FreePBX 101 v14 Part 10 – Trunking


(upbeat music) – Welcome to Crosstalk Solutions. My name’s Chris and this is FreePBX 101, for Version 14, Video 10, where we’re gonna be
talking about PBX trunking. And we’re taking a step
away from the computer to just work on the
whiteboard for this video because the topic of PBX trunking is so, so huge, right? There’s so much to learn. And what I’m gonna cover
are the most common types of PBX trunking that
you’re going to encounter and that is, POTS lines, PRI lines, and SIP trunking, okay? So we’re gonna cover all
three of those in detail. But let’s go ahead and
start with POTS lines. So POTS stands for, plain
old telephone service, and these are the old-school copper lines that you would have for
instance at your home, right, back when people didn’t have cell phones, what did they have? They had a home phone
and that was delivered over a copper POTS line. Now POTS lines are still in use today, especially in some of
the more rural areas, sometimes they’re the only option if you have a small
business and you can’t get, you know, internet that’s good enough for Voice over IP, it
might be your only option. Now how do you connect a POTS line, or multiple POTS lines, to a PBX server? Now that is done with
either an analog gateway, such as this Sangoma Vega
60g that I have right here. So this one can do up to four POTS lines; however, they make models like this that can do up to eight POTS lines or you can do it with
a card in the server. So that would typically be a Sangoma card, a Digim card, something
that has FXO ports. So analog gateway or a
card, this is typically gonna be a PCI card, or
a PCIe card these days, with FXO ports, not to be
confused with FXS ports which are station ports used for things like fax machines. Okay, so analog gateway or FXO card. And the FXO port cards come
in flavors of, you know, two, four, six, eight, I think up to 24 FXO ports per card. Now the upside to utilizing POTS lines is that they’re very, very reliable. They don’t go down,
right, so the old legacy copper infrastructure is,
been around for so long, it’s incredibly stable and
it’s just a really solid way to run your phone traffic. However, on the down side,
they’re pretty expensive. So a single POTS line is gonna cost you somewhere between 20 to $30 per line, and that’s not counting
any of the extra features like Caller ID, or 3-Way Calling, and that’s also not counting any of the actual usage on the line. So they’re relatively pricey and they aren’t very flexible. So for instance, take Caller ID. So you can take multiple POTS lines and you can string them together in what’s called a hunt group. So a hunt group, also
known as a rollover group, or a hunting group. Basically what that does is you’ve got, Line 1, Line 2, Line 3,
and so if your main number is Line 1, that’s your
main office phone number, someone calls that number
that line is in use. If the second person calls
in, they call that same line, well then it’s gonna rollover to Line 2, and then it’s gonna rollover to Line 3, and so on and so forth
until you run out of lines. At the end of your lines if you don’t have any rollover lines left, the
caller gets a busy signal. Now that’s fine for inbound calling and it actually works really well. This is something, by the
way, that you have to setup at the carrier. This is not something you
can do in your own PBX. If you’re using AT&T for instance, AT&T has to setup your hunt group for you. So on the inbound side
that works really well. On the outbound side; however, it’s a little bit more problematic because if your main
Caller ID is 555-1212, that’s the Caller ID that
you want to be giving out in all your, you know, marketing material, that’s the Caller ID that everyone knows, that’s the Caller ID
that’s in the phone book, but when you call out the
first call might go out this copper POTS line with that Caller ID, but then when that line is in use, either inbound or outbound, the next call is gonna go out Line 2. And it’s gonna go out with Line
2’s Caller ID phone number. And then Line 3 is gonna
go out with Line 3’s Caller ID phone number. So as you can see it’s pretty rare that when you’re dialing outbound you’re actually gonna be outpulsing your company’s desired
Caller ID phone number, or your company’s main
Caller ID phone number. You can only have that
going outbound once. So that can be a problem
for some companies especially as you’re switching over to Voice over IP, you’re
gonna have to port all of these phone numbers
over to the new service because, you know, if you
called out on Line 2 once and someone saved that number, as your businesses Caller ID, they’re always gonna be calling back in on that same number. So it can kind of cause a problem when you’re shifting
to a newer technology. Now of course I mentioned
