MagentaZuhause XL TELEKOM.DE mit Opnsense-FreePBX-Groundwire (PJSIP)


Neuer User
Mitglied seit
14 Mrz 2024
Punkte für Reaktionen
Hello everyone,

Sorry for writing in English, My Deutsch is certainly not that strong for me to write it in German. I thought I would document my current setup here for myself and anyone else that might find it helpful.


VDSL Router --> opnsense (FW/NAT) --> FreePBX (PJSIP) ---- Groundwire for softphone

Opnsense - July 24th
FreePBX 16 - Asterisk 20.3.0

- need an outbound NAT from FreePBX to the internet with Static Port option turned on

Settings --> Advanced Settings
- SIP Channel Driver: chan_pjsip

Settings --> Asterisk SIP Settings --> General SIP Settings
- External Address: **Your external IP address - I use a Dynamic DNS name**
- Local Networks: **Internal Network - ie**
-RTP Port Ranges: Start: 10000 End: 20000
- RTP checksums: YES
- Strict RTP: YES
- RTP timeout: 30
- RTP hold timeout: 300
- RTP Keep Alive: 30 **this should be lower than your NAT time out on your FW**
- STUN Server Address: **put it in both places**
- Codecs:

Settings --> Asterisk SIP Settings --> SIP Settings [chan_pjsip]
-Allow Transports Reload: NO
- Enable Debug: NO
- Show Advanced Settings: YES
- Endpoint Identifier Order: ip username anonymous header auth_username
- udp - - All: YES **you can specify your server IP if you want. This is also enabled for other ISPs besides TELEKOM.DE**
- tcp - - All: YES **You can specify your server IP if you want. You need this for TELEKOM.DE to work**
- Port to Listen On: 5060 **Needed in two places**

Connectivity --> Trunks --> Add SIP (chan_pjsip) Trunk
Edit Trunk --> General
- Trunk Name: 08912345678
- Outbound CallerID: <08912345678>
- CID Options: Allow Any CID **you may choose Force Trunk CID as well**
- Maximum Channels: 2
-Asterisk Trunk Dial Options: System
- Continue if Busy: No
- Disable Trunk: No
- Monitor Trunk Failures: No

Edit Trunk --> pjsip Settings -->General
- Username: +498912345678
-Auth username: [email protected] **Email address you use to customer portal**
- Secret: **Portal password**
- Authentication: Outbound
- Registration: Send
- SIP server:
- SIP server port: 5060
- Context: from-pstn
-Transport: **or your server IP-tcp, it must be tcp not udp**

Edit Trunk --> pjsip Settings -->Advanced
- DTMF mode: In-band
- Permanent Auth Rejection: Yes
- Forbidden Retry Interval
- Fatal Retry Interval
- General Retry Interval
- Expiration
-Max Retries
- Qualify Frequency
- Outbound Proxy:\;lr\;hide
- User = Phone: Yes
- Contact User: 08912345678
- From Domain:
- From User: +498912345678
- Client URI: sip:[email protected]
- Server URI:\;transport=tcp
- Support Path: No
- Support T.38 UDPTL: No
- T.38 UDPTL Error Correction: None
- T.38 UDPTL NAT: No
- T.38 UDPTL MAXDATAGRAM: **blank**
- Fax Detect: No
- Trust RPID/PAI: No
- Send RPID/PAI: No
- Send Private CallerID Information: No
- Match Inbound Authentication: Username
- Inband Progress: Yes
- Direct Media: Yes
- Rewrite Contact: Yes
- RTP Symmetric: Yes
- Media Encryption: None
- Force rport: Yes
- Message Context: **Blank**

Edit Trunk --> pjsip Settings -->Codecs

Outbound Routes
[Edit Novize: Bild gemäß der Forumsregeln auf Vorschau verkleinert
Image reduced to preview as per forum rules]

We use our smartphones and tables as our landline device. We have Acrobits Groundwire installed. We use push notification so that the application only runs when it needs to. To get it to work, we had to allow Acrobits servers to register on the device behalf to our server. We had to forward Acrobits requests to our FreePBX server. we configured Groundwire like we would any Softphone.
-**We add a rule for NAT port forward**
*Interface: WAN
*Src Address:
*Src Port: Any
*Dst Address: WAN Address
* Dst Port: 5060
* Rdr IP: FreePBX ip
* Rdr port: 5060
Zuletzt bearbeitet von einem Moderator:

Statistik des Forums

Neuestes Mitglied
Holen Sie sich 3CX - völlig kostenlos!
Verbinden Sie Ihr Team und Ihre Kunden Telefonie Livechat Videokonferenzen

Gehostet oder selbst-verwaltet. Für bis zu 10 Nutzer dauerhaft kostenlos. Keine Kreditkartendetails erforderlich. Ohne Risiko testen.

Für diese E-Mail-Adresse besteht bereits ein 3CX-Konto. Sie werden zum Kundenportal weitergeleitet, wo Sie sich anmelden oder Ihr Passwort zurücksetzen können, falls Sie dieses vergessen haben.