i found one solution on web:<br><a href="http://forum.pfsense.org/index.php?topic=18200.0">http://forum.pfsense.org/index.php?topic=18200.0</a><br>and past below:<br><br><span style="color: black;">Hi all,<br>I want to share my configuration of Freeswitch with Dynamic IP WAN.<br>
I obviously have to thank Mcrane not only for his great job porting FS to pfSense but also for <br>the huge amount of time spent with me, my configuration and my poor knowdlege about FS (that <br>caused a lot of headhaches to him).<br>
<br>When you have a DHCP or PPPOE connection the annoying issue is your are left without PBX when the <br>internet connection is down. It happens very often to me, I'm in countryside and the quality of <br>DSL is terrible. I have PPPoA half-bridge so when the connection goes down my WAN IP di 0.0.0.0.<br>
<br>With this setup you will always be able to use internal extensions, I also have a Sipura-3102 <br>with PSTN configured as gateway so I can always call outside also when WAN is down.<br><br>You'll be able to register local extensions to lan profile and external extensions to internal <br>
profiles and they can call each others.<br><br>Optionally you can also enable SSLv23 for encrypted calls (but I'm not sure this way only SIP <br>messaging or voice data too is encrypted).<br><br><b>1) CONFIGURE DYNAMIC DNS</b><br>
<br>Register to a dynamic dns and get an hostname, I'll use a dummy "<a href="http://dsl.homeip.net">dsl.homeip.net</a>" for this guide.<br>I'm using DynDns, if you choose another provider be sure it supports "Wildcards".<br>
Configure the ddns name in Services->Dynamic DNS and be sure to enable "Wildcards".<br><br><b>2) CONFIGURE DNS FORWARDER</b><br><br>I will use as example for this guide the pfSense LAN IP 192.168.0.1.<br>Check "Enable DNS forwarder".<br>
Your phones must use ONLY your pfSense LAN IP address as DNS server, check it!<br>Below "You may enter records that override the results from the forwarders below." add an <br>hostname this way, BE SURE to replace with your correct ddns and LAN IP:<br>
<br>Host: dsl<br><br>Domain: <a href="http://homeip.net">homeip.net</a> <br><br>IP Address: 192.168.0.1<br><br>Save configuration and check with your PC (with pfSense configured as primary DNS), ping to <br><a href="http://dsl.homeip.net">dsl.homeip.net</a> must resolve to LAN IP, ping to <a href="http://fs.dsl.homeip.net">fs.dsl.homeip.net</a> must resolve to your WAN IP.<br>
<br><b>3) CONFIGURE INTERNAL PROFILE</b><br><br>Extensions from outside that register to WAN IP must use TCP protocol.<br>Always use your ddns, "<a href="http://dsl.homeip.net">dsl.homeip.net</a>", for registration domain/SIP host.<br>
<br>Go to Services->Freeswitch->Profiles and click edit for internal.xml.<br><br>Uncomment and/or set with this values:<br><br> <param name="manage-presence" value="passive"/><br> <param name="dbname" value="share_presence"/><br>
<param name="presence-hosts" value="$${domain}"/><br> <param name="bind-params" value="transport=tcp"/><br> <param name="rtp-ip" value="$${local_ip_v4}"/><br>
<param name="sip-ip" value="$${local_ip_v4}"/><br> <param name="ext-rtp-ip" value="auto"/><br> <param name="ext-sip-ip" value="auto"/><br>
<param name="force-register-domain" value="$${domain}"/><br><br><b>4) CONFIGURE LAN PROFILE</b><br><br>Extensions from inside that register to LAN IP must use UDP protocol.<br>Always use your ddns, "<a href="http://dsl.homeip.net">dsl.homeip.net</a>", for registration domain/SIP host.<br>
<br>Go to Services->Freeswitch->Profiles and click edit for lan.xml.<br><br>Be sure to change 192.168.0.1 with you LAN IP!<br><br>Uncomment and/or set with this values:<br><br> <param name="manage-presence" value="true"/><br>
<param name="dbname" value="share_presence"/><br> <param name="presence-hosts" value="$${domain}"/><br> <param name="bind-params" value="transport=udp"/><br>
<param name="rtp-ip" value="192.168.0.1"/><br> <param name="sip-ip" value="192.168.0.1"/><br> <param name="ext-rtp-ip" value="192.168.0.1"/><br>