when you run out of lines in your hunt group, typically
you’re just out of luck, your users are gonna get, or
your callers are gonna get a busy signal or you can
have like AT&T set up a voicemail box as the final rollover, but that’s a voicemail box that’s not in your phone system, it’s not in your FreePBX, it’s with the phone carrier and so then you have to remember to check the phone carrier’s
voicemail box periodically. So just adds a little
bit of extra work for, you know, whomever is responsible for checking the voicemail. Okay, so next let’s talk about PRIs. Now PRIs are also known as T1s, they’re also known as
E1s, these three things are kind of interchangeable though they are different technologies. A PRI, which stands for
Primary Rate Interface is a bundle of lines,
typically it’s served over copper, but we’ll talk
about that in a second, but it’s a bundle of lines where you get 23 voice channels, so you can have up to 23 concurrent calls,
and you get 1-D channel, or data channel, and that data channel is for passing things like Caller ID. Now the older technology is a T1. A T1 is simply 24 voice
channels groups together with no data channels. So a T1 isn’t used much these days because it doesn’t have any Caller ID, there’s no data channel to pass that information along. E1s are also similar, but they are used in other countries. So PRIs are primarily
used in the United States, and I believe Japan uses PRIs as well, but most everywhere else in the country, excuse me, most everywhere
else in the world, you’re gonna fine E1s instead. And an E1 consists of 30 voice channels and 2-D channels. Okay, so to connect a
PRI into your FreePBX you’re also going to
need a digital gateway. So here, this is a Vega 200g. This has the capacity
to terminate two PRIs into a PBX. So the PRIs terminate into here and then this then connects
to your local area network and converts that PRI signal into Voice over IP and then puts it right into the PBX. There are also cards for PRIs, just like the POTS lines. They have PRI cards that
can go into the server. They’re usually flavors of one, two, or four port PRI cards, but there are certainly PRI cards that can get you a lot more then that, but if you’re dealing with that many PRIs chances are you don’t need me (chuckling) you’re gonna be of the enterprise level. Okay, so the upside to PRIs is that they are also very reliable. And PRIs most often use the
same copper infrastructure that POTS lines run off of; however, more and more often these days you’re gonna find that PRIs run across Voice over IP until they
get to your building and then the carrier
converts it to a PRI handoff. So actually it’s transparent to you, it still seems like a PRI, but in reality it’s, it’s running SIP when it actually gets
out into the, you know, the Wild Wild West, if you will. Now the downside to a PRI is that they can be relatively expensive. A PRI, depending on your
area, is usually gonna run you somewhere between 250 and
$400 dollars per month, that does not count usage, okay? So you can see that
it’s a bundle of lines, it’s cheaper to have a PRI
then to have 23 POTS lines, but it is still gonna
be relatively expensive compared to some of the SIP alternatives. Okay, so let’s finally talk about SIP. And SIP stands for Session
Initiation Protocol. SIP is a very common
Voice over IP Protocol. It’s not the only Voice over IP Protocol so basically all SIP is Voice over IP, but not all Voice over IP is SIP. There are other examples
such as the Skinny Protocol for Cisco phones, or Cisco equipment. There’s also the IAX or
Inter-Asterisk eXchange Protocol which is a Voice over IP Protocol that’s used for connecting multiple Asterisk systems together. But, by and large, SIP is the most popular Voice over IP Protocol
and so when someone says, SIP trunks or VoIP trunks, they’re used fairly interchangeably. So, especially if I
accidentally say, VoIP trunks, SIP trunks and VoIP trunks are SIP. So with SIP trunking
there is no card needed in your server whatsoever. SIP is very good for hosted PBX systems because, again, you don’t need a gateway to terminate locally and
then send across the internet to your hosted PBX. The SIP trunk terminates directly into your hosted PBX, everything is IP based, it’s right on the IP network. Within SIP there are all different types of SIP providers. So you’re gonna have;
pay-as-you-go providers, those are providers such
as Flowroute, Vitelity,, these are
providers where you input, or you deposit, a certain
amount of money upfront. So for instance, you plunk down, you know, 50 bucks into your Flowroute account and then as you make
calls it’s just deducted from that $50. Now the advantage to a
pay-as-you-go SIP provider, especially for smaller businesses, is you can throw a hundred
bucks into your account and kind of forget about it until you run out of that $100 credit and sometimes that’s
