Cisco Unified CM 6.1 to Asterisk as SIP Proxy to Bandwidth.com

One of the systems I manage is an 875 Extension Cisco Unified Call Manager(UCM). At the moment the system uses SCAN trunks for long distance calling. These SCAN Trunks are provided by the state of Washington and interconnect via a four port FXO card. Callers use a PIN to make long distance calls. This is some seriously old school technology and as such has sound quality to match.

So, armed with a four port SIP trunk account from Bandwidth.com, I set forth to make a SIP trunk from the UCM to Bandwidth.com. Long story short... it does not look like I can. I can set things up that should work, but don't. There is an active TAC open with Cisco and when(if) we make it work then I'll be back in a new blog entry.

Instead, we have "Cisco Unified CM 6.1 to Asterisk as SIP Proxy for Long Distance service."

What is difficult to impossible with UCM is trivial in Asterisk w/FreePBX.

For Bandwidth.com I made a new SIP Trunk with the name of "freepbx" and here are the PEER Details:

username=myusername
type=peer
sendrpid=yes
secret=mypassword
qualify=yes
insecure=very
host=trunk.freepbx.com
fromdomain=trunk.freepbx.com
context=from-trunk

The Register name was formated like this:

myusername:mypassword@trunk.freepbx.com/360746XXXX

-------

For the UCM, I made a SIP Trunk named "ucm" and here are the PEER Details:

type=peer
context=from-callmanager
host=10.XXX.XXX.XXX
disallow=all
allow=ulaw&alaw
nat=no
canreinvite=no
qualify=yes

and in extensions_custom.conf I added ( to have these calls bypass most of the dialplan logic ):

[from-callmanager]
include => from-internal
exten => _1NXXNXXXXXX,1,Dial(${OUT_12}/${EXTEN});
exten => _1NXXNXXXXXX,n,hangup

NOTE: the the "OUT_12" reflects the "freepbx" trunk and the last thing to do is allow anonymous SIP as the calls are routed w/o authentication from the UCM ( for now.)



-------

Now on to UCM.



Since we are using no authentication to send calls from UCM to Asterisk this part is somewhat straight forward. First step is to define a "SIP Trunk Security Profile Configuration" making sure the "Outgoing Transport Type" is UDP, which looks like:

From CallManagerToSIP

Then we create the SIP Trunk, noting that the "Calling Search Space" in this case is "Reserved Incoming Calls" which basically does not allow inbound calls to go anywhere:

From CallManagerToSIP

The last three items to set up are the "Route Group, Route List and Route Pattern."

Here is the Route Group:

From CallManagerToSIP

Here is the Route List:

From CallManagerToSIP

And since we need a way to direct calls out this SIP Trunk to make long distance calls, here is the Route Pattern so users dial "891NXXXXXXXXX" to dial out:


Bare in mind, I only want calls going out this trunk ( not in) so if you wanted bi directional calls... You would adjust the "Calling Search Space" in the trunk to allow it.

Otherwise, that is the setup that is live for now. Once an Authenticated SIP Trunk can be sorted out on the UCM, I plan to go directly to Bandwidth.com and skip the proxy.

April 2009 Open Telephony Training Seminar Recap

First of all I want to apologize for the formatting of the three previous posts. I am fussing around with a new editor and I am unable to wrangle it without mangling the layout. I guess I should re-label my blog as "beta." 

Now that I have a chance to rest and reflect, I feel pretty good about how the Open Telephony Training Seminar went. It was my first time at the helm and I think it is safe to call the event a success. I'll be preparing a Google app survey a bit later today, so it will be interesting to see what people have to say in writing. To be sure, I received excellent advise from Philippe Lindheimer and Tony Lewis which made the task a bit easier.

The big take away for all of us(trainers/learners) is that a tranquil setting enhances training and is less fatiguing for the duration. It is a credit to the proprietors of the Willows Inn and by extension the Bed & Breakfast as a conference center.  