<param name="ext-sip-ip" value="192.168.0.1"/><br> <param name="force-register-domain" value="$${domain}"/><br><br><b>5) CONFIGURE VARS</b><br><br>Go to Services->Freeswitch->Vars.<br>
<br>Be sure to prepend "fs." or anything else you like to ddns name in external_rtp_* set values!<br>It's needed because pfsense locally will resolve you registered ddns to LAN IP address.<br> <br>Uncomment and/or set with this values:<br>
<br> <X-PRE-PROCESS cmd="set" data="domain=<a href="http://dsl.homeip.net">dsl.homeip.net</a>"/><br> <X-PRE-PROCESS cmd="set" data="bind_server_ip=auto"/><br> <X-PRE-PROCESS cmd="set" data="external_rtp_ip=host:<a href="http://fs.dsl.homeip.net">fs.dsl.homeip.net</a>"/><br>
<X-PRE-PROCESS cmd="set" data="external_sip_ip=host:<a href="http://fs.dsl.homeip.net">fs.dsl.homeip.net</a>"/><br><br><b>6) TLS ENCRYPTION</b><br><br>ONLY IF you want TLS/SSLv23 encryption also set in vars.xml:<br>
<br> <X-PRE-PROCESS cmd="set" data="sip_tls_version=sslv23"/><br> <X-PRE-PROCESS cmd="set" data="internal_ssl_enable=true"/><br><br>Then go to SSH console and input the commands (respond Y to questions and change to your ddns <br>
<br>name "<a href="http://dsl.homeip.net">dsl.homeip.net</a>"):<br><br>cd /usr/local/freeswitch/bin/<br>./gentls_cert setup<br>./gentls_cert create -cn <a href="http://dsl.homeip.net">dsl.homeip.net</a> -alt DNS:<a href="http://dsl.homeip.net">dsl.homeip.net</a><br>
<br>Your master certificate is in /usr/local/freeswitch/conf/ssl/CA/ with name cafile.pem<br>Install in your SIP phones or if you use a Windows softphone, download it and rename to <br><br>"cafile.crt". Double click to add it to certificate store, default options when asked.<br>
I verified it works with Windows Vista and Eyebeam Softphone.<br>(If you use Eyebeam, it can't receive encrypted calls, under Security tab check only preference <br>for encryption calls)<br><br><b>7) RESTART FS</b><br>
<br>Don't only issue a reloadxml, restart the FS serice.<br><br>Maybe
something is missing (my setup is working and I'm not 100% sure that's
all what you need from default config), let me know and I'll update the
thread. <br><br>Cheers,<br>Mannix </span><br><br><div class="gmail_quote">2009/9/11 jun yang <span dir="ltr"><<a href="mailto:yj13535428332@gmail.com">yj13535428332@gmail.com</a>></span><br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
when i set local_ip_v4 to 0.0.0.0 i see the info below:<br>2009-09-11 20:22:27.15625 [WARNING] sofia.c:2291 Invalid IP 0.0.0.0 replaced with 218.21.105.133<br>2009-09-11 20:22:27.15625 [WARNING] sofia.c:2300 Invalid IP 0.0.0.0 replaced with 218.21.105.133<br>
2009-09-11 20:22:27.15625 [NOTICE] sofia.c:1509 Adding Alias [0.0.0.0] for profile [internal]<br><br><div class="gmail_quote">2009/9/11 jun yang <span dir="ltr"><<a href="mailto:yj13535428332@gmail.com" target="_blank">yj13535428332@gmail.com</a>></span><div>
<div></div><div class="h5"><br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">i add <br><X-PRE-PROCESS cmd="set" data="local_ip_v4=0.0.0.0"/><br>
before<br><X-PRE-PROCESS cmd="set" data="domain=$${local_ip_v4}"/><br>and it has no effect all the same.<br>
<br>is that something wrong.<br><br><div class="gmail_quote">2009/9/11 Jason White <span dir="ltr"><<a href="mailto:jason@jasonjgw.net" target="_blank">jason@jasonjgw.net</a>></span><div><div></div><div>
<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div>jun yang <<a href="mailto:yj13535428332@gmail.com" target="_blank">yj13535428332@gmail.com</a>> wrote:<br>
> when freeswitch start ,it auto bind to the pubic ip, so the lan user cann't<br>
> connect to freeswitch use lan ip.<br>
> i have setting<br>
> <X-PRE-PROCESS cmd="set" data="bind_server_ip=0.0.0.0"/><br>
> but have no effect, freeswitch also auto bind to the public ip.<br>
> any help is thanks.<br>
<br>
</div>Set local_ip_v4 in vars.xml to your desired IP address.<br>
<br>
<br>
_______________________________________________<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
</blockquote></div></div></div><br>
</blockquote></div></div></div><br>
</blockquote></div><br>