gonna be months, right? So you don’t have any sort
of monthly recurring charges, you just have an amount in an account that is being deducted from at, you know, a penny per minute for
every call that you make. MRC providers are more
like your standard AT&T, like what you would think
of as your home phone, right, they’re gonna
charge you a monthly fee. That monthly fee typically includes some number of minutes. So for instance, you pay $35
a month for your SIP trunk, but it includes 5,000
minutes of outbound dialing. So an example of an MRC provider is going to be Sangoma’s Sipstation. They charge I believe $25
per month, per channel, and then they also charge you for usage, outbound usage and stuff. Finally you have your
enterprise providers, right? So this is gonna be your
Charter, your Comcast, your Level 3, AT&T,
these types of providers can provide you with SIP trunking. It’s typically gonna
be about as expensive, it’s gonna be on par with a PRI, but they can usually break it up into like 10 channels of SIP trunking, or, you know, 30 channels of SIP trunking. They’re not limited to just 23 channels and then you gotta get another PRI, they can usually, they’ve
got some variance in there. With enterprise providers
you are paying more, but you’re also typically
getting some level of SLA, meaning that since they have
control of the SIP trunk, from start to finish, we’ll
talk about that in a second, they can, they can
basically guarantee quality and uptime on that line for you as part of the contract. So for my larger customers, enterprise, is sometimes the way
to go because they need to ensure, they need to have that sort of extra insurance that the lines not going to go down. Whereas with some of the smaller, pay-as-you-go providers,
there’s no guarantee that the lines gonna be up or down and is it your internet that goes down, or is it the provider
that’s gone down, right? Both of these are
dependent on your internet whereas enterprise typically
is a dedicated circuit that is not dependent on any other data internet connection
that you may have. So speaking of that, enterprise gives you a dedicated circuit, not always, but very often. And that means that they’re
going to provide you equipment onsite that your FreePBX is going to do SIP peering with and we’ll talk about that
more in just a little, in just a second here. So let’s talk about the
types of SIP termination. So those are the type of SIP providers and that’s the type of,
sort of payment structures, that you can expect to see
with different SIP providers. However, how do these SIP
providers actually register to your PBX? In fact, I’m gonna get rid of this too. Okay, so here’s the FreePBX server, here’s your firewall, and
then this is the internet where your SIP provider lives. Okay, so, there’s three different ways that they’re going to, that
you’re going to register a SIP trunk in order to
send and receive calls to the outside world. So the first way is
password authentication. So with password authentication
your SIP provider gives you some credentials, a username, and a password, and then an IP address, or fully qualified
domain name to connect to in the outside world. And so basically you input
that information into here, user, pass, and we’ll talk
about the actual trunking and how to configure that in FreePBX in the next video, but you’re basically gonna be entering some information that includes a username and password and then FreePBX registers outbound, through the firewall, to the SIP provider. And so it creates this connection here that is now a stateful connection, it’s held open through the firewall, because firewalls allow
outbound stateful connections. And so since you’ve
maintained that connection phone calls in go straight to the PBX and phone calls out go
straight to the SIP provider. So it works okay. The problem that I usually have with this type of SIP-based, or password-based authentication, is that the firewall can
tend to be problematic. Sometimes it’s gonna sever this connection and then it takes some
some for the FreePBX to realize that it needs to re-register that trunk with the SIP provider. So it’s not always the most solid way of doing SIP registration. You know, it works most of the time, but again, it depends on
the firewall that you have, and it depends on how that
firewall is configured. I personally like to
eliminate the firewall as a source of the problem
and you can do that with the next type which
is IP-based authentication. Okay, so with IP-based authentication there is no need to have any
sort of username and password, so the configuration in the FreePBX is typically a lot easier to do. You’re basically just saying, hey, send all phone calls to this IP address, or this FQDN. So outbound is just saying, send to, send to x.x.x.x, right? Where x.x.x.x is the IP, or FQDN of your SIP provider, okay? So basically if you’re on Vitelity you’re gonna send to, send all calls to,
