WebRTC Phone-UCP
- 1 Overview
- 2 Requirements
- 2.1 Server Side
- 2.2 Ports
- 3 Documentation Disclaimers
- 4 Client Side Environments
- 5 Installation
- 6 Enabling WebRTC
- 6.1 Certificates
- 6.1.1 Certificate Authority Settings(CA)
- 6.1.1.1 Upload CA
- 6.1.1.1.1 Host Name
- 6.1.1.1.2 Organization Name
- 6.1.1.1.3 Passphrase
- 6.1.1.1.4 Save Passphrase
- 6.1.1.1.5 Private Key
- 6.1.1.1.6 Certificate
- 6.1.1.2 Generate CA
- 6.1.1.2.1 Host Name
- 6.1.1.2.2 Organization Name
- 6.1.1.2.3 Passphrase
- 6.1.1.2.4 Save Passphrase
- 6.1.1.1 Upload CA
- 6.1.1 Certificate Authority Settings(CA)
- 6.2 Add Certificate
- 6.2.1 Generate a New Certificate
- 6.2.1.1 Certificate Authority
- 6.2.1.2 Name
- 6.2.1.3 Description
- 6.2.2 Upload Certificate
- 6.2.2.1 Name
- 6.2.2.2 Description
- 6.2.2.3 Private Key
- 6.2.2.4 Certificate
- 6.2.1 Generate a New Certificate
- 6.3 Enabling WebRTC Phone for a user
- 6.3.1 Enable WebRTC Phone
- 6.3.2 WebRTC Certificate
- 6.3.3 Enable WebRTC Experimental Hold Support
- 6.3.4 Submit your changes
- 6.1 Certificates
- 7 Using The WebRTC Phone
- 8 Troubleshooting
Overview
The WebRTC Module allows an Administrator to enable a "WebRTC phone" that can be attached to a user's extension which they can connect to through FreePBX User Control Panel, this WebRTC phone will then receive phone calls at the same time as the users extension using user and device mode behind the scenes. If you have User and Device Mode enabled any extension you enable the WebRTC Phone a duplicate extension of 99XXXX will be created (where XXXX is the original extension number), when the user then views the web interface of the WebRTC phone they will be connected to device 99XXXX which will receive calls from the original extension
Requirements
Server Side
Component | Minimum Version |
---|---|
Asterisk | 11.5 |
Certificate Manager | 12.0.0alpha1 |
Core | 12.0.1beta9 |
User Control Panel | 12.0.0beta7 |
FreePBX | 12.0.1beta34 |
Ports
Summary of ports and services related to WebRTC. If the PBX is behind a router, set up port forwarding as appropriate. Use the FreePBX Firewall to limit access to trusted hosts only where possible.
Service | Default bind port | Notes |
---|---|---|
UCP https | varies | Defined in System Admin, Port Management. Consider using the defaul https port, 443 to keep things simple for users. |
Admin http | varies | If using Let's Encrypt setup and auto renewal, it requires /Admin access on port 80 System Admin, Port Management |
node.js | 8001 | Defined in Advanced settings. |
node.js (secure) | 8003 | Defined in Advanced Settings. Ensure that "Enable TLS for the NodeJS Server" is enabled, as it is disabled by default |
Asterisk http | 8088 | Defined in Advanced settings, Asterisk Builtin mini-HTTP server |
Asterisk https | 8089 | Defined in Advanced settings, Asterisk Builtin mini-HTTP server |
Documentation Disclaimers
This documentation was completed using the FreePBX Distribution. Results may vary on other distributions. This module is considered unsupported in other environments. This doesn't mean it won't work, only that it hasn't been tested or verified in other environments
WebRTC is a developing standard. There are 2 standards groups working on the development of these standards and both classify WebRTC as a Draft. Within browsers support for some functionality may be added or removed as the standard is refined. Please keep this in mind if using this for any production purpose.
