Freeswitch on pfSense

Freeswitch on pfSenseFreeswitch on pfSense

Prepared For:Prepared For:Toronto Asterisk User GroupToronto Asterisk User Group

Presented by:Presented by:David DonovanDavid DonovanMarch 24, 2009March 24, 2009

Topics to be CoveredTopics to be Covered

Introduction and history of pfSenseIntroduction and history of pfSense Introduction and history of FreeSwitchIntroduction and history of FreeSwitch Installing and configuring pfSenseInstalling and configuring pfSense Installing and configuring FreeSwitchInstalling and configuring FreeSwitchTypical configurationsTypical configurationsQ&AQ&A

The Presenter: Who’s this guy?The Presenter: Who’s this guy?

David DonovanDavid Donovan

Started my career as a Network Admin and then IT Started my career as a Network Admin and then IT Manager for an outsourced call centreManager for an outsourced call centre

First applied Asterisk 5 years ago for recorded First applied Asterisk 5 years ago for recorded announcements in a Lucent Definity environmentannouncements in a Lucent Definity environment

Did Project Management and IT Consulting for a few Did Project Management and IT Consulting for a few years including a few small Asterisk projects: IVR, PBXyears including a few small Asterisk projects: IVR, PBX

Currently IT Manager for Nuvo Research, a small public Currently IT Manager for Nuvo Research, a small public Canadian Biotech focused on topicalsCanadian Biotech focused on topicals

The pfSense Project - OverviewThe pfSense Project - Overview

What is it?What is it? A free, open source firewall router A free, open source firewall router BSD based (currently 7.1)BSD based (currently 7.1) Relatively easy to set upRelatively easy to set up Supports add-on packages like squid, Supports add-on packages like squid,

FreeRadius, sipproxd, snort, TinyDNSFreeRadius, sipproxd, snort, TinyDNS Supported commercially by the developers and Supported commercially by the developers and

freely by an active user communityfreely by an active user community Lean 76 meg ISO image. Can run from CD or Lean 76 meg ISO image. Can run from CD or

install to hard diskinstall to hard disk Supports full PC and embedded devices like Supports full PC and embedded devices like

ALIX, WRAP and SoekrisALIX, WRAP and Soekris


Where did it come from?Where did it come from?Based on BSD (currently 7.x) and pfBased on BSD (currently 7.x) and pfStarted in 2004 by Chris Buechler and Started in 2004 by Chris Buechler and

Scott Ullrich as a friendly fork of m0n0wall Scott Ullrich as a friendly fork of m0n0wall m0n0wall is strictly for embedded setups, m0n0wall is strictly for embedded setups,

pfSense offers full PC as it’s main focus pfSense offers full PC as it’s main focus and embedded as welland embedded as well


Where is it going?Where is it going?Focus is on release version 2.0 currently Focus is on release version 2.0 currently

in alphain alpha2.0 based on BSD 7.1 which provides 2.0 based on BSD 7.1 which provides

better hardware supportbetter hardware supportDirection is toward becoming a platform to Direction is toward becoming a platform to

build robust, stable appliances such as build robust, stable appliances such as DNS servers, PBXs, Firewalls, etc.DNS servers, PBXs, Firewalls, etc.

The Freeswitch ProjectThe Freeswitch Project

Started by Anthony Minesalle when he Started by Anthony Minesalle when he realized that Asterisk and some of it’s core realized that Asterisk and some of it’s core design issues were holding him back design issues were holding him back (lots more on this on the Freeswitch website, see resources on last slide)(lots more on this on the Freeswitch website, see resources on last slide)

Open architecture, focused on being Open architecture, focused on being developer friendly and pluggabledeveloper friendly and pluggable

Uses the Sofia SIP stack instead of Uses the Sofia SIP stack instead of Asterisk home-rolled SIP stackAsterisk home-rolled SIP stack

The FreeSwitch ProjectThe FreeSwitch Project

FreeSwitch is generally acknowledged to FreeSwitch is generally acknowledged to be better at conferencing than Asteriskbe better at conferencing than Asterisk

Compiles natively in Linux, BSD and Compiles natively in Linux, BSD and WindowsWindows

Uses XML for all of it’s config files so they Uses XML for all of it’s config files so they are more parsing friendlyare more parsing friendly

Supports SIP, IAX, H263, Zaptel (Digium), Supports SIP, IAX, H263, Zaptel (Digium), Wanpipe (Sangoma) and many othersWanpipe (Sangoma) and many others

