1 of 100

English

MikoPBX Manual

Description of MikoPBX and the sections you can find in the documentation. Introduction to the documentation.

Foreword

Welcome to the MikoPBX documentation resource! Here you can find step-by-step instructions related to interacting with the MikoPBX PBX system. For your convenience, the documentation is organized into sections—just like in the web interface—making it very easy to navigate.

Thank you for choosing MikoPBX!

What is MikoPBX?

MikoPBX is a free telephony server with its own operating system and a simple, user-friendly web interface. It works with virtually any telephony technology in the world.

MikoPBX is a fully modular interface for Asterisk, written in PHP and JavaScript. This means that you can implement absolutely any additional Asterisk telephony functionality within MikoPBX. Moreover, if you develop a useful module, you can place it in the public repository and make it available to all MikoPBX users. Additionally, MikoPBX has very low hardware requirements:

Where to Start?

To get started, you should install MikoPBX using any method convenient for you. Below are installation options. By clicking on their names, you can access detailed articles:

Installation on a standalone computer.
Installation in a virtual machine.
Installation using cloud services.
Installation in a Docker container.

After installation, you can begin exploring your PBX system. The "User Guide" documentation will help you with this, providing detailed information about specific sections:

Telephony.
Call Routing.
Modules.
Maintenance.
Network and Firewall.
System.

For additional help with getting started quickly, you can refer to this article.

Modules

If you have familiarized yourself with the basic setup and operation of MikoPBX, you can expand its functionality using modules.

Modules allow you to add extra features to your system. You can learn more about them step by step:

Registration in the MikoPBX Marketplace – here you'll find a detailed description of the registration process and its specifics.
Module Management – this section provides a detailed explanation of how to install and manage modules.
Documentation on Specific Modules – in this section, you'll find detailed descriptions of each module, as well as steps for configuring and using them.

FAQ Section

In this section, you can find answers to your questions and solutions that will help you expand the functionality of basic features. This section, like the main documentation, is divided into categories for easy navigation.

If you have a question that isn't covered here, you can seek assistance in the Telegram Community, where MikoPBX users help each other resolve issues and needs related to the PBX system.

Quick start

This guide provides detailed steps to get started with MikoPBX and helps you quickly configure the system.

Follow the step-by-step instructions in the order presented for a quick and successful system setup.

Installing MikoPBX

MikoPBX is a full-fledged operating system for your hardware; it is not a standalone application. It is provided as an image file (*.iso, *.img, *.raw).

It supports various installation methods:

Installation on a standalone computer.
Installation in a virtual machine.
Installation using cloud services.
Installation in a Docker container.

Follow the link for your preferred installation method and proceed according to the provided instructions.

After installation, you need to access the MikoPBX web interface for further system configuration. To do this, find the PBX's IP address in the MikoPBX console:

In this example, the IP address is 192.168.0.203. To access the web interface, enter this IP address into your browser's address bar:

If the logs do not provide a username and password, use the default credentials:

Username: admin

Password: admin

After the first login, the system will prompt you to change your password.

Settings Within the Web Interface:

Network and Firewall Settings

For stable PBX operation, you need to configure the network through the Network and Firewall → Network Interface section. Detailed instructions for these settings can be found here.

In MikoPBX, all local subnets can be defined in the Network and Firewall → Firewall section. The firewall is intended to restrict access to the PBX based on traffic type and subnets. Follow the setup instructions here.

Configuring Protection Against Hacking (Fail2Ban)

Fail2Ban blocks IP addresses exhibiting unusual activity; it can reduce the rate of failed authentication attempts and helps protect your PBX from hacking. Instructions to help with the setup can be found here.

Adding and Configuring Employee Accounts

After completing the initial PBX setup, you can proceed to create accounts for your employees. This instruction will assist you.

Connecting Providers

After adding employees, you need to connect providers to your PBX. Instructions for this section can be found here. Instructions with examples of configuring real providers can be found here.

