give you xx seconds to do an input, like frackin’ tech support calls).
The difference between me and my daughter? I have a beard. Jokingly Verizon suggested I shave it.
Now here is the joke where the iSheep get to laugh… analogous to holding the phone the wrong way with the iphone 4on at&t and the whole wireless reception problem.
i don’t think there’s an answer to this short of a fix, but it has to start somewhere.  This is why people do funny things when they want something. I won’t shave my face for a phone, so back it goes. Chalk it up to a failure to properly test before shipping.

 

© blog.myitdepartment.net
CyberChimps

Switch to our mobile site