Versions Compared

Old Version 1

changes.mady.by.user Kelli Higdon

Saved on

compared with

New Version Current

changes.mady.by.user Kelli Higdon

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Deployments without Internet Connection

Overview

There are many situations when PBXact would be installed on a network where the PBXact will have no connection to the Internet.  The scope of this document is to help users in correctly preparing and configuring PBXact when there is either no connection to the Internet.  There are also networks  where there is access to the internet. but due to Security policies results in a restricted Internet connectivity, resulting in the PBXact having no connection to the internet. 

...

There may be some scenarios in which the end user's PBX has to be totally disconnected from the Internet. 

No Internet Connection

Image Removed

image-20240410-134011.pngImage Added

In other cases, Internet connection is present but there may be hard restrictions coming for example from the IT Manager which will prevent your system access with the Public Internet Network.

Highly Restricted Network

Image Removed
image-20240410-134035.pngImage Added

The PBXact has a few fundamental commissioning and maintenance requirements where the PBXact system absolutely must be connected to the Internet to allow the exchange of information.  Licensing, Module Update, System Updates and Support VPN are key features that absolutely require Internet connectivity.  Although, once Licensing, Module Update, and System Updates have been completed in there online License activation and proper Module and System updates, the PBXact can then be moved into an isolated network.   From this point, the PBXact system will work in this isolated environment, with the exception of the features that require Internet access.

...

Making sure the PBXact is properly licensed requires that the PBXact to connect with Sangoma's licensing server (Portal Store).  In many cases, PBXact Appliances are shipped pre-licensed and ready to go, in this case, it is simply a good systems check to ensure everything is in order prior to moving the PBXact system into an isolated network.  In other cases, extra Modules or Licenses have been purchased and the PBXact system needs to be updated with the proper licenses.   When purchasing your PBXact, the Deployment ID should already be associated with your Portal Store Organization, it is good to check the Partner Portal (http://portal.sangoma.com ) to ensure that the PBXact Deployment ID is registered to your Organization.   If not there are processes in place to Product Claim the Deployment ID.  https://wiki.sangoma.com/display/FPAS/Product + Claims

The PBXact must have Internet connectivity for updating Licenses. The PBXact must have an IP Address, Mask, Default Gateway and a DNS Server properly configured and working.  The DNS Server must be able to resolve public Internet FQDNs.  If you simply checking the licensing on the PBXact Or have assigned a new module to your Deployment ID, such as by purchasing a new commercial module in the Portal store, you will need to update your registered modules here in System Admin - Activation.  Otherwise, once the PBXact is installed onto the isolated network, the PBXact will not have the ability to reach out over the Internet and access the license server to update the new module.

...

Once the PBXact is moved to an isolated network with no Internet connectivity, there is no ability to update the Modules software or the System Software.  Module Software is the PBXact application, such as System Admin, Zulu and more, and System Software are the OS, Network drivers, Asterisk and more.  It is highly recommended that the PBXact is updated to the latest and greatest releases for Modules and System software, prior to moving the PBXact into an environment where the PBXact can no longer retrieve the latest software updates.  While in the Staging Network and the Internet connection is available, the process of updating Module software and System Software is recommended.

System Updates

https://wiki.sangoma.com/display/FPG/System + Admin + - + Updates

Updates Module - System Updates tab

...

Also, a CLI command yum update will also update the system software.

Module Updates

https://wiki.sangoma.com/display/FPG/Module + Admin + User +GuideGuid

Updates Module - Module Updates tab

...

There is a specific part of the System Admin Module called DNS which needs you to pay attention on the configuration you may set: https://wiki.sangoma.com/display/FPG/System + Admin + - + DNS

...

Because the system is relying on DNS service to start and keep running some services, Name Server Resolution has to be configured in one of these two ways:

...

Do Not use Hostnames, if there are no DNS Servers to resolve them. 

...

Other Services

Because the PBXact is designed to work in an IP network environment and mostly connected to the Internet, once you plan to disconnect your system from the public network, you must take care of some key services running on the box. Most of them are included into the System Admin Pages module: https://wiki.sangoma.com/display/FPG/System + Admin + Module

SMTP Server

Whether you can choose to utilize the Local SMTP or an external one, it's important to remember that SMTP is intended to work on a public network for mail exchange with other mail domains. In case of no Internet Connection, you can configure your private SMTP server to allow the delivery of all the communications sent by the PBX (alerts, updates status, voicemail notifications, fax and so on)

...

