1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

FOOD FOR THOUGHT Local installs vs cloud installs

Discussion in 'Open Discussion' started by Alex Hackney, Jan 11, 2017.

  1. Alex Hackney

    Alex Hackney
    Expand Collapse
    Member

    Joined:
    Jun 2, 2014
    Messages:
    79
    Likes Received:
    9
    I've been installing these systems for clients for a couple of years and I've been seeing more people talk about using it in the cloud. How are people setting this up? I have my own pbx running on digital ocean but I have no sip phones on it yet. I basically have it running the software and rerouting inbound calls to my cell phone. I have the instance firewalled off from all incoming traffic and I allow specific connections to asterisk from my provider only. The only exception is for the web interface which I have open to only my static ip.

    How would I get my phones at an office tied in to this system? A VPN? Or just like I'm doing now with firewall rules blocking all sip traffic but from my ip? What other safe guards should I implement?

    I like the idea of moving the pbx server to the cloud so that if the internet goes down at the location then I can route failover calls to their cell phones or wherever. What do you do?
     
  2. briankelly63

    briankelly63
    Expand Collapse
    Guru

    Joined:
    Nov 14, 2008
    Messages:
    1,284
    Likes Received:
    273
    I'm sure a lot of people will chime in but I only think that makes sense for business architectures that are not centrally located. Support issues even when the equipment is onsite can crop up but I don't think it makes any sense to have a bunch of sip phones talking to a distant server. There are two many points of failure, QOS issues and not as easy to provide a backup solution for failure especially trunk failure. Security IS an issue. I have seen people implement a VPN to that things are secure especially voice.
    If the internet goes down you should be able to do a re-route via the trunk providers dashboard. Cloud solutions also lack a robust hardware firewall solution like Pfsense or hardware.
    In a local implementation you can also do a POTS backup solution easily.
     
  3. w1ve

    w1ve
    Expand Collapse
    Guru

    Joined:
    Nov 15, 2007
    Messages:
    566
    Likes Received:
    65
    I have a consultancy supporting business customers using cloud-based pbxs. They are retail establishments. Currently, I'm doing this with Incredible PBX and it's security model. I am not using VPN.

    - Client sites have redundant internet. This is mandatory for Voip and for other business-critical infrastructure. We use Cradlepoint Routers and fail between whatever tech is available, typically DSL/Cable and 4G Cellular.
    - DDNS Updater on some always-on computer/device which is downstream from the router.
    - IncrediblePBX FQDN authorization via ./add-fqdn.
    - PBX instance in the cloud located as close as possible to client locations (I'm getting less than 10ms ping times and zip jitter to most sites)
    - one benefit of cloud hosting is very, very fast, redundant, reliable internet connections. If you go with large providers, typically, many trunking providers will have a POP in the same facility. I'm getting less than 3 mS ping times to multiple providers.
    - Some business-related phones are located throughout the country and may move. These are Yealinks that are also setup via FQDN security.
    - PBX backed up regularly and can be rebuilt quickly.
    - I build a private monitoring page using many of the free monitoring services available today. Client can see all sites. This way, if an issue, they know immediately and they (and I) get email notification.

    There are pitfalls: I find local techs to support installs and helping with issues. Get a lot of detail about the network infrastructure and vendors. I've encountered some very challenging scenarios.
     
  4. Alex Hackney

    Alex Hackney
    Expand Collapse
    Member

    Joined:
    Jun 2, 2014
    Messages:
    79
    Likes Received:
    9
    @w1ve Thanks for the information

    So you setup an incredible pbx install for each client? What version are you using?

    Thank you!
     
  5. w1ve

    w1ve
    Expand Collapse
    Guru

    Joined:
    Nov 15, 2007
    Messages:
    566
    Likes Received:
    65
    Typically, yes. Not doing shared tennant. Cloud cost makes it viable. Incredible PBX 13-12.2
     
  6. Alex Hackney

    Alex Hackney
    Expand Collapse
    Member

    Joined:
    Jun 2, 2014
    Messages:
    79
    Likes Received:
    9
    @w1ve Sounds good. So then I just assume you set all the endpoints to connect to the public static ip for the cloud system and make sure you white list the client static ip and you're good. That's a really good way to do it I think.
     
  7. w1ve

    w1ve
    Expand Collapse
    Guru

    Joined:
    Nov 15, 2007
    Messages:
    566
    Likes Received:
    65
    Not quite. Life is not that easy. Yes, the phones connect to a static ip on the server (actually, via dns name).
    For the clients -- unless you have the choice for static ip, and don't mind paying for it, most of them are dynamic IP.
    Incredible PBX handles this nicely though, via a DNS (FQDN) name, and a script that keeps checking the IP. In IncrediblePBX, the setup script is ./add-fqdn. As I said, with many of my clients, I have a Dual-Wan Router, with one ISP Cable or DSL, and the other Cellular. It fails over. Of course, when this happens, the IP changes. So, I have a DDNS client downstream of the router, which will update the public IP of the FQDN when the IP changes.

    Some of my clients have Yealink T2x series phones. As I said in a different post, I do the DDNS update with a Yealink Action URL, which makes an HTTP GET call every time the phone reboots, has a register failure or success. To do that, you use a DNS provider that can update DNS entries by a http GET call (like cloudns.net can).

    Gerry
     

Share This Page