Today I'll show you how to change the digit length of your extensions in 3CX once installed.
Please note that this is not recommended and should be tested and of course take a backup of your database first!.
To change the extension length go to "settings" --> Advanced --> choose the "custom parameter tab" and look for the value called : "ENL" , change the value field to the desired length and you're done!
12 June 2013
Yealink T38 OpenVPN configuration
Well it's been a long time since I posted another tutorial, but here is a nice one.
I needed to configure a Yealink T38 to connect over VPN to a remote location. As you may or may not know, the T38 comes with openVPN support. However as always with yealink , the documentation on how to do it is poor to say the least...
There are other tutorials; but none are complete imho.
This tutorial will show you how to setup an openVPN server on Ubuntu, and how to configure the Yealink to use VPN.
Please note the following:
*I'm using a TUNNEL(routed) connection for the OpenVPN , so if you need a bridged one, DON'T follow this guide (for the OpenVPN setup that is)
*This has been done with a Yealink T38 running FW 38.70.23.9 (although others should work too)
*The procedure to do this with a Yealink T26/T28 is the same, except for the location of the certificates; more on that later on.
So let's start with the Ubuntu & Openvpn setup.
1)Let's make sure everything is up-to-date
apt-get update && apt-get upgrade
2)Download the packages for OpenVPN
apt-get install openvpn udev
3)Copy everything to another location to make sure they don't get overwritten by updates
cp -R /usr/share/doc/openvpn/examples/easy-rsa/ /etc/openvpn4)Configure the vars file to include all the info to generate certficates. Edit the following lines to match you country etc...5)Now we need to load the vars , clean up and build the CA. cd into /etc/openvpn/easy-rsa/2.0export KEY_COUNTRY="COUNTRY" export KEY_PROVINCE="STATE" export KEY_CITY="CITY" export KEY_ORG="ORGANIZATION NAME" export KEY_EMAIL="YOUR EMAIL"
Run:
. /etc/openvpn/easy-rsa/2.0/vars
(NOTE: In case you get an error about openssl.conf being the wrong version; issue the following: cp openssl.1.0.0.conf openssl.conf Now to clean up run:. /etc/openvpn/easy-rsa/2.0/clean-all
Now we need to build the CA, run:
. /etc/openvpn/easy-rsa/2.0/build-caIt will ask you for some settings,but they should already be correctly taken from the vars file.So just Enter to continue. When done it will ask you to build
and write, so enter Y to confirm.
6) Now we need to build the certificate and key for the server itself. So run:
. /etc/openvpn/easy-rsa/2.0/build-key-server <YOUR SERVER NAME>
Again the settings should match the ones you entered before. but note the server name should be the one you chose for your server.
7) Now we need to generate the client certificate & key file. So run:
. /etc/openvpn/easy-rsa/2.0/build-key <YOUR CLIENT>
Again note the client name should be the same as the one entered in the above command.
8) Now generate the DH file for the key exchanges.
. /etc/openvpn/easy-rsa/2.0/build-dh
9)Now that we have the required files , let's put them somewhere safe for further
adjustment.
To copy the client files, make a dir somewhere. f.e: mkdir /tmp/yealinknow go to the dir with the client files:
cd /etc/openvpn/easy-rsa/2.0/keysCopy the files to the new dir:
cp ca.crt <clientname>.crt <clientname>.key 10)Now we need to move the certificates for the server to a location where the openvpn service can find them. So change back to the dir with the certs= copy the certscd /etc/openvpn/easy-rsa/2.0/keyscp ca.crt ca.key dh1024.pem <YOURSERVERNAME>.crt <YOURSERVERNAME>.key /etc/openvpn
11)Now this is done we need to modify the server config file to match our needs.
There are examples provided with openvpn docs, so should make life easy.cd /usr/share/doc/openvpn/examples/sample-config-files
gunzip -d server.conf.gzmv server.conf /etc/openvpn/>YOURSERVERNAME<.conf Edit the file using your fav. editor. I'll use nano:nano /etc/openvpn/>YOURSERVERNAME.conf<Uncomment following :push "redirect-gateway def1"
push "dhcp-option DNS 10.8.0.1"
(Here you can also specify your port & protocol etc...)