Setting Up Incoming and Outgoing Routing

At this stage, you need to set routing rules for incoming and outgoing calls: how calls passing through a specific provider will be handled:

Incoming Call Routing
Outbound Call Routing

To create routing rules, you may also need the following features:

Call Queues
IVR Menu
Conferences

Marketplace and Modules

The Marketplace allows you to extend the system's standard functionality using modules:

You can read more about Modules in MikoPBX in this article.
Information on registering in the MikoPBX Marketplace can be found here.

This completes the basic setup of MikoPBX! For a deeper exploration of MikoPBX's capabilities, we recommend referring to the comprehensive documentation.

Getting to know MikoPBX

Go to the MikoPBX installation console, remember the IP address that your PBX received.

Enter the received MikoPBX IP address in the web browser. The authorization page will be displayed.

By default, login is admin, password is admin

After successful authorization, MikoPBX will automatically open the settings for changing the password

For more information about the General Settings, see the System Settings section.

System requirements

Network Channel Requirement

An example of calculating the required channel bandwidth for different codecs for 30 simultaneous calls. PBX supports the most popular codecs:

G.711 - 4.67 Mbps
GSM - 1.68 Mbps
G.722 - 4.67 Mbps
G.729 - 1.38 Mbps

The calculation is approximate, when using the same codec on all devices connected to the PBX. Read more .

Minimum system requirements

We recommend using two hard drives for PBX deployment.

800 Mb hard disk for the main system
A 50+ Gb hard drive for recording conversations
1 (2 cores) x86-64 processor
2 GB of RAM
Network Adapter

A PC with such parameters, in our tests, holds 38 simultaneous incoming calls under the conditions:

10 agents are connected to the queue (all online)
Every second a new call comes in
Music (MOH) is played to the client while waiting
Modules on the PBX is not installed

Approximately, 1 hour of conversation takes up 14MB of disk space.

Installation

Standalone Computer

Tested on:

Intel NUC DCCP847DYE
Intel NUC D54250WUKH

Most modern PCs support booting from a USB device. MikoPBX can be run from a USB device.

Note! The minimum capacity of the USB drive is 600MB

The Bootable USB mode is designed for running the PBX from a USB drive (flash drive). Use the .img file for installation.
The Live USB mode is intended for system installation or recovery. Use the .iso file for installation.

Using Windows

To create a bootable USB drive, we recommend using the imageUSB application. You can download it . Alternatively, use .

Download and install the application.
Run ImageUSB

Perform the "Refresh drives" action. Select the USB drive, then select the image file. Perform the "Write" action.

Wait for the writing process to complete, then connect the USB drive to the PC. Restart the PC to boot from the drive.

Using OSX

Be careful when selecting the device for formatting. Changes are irreversible!

Open the Terminal application.
Connect the USB drive.
Run the following command:

Information about all connected drives will be displayed.

In this example, the name of the USB device is "/dev/disk3." Compare the output of the diskutil list command before and after connecting the device.

Format the drive. You will need to enter the administrator password.

Unmount the device with the following command:

Write the image to the USB drive:

Wait for the writing process to complete, then connect the USB drive to the PC. Restart the PC to boot from the drive.

Virtual Machine

VMware ESXi

Creating a Virtual Machine

Start by creating a new virtual machine.
Enter the Name, Type, and Version of the virtual machine, as shown in the image below.

Select a datastore for the virtual machine.
Allocate 1024 MB of memory to the virtual machine and create a new virtual hard disk for the system with a size of 1024 MB.

Choose the SCSI controller type and adapter type, as shown in the image below.

Select BIOS as the Firmware option.

Review and save the changes.

Configuring the Virtual Machine

Open the settings of the created virtual machine. Create a new hard disk for storing call recordings.

We recommend allocating at least 50 GB for this disk.

Go to the CD/DVD Drive tab. Upload the ISO image for installation, and check the box next to "Connect at power on."

Installing MikoPBX

Start the virtual machine.
The MikoPBX command-line interface will open as the PBX starts loading from the optical disk containing the ISO image. You will see the message: "The system is loaded in recovery mode (Live CD)".

Use the arrow keys to navigate the menu, and press Enter to select an option. You can also press the corresponding number on the numpad.