Client Side Environments
This has been tested in the following client Environments
Client OS | OS Version | Client Browser | Browser Version | Status |
---|---|---|---|---|
Ubuntu | 14.04 | Firefox | 31 | Working |
Ubuntu | 14.04 | Chrome | 38.0.2125.101 | Working |
|
|
|
|
|
Installation
Make sure your modules are up to date
Ensure your that the your FreePBX module versions and Asterisk versions are up to date
From the FreePBX webui. If you do not have the WebRTC or Certificate Manager installed yet, don't worry about it we will address that in the next step.
Click Admin
Click Module Admin
Click Check Online
If the module has an update available, click the module name
Under Action Click Update, Repeat these steps for each module. You can also click the Upgrade All button.
Click Process
A Summary window will popup where you confirm the actions
Once the process finishes click the Return button
Install Needed Modules
After completing the upgrade and pressing th return button you will be returned to the Module Admin Screen. Note some updates may not complete due to dependency issues. You may wish to resolve this before moving on.
Once your modules are up to date click Check Online again
Under the Admin Category click Certificate Manager
Under Action Click Install
Click the Process button
Confirm the action
Once installed click Return
Once your modules are up to date and Certificate Manager is installed, you may install the WebRTC module
From clicking Return above you should be back in Module Admin. Click Check Online again
Under Connectivity click WebRTC Phone
Under Action Click Install
Click the Process button
Confirm the action
Once installed click Return
Enabling WebRTC
It is important that you do things in order for them to work properly.
Certificates
From the top menu click Admin
In the drop down click Certificate manager
Certificate Authority Settings(CA)
In the right navigation menu click Certificate Authority Settings
Upload CA
Host Name
DNS or Host Name
Organization Name
Name of the Organization
Passphrase
Passphrase used to access this certificate and generate new client certificates. If you don't use a passphrase when generating a new certifcate, then the private key is not encrypted with any symmetric cipher - it is output completely unprotected. If you don't provide a passphrase when uploading a certificate you will have to provide the passphrase everytime a new certificate is needed
Save Passphrase
Whether to store the password in the database so that new certificates can be generated automatically.
The Passphrase is stored in PLAIN TEXT! You have been warned. Use Something you don't care about or use!
Private Key
Your Private Key File
Certificate
Your Certificate File
Generate CA
Host Name
DNS or Host Name
Organization Name
Name of the Organization
Passphrase
Passphrase used to access this certificate and generate new client certificates. If you don't use a passphrase when generating a new certifcate, then the private key is not encrypted with any symmetric cipher - it is output completely unprotected. If you don't provide a passphrase when uploading a certificate you will have to provide the passphrase everytime a new certificate is needed
Save Passphrase
Whether to store the password in the database so that new certificates can be generated automatically.
Add Certificate
On the right side navigation menu click New Certificate
Generate a New Certificate
Certificate Authority
Choose the appropriate authority, You may have just the one you created a moment ago.
Name
Give the Certificate a name
Description
Give this certificate a brief description
Upload Certificate
Name
Give the Certificate a name
Description
Give this certificate a brief description
Private Key
Your Key file
Certificate
Your Certificate file
Enabling WebRTC Phone for a user
Click Admin
Click User Management
On the right side navigation menu click the User you wish to enable
Make sure the user is allowed to login to the UCP
Enable WebRTC Phone
Should the WebRTC Phone be enabled for this user. Set this to yes
WebRTC Certificate
Select the certificate this user should use
Enable WebRTC Experimental Hold Support
Should we enable hold on the phone. This may or may not work and as the title indicates is experimental.
Submit your changes
Save the changes.
Using The WebRTC Phone
Login to the User Control Panel using https ( https://yourpbxserver/ucp )
Once logged in, click the in the upper left, and click the "Side Bar Widgets" tab in the window that pops up.
In the vertical menu at the right select phone, and then click the to add the phone widget to the vertical bar on the left. Activate the phone widget by clicking on it.
Once you are in a call you will have the option to "Hold/Unhold" if enabled and to Hangup.
|
|
|
|
Your browser may ask for permission to use the audio devices. You must grant this permission.
Troubleshooting
One Way Audio
If you are getting one/no way audio this may be do to the fact that you haven't properly listed a stun server for Asterisk to use. You can easily define one for Asterisk to use by configuring the STUN server fields in Settings, Asterisk SIP Settings and applying config.