12)Now we need to setup the server to forward the VPN trafficEdit the sysctl.conf file ( nano /etc/sysctl.conf ) Uncomment the following line:
net.ipv4.ip_forward=112)Now punch a hole in IPtables to allow for traffic:
iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT
13)That's it, you're done for the server side, now let's move to the client side. cd to the folder where you dropped the client files (see step 9)
Here you need to create a config file for the yealink , for your convenience i've made one you can copy paste and adjust some lines.You need to save this file as vpn.cnf and (DON'T COPY THE -------)
-------------------------------------------------------------------
client
;dev tap
dev tun
;dev-node MyTap
;proto tcp
proto udp
remote >YOURSERVERWANIP OR HOSTNAME< >YOURPORT<
;remote-random
resolv-retry infinite
nobind
;user nobody
;group nogroup
.
persist-key
persist-tun
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]
;mute-replay-warnings
ca /phone/config/openvpn/keys/ca.crt
cert /phone/config/openvpn/keys/client.crt
key /phone/config/openvpn/keys/client.key
ns-cert-type server
;cipher x comp-lzo verb 6 ;mute 20
---------------------------------------------------------------------- 14)Now if you're still with me you should have the following in your dir: ca.crt + client.crt + client.key + vpn.cnfIf so, then let's continue. Make a new dir named keys (mkdir keys)And move the certs & keys there ,
but not the .cfn file. 15)Almost there, now we need to make a tar that the yealink can use. Yealink expects a very strange folderstructure, with the topfolder being named "."
Now the way I found to do this is as follows: while in the directory where the .cfn file and the "keys"folder is located issue:
"tar -cf client.tar ." If all goes well you should have a tar named 'client' now.
If that is the case, you now need to move this tar file to a pc where you can access the Yealink webinterface. 16)Log into the Yealink phone, and move to the NETWORK tab, then click ADVANCED in the left side pane. 17)Now there is an option VPN , which is disabled by default. But first you need to upload your client tar file. Click browse and upload the file.
Once this is done you can enable the VPN functionality, the phone will reboot. 18)If all went well , you should now have a working VPN to the openvpn server. This is shown by a small V icon on the T38. Now you can connect to the remote PBX and all should be well. Just note that you might need to add routes to the VPN subnet (10.8.0.0/24)
As a side note: in the config file above you will see the certificate locations are: /phone/config...This is only correct for Yealink T3x, if you are using a T2X , you should use : /yealink/config...All the other steps should remain the same.In case you still don't get it to work , drop me a message.
09 February 2012
Kayako installer hangs at 'troubleshooterstep'
When I was installing the Kayako supportsystem on an Ubuntu server it would hang at the "templates" screen , more precisely at:troubleshooterstep
To fix this you need to allow more memory to be used by scripts in the PHP.ini file
located in /etc/php5/conf.d
Set the allowed memory to 512M and you'll be fine ;-)
To fix this you need to allow more memory to be used by scripts in the PHP.ini file
located in /etc/php5/conf.d
Set the allowed memory to 512M and you'll be fine ;-)
07 February 2012
WSUS broken after SP2 update on SBS 2008
The title says it all.
As it turns out i'm not the only one and google is scattered with people having the same issue.
I had a client who had upgraded his WSUS sp1 on a SBS 2008 box to SP2, without reading the preresuisites (found here: http://www.microsoft.com/download/en/details.aspx?id=5216)
So it messed up WSUS beyond repair.
I first tried the basics, uninstalling WSUS sp2 , delete all the files in the WSUS directory etc and then reinstall the original WSUS from the 2nd DVD of SBS 2008.
The install completed successfully however WSUS was still broken, and would throw erros like:
The SimpleAuth Webservice is not working
The ClientWebservice is not working
WSUS administration console was unable to connect to the server using the remote API
System.IO.IOException -- De handshake is mislukt als gevolg van een onverwachte pakketgrootte.
Source
System
Stack Trace:
bij System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
bij System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
Microsoft.UpdateServices.UI.SnapIn.Scope.ServerSummaryScopeNode.OnExpandFromLoad(SyncStatus status)
Last one is in dutch because I'm too lazy to translate and the client installed the SBS in dutch O_O
As I said I tried uninstall and reinstall, but didn't do the trick. Then I noticed that the WSUS administration console site would not get removed from IIS sites, even though WSUS was uninstalled. So:
1 Uninstall WSUS , go to control panel --> Programs and Features --> Windows updates services --> remove --> check all the boxes to remove all of the files.
2 Delete the contents of the WSUS folder , usually located under c: , don't delete the folder itself.
3 Delete the WSUS administration Site under IIS --> Administrative Tools --> IIS Manager --> In the left pane there should be a site called 'WSUS ADMINISTRATION' --> right click --> Delete
(ONLY DO THIS WHEN HAVING SAME PROBLEM AS ME, AND ONLY THIS SITE, NOTHING ELSE!!!)
