2.) UseWin32DiskImager to install the Raspbx image to an SD card.
3.) Username/Password for root login is root/raspberry (using Putty or WinScp etc)
4.) The Pi should receive an IP from your DHCP server.
5.) Using “raspi-config” from root, overclock the card to 1GHz, and extend rootfs partition.
6.) Set timezone, keyboard parameters etc.
7.) Set a Static IP for the Pi editing /etc/network/interfaces Change the line” iface et0 inet dhcp” to “iface et0 inet static” Set network address, netmask, gateway as required.
8.) /etc/resolv.conf contains DNS info 127.0.0.1 should be at the top the others are Google’s DNS.
9.) Shutdown the system “halt” and then start again.
10.) Update by entering “raspbx-update” from putty, type Y as required and have a cup of coffee.
11.) Log into freepbx GUI UN:PW – admin:admin
12.) Go to Settings, Asterisk SIP Settings
Set NAT to YES (if behind a home router with NAT)
Set IP Configuration to Public IP
13.) Set Up Email (pasted from raspbx site)
Email delivery from your RPi is needed if you plan to have voicemails sent to users by email. Email already works in the default configuration using Exim4 as MTA. By default, Exim is configured to directly send mails to the recipient MX hosts. This is however discouraged, as many email providers classify emails coming from dynamic IP addresses as spam. To avoid this, you need to set a smarthost. Unless you have an open SMTP server on your network that can be used as smarthost without authentication, you will need to specify SMTP authentication credentials as well. It is basically possible to use almost any publicly available freemailer as smarthost with the RPi. Have username and password as well as SMTP hostname (sometimes also referred to as outgoing mail server) of the email account you are going to use ready.
Run on the console:
On the first configuration page select “mail sent by smarthost; received via SMTP or fetchmail”. On the following pages just keep the default values by pressing enter, until you reach the page starting with “Please enter the IP address or the host name of a mail server…”. Here, enter the SMTP hostname of your email provider. Again, keep default values on the remaining pages.
Then, edit the file passwd.client by running:
Add your credentials at the bottom of this file in the following format:
In most cases, the SMTP hostname used in this file is identical to the hostname used as smarthost before. If email fails to work, specify the reverse lookup of your email provider’s SMTP host IP address here. For Google Mail, this is currently gmail-smtp-msa.l.google.com
Some email providers also require you to use sender addresses identical to one of the public email adresses of your account. In this case, edit:
On the bottom of this file add:
root: [email protected]
asterisk: [email protected]
This configures the sender address of all outgoing mail to [email protected].
Finally, to activate your configuration run:
You can test your email setup with this command:
send_test_email [email protected]
A test email should reach your inbox shortly.
14.) Security Stuff
Go to Settings, Asterisk SIP Settings again,
Set Allow SIP Guests to NO
Set Allow Anonymous Inbound SIP Calls to NO
Check /etc/asterisk/sip_general_additional.conf includes the line,
Just use Alpha Numeric characters for passwords. Set strong passwords.
From putty type “passwd” and change default root password.
IN GUI go to Admin, Administrators and select the user and change password.
In Settings, Advanced Settings change Asterisk Manager Password
and on same page change User Portal Admin Password
Change SSH to a non-standard port
Find – Port 22 and change (e.g. 1234)
Add SSHPORT=1234 to /etc/amportal.conf
Make sure your firewall blocks all traffic to the IP of your Raspbx
Just set an outbound firewall rule for the Raspbx (assuming that the firewall will allow traffic IN from IPs that it has sent to)
Do Not Forward any ports to your PBX (let it hide behind NAT)
Using Putty, from Root, run “install-fail2ban”, enter your email when asked, and fail2ban will be all set up. (I think the default is 3 wrong attempts, blocks IP for half an hour – i think local IP is excluded, but wise to be careful)
To check fail2ban is running, you can enter “fail2ban-client status” in putty, and it will display the jails list – asterisk, and ssh.
15.) Go to Admin, Module Admin and update current modules.
Also while you’re there install the Time Conditions Module.
16.) Set up your Trunks etc. as required: NOTE – if you are having problems with no Audio on Calls, check your NAT Setting again (Settings, Asterisk SIP Settings), and change if required.