How to unsubscribe from freepbx

Random Tech Insights

Hello,
Thank you for this helpful post.

As far as the authentication from another connection is concerned, it didn't work for me straight away. After several phone calls with Telekom Business Support, I have now documented everything there is to know about it:
“You have to authenticate yourself with an email address assigned to the access number and a“ Web password ”(“ My Login ”).
As long as you have not set up “My Login”, you can log into the customer center with your access number and personal password.
As soon as you have set up the “My Login” access, it no longer works!

The email address can be set up according to these instructions by entering the access number.

The password can be set under Customer Center-> Personal Data-> My Passwords & PINs -> Password (My Login).

Neither a non - “@ t-online.de” email address, an access number (or access [email protected]), or a telephone number may be used as a user name. The password set via the customer center must be used as the password, not the numeric “personal password” from the access data letter.

.. _this: https://www.telekom.de/hilfe/festnetz-internet-tv/e-mail/e-mail- Adresse-passwoerter-und-sicherheit/einrichtungen-e-mail-adresse-t-online. de? samChecked = true "

I also wrote a small TL; DR for the configuration:

General:
Trunk name: my_trunk
Outbound CallerID: 089XXXXXXXX
CID Options: Force Trunk CID (Caller ID cannot be freely selected with normal connections)
pjsip Settings - General:
Username: [email protected]
Secret: xxx
SIP server: tel.t-online.de
pjsip Settings - Advanced:
Permanent Auth Rejection: No.
Expiration: 480 (I think the standard “3600” is too long - 480 is the minimum @TCOM allowed)
Max Retries: 10000
Contact User: 089XXXXXXXX
From domain: tel.t-online.de
From User: 089XXXXXXXX
Client URI: sip: [email protected]: 5060
AOR Contact: sip: [email protected]: 5060

As for the question of the “external address” (dynamic IP): New asterisk versions bring the “dnsmgr” module. This allows host names (with dynamic IP) to be entered there, and the IP is updated regularly. That solved the 1-way audio problem for me. By the way, the problem only appeared after the IP actually changed. Everything worked fine when I set it up for the first time.

It would also be important to know that the current version of fail2ban does not recognize any attacks on PJSIP trunks.
I have open issues on freepbx and fail2ban: https://github.com/fail2ban/fail2ban/issues/2316, https://issues.freepbx.org/browse/FREEPBX-18879
There also seems to be another problem with fail2ban: https://issues.freepbx.org/browse/FREEPBX-18876

Overall, in my opinion, it is extremely important to use fail2ban (including patches for the issues mentioned. I had about 20,000 attacks on my freepbx instance within 3 days.

I find the question of port forwarding (by Sven, December 24th, 2017) very interesting. My state so far was that 5060 and the RTP ports have to be forwarded. How else is that supposed to work when a call comes in?

Best wishes
Yannik

LikeLike