or something like that and then it just pushes those calls out. On the inbound side you
would then configure Vitelity to send all inbound calls to the WAN IP of your firewall. So if your WAN IP is
y.y.y.y, you’ve configured the SIP provider in their
online portal to say, hey listen, send all calls to y.y.y.y, which is typically on the
front of your firewall and then that’s gonna
route inbound, you know, any calls, or any traffic
that comes on port 50, 60, from y.y.y.y, send to the LAN IP address, z.z.z.z, of the FreePBX, right? So it basically does
that NAT translation in to the FreePBX. It’s a very solid and stable way of doing authentication. The downside to doing it this way is that you have to open
up ports 50, 60, UDP, and 10,000 through 20,000 UDP, in your firewall. You do have to open those ports; however, you can lock those ports down to the SIP provider. Well, I guess this is the SIP provider. You can lock those ports down so that you’re only allowing traffic in, on these ports, from
this IP address, okay? So that’s the way that I prefer to do it. That way someone would have to be a network genius in order
to hack your SIP account. They’d have to know your IP, they’d have to spoof your, they have to know the
IP of your SIP provider, they’d have to spook the
IP of your SIP provider and then they’d have to, you know, know about all your inner workings and how everything’s routed
and all that sort of stuff. So very difficult to
bypass the security here if you’ve locked it down properly. But, do not ever open these ports through the firewall to the entire world. Okay, so fair warning, never do that. Because you will get
hacked almost immediately, not necessarily hacked,
but they will have, people are running scripts constantly on every IP address in the internet trying to find vulnerable
Voice over IP servers that they can make free phone calls on. Okay, so if you’ve locked yourself down to only the IP address
of your SIP provider on the inbound side, then
you’re gonna be fine typically. Okay, so finally I wanna
talk about SIP handoff. This is also sometimes
known as SIP peering, but basically when you have
an enterprise-level provider, that is giving you a dedicated circuit, specifically for Voice over IP, this is typically how it’s going to work. It’s not gonna use the general
internet data connection that’s connected to your firewall. So your FreePBX for instance, when it goes out to get updates, and you know, package
updates, module updates, it’s gonna be downloading
through the firewall and getting that stuff from the internet. But, when the FreePBX makes phone calls, sends and receives phone calls, it’s actually peering
with a different box. So AT&T or Comcast or Charter, or whomever the enterprise provider is, is typically going to put
a piece of hardware onsite and, you know, usually
it’s like an ADTRAN box or something like that, and that is a dedicated
circuit with their home office. Okay, so often it does run through the internet as well, but
it’s a dedicated circuit separate from your data internet circuit, and they’re going to give you a different IP address to use. So usually it’ll be like, and they’ll tell you that you need to peer with this IP address, or rather with their IP address which would be like So they’re essentially creating a small local area network, or an additional local area network inside between their box and your FreePBX. Now this is typically going to require multiple network cards on your FreePBX. One for the standard internet connection, which is the gateway, you know, you just pass traffic out to the gateway, you know download your updates
and that sort of stuff. And then one that doesn’t
have a gateway IP, it’s just an extra network that is sort of this SIP peering
network over here. Now again, that’s typically only gonna be with larger companies that are giving you a dedicated piece of
hardware to put in your LAN, or in your network I should say. Okay, so that about does
it for SIP trunking. Again, we’re not gonna get too in depth. I’m not gonna show you every different way that you can configure
a SIP trunk in FreePBX in our next video because there’s just too many ways to do it, right? So what I’m gonna be
doing is a Vitelity trunk with username and
password-based authentication and hopefully that’ll work just fine for our purposes. Okay, well I hope you
guys enjoyed this video and stay tuned for the next video where we’re actually going to connect up a SIP trunk and start
sending out some phone calls to the rest of the world. Okay, if you enjoyed this
video give me a thumbs up. If you’d like to see more videos like this please click Subscribe. My name’s Chris with Crosstalk Solutions and thank you so much for watching.


