Note: This post has been updated with a new FreePBX in a Cloud instance for Europe.
Because of the interest in our series on VoIP and the open source Asterisk PBX using Amazon’s convenient Elastic Compute Cloud (EC2), yesterday (2009-02-23) Voxilla released a pre-built virtual machine EC2 image using FreePBX, the popular graphical front end administration tool for Asterisk.
If you are interested in a stock installation of Asterisk on the Amazon cloud (either you prefer to manage your PBX manually through command prompts and edited text files, or you wish to install a GUI front end other than FreePBX), you’ll be more interested in Voxilla’s Asterisk in a Cloud step-by-step tutorial).
In the Asterisk in a Cloud tutorial, we led you through the use of Elasticfox, a hearty plug-in for the Firefox browser that gives you easy access to the administrative functions of your Amazon EC2 account. In this tutorial, we forego Elasticfox and use Amazon’s AWS Management Console.
Amazon’s console is much easier to use than Elasticfox; any browser will do and no plug-in download/installation/configuration is required. The console appears to have replaced Elasticfox as Amazon’s preferred AWS management front end.
A small warning: the AWS Management Console is still in beta, and though we have not found problems, future changes may deem some of the instructions below incorrect. In the event that this tutorial needs changes for future releases of the management console, we’ll make them directly on this post.
In this post, we provide step-by-step instructions to install Voxilla’s FreePBX in a Cloud. We will:
- Log into your Amazon EC2 account;
- Configure your Security Group settings;
- Create a new SSH key pair or use your existing key pair;
- Launch the FreePBX instance;
- SSH to the FreePBX instance to retrieve the FreePBX and Webmin web interface URLs and passwords;
- Connect to the FreePBX web interface.
To follow this guide, you will need an SSH client installed on your computer — Mac and Linux machines have a built-in SSH client, Windows users can use PuTTY.
- Launch the Amazon Web Services (AWS) Management Console.
If you don’t have an Amazon EC2 account, you can sign-up for EC2 by following the link in the Getting Started section of the console.
- Click the button labeled Sign in to Amazon EC2 Console. Then sign-in with your Amazon credentials.
- In the Navigation menu — left column, click Security Groups. The Security Groups view will load.
- Look in the Security Groups section — main section of the page. If you don’t have an Asterisk security group, follow the instructions below to create one:
- Click the Create Security Group button — upper left corner of the main section. A new Create Security Group window will appear;
- Type Asterisk in the Security Group Name field;
- Type Security group for Asterisk instances in the Description field;
- Click the Create button to create the security group and return to the Security Group page.
- Select the Asterisk security group. The security group rules will appear at the bottom of the main frame of your browser.
Your Asterisk security group needs to allow the the following traffic:
Connection Method Protocol From Port To Port Source (IP or group) Custom… ICMP -1 -1 0.0.0.0/0 HTTP TCP 80 80 0.0.0.0/0 HTTPS TCP 443 443 0.0.0.0/0 Custom… UDP 10000 20000 0.0.0.0/0 Custom… TCP 5060 5061 0.0.0.0/0 Custom… UDP 5060 5060 0.0.0.0/0 SSH TCP 22 22 0.0.0.0/0 or
your public IP address/32
Custom… TCP 10000 10000 0.0.0.0/0 or
your public IP address/32
- If any or all of the above rules do not exist in your Asterisk security group, you will need to add each individually. If your group includes a service above, but contains different values, you will have to remove the service (using the button on the right of the row containing the service), and re-enter the correct values manually.To add rules to your Asterisk security group:
- Copy the values from the table above into the bottom entry of the security group, then click Save.
- To add more rules, repeat step 1.
- Click Key Pairs from the Navigation menu in the left column. The Key Pair page will appear in the main section of the page. You need at least one key pair to launch your instance. If you do have a key pair, skip to step 8. If you don’t, follow the steps below to generate a new key pair:
- Click the Create Key Pair button in the upper left corner of the main section. A Create Key Pair window will appear.
- Type ec2-keypair in the Key Pair Name field.
- Click Create to generate the new keypair. The console will generate a new key pair for you and your browser should automatically download the private key and save it as ec2-keypair.pem.
- You will need to move the private key file with your other SSH private keys. If you’re using PuTTY on Windows, follow these directions from Amazon to store your keys; if you are on a Mac or Linux, move your keys into the ~/.ssh directory. On a Mac using the Safari browser with its default download settings, get the keys in the right place by opening Terminal.app and enter the following: mv ~/Downloads/ec2-keypair.pem ~/.ssh
- Click Instances from the Navigation menu. The My Instances view will appear in the main section of the web page.
- Click the Launch Instances button in the upper left corner of the main section. A new Launch Instances window will appear.
- Select the Community AMIs tab.
- In the search box in the center of the window, type voxilla. The list should automatically update and list all the available instances published by Voxilla.
- Press the appropriate Select button: If you are in the United States, choose the voxilla/FreePBX-Asterisk-126.96.36.199-i386.manifest.xml instance. If you are in Europe, select the eu-voxilla/FreePBX-Asterisk-188.8.131.52-i386.manifest.xml instance. You will be taken to a page that looks like the image below.
- In the Number of Instances field, type 1.
- Make sure the Instance Type is set to Small.
- Select ec2-keypair from the Key Pair Name drop-down box.
- Select Asterisk from the Security Groups.
- Click the Launch button to launch your FreePBX instance.
- From the My Instances view, you can watch the progress of your instance. It may take up to five minutes for your instance to start.
- Typically you don’t need to SSH into your FreePBX instance. But, for security purposes, we generate new passwords each time an instance of the Voxilla FreePBX in a Cloud AMI is created. So we must SSH into the box to retrieve the FreePBX and Webmin interface passwords for the instance you’ve just created. Once your instance has a Status of running, select the instance and click the Connect button at the top of the main section. A new window will appear and explain how to connect to your instance via SSH. Just copy and paste the string in the amazon Example into your SSH client, and click Return.
- The first time you connect to your instance, your connection attempt may be rejected, this usually means your instance is still starting up . Wait a minute or two and try your connection attempt again. You may receive a warning message similar to “Warning: Identity file ec2-keypair.pem not accessible: No such file or directory.” If so, your keys cannot be found on the local machine. If so, then enter the path to the keypairs (i.e.: ssh -i ~/.ssh/ec2-keypair.pem). When prompted to accept the server SSH key, choose Yes.
- At this point, if your connection attempt is rejected, it means the SSH daemon is still starting, give it a minute or two and try again.
- Whenever you log into the instance, the first thing displayed are the urls for the FreePBX and Webmin web interfaces. Note them for later or copy and paste the urls into a new web browser window.
- Each time you log into the instance, you will also see the location of the release notes and the passwords file.
- You should read the instance release notes by typing more release-notes on the command line (These release notes can also be found here on the Voxilla Forum).
- To display your system passwords, type more passwords on the command line. These passwords were randomly generated when your instance started. You should copy these passwords to a safe location on your computer, so you don’t have to SSH back into the machine to retrieve them.
- Paste the FreePBX web interface url into your web browser. You will see a warning prompt about the SSL certificate. Accept the certificate and continue with the connection (see the release notes for more information). When the page loads, click FreePBX Administration.
- Enter admin for the Username and the password from your password file.
- You should now see the FreePBX Administration status page.
- You can close down your SSH session.
You can now configure FreePBX and Asterisk. To determine what to enter as the SIP server when configuring devices such as telephone adaptors and IP phones, click the Instances link in the AWS Management Console’s navigation area, and look up the Public DNS for the Asterisk/FreePBX instance. Use this value as your SIP server name.