Saturday, December 12, 2009

Cisco router as a PPTP client

Cisco router as a PPTP client, configured it without encryption to another VPN server.

vpdn enable
vpdn-group 1
protocol pptp
rotary-group 0
initiate-to ip VPN_SERVER

interface Dialer0
ip address negotiated
ip pim dense-mode
encapsulation ppp
dialer in-band
dialer idle-timeout 0
dialer string 222
dialer vpdn
dialer-group 1
no cdp enable
ppp pfc local request
ppp pfc remote apply
ppp encrypt mppe auto
ppp chap hostname USERNAME
ppp chap password PASSWORD

dialer-list 1 protocol ip permit
ip multicast-routing
no ip gratuitous-arps

Thursday, October 15, 2009

Configuring Audiocodes MP108 MP104 FXO with Asterisk

Audiocodes MP108 FXO is 8 FXO port on single device, its really well built, but with that, it comes with a lot of setting to deal, basically audiocodes is not simple FXO gateway which normally relies on asterisk to do the switching/PBX stuff, I hope that I can disable all the functionality and just use this gateway with asterisk.

ok now how to set this audiocodes just to forward all call come from PSTN that connect on FXO port to asterisk and vice versa, forward all call from astersik to any available FXO port, this is the few step that will make audiocodes work with such configuration.

Step 1:
Configure audiocodes to have registration account with asterisk, this can be done easily with "Protocol Management -> Protocol Definition -> Proxy&Registration", fill on "Proxy IP Address", "Enable Registration : Yes", "Username", "Password", and "Authentication Mode : Per Endpoint".

Step 2:
Configuring "Protocol Management -> Endpoint Phone Number", this is important part for make each FXO port on audiocodes registered with asterisk, in here, under "Channel", you can fill with either 1, 1-2, 1-8, 3-4, or whatever you want to have, this means that port 1, or port 1-2, etc will registered on astersik with userid/username filled on "Phone Number", yes, that is correct, "Phone Number" on this configuration page is AlphaNumeric, the password is using global "Password" on First step.

next, on same page configure "Hunt Group ID", this is another important configuration which make audiocodes forward incoming call from asterisk to any available FXO. Hunt Group ID is number from 0 to any, I put 1.

Step 3:
to make audiocodes forward call from FXO to asterisk, configure "Endpoint Settings -> Automatic Dialing", I have 777 number on asterisk to handle all incoming call, so I put "Destination Phone Number" as 777 so every incoming call on FXO will be forwarded to 777 on my Astersik.

Step 4:
this is the last configuration that everyone need, forward call from asterisk to any available FXO. in "Routing Tables -> IP to Hunt Group Routing Table" configure under "Dest. Phone Prefix" with "*" (or any prefix that you might have), "Source Phone Prefix" with "*", "Source IP Address" with "*", "Hunt Group ID" with any number you configure on Step 2, in my case, 1.

thats it, all configurations are complete. the audiocodes now can forward the call from FXO to asterisk, and vice versa.

step 3 and step 4 basically the configuration that need to have if audiocodes reporting error such "[ERROR] #0:TrunkGroup::AllocateEndPoint- Can't find EndPoint for phone number"

Sunday, August 30, 2009

SELinux is preventing the mysqld from using potentially mislabeled files

"setroubleshoot: SELinux is preventing the mysqld from using potentially mislabeled files, ...., For complete SELinux messages. run sealert -l ...."

above error is appear after I manually copy Mysql data files from /var/lib/mysql directory from one server to another new server, I usually choose this direct copy path to create another identical mysql server machine for its effectiveness, its faster compare to use the regular mysql tool.

but when the linux machine has SElinux enabled on it, direct copy will resulting the file unreadable from mysql server point of view, it will showing above error, to make these data file readable on mysql simply issue this command :

chcon --reference=/var/lib/mysql new_db_directory/*

Tuesday, August 18, 2009

Ubuntu gutsy got "package is missing, has been obsoleted etc"

Its sucks maintaining an old server while upgrading the OS is not an option, especially if said machine is just work fine and serve well with its obsolete hardware and not worth enough to put some additional investment, except just add a hard drive.

while trying to update using apt-get, if one got the :
"package is missing, has been obsoleted, or is only available from another source" error, update the content of /etc/apt/sources.list with below entry, all obsolete ubuntu now filed under server :

deb gutsy main restricted universe multiverse
deb-src gutsy main restricted universe multiverse
deb gutsy-updates main restricted universe multiverse
deb-src gutsy-updates main restricted universe multiverse
deb gutsy-security main restricted universe multiverse
deb-src gutsy-security main restricted universe multiverse