4 Install the report viewer as specified in the requirements mentioned earlier (if not done so already)
5 Download the WSUS SP2 Installer from the link specified earlier.
6 Right click installer and run as admin.
7 Now WSUS should work as before and you'll be running SP2 , but unfortunately you'll need to configure WSUS from scratch.
As it turns out i'm not the only one and google is scattered with people having the same issue.
I had a client who had upgraded his WSUS sp1 on a SBS 2008 box to SP2, without reading the preresuisites (found here: http://www.microsoft.com/download/en/details.aspx?id=5216)
So it messed up WSUS beyond repair.
I first tried the basics, uninstalling WSUS sp2 , delete all the files in the WSUS directory etc and then reinstall the original WSUS from the 2nd DVD of SBS 2008.
The install completed successfully however WSUS was still broken, and would throw erros like:
The SimpleAuth Webservice is not working
The ClientWebservice is not working
WSUS administration console was unable to connect to the server using the remote API
System.IO.IOException -- De handshake is mislukt als gevolg van een onverwachte pakketgrootte.
Source
System
Stack Trace:
bij System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
bij System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
Microsoft.UpdateServices.UI.SnapIn.Scope.ServerSummaryScopeNode.OnExpandFromLoad(SyncStatus status)
Last one is in dutch because I'm too lazy to translate and the client installed the SBS in dutch O_O
As I said I tried uninstall and reinstall, but didn't do the trick. Then I noticed that the WSUS administration console site would not get removed from IIS sites, even though WSUS was uninstalled. So:
1 Uninstall WSUS , go to control panel --> Programs and Features --> Windows updates services --> remove --> check all the boxes to remove all of the files.
2 Delete the contents of the WSUS folder , usually located under c: , don't delete the folder itself.
3 Delete the WSUS administration Site under IIS --> Administrative Tools --> IIS Manager --> In the left pane there should be a site called 'WSUS ADMINISTRATION' --> right click --> Delete
(ONLY DO THIS WHEN HAVING SAME PROBLEM AS ME, AND ONLY THIS SITE, NOTHING ELSE!!!)
4 Install the report viewer as specified in the requirements mentioned earlier (if not done so already)
5 Download the WSUS SP2 Installer from the link specified earlier.
6 Right click installer and run as admin.
7 Now WSUS should work as before and you'll be running SP2 , but unfortunately you'll need to configure WSUS from scratch.
14 December 2011
Out Of Office BLF with Snom & 3CX
Today I had someone asking me to configure some way to manually set the PBX to "in the office" or "out of office" and have the phone have lit LEDs to show the "out of office" being enabled.
To be honest I've never been asked to do so since most people are happy using the automatic "office hours" routing provided by 3CX.
So to configure this I had to get a little creative. I used the 3CX emergency dial code and the Snom Action URL
What you'll need:
-3CX commercial edition (since the dial code needed to enable/disable out of office is only included in the commercial version.)
-SNOM Phone (3xx/8xx) with version 8 Firmware
Step 1 : Configure the "EMERGENY DIAL CODE" in 3CX
Log into the 3CX Management console, and go to settings in the left pane.
Click advanced and then click the "dial codes" tab.
At the bottom you will see the "Emergency dial code" this field is empty and you must enter a value there, I used *123. (note that to enable out of office you need to dial *1232 , to disable *1231)
Step 2: making the XML files needed by the Snom phones
We need to make 2 files, 1 to enable out of office and light up the LEDs on the phone, and one to disable out of office and the LEDs.
The config i used to enable the leds and out of office:
<?xml version="1.0" encoding="UTF-8"?>
<SnomIPPhoneText>
<Title>LED Control Feature</Title>
<Prompt>Prompt Text</Prompt>
<Text>Your message here</Text>
<Led number="1">Blink</Led>
<Led number="2">Blink</Led>
<Led number="3">Blink</Led>
<Led number="4">Blink</Led>
<Led number="5">Blink</Led>
<Led number="6">Blink</Led>
<Led number="7">Blink</Led>
<SoftKeyItem>
<Name>#(or another key you like)</Name>
<URL>http://127.0.0.1/command.htm?number=*1232&outgoing_uri=IP OF 3CX</URL>
</SoftKeyItem>
</SnomIPPhoneText>
And to disable the LEDs and out of office:
<?xml version="1.0" encoding="UTF-8"?>
<SnomIPPhoneText>
<Title>your title</Title>
<Prompt>Prompt Text</Prompt>
<Text>Your message</Text>
<Led number="1">Off</Led>
<Led number="2">Off</Led>
<Led number="3">Off</Led>
<Led number="4">Off</Led>
<Led number="5">Off</Led>
<Led number="6">Off</Led>
<Led number="7">Off</Led>
<SoftKeyItem>
<Name>#(or another key you like)</Name>
<URL>http://127.0.0.1/command.htm?number=*1231&outgoing_uri=IP OF 3CX</URL>
</SoftKeyItem>
</SnomIPPhoneText>
These XMLs are used by the Snom "minibrowser" and will be read by configuring an URL in the snom (more of that later)
<Text>Your message</Text> this will be displayed when using the XML on the phone's lcd.
I used something like "to enable/disable out of office press # , then press X)
<Led number="1">Off</Led>this is used to define the LED's state, you can set it to On/Off/Blink
<SoftKeyItem>
<Name>#(or another key you like)</Name>Here we define a "softkey to the phone (in my case #) that will be used to send a command to the phone to actually call the *1232 or whatever dial code you defined in 3CX.
<URL>http://127.0.0.1/command.htm?number=*1231&outgoing_uri=IP OF 3CX</URL>
</SoftKeyItem> This is used to enter the command being sent to the phone , number=the emergency code you defined, and outgoing_uri is your 3CX IP.
Save both files as a .XML file and upload them to the 3CX provisioning folder (or another webserver)
You can find the provisioning folder under :
C:\docs&sett\allusers\application data\3CX\Data\http\interface\provsioning or C:\programdata\3CX\Data\http\interface\provsioning
Step 3: Configuring the Snom to use your XML in an Action URL
First make sure your snom is atleast version 8.
Then log on to the phone's webconsole and in the left pane select "function keys" then choose the buttons you would like to use. I used the two bottom ones.
From the drop down menu select "Action URL" and in the value field enter the url to the XML.
In case you used the 3CX provisioning folder:
http://YOURPBX:5000/provisioning/ENABLEOUTOFOFFICE.xml
and in the other button:
http://YOURPBX:5000/provisioning/DISABLEOUTOFOFFICE.xml
Then click save and you're done. Now a user can press the configured button to enable/disbale the leds and complete by pressing the commandbound button to send a phonecall to the the PBX enabling/disbaling the out of office
02 December 2011
repairing a waterdamaged blackberry
So for some reason someone felt the need to spill a glass of applejuice on my blackberry.
At first all seemed well and I dried it off a little and it was still OK.
The morning after my phone was still doing what it should until I tried to check my mails. I got the little clock symbol and then it shut down. I opened the phone and saw that the waterindicators were red...
The phone wouldn't boot and show a constant red led. When connected to AC power it would show a "battery missing" on the display.
So I took the phone and put it in a box of dried rice for 3 days, not expecting anything of it. Since I didn't remove the battery right after it got wet, nor did I clean the phone with rubbing alcohol...
But sure enough after 3 days the phone booted and was working the same a before :)
At first all seemed well and I dried it off a little and it was still OK.
The morning after my phone was still doing what it should until I tried to check my mails. I got the little clock symbol and then it shut down. I opened the phone and saw that the waterindicators were red...
The phone wouldn't boot and show a constant red led. When connected to AC power it would show a "battery missing" on the display.
So I took the phone and put it in a box of dried rice for 3 days, not expecting anything of it. Since I didn't remove the battery right after it got wet, nor did I clean the phone with rubbing alcohol...
But sure enough after 3 days the phone booted and was working the same a before :)
How to backup VPN connections in Windows 7
I'm sure more of you have wondered wether it's possible to backup your VPN connections stored in your windows 7 pc, after some exploring I found the file where they are stored.
Actually it's called a "phonebook" in windows and is located at:
C:\Users\YOURUSERNAME\AppData\Roaming\Microsoft\Network\Connections\Pbk
If you double click the PBK file it will show you all connections. So as you can see the VPN connections are stored there and can be easily exported.
Actually it's called a "phonebook" in windows and is located at:
C:\Users\YOURUSERNAME\AppData\Roaming\Microsoft\Network\Connections\Pbk
If you double click the PBK file it will show you all connections. So as you can see the VPN connections are stored there and can be easily exported.
Subscribe to:
Posts (Atom)