Whether the Staging Network is the same Subnet or different - if different the option of adding additional IP Address(es) in System Admin - Network Settings to the new isolated network is possible.  Once configured, the PBXact can be turned off and moved over to the new isolated environment.

...

Application Awareness

When the PBXact is disconnected from the public Internet, there are some applications that will be limited:

...

  • No Sangoma Redirect Server to take advantages of the

Zero Touch Provisioning

Zulu

  • No Zulu Mobile Push Notifications to alert Zulu Mobile Users

...

In the following table are the PBXact features and how they are impacted by not having Internet connectivity.  As mentioned. any services relying on Internet connection will not work: let's have a look to a non exhaustive list of "Working" and "Not Working" applications/services. 

WORKING

PARTIALLY WORKING

NOT WORKING

Admin

  • Administrators

  • Asterisk CLI

  • Asterisk Modules

  • Backup & Restore

  • Basic Dashboard

  • Blacklist

  • Bulk Handler

  • Class of Service

  • Config Edit

  • Contact Manager

  • Custom Destinations

  • Custom Extensions

  • Feature Codes

  • Phone Apps

  • Presence State

  • Queue Penalty Rules

  • REST API

  • System Recordings

  • User Management

  • XMPP

  • XactViewV3 Admin

Applications

  • AMD Settings

  • Announcements

  • Appointment Reminder

  • Broadcast

  • Call Flow Control

  • Call Recording

  • Callback

  • CallerID Management

  • Conferences

  • Conferences Pro

  • DISA

  • Extensions

  • Follow Me

  • IVR

  • Misc Applications

  • Misc Destinations

  • Paging and Intercom

  • Park and Announce

  • Parking

  • Property Management

  • Queue Callback

  • Queue Priorities

  • Queues

  • Ring Groups

  • Set CallerID

  • Time Conditions

  • Time Groups

  • Virtual Queues

  • Voicemail Blasting

  • Wake Up Calls

Connectivity

  • DAHDI Channel DIDs

  • DAHDi Config

  • Inbound Routes

  • Outbound Call Limit

  • Outbound Routes

  • Vega Gateway Management

Reports

  • Asterisk Info

  • Asterisk Logfiles

  • CDR Reports

  • Call Event Logging

  • Call Recordings

  • PHP Info

  • Pinsets Code Reports

  • Print Extensions

  • Queue Callback Report

  • Queue Report Templates

  • Queue Reports

  • Queue Wallboard

  • REST API Report

  • Weak Password Detection

Settings

  • Advanced Settings

  • Asterisk IAX Settings

  • Asterisk Logfile Settings

  • Asterisk Manager Users

  • Asterisk REST Interface Users

  • CRM API Settings

  • CRM Settings

  • Extension Settings

  • Music on Hold

  • PIN Sets

  • QueueMetrics

  • Route Congestion Messages

User Panel

  • XactView Panel

Admin

  • Certificate Management(*)

  • Online Support(**)

  • Sound Languages(**)

  • System Admin(*)

  • Updates(**)

  • Zulu(*)

Applications

  • Calendar(*)

  • Calendar Event Groups(*)

  • Languages(**)

  • Voicemail Notifications(*)

Connectivity

  • Firewall(*)

  • Trunks(*)

Reports

  • Voicemail Reports(*)

Settings

  • Asterisk SIP Settings(*)

  • EndPoint Manager(*)

  • Fax Configuration(*)

  • Text To Speech Engines(**)

  • Voicemail Admin(*)

Admin

  • CID Superfecta

  • CallerID Lookup Sources

  • DUNDi Lookup

Applications

  • Text To Speech

Connectivity

  • Google Voice (Motif)

  • SIPSTATION

Reports

Settings

  • High Availability

User Panel

(*) = works for local network and authorised IP networks/services

...

Licensing / Modules updates:

Code Block
199.102.239.11 (licensing)
199.102.239.170 (modules)

Yum update:

Code Block
vault.centos.org
mirrorlist.sangoma.net
package1.sangoma.net
sng7.com

All aforementioned connections and related streams are carried using TCP

Knowing PBXact exposed ports

Ports used on your PBX