  1. I have not completed watching the video 15:37 but my company is in the process of changing buildings and we having difficulty getting our current service provider to supply us with a SIP trunk to move 6 numbers. I am currently looking for alternatives and I noticed that you mentioned and I’m talking to customer service right now. However, I would like to know if this is your highest recommend option. If not I would love consult with you further on this project. Thanks in advanced, I have learnt a lifetime of information from you over the past few months.

  2. FYI the sip provider I work for will put a adtran in on the same lan network. We do this as some pbx's only have 1 lan connection. We will work with the customer and set it up as they need it.

  3. Having worked with pbx types, from all analog til todays all IP has been very interesting.
    Dont you have BRI in the US?
    Not that it is important, because it's on its way out after all i know, at least here in Denmark.
    Regarding Password Auth. is that where the trunk is not always registred eg. nothing is written in the Register String/Incoming ?

  4. Hi Chris, Thanks for the great content!! How often and under what circumstances would you recommend the use of an SBC for SMB clients or are the configurations mentioned in the video the best practice?

  5. PSTN (POTS) = over 150 year old technology. FAX 10 years before PSTN. 🙂

    BTW why not use SIPStation since that is baked into FreePBX 🙂

  6. Right now I'm using a flowroute trunk for my "experimental" PBX, but I'm looking for alternatives for my business.

    Currently, the business is served via a Verizon Wireless Home Connect device which is basically a cellphone to POTS box. Have you had any experience with using a device like that connected through a FXO card? I haven't been successful yet, but I'm not sure if it's the Verizon box… Or my FXO card.

    Though right now, after a FreePBX update… My card isn't working, so that experiment is on hold.

  7. Thanks for the great trunking info! One thing, don't forget to add these videos to your playlists. I believe a few new videos have been published that haven't been attached to their respective playlists.

  8. For me to use IP based authentication do I need to have a static IP address on the wan side of my router? I would think it would be mandatory if I'm putting in that IP information into the connection information of my SIP provider. Or is there a way for them to check on which IP I am at if it changes. Most home users only have DHCP wan IP provided by their ISP.

  9. Hi Chirs and @Crosstalk Solutions thanks for all this kind of videos, God bless you. Can you help me please, I have a question…
    How will be the autentication with IP way?

    "Id":[email protected]…/"Id" …? can you confirm me please.
    Thanks in advance.

  10. Hi Chris. Thanks for the great videos. You mentioned about forwarding ports to freepbx only from the SIP provider IP. The issue with providers like Flowroute is that the RTP traffic can come from different servers. What do you suggest for forwarding ports 10000 to 20000? From what I've read freepbx is supposed to send an initial packet to the RTP server to open the firewall, but I've never had luck with this. This typically results in one way audio. Thanks and keep sipping 🙂

  11. Hi Chris thanks for the very informative videos.
    Iam a newbie to Freepbx and trying to setup at home with about 10 extensions. I have Cisco SPA8000 as gateway with 8 line ports. I have created a chansip trunk and it shows as 1 registered. But on the Cisco SPA8000 gateway it shows off hook and not registered. I dont know if I am making a mistake or if SPA8000 work or should I get a different one?
    can you help me out please?


Please enter your comment!
Please enter your name here