Monday, August 10, 2009

running asterisk with SELinux enabled

The common problem on asterisk running on top of linux with SELinux enabled is the error while trying to load the codecs

the error usually said :

loader.c:359 __load_resource: /usr/lib/asterisk/modules/ cannot restore segment prot after reloc: Permission denied

The majority of user just disabling the SELinux, but if that is not an option, just change the context of said file above wiith this command :

chcon -t texrel_shlib_t /usr/lib/asterisk/modules/

Sunday, May 31, 2009

Unlock Linksys Sipura SPA 2102

To unlock this linksys SPA 2102, just do exactly the step for unlocking Sipura SPA2100 on my other post.
I did it three times, all SPA-2102 no matter the model number, either SPA-2102-R, SPA-2102-NA or SPA-2102-SF, all can be unlocked using same step.

note: the only difference on my case with Linksys SPA, the file name on web server is spaMAC.cfg compare to Sipura SPA2100 that use spaMAC.txt as default.

another note : it might need to set device to default configuration, by pressing **** and option 73738# and press 1 to confirm before above step.

Wednesday, May 6, 2009

Expect, PHP and Fedora 5

I work with ubuntu before for the expect, Expect, PHP and Ubuntu, but now I have to use it on fedora 5, here is the installation :

install expect and expect-devel

# yum install expect expect-devel

install PECL Expect.

# wget
# pecl install expect-0.2.5.tgz

edit php.ini and put this line :

restart httpd and you ready to go.

Monday, May 4, 2009

disable root access on ssh server

for the telnet server, to disable root access, normally people just remove everything under /etc/securetty that root doesnt have access, and for ssh server, just edit /etc/ssh/sshd_config file, and change this line "PermitRootLogin Yes" to "PermitRootLogin no"

thats it, and dont forget to restart sshd service by doing "/etc/rc.d/init.d/sshd restart", dont worry, your current session wont lost because of restarting the ssh server.

Sunday, April 5, 2009

Unlock Sipura SPA 2100 (from for home asterisk

note : You can unlock Linksys SPA2102 using below step as well.
The sipura that I found lying around was belong to, and now I use it with asterisk, if somebody ask how to do it, here is the story:

my instalation use :
- Sipura SPA 2100
- Windows XP Laptop.
- Linux PC
- Wireless Network
- ethereal / wireshark software for windows.

ps : you can figure out by your self how to not to use 2 system just to serve one purpose, but for me since I have linux PC (which run apache webserver and dns) so I just use it, dont have to install this additional software to my XP laptop.

after everything ready here is the step :
1. enable windows internet share on XP laptop, so the ethernet port will share wireless connection to access internet.
2. connect sipura SPA 2100 with ethernet cross cable to laptop ethernet port.
3. run ethereal to sniff ethernet interface on XP laptop.
4. turn on SPA 2100 and ethereal will start showing the traffic, this the time I saw what host on domain it tried to access, and
5. check on HTTP traffic too, and I found it tried to get /spaMAC.txt
6. write down all the info above, and now start to configure your dns and webserver to have it.
7. configure the DNS to have and pointing out to linux server ( configure named.conf to have this domain, and zone file to have IN A for those two hosts )
8. put this text in /spaMAC.txt file, and save it to /var/www/html directory, so web server will serve it to sipura.

<Enable_Web_Server ua="na">Yes</Enable_Web_Server><Web_Server_Port ua="na">80</Web_Server_Port><Enable_Web_Admin_Access ua="na">Yes</Enable_Web_Admin_Access><Admin_Passwd ua="na"></Admin_Passwd><User_Password ua="na"></User_Password><Provision_Enable ua="na">No</Provision_Enable><Protect_IVR_FactoryReset ua="na">No</Protect_IVR_FactoryReset>

9. now configure sipura to have static ip (remember, first time sipura run with auto config using windows internet share, and using internet DNS, and have it access real domain), configure sipura to have dns pointing out to linux PC too.
10. restart sipura SPA 2100, and voila, it admin page now accessible and ready to configure with my home asterisk.

simple, and at least I save one usable device for being trashed on junkyard and pollute our only planet.

Thursday, February 12, 2009

Expect, PHP and Ubuntu

here is the Expect installation for PHP on ubuntu
- apt-get install expect
- apt-get install expect-dev
- wget
- pecl install expect-0.2.5.tgz
- vi /etc/php5/conf.d/expect.ini and add the line :
- restart apache

for other system (fedora in my case), 2 first step is changed to :
- wget
- tar -zxvf expect.tar.gz
- cd expect-5.43/
- ./configure --with-tclconfig=/usr/lib/tcl8.4 --with-tclinclude=/usr/include/tcl8.4/tcl-private/generic
- make | make install


last archive