Installing PfSenseInstalling PfSense

Requirements (for PC based builds):Requirements (for PC based builds):At least one physical network card (two or At least one physical network card (two or

more would be great)more would be great) I’ve had no problem using PIIIs with 128MB I’ve had no problem using PIIIs with 128MB

RAM for home machinesRAM for home machines I use a couple of low-horsepower Dell P4s at I use a couple of low-horsepower Dell P4s at

my branch officesmy branch officesCD ROM driveCD ROM driveKeyboard and monitor are optional after the Keyboard and monitor are optional after the

initial install process is completeinitial install process is complete


1.1. Drop the CD in, boot your machineDrop the CD in, boot your machine2.2. Use autodetect to find and label your Use autodetect to find and label your

network interfacesnetwork interfaces3.3. (recommended) Choose option 99 to (recommended) Choose option 99 to

install to Hard Diskinstall to Hard Disk4.4. Follow the promptsFollow the prompts

– HUGE WARNING – This will erase all – HUGE WARNING – This will erase all the data on your hard drive permanently, the data on your hard drive permanently, forever and irrevocably. (You won’t be forever and irrevocably. (You won’t be able to get it back either)able to get it back either)


5.5. Other than setting the timezone, I’ve Other than setting the timezone, I’ve always been able to accept the defaults always been able to accept the defaults while installingwhile installing

6.6. Pop the CD out and let it rebootPop the CD out and let it reboot

7.7. Connect to the LAN interface using a Connect to the LAN interface using a web browser. U: admin, P: pfsenseweb browser. U: admin, P: pfsense

8.8. From the system menu, run the ‘Setup From the system menu, run the ‘Setup Wizard’Wizard’

pfSense – Other featurespfSense – Other features

Captive PortalCaptive PortalVPN: IPSec, PPTP, OpenVPNVPN: IPSec, PPTP, OpenVPNWireless client, Wireless APWireless client, Wireless APFreeRadiusFreeRadiusPacket CapturePacket CaptureSnort IDSSnort IDS

Installing and configure FreeSwitchInstalling and configure FreeSwitch

The best resource for this process is:The best resource for this process is:http://doc.pfsense.org/index.php/FreeSWITCHhttp://doc.pfsense.org/index.php/FreeSWITCH

The following slides will give you a flavour The following slides will give you a flavour of the interface but don’t provide config of the interface but don’t provide config info, see the wiki link for thatinfo, see the wiki link for that

Installing and configure FreeSwitchInstalling and configure FreeSwitch

Benefits FreeSwitchBenefits FreeSwitch

Supports one to many multi-party video Supports one to many multi-party video conferencing. The system guesses who is conferencing. The system guesses who is speaking and sends that video to all speaking and sends that video to all participantsparticipants

Using it on your firewall can eliminate NAT Using it on your firewall can eliminate NAT traversal because it binds (by default) to traversal because it binds (by default) to the external interface IPthe external interface IP

Many others depending on your Many others depending on your applicationapplication

Links and ResourcesLinks and Resources

The pfSense project can be found at The pfSense project can be found at www.pfsense.orgwww.pfsense.org Watch for news on version 2.0 at Watch for news on version 2.0 at blog.pfsense.orgblog.pfsense.org The pfSense forums and mailing lists are friendly and The pfSense forums and mailing lists are friendly and

helpful. The lead developers participate dailyhelpful. The lead developers participate daily Other open source firewall packages worth looking at Other open source firewall packages worth looking at

include Untangle and m0n0wall:include Untangle and m0n0wall:www.untangle.comwww.untangle.comm0n0.chm0n0.ch

Links and ResourcesLinks and Resources

The FreeSwitch website has a periodically updated blog The FreeSwitch website has a periodically updated blog and links to downloads and the wiki:and links to downloads and the wiki:www.freeswitch.orgwww.freeswitch.org

Here’s a good starting point on understanding where Here’s a good starting point on understanding where FreeSwitch is coming from, and where it’s going FreeSwitch is coming from, and where it’s going especially as it compares to Asterisk:especially as it compares to Asterisk:www.freeswitch.org/node/117www.freeswitch.org/node/117

Q&AQ&A

Thanks for your kind attention.Thanks for your kind attention.

The conversation continues…. The conversation continues…. Visit Visit www.taug.ca/discusswww.taug.ca/discuss and join the and join the

TAUG mailing lists and come out to events.TAUG mailing lists and come out to events.

Freeswitch on pfSense

Documents

Transcript of Freeswitch on pfSense