Fortinet/Cisco IPSec VPN – Asterisk Peer Unreachable

Recently, i had to troubleshoot an Asterisk to Asterisk trunk which was running across a site to site IPSec VPN. (Fortinet to Cisco) After running tcpdump “port 5060 and proto UDP” on either end, I discovered traffic from the Cisco end was not reaching the PBX behind the Fortinet. Packet capture on the Fortinet showed

[Snippet] FreePBX – Strip Incoming Country Code

This short & simple dial-plan removes the 3 digit country code from incoming calls and then pushes it to our FPBX IVR. nano /etc/asterisk/extensions_custom.conf After opening the above ^, modify and paste the below into the bottom of the file. Modify your SIP trunk context to reflect the name below. [trunk-in] exten=>_X.,1,Verbose(Incoming call via SIP

FreePBX – Yealink Phonebook generator.

After deploying a few PBX’s, you get bored of manually generating the required XML for remote phonebooks on Yealink Handsets. Here’s the first version of the phonebook.xml creation script. (Works on FPBX without any hitches) Observe the notes in the code please. If you’d like a more updated version, please check my github repo here. Once configured, point

Sophos XG – Irremovable Interfaces!

Occasionally, I’ve found interfaces on the Sophos XG firewall that won’t or can’t be removed. (Sometimes the name shows blank, with nothing in it) DISCLAIMER – THE STEPS BELOW WILL LIKELY VOID YOUR WARRANTY. USE AT YOUR OWN DISCRETION. #1 – SSH into the appliance with the admin user #2 – Select Option 5 “Device

Sophos – Captive Portal Excess Traffic Over WAN

I have noticed that Sophos 16 seems to have a problem with the way it’s captive portal works. If enabled (firewall policy set to drop), it seems to generate excessive amounts of traffic over my links to the remote branches. Screenshot below shows the traffic when captive portal is enabled, and you can see the massive

Snippet – Nginx Wildcard Subdomain

This snippet works with Letsencrypt Wildcard certificates! Specify -d *.domain.com to install the certificate when using certbot. Insert into server block. Change domain.com to correct domain. server_name ~^(?<subdomain>.+)\.domain\.com$;  root /var/www/html/domain,com/$subdomain/htdocs;