Saturday, September 5, 2009

pfSense with Freeswitch for SIP Trunks to sipXecs

Ok, so here's a bit of a new twist. I was toying with the thought of trying to get OpenSBC running on pfSense firewall. Long story short, I couldn't get the developer version of pfSense running in a virtual on my machine so I decided to give the FreeSwitch pfSense package a go.

What do you know... I actually got it going as a bridge pretty easily. So I figured I'd document it for others who follow...

The purpose of this exercise was to have pfSense with FreeSwitch register to my Gizmo account and forward calls in to sipXecs. This is just a starting point but shows great promise as a way to front-end a sipXecs server.

1. In pfSense install the FreeSwitch package (System -> Packages - FreeSwitch) (I picked the Dev version to run on my pfSense 1.2.3 rc1 install).

2. Once installed, go to Services -> FreeSwitch.

3. Click on the Gateways tab and then the + sign on the right to add a new gateway.

4. At the top of the Gateway Setup form is a handy hyperlink to examples for different SIP Providers. Here is my Gizmo configuration:
  • Gateway: gizmo
  • Username: 1747xxxxxxx
  • Password: xxxxxxxx
  • From-user: 1747xxxxxxx
  • From-domain: proxy01.sipphone.com
  • Proxy: proxy01.sipphone.com
  • Expire-seconds: 3600
  • Register: true
  • Retry-seconds: 3600
  • Caller-id-in-from: false
  • Enabled: true
  • Gateway Description: Gateway to gizmo account
5. Click the Save button at the bottom of the page.

6. Click on the Public tab at the top of the page.

7. Click on the + sign over on the right hand side of the Public table to create a new extension.

8. Create the following extension:
  • Extension Name: sipXecs
  • Enabled: true
  • Order: 000
  • Description: Transfer to internal spiXecs Server
9. Add the following conditions and actions at the bottom of this page (hit the + sign to add each one).
  • Tag: condition
  • Type: destination_number
  • Data: 1747xxxxxxx
  • Order: 000
  • Tag: action
  • Type: bridge
  • Data: sofia/lan/100@ip.addr.of.sipxecs (what sipXecs extension to route it to)
  • Order: 001

10. On the Status tab, click the 'reloadxml' button. You should see your gateway in the 'sofia status' section as 'REGED' if you have done things properly.

11. Create 2 firewall rules in pfSense (Firewall -> Rules):
  • Action: Pass
  • Interface: WAN
  • Protocol: UDP
  • Source: any
  • Destination: WAN address
  • Destination port range: 5080

  • Action: Pass
  • Interface: WAN
  • Protocol: UDP
  • Source: any
  • Destination: WAN address
  • Destination port range: 10000 – 35000 (* - I haven’t tried narrowing this down…)

12. Try dialing your Gizmo number and your sipXecs server should answer the call!

Tip, if you get a Google Voice account you can make it ring inbound to your Gizmo account and have free inbound calling.

No comments: