All SysAdminMan servers come with fail2ban and denyhosts installed. These are two software packages that do similar things so can be confusing.
Here are the differences -

fail2ban
monitors Asterisk logs for failed ‘Register’ attempts and blocks the IP using IPTables. This means if you get yourself blocked it will appear as though the server has gone down

denyhosts
monitors /var/log/secure for failed SSH attempts and just blocks the IP for SSH access. You will get connection refused just for SSH if you get yourself blocked

It’s possible to whitelist your own IPs so that they don’t get accidentally blocked by following the instructions below.

You should replace 123.123.123.123 with your own IP -

There’s an interesting post here - http://www.pbxinaflash.com/community/index.php?threads/google-contacts-to-asterisk-phonebook.10943/ - about downloading your Google contacts to your FreePBX/Asterisk server.

It’s just a neat little script that grabs all of your Google contacts and automatically inserts them in to the Asterisk CallerID database.

Once the database is updated you can tell FreePBX to lookup the caller ID in the Asterisk database and present that with any incoming calls -

Recently I had a VPS customer that was looking to get a GoIP GSM Gateway working with his Asterisk VPS. These little SIP/GSM gateways can be used to connect Asterisk to the GSM/mobile network. The single-sim models can be had for around £100 from e-bay.

They are not the easiest boxes in the world to set up, with the web GUI being rather confusing. Eventually though the GoIP was configured correctly but still calls we intermittent, with connection to the Asterisk server being lost.

As the GoIP box was being hosted behind a residential ADSL router the issues were typical of NAT/Firewall problems. They were probably being caused by a mixture NAT and a SIP ALG (application layer gateway) in the ADSL router.

The solution was to use the new SysAdminMan VPN:PBX template which uses OpenVPN to create a secure VPN tunnel to the Asterisk server. The customer purchased a TP-Link 1043 router, flashed the SysAdminMan firmware, and the GoIP was connected to the VPS over the VPN. This meant that private IP address ranges were used, with no NAT happening at all. This is a great example of how using VPN:PBX to provide a VPN connection to your Asterisk server is easy to deploy and works around any NAT/Firewall issues.

Here is a diagram showing the customers setup -

See here for more information - http://sysadminman.net/sysadminman-vpnpbx-hosting.html

SysAdminMan is launching a new product today called VPN:PBX. This is a Virtual Private Server with Asterisk, FreePBX and OpenVPN pre-installed.

There is also a custom firmware (based on OpenWRT) available for the TP-Link TL-WR1043ND broadband router. Details of how to install this custom firmware can be found at - http://sysadminman.net/blog/2012/vpnpbx-getting-started-3890

While SysAdminMan does not sell the TP-Link TL-WR1043ND broadband router directly, it is available from many retailers including Amazon.

Here is an example of how VPN:PBX and the TL-WR1043ND could be deployed -

It can be deployed at a site and provide the following benefits -

• No changes required to existing router/firewall  (depending on deployment layout chosen)
• None of the problems of Network Address Translation associated with SIP as no NAT happens between the VOIP phones and the Asterisk server
• Voice traffic to the Asterisk server is encrypted
• Easy to deploy with custom firmware for the TL-WR1043ND router which includes OpenVPN client and GUI page for encryption settings
• Multiple TL-WR1043NDs can be deployed at multiple sites and connected to the same VPN:PBX server

Please see the product page for more information, or use the contact form if you have any questions.