At the end of the day, the only mishap was one person got the wrong lunch. Other than that, the lodging, catering, furnishings, electricity, network, lab equipment, phones, projector and laptops all worked without fail for the duration.

You don't get to say that every day.

Open Telephony Training Seminar Day 3

Day three of the Open Telephony Training Seminar and a shot of me doing some instruction.



Of' course I have to slip in a view of the Chocolate Pate we had as dessert last night. The main course was fresh halibut and it was absolutely delicious. It would appear that our learners got quite a bit out of the instruction and doing this kind of training in this environment was of a real and tangible benefit.

One of the comments was about how quickly the days seemed to go by. I too felt that way and was a bit surprised. No matter how interesting a subject may be... At the end of the day the minutes drag on. That just didn't happen.




The breakfast the last morning of the show.... I think the quality and quantity of the meals had a bit to do with how well the training days flowed. We may be on to something here.

I would like to thanks the attendees for uh... Attending. Also, a big thanks to Judy, Riley and the whole Willows Inn staff for rolling out the red carpet for us.


Further, I want to thank the founders of the Open Telephony Training Seminar - Tony Lewis, Ethan Schroeder and Philippe Lindheimer for allowing me to organize a west coast venue.


Thanks also to Digium and Aastra for providing some very nice swag for attendees. Each attendee went home with of the just release 6730i's and a TE122 Series card. A few went home with Willows Inn Robes too.


In closing, a huge extra thanks to Philippe for co teaching the course and otherwise being a great friend.

Open Telephony Training Seminar continued...

One the eve of Day One when we met for evening Cocktails, we had a nice treat waiting for us. Spot Shrimp season has just started for the Lummi Nation fishermen. Riley Starks, one of the owners at the Willows Inn, being the ever vigilant proprietor secured an amount of these "1st of the Season" treats for our enjoyment.

I forgot to get a picture of the smoked salmon we had just before the Shrimp came out.

Here you can see Riley demonstrating the method of consumption.

Since I live out here, I took a step back and let our guests dive in. I did have a couple as they wound down a bit.

In general, I'd have to say that it is working out as planned. While it was a bit farther for students to travel, the location is perfect for small classes.






We are now into Day Two and everyone seems to be absorbing the material well.


For lunches, we go downstairs and enjoy some nicely prepared meals in the Tap Root Cafe. Which, because of the quality, happens to be one of my favorite spots for lunch. Below is Philippe digging back in.

The Open Telephony Training Seminar starts today

Even in this economy we managed to attract enough students to hold this months OTTS. So, we are off to a really good start. One of the bigger issues we are having is the view.....

Yes, it is a small class, but that was the intention of this "Special Venue" edition of OTTS. We have a good mix of students and they appear to be very studious. I'll have to get some photos of the meals we are being served. Here you can see Philippe Lindheimer doing his instructor bit...


Here is another view of the classroom. I want to send out a special thanks to the Willows Inn for the tremendous hospitallity they are demonstrating.


Check back as I chronicle the rest of the show...

WarVOX, friend and foe alike.

Naturally, as more Voice over Internet Protocol systems and devices are placed somewhere in the vicinity of well... the Internet, more interesting things are likely to occur. A look through your firewall logs has been a semi frightening activity for some years now. In the world of Asterisk based VoIP and you had better be watching not only your firewall logs, but your Asterisk, Apache, MySQL logs and your CDR for added measure. Fortunately, we have tools such as OSSEC, fail2ban and Ethan Schroeder's excellent Abnormal Call Volume script ( see repost at end of article) to help us out.

While I routinely use Nessus to scan for vulnerabilities, I am always on the look out for new tools to test systems with and one of the new kids on the block is WarVOX. At the end of the day, WarVOX is an automated dialer, with roots to the old school autodialers of yore. Telephony hacking has been around for a long time and WarVOX is a another tool to assist you in auditing your DID's. On the other hand, you can also view WarVOX as something the dark side is going to be using (in force ) to map out things to exploit in some fashion. What do you think? "Would you like to play a game?"

