Bill Mongan

Bill Mongan

Professor, Author, Machine Learning Researcher, Educational Consultant, and Scholar of Teaching and Learning; Host: digitalsignature.fm

Setting Up FreePBX on a Raspberry Pi with AREDN MeshPhone and 44net Integration

4 minute read

Published:

This guide will walk you through setting up FreePBX on a Raspberry Pi, trunking it with MeshPhone over an AREDN network, and optionally making it accessible via a 44net allocation.

Prerequisites

  • A Raspberry Pi with a supported operating system.
  • An AREDN node with MeshPhone support.
  • A 44net allocation (optional).

Step 1: Install FreePBX

Follow the detailed installation guide for FreePBX on a Raspberry Pi available at: DSLReports FreePBX Installation Guide

I installed FreePBX version 17.0.19.17 with Asterisk 21.5.0.

Step 2: Configure FreePBX

Use the configuration instructions provided on this mesh page (AREDN mesh connection required to view): MeshPhone FreePBX Configuration

Configuration Steps

  1. Create an Extension:
    • Note the secret, which will be provisioned on your phone.
    • Configure your phone with the server IP and port (default: 5060).
  2. Firewall Configuration: If using 44net, set up your router and FreePBX node firewall.

Step 3: Router and Firewall Configuration

On the 44net Router:

If your AREDN router is behind a 44net router, forward traffic for SIP (port 5060) as follows:

/ip firewall filter add chain=input protocol=tcp port=5060 src-address=<your 44net cloud IP> action=accept comment="Allow TCP 5060 from specific IP"
/ip firewall filter add chain=input protocol=udp port=5060 src-address=<your 44net cloud IP> action=accept comment="Allow UDP 5060 from specific IP"

Move these rules above any default drop rules in WebFig.

On the AREDN Node:

Forward port 5060 (TCP/UDP) to the FreePBX server.

On the FreePBX Node:

If using 44net, add your allocation to SIP Settings as a local network:

  • Under SIP Settings: Add your 44net allocation.

Add firewall rules via SSH to allow traffic:

sudo iptables -A INPUT -p udp --dport 5060 -s <your AMPR 44net allocation>/<subnet> -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 5060 -s <your AMPR 44net allocation>/<subnet> -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 5060 -s <your 44net cloud IP>/32 -j ACCEPT
sudo iptables -A INPUT -p udp --dport 5060 -s <your 44net cloud IP>/32 -j ACCEPT

Make these rules persistent:

sudo iptables-save > /etc/iptables/rules.v4

Step 4: Trunk Configuration

Modify the following files to set up trunking with MeshPhone. Retrieve example files from: MeshPhone FreePBX Configuration

File Modifications

iax_custom.conf

[<your peer's callsign here>]    ; must match username coming from far end
type=friend                      ; peer=outgoing; user=incoming; friend=both way
host=<your peer's PBX IP address here>  ; send calls to this host IP address at far end
username=<your callsign here>   ; username sent to far end
secret=<a shared password here> ; shared secret between both ends
auth=plaintext                   ; plaintext; rsa; md5
context=MeshPhone                ; destination context for incoming calls
disallow=all                     ; disallow all incoming codecs
allow=ulaw                       ; allow ulaw codec
allow=alaw                       ; allow alaw codec
allow=gsm                        ; allow gsm codec
qualify=yes                      ; constantly ping far end to determine trunk status
transfer=no                      ; do not directly connect endpoints
trunk=yes                        ; allow multiple simultaneous calls

globals_custom.conf

NEIGHBOR=<your peer's callsign here>
; [globals] line commented out (if necessary)

meshphone.conf

Add below the first local extension rule, if not already present. Replace XXXXXXX with the peer’s phone number range (e.g., 55512xx for numbers starting with 55512):

; NEIGHBOR=<your peer's callsign here>
exten => _XXXXXXX,1,Dial(IAX2/${NEIGHBOR}/${EXTEN})
exten => _XXXXXXX,n,GoTo(Utilities,Sorry,1)

extensions_custom.conf

Add below access codes to create 4-digit dialing rules. Replace XXXX with the dialing plan and YYY with the area code to prepend:

exten => _XXXX,1,GoTo(MeshPhone,YYY${EXTEN},1)

To play the Sorry message, including the office code, from utilities.conf, add these lines to the bottom of extensions_custom.conf:

; Handle invalid extensions
exten => i,1,NoOp(Invalid extension dialed)
exten => i,n,GoTo(Utilities,Sorry,1)

; Catch-all pattern for any unmatched numbers
exten => _X.,1,NoOp(Catch-all for invalid extensions)
exten => _X.,n,GoTo(Utilities,Sorry,1)

Optional: Public Availability via 44net

To connect a phone via Groundwire using your 44net allocation:

  1. Set up a WireGuard connection from your mobile phone to the 44net allocation.
  2. Configure Groundwire to connect to your PBX over the 44net address (making sure to allow that 44net address through your 44net firewall, your PBX firewall, and port forwarding from the AREDN router).

Save and apply all changes to FreePBX and your network configurations.

You May Also Enjoy

Setting Up HBLink for a Private DMR Network with HBlink

4 minute read

Published:

This guide walks you through setting up HBLink for a private DMR network, including configuring a Parrot (echo test) repeater and talkgroup. Ensure that you have administrative access to your server and basic knowledge of Python.

Using ChatGPT to Write Code

7 minute read

Published:

I’ve been asked occasionally about my opinion about generative AI tools such as Chat GPT and their potential to disrupt the way we design and create. While I think there is a risk that fundamental knowledge and skill may erode as they are abstracted away by tools like these, I also think these tools create wonderful “jumping off points” for prototyping ideas. We still need a technically educated population to a) know what questions to ask, b) ask them in a precise way, and c) validate the results.