Install MikoPBX:

All data on the disk where MikoPBX is being installed will be lost.

Go to [8] Install:

Information about all available disks will appear (in this example: sdb, sdc).

Enter the name of the disk you intended as the "system" disk, in this case, sdb, and press Enter (or simply press Enter if it’s already selected).
The system will prompt for confirmation. Type y and press Enter:

Once installation is complete, you will be prompted to select a disk for storing call recordings.

Approximately 14 MB of storage is required for every 1 hour of recorded conversation.

Enter the disk name (in this example, the only available disk is sdc) and press Enter.

After installation, the system will reboot.

MikoPBX will now boot from sdb, the system disk, and the line "The system is loaded in Recovery mode" will no longer appear—indicating a successful installation.

This completes the MikoPBX installation.

To access the control panel, enter the virtual machine's IP address in your browser's address bar.

The default login credentials are admin for both username and password.

This completes the MikoPBX installation.

VirtualBOX

Installing MikoPBX as a guest machine in VirtualBOX

Use versions of MikoPBX below 2024.1.114 for installation on VirtualBOX

Version 2024.1.114 temporarily does not support installation on VirtualBOX

Create a virtual machine

Download Virtual Box from the link and install it.
Create a new virtual machine.

Specify the Machine Name and Folder.

Type - Linux.

Version - Other Linux (64Bit).

Click Next.

Specify the size of the base memory - 1024 MB, as well as the number of processors - 2

Press Next.

Select Create a new virtual hard disk. Enter a disk size of 700 MB, and also check the box "Pre-allocate Full Size"

Click Create.

Confirm the creation of the virtual machine: click Finish.

Setting up a virtual machine

Go to the settings of the created virtual machine.

To do this, click Settings.

Click the Storage tab. Add a new hard drive to store call records.

In the window that appears, click Create.

Select the hard disk format - VDI (VirtualBox Disk Image).

Click Next.

The hard disk must be of a fixed size.

Check the box next to "Pre-allocate Full Size"

Click Next.

Specify the Name of the created disk.

Set the Disk Size to about 50 GB.

Click Finish.

Choose the newly created drive and click Select.

The created drive will appear in the media list.

Please mount the MikoPBX image onto an optical disc. To do this, select the optical disc in the 'Media' section and click on the image file selection button in the 'Attributes' section.

In the appeared menu, click on 'Choose a disk file...'

Select the downloaded ISO disk image.

"Go to the 'Network' tab.

Set the Connection Type to 'Bridged Adapter'. Click 'OK' to save all the settings you have made.

Installantion MikoPBX

Start the created virtual machine.

The command interface of the PBX will open. The PBX will start booting.

At this stage, MikoPBX is booting from the optical disc containing the ISO image. This is indicated by the message: 'The system is loaded in Recovery mode'.

You can navigate through the menu items using the arrow keys.

To select a menu item, press the Enter key.

Alternatively, you can select a menu item by pressing the corresponding number on the alphanumeric keypad."

Install MikoPBX.

All data on the disk where MikoPBX is being installed will be lost

Click Install.

Information about all available disks will be displayed (in this example: sdb, sdc).

The disk where MikoPBX will be installed is referred to as the system disk (SYSTEM). You can choose a disk with a size larger than 500MB as the system disk.

Enter the name of the disk you referred to as the 'system disk' from the keyboard, in this case sdb, and press Enter. (If it is selected by default, you can simply press Enter).
The system will prompt for confirmation. Enter 'y' and press Enter.

After completing the installation, you will be prompted to select a disk for storing call records.

Approximately, 1 hour of conversation takes up 14MB of disk space.

Enter the disk name (in this example, the only available disk is 'cdc') and press Enter.

After the installation is complete, the system will reboot.

MikoPBX will now run from the sdb drive where you installed it.

We will see that the line "The system is loaded in Recovery mode" is missing.

To access the control panel, you need to enter the IP address of your virtual machine in the browser's address bar.

The default login and password are "admin" for MikoPBX.

The installation of MikoPBX is now complete.