While there has been some blogoshpere coverage, I hadn't seen much around building and using WarVOX, so using a nice hosted instance of Ubuntu 8.10, I used the following commands to make ready and install ( recreated the order from the log after a dependency battle):

sudo apt-get install libstdc++6
sudo apt-get install gcc-4.3-base
sudo apt-get install ruby1.8-dev
sudo apt-get install libopenssl-ruby1.8
sudo apt-get install build-essential libiaxclient-dev sox lame ruby rake rubygems libsqlite3-ruby gnuplot

gem install mongrel

Then...

wget http://warvox.org/releases/warvox-1.0.0.tar.gz
tar -xzvf warvox-1.0.0.tar.gz
cd warvox-1.0.0
make

Change the username and password in /warvox-1.0.0/etc/warvox.conf and if all goes well you can launch it with:

/bin/warvox.rb --address yourIPaddress --port 7777

Once it is running open a web browser and go to that address with port 7777 and after login you will be greated by the home page of your new WarVOX:

















Now, you have to set up a few providers, at warvox.org they suggest the following:

• CallWithUs
• Vitelity
• Teliax
• TelaSIP

When thinking war dialers, you usually were limited by the number of simultanious conntections to the PSTN you could make. WarVOX uses IAX providers which eliminates the need for PSTN connectivity and, if you have enough bandwitdh and multiple accounts, you can really speed up testing large blocks of DID's.

In testing you need to be mindful of the target. 555-XXXX will dial 10,000 numbers, where 555-555X will dial only 10.

The number of seconds is set at 53 seconds as a default. The concept there is that providers don't charge for calls that are not answered. In testing I found that many calls did go to voicemail and therefore constitute an answered call or more to the point - a chargeable call. Two cents each on Teliax. It is advisable to test this out and check you providers call records to find a number of seconds that works more to your favor, but still gets the job done. Of'course if you use multiple providers, this becomes a much trickier balance.

The maximum number of outgoing lines is considered to be limited by bandwitdh-->provider(s)-->trunks. I would imagine that horsepower of the box would play a part here, but that in most cases the number of trunks one can afford would bottom out before the CPU does.

The source Caller ID is probably another place to be mindful. Not all providers are going to allow spoofing a Caller ID. On the ones that do, you can use an area code and prefix that makes them standout in the CDR if you like. I use one of my own DID's as I only test systems I am responsible for. ***Note: Just as with any other "whitehat" style of system probing, prodding and cataloging - you might consider having some form of written permission to perform such tests on systems you do not own.

Once you hit the create button the job starts...
The page will refresh occationally until the job is finished and once the yellow bar goes away you can then check the results.
The next course of action is to click on the Analyze Calls which results (after several seconds) in this display.
The Analysis of Job ID 14 contains some interesting data including an audio files to listen to. At the moment, my test system is only maintaining one recording per job. If I scan a range, the only thing that plays back is the first thing recorded. The others appear to have been recorded in the log, so maybe I can sort that out. I did contact the developers and am hoping for a bug fix soon.

In larger scans, I was able to identify FAX and Voice lines and some curious time outs. Which was useful because a manual followup call to those timed out DID's showed I had a few, out of a block of 850, that were not functioning properly.

In conclusion, WarVOX is shaping up to be a very powerful tool and something that we should be on the lookout for in our CDR's. One thing I noticed is that while Caller ID is randomized, it seems to use just one ID per job. So, if you see a succession of calls through you DID's from one number... WarVOX maybe the culprit.

This topic, along with some of the other security topics mentioned will be covered during the next Open Telephony Training Seminar, April 21st~23rd in Seattle,Wa. This particular event, with lodging and gourmet meals included, is being held at a special venue called The Willows Inn and we will have the place to ourselves. This is a good event to bring a spouse. They can relax while you learn. Do consider joing us.

