i found one solution on web: http://forum.pfsense.org/index.php?topic=18200.0 and past below:
Hi all, I want to share my configuration of Freeswitch with Dynamic IP WAN. I obviously have to thank Mcrane not only for his great job porting FS to pfSense but also for the huge amount of time spent with me, my configuration and my poor knowdlege about FS (that caused a lot of headhaches to him). When you have a DHCP or PPPOE connection the annoying issue is your are left without PBX when the internet connection is down. It happens very often to me, I'm in countryside and the quality of DSL is terrible. I have PPPoA half-bridge so when the connection goes down my WAN IP di 0.0.0.0. With this setup you will always be able to use internal extensions, I also have a Sipura-3102 with PSTN configured as gateway so I can always call outside also when WAN is down. You'll be able to register local extensions to lan profile and external extensions to internal profiles and they can call each others. Optionally you can also enable SSLv23 for encrypted calls (but I'm not sure this way only SIP messaging or voice data too is encrypted). *1) CONFIGURE DYNAMIC DNS* Register to a dynamic dns and get an hostname, I'll use a dummy " dsl.homeip.net" for this guide. I'm using DynDns, if you choose another provider be sure it supports "Wildcards". Configure the ddns name in Services->Dynamic DNS and be sure to enable "Wildcards". *2) CONFIGURE DNS FORWARDER* I will use as example for this guide the pfSense LAN IP 192.168.0.1. Check "Enable DNS forwarder". Your phones must use ONLY your pfSense LAN IP address as DNS server, check it! Below "You may enter records that override the results from the forwarders below." add an hostname this way, BE SURE to replace with your correct ddns and LAN IP: Host: dsl Domain: homeip.net IP Address: 192.168.0.1 Save configuration and check with your PC (with pfSense configured as primary DNS), ping to dsl.homeip.net must resolve to LAN IP, ping to fs.dsl.homeip.net must resolve to your WAN IP. *3) CONFIGURE INTERNAL PROFILE* Extensions from outside that register to WAN IP must use TCP protocol. Always use your ddns, "dsl.homeip.net", for registration domain/SIP host. Go to Services->Freeswitch->Profiles and click edit for internal.xml. Uncomment and/or set with this values: <param name="manage-presence" value="passive"/> <param name="dbname" value="share_presence"/> <param name="presence-hosts" value="$${domain}"/> <param name="bind-params" value="transport=tcp"/> <param name="rtp-ip" value="$${local_ip_v4}"/> <param name="sip-ip" value="$${local_ip_v4}"/> <param name="ext-rtp-ip" value="auto"/> <param name="ext-sip-ip" value="auto"/> <param name="force-register-domain" value="$${domain}"/> *4) CONFIGURE LAN PROFILE* Extensions from inside that register to LAN IP must use UDP protocol. Always use your ddns, "dsl.homeip.net", for registration domain/SIP host. Go to Services->Freeswitch->Profiles and click edit for lan.xml. Be sure to change 192.168.0.1 with you LAN IP! Uncomment and/or set with this values: <param name="manage-presence" value="true"/> <param name="dbname" value="share_presence"/> <param name="presence-hosts" value="$${domain}"/> <param name="bind-params" value="transport=udp"/> <param name="rtp-ip" value="192.168.0.1"/> <param name="sip-ip" value="192.168.0.1"/> <param name="ext-rtp-ip" value="192.168.0.1"/> <param name="ext-sip-ip" value="192.168.0.1"/> <param name="force-register-domain" value="$${domain}"/> *5) CONFIGURE VARS* Go to Services->Freeswitch->Vars. Be sure to prepend "fs." or anything else you like to ddns name in external_rtp_* set values! It's needed because pfsense locally will resolve you registered ddns to LAN IP address. Uncomment and/or set with this values: <X-PRE-PROCESS cmd="set" data="domain=dsl.homeip.net"/> <X-PRE-PROCESS cmd="set" data="bind_server_ip=auto"/> <X-PRE-PROCESS cmd="set" data="external_rtp_ip=host:fs.dsl.homeip.net"/> <X-PRE-PROCESS cmd="set" data="external_sip_ip=host:fs.dsl.homeip.net"/> *6) TLS ENCRYPTION* ONLY IF you want TLS/SSLv23 encryption also set in vars.xml: <X-PRE-PROCESS cmd="set" data="sip_tls_version=sslv23"/> <X-PRE-PROCESS cmd="set" data="internal_ssl_enable=true"/> Then go to SSH console and input the commands (respond Y to questions and change to your ddns name "dsl.homeip.net"): cd /usr/local/freeswitch/bin/ ./gentls_cert setup ./gentls_cert create -cn dsl.homeip.net -alt DNS:dsl.homeip.net Your master certificate is in /usr/local/freeswitch/conf/ssl/CA/ with name cafile.pem Install in your SIP phones or if you use a Windows softphone, download it and rename to "cafile.crt". Double click to add it to certificate store, default options when asked. I verified it works with Windows Vista and Eyebeam Softphone. (If you use Eyebeam, it can't receive encrypted calls, under Security tab check only preference for encryption calls) *7) RESTART FS* Don't only issue a reloadxml, restart the FS serice. Maybe something is missing (my setup is working and I'm not 100% sure that's all what you need from default config), let me know and I'll update the thread. Cheers, Mannix 2009/9/11 jun yang <yj13535428...@gmail.com> > when i set local_ip_v4 to 0.0.0.0 i see the info below: > 2009-09-11 20:22:27.15625 [WARNING] sofia.c:2291 Invalid IP 0.0.0.0 > replaced with 218.21.105.133 > 2009-09-11 20:22:27.15625 [WARNING] sofia.c:2300 Invalid IP 0.0.0.0 > replaced with 218.21.105.133 > 2009-09-11 20:22:27.15625 [NOTICE] sofia.c:1509 Adding Alias [0.0.0.0] for > profile [internal] > > 2009/9/11 jun yang <yj13535428...@gmail.com> > > i add >> <X-PRE-PROCESS cmd="set" data="local_ip_v4=0.0.0.0"/> >> before >> <X-PRE-PROCESS cmd="set" data="domain=$${local_ip_v4}"/> >> and it has no effect all the same. >> >> is that something wrong. >> >> 2009/9/11 Jason White <ja...@jasonjgw.net> >> >> jun yang <yj13535428...@gmail.com> wrote: >>> > when freeswitch start ,it auto bind to the pubic ip, so the lan user >>> cann't >>> > connect to freeswitch use lan ip. >>> > i have setting >>> > <X-PRE-PROCESS cmd="set" data="bind_server_ip=0.0.0.0"/> >>> > but have no effect, freeswitch also auto bind to the public ip. >>> > any help is thanks. >>> >>> Set local_ip_v4 in vars.xml to your desired IP address. >>> >>> >>> _______________________________________________ >>> FreeSWITCH-users mailing list >>> FreeSWITCH-users@lists.freeswitch.org >>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users >>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users >>> http://www.freeswitch.org >>> >> >> >
_______________________________________________ FreeSWITCH-users mailing list FreeSWITCH-users@lists.freeswitch.org http://lists.freeswitch.org/mailman/listinfo/freeswitch-users UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users http://www.freeswitch.org