VMware Workstation Pro

This guide covers creating and configuring a virtual machine in VMware Workstation Pro and installing MikoPBX on it.

You can download the VMware Workstation Pro installer from the official website.

Use versions of MikoPBX other than 2024.1.114 for installation on VMware Workstation Pro. Version 2024.1.114 currently does not support installation via VMware Workstation Pro!

Creating a Virtual Machine

Open VMware Workstation Pro and click "Create a New Virtual Machine" to start creating a new virtual machine.

In the setup interface, select the virtual machine type: "Typical (recommended)". Then, click "Next >".

Choose the installation source, "Installer disc image file (iso):". Select the .iso file you want to use. You can download the distribution from this link. Click "Next >" to continue.

Select "Linux" for the "Guest operating system" and "Debian 11.x 64-bit" as the version. Click "Next >".

Enter a desired name for the virtual machine in "Virtual machine name:" and, if necessary, specify a location on your computer under "Location". Click "Next >".

Set the size for the primary (system) hard drive, with a recommended size of 1GB. Choose "Split virtual disk into multiple files" and click "Next >".

A summary of the virtual machine configuration will appear. Click "Finish" to create the virtual machine.

Adding and Connecting a Second Disk

Now, let's create and attach a second hard drive, which will be used to store call recordings.

Open the settings of the previously created virtual machine.

Click "Add..." to add a new system component.

In Hardware types, select "Hard Disk" and click "Next >".

Choose "Virtual disk type" - "SCSI". Click "Next >".

Choose "Create a new virtual disk" and click "Next >".

Specify the disk size, with a recommended minimum of 50GB. Also, choose "Split virtual disk into multiple files". Click "Next >".

Give the hard drive a custom name and click "Finish".

Configuring the Network Interface for the Virtual Machine

In the settings, go to "Network Adapter" and select "Network connection" - "Bridged: Connected directly to the physical network". Click "OK".

First System Boot

Start the virtual machine.

The MikoPBX command-line interface will open as the PBX starts loading from the optical disk where the ISO image was mounted. This is indicated by the line: "The system is loaded in Recovery mode":

Use the arrow keys to navigate through the menu options. Press Enter to select an option, or press the corresponding number on the numpad.

To install MikoPBX, select "[8] Install".
A list of available disks will be displayed (in this example, sdb, sdc). The system suggests a default disk, sdb in our case, for the installation. If you agree with the suggested disk for the system, press Enter. Otherwise, enter the name of another disk.

All data on the selected installation disk will be erased.

The system will issue a warning. To confirm the operation, enter "y" and press Enter.
After installation, you'll be prompted to select a disk for storing call recordings. Enter the disk name (in this example, sdc) and press Enter.

After installation, the system will restart. MikoPBX will now boot from sdb, the installation disk, without the line "The system is loaded in Recovery mode"—indicating a successful installation.

To access the MikoPBX web interface, enter your virtual machine's IP address in your browser's address bar. You can find the IP address in the console.

Enter the IP address in your browser’s address bar. Log in using the default credentials.

Use the following default credentials for the first login to the MikoPBX web interface:

Username: admin
Password: admin

Hyper-V

Creating a virtual machine

Select Action / New / Virtual Machine
On the Specify Name and Location tab, enter the name of the virtual machine, for example mikopbx-vm

Proceed to the Specify Generation tab, and select Generation 1

On the Assign Memory tab, allocate the required amount of RAM based on the expected load on the PBX. For a test machine, you can specify 2 GB

Proceed to the Configure Networking tab, and select a pre-configured network connection

On the Connect Virtual Hard Disk tab, adjust the system disk size to 1 GB

On the Installation Options tab, check the Install an operating system from a bootable CD/DVD-ROM option
Select Image file (.iso) and provide the link to the MikoPBX distribution file with the .iso extension

After entering all values, click the Finish button

Data storage disk

For deploying the PBX, use two disks:

a 1 GB disk for the main system
a 50+ GB disk for storing call recordings

Go to the settings of the created virtual machine
Select the IDE controller to which the system disk is connected
On the opened tab, select Hard Drive and click the Add button
Click the New button
On the Choose disk format tab, select VHD