Contact me via email - rkeller at legoebayuc.com - for special discounts to the April 2009 Open Telephony Training Seminar.


(Reprinted of Ethan Schroeder's excellent script)
Well, since this thread got deleted and it contained really good information and was linked from my blog, I thought I would re-post it.
This is in reference to the following news story: http://www.news.com.au/technology/story/0,28348,24939188-5014239,...
As a result of this article, I wrote a script that runs once a day and sends email alerts if call volume increases in any of the following 4 areas:
1.) Total outbound calls in the last 24 hours is higher than the threshold % versus average outbound calls per week day over the last 30 days
2.) Total international outbound calls in the last 24 hours is higher than the threshold % versus average outbound international calls per week day over the last 30 days
3.) Total outbound call duration over the last 24 hours is higher than the threshold % versus average daily outbound call duration per week day over the last 30 days
4.) Total international outbound call duration over the last 24 hours is higher than the threshold % versus average daily outbound international call duration per week day over the last 30 days
To download and install:

wget http://public.schmoozecom.com/Abnorm...0-1.noarch.rpm rpm -Uvh AbnormalCallVolume-1.0-1.noarch.rpm service crond restart nano /usr/local/sbin/abnormal.php

Once editing the abnormal.php file, change the email address and if you would like daily reports regardless if thresholds were met, change $daily_report = false; to $daily_report = true; If you only want to receive reports if thresholds were reached, leave this as false. You can also change the threshold percentages if you so choose. By default an email alert gets triggered if any of the four areas described above increase by 20% or more in a day

Skype for Asterisk, Google Voice, OTTS, FreePBX and Digium

Gabcast! The VoIP Experience #71 - Skype for Asterisk, Google Voice, OTTS, FreePBX and Digium

Skype for Asterisk
Currently at version 0.94 and climbing. Works, while there is a lot of added functionality that Skype provides ( Chat, sms, etc...) The focus is making the telephony end perfect 1st, then address other functionality.

Google Voice
I did gave a Grand Central account and did not really find it all that useful. I did get spim on the DID... Now that I have converted GC to GV I am pleased so far. I set up some new phones for the DID to ring when called and that all seemed to work fine.I really like the Call and SMS Functionality. I can text, but I think it looks silly so I avoid it. Now, I can SMS with my normal tools. Below is a few screen shots of the Call and SMS functions.















The voice recognition of voicemail was also interesting, if not entirely accurate. It will be fun trying the transcription service out. For me it did not like my annunciation of 11 and thirty. The transition from speakerphone to handset was a bit rough too. But, I expected much worse and I expect it to improve over time.


OTTS

April 21st ~ 23rd , 2009. 1st time in the Pacific Northwest for the Open Telephony Training Seminar. Philippe and I are co teaching and the Willows Inn is a very special venue with meals and lodging included. There are a few new bonus items that come along with the major bonus of the training itself. Upon arrival you will be greeted with a choice of a) one Willows Inn Robe -or- b) a wine flight with both dinners -or- c) a one hour massage at the spa. Complements of FreePBX.org

This is the time the classes start to fill up and there are very reasonable arrangements for spouses to come along and enjoy the meals. Please do join us.

FreePBX
It feels like FreePBX 2.6 is warming up in the ball pen. One of the interesting new features in the ability to choose the module respositories. Standard or Extended. Some examples of an Extended module would be Bulk Extensions or Set Caller ID, etc... I will be reporting back on developments as they occur.

Digium
Digium really seems to be a community player to me. Because of the relationship that Tony, Ethan and Philippe have deveoloped with Digium, I have seen them participate and sponsor the Open Telephony Training Seminars, including providing training space in their Hunstville HQ. The SFA beta program is the 1st "sorta" inside experience I personally have had working with Digium and I have found the whole group to be very personal and I am having a good time with that too. Well, I haven't been to Digium HQ... yet.