On the Choose disk type tab, select Fixed size

On the Specify name and location tab, specify the name (e.g., storage.vhd) and the location of the disk

On the Configure Disk tab, set the disk size for data storage to at least 50 GB

Use the default values for other fields
Complete the setup by clicking the Finish button

Installing MikoPBX

To start the virtual machine, click Start

Go to the Connect tab of the created virtual machine mikopbx-vm
If the boot is successful, a console menu will appear. Enter 8 from the keyboard to start the installation

Select the system disk and enter the disk name from the keyboard, for example sda. Confirm the selection by entering y from the keyboard

Connect the disk for storing call recordings, and enter the disk name for connection from the keyboard, for example sdb

When the message "Press any key within 30 seconds to boot from LiveCD..." appears, do not press any buttons. In this case, the system will boot from the hard drive.

Starting MikoPBX

On the open Connect tab, copy the external address of the created virtual machine and enter it in the browser address bar

To log in, use the username - admin and password - admin

Proxmox

Loading the MikoPBX image

Open the local / ISO images tab and select Download from URL
In the URL field, paste the link to the MikoPBX distribution file with the .iso extension
Click the Download button and wait for the file to finish downloading

Creating a virtual machine

Select Create VM
On the General tab, enter the name of the virtual machine, for example mikopbx-vm

Go to the OS tab, and in the ISO image field, select the previously downloaded image
Set the OS type to Linux

On the System tab, uncheck the Qemu Agent box, and use the default values for other fields

To deploy the PBX use two disks:

A 1 Gb disk for the main system
A 50+ Gb disk for storing call recordings

Go to the Disks tab
Adjust the size of the system disk to 1 GB

Click the Add button and add an additional disk for data storage
Specify a disk size of at least 50 GB

On the CPU and Memory tabs, specify the computing resources for the virtual machine based on the expected load on the PBX. For a test machine, you can set Cores (CPU tab) to 2 and Memory (Memory tab) to 2 GB

On the Network tab, uncheck the Firewall box

Go to the last tab, Confirm, and check the Start after created box
After entering the values, click the Finish button

Installing MikoPBX

Go to the created virtual machine mikopbx-vm
On the open tab, go to the Console section
If the boot is successful, a console menu will appear. Enter 8 from the keyboard to start the installation

Select the disk for the system and enter the disk name from the keyboard, for example sda. Confirm the selection by entering y from the keyboard

Connect the disk for storing call recordings, enter the disk name for connection from the keyboard, for example sdb

When the message "Press any key within 30 seconds to boot from LiveCD..." appears, do not press any buttons. In this case, the system will boot from the hard drive.

Starting MikoPBX

On the open tab in the Console section, copy the external address of the created virtual machine and enter it in the browser address bar

To log in, use the username - admin and password - admin

Cloud

AWS

The simplest way to install MikoPBX is by deploying a ready-made image from the AWS Marketplace. If you wish to launch a custom version of MikoPBX, please refer to the detailed instructions where we describe step-by-step how to create an AMI image from any MikoPBX distribution.

AWS deployment guide

To follow the instructions, install the Amazon Command Line Utility by opening Terminal and entering the following command

Let's get started with the setup

For quick and convenient navigation within the Amazon service, use the search panel

Copying access keys

Go to your account
From the dropdown menu, select Security credentials

If you don't have an access key, do the following

Under the Access keys table, select Create access key
Copy the Access key and Secret access key

If you already have an access key, simply copy the Access key and Secret access key

Creating a bucket

Open Services / Storage / S3
On the tab select Create bucket
Enter a unique bucket name

Use default values for other fields
After entering the values, click Create bucket

Open the created bucket and select Upload
On the opened tab select Add files
Upload the file from the MikoPBX distribution with the .raw extension
Click Upload
Wait for the file to finish uploading

Adding permissions and attaching policies

If not done previously for this cloud

Create a separate folder for files on your computer
Create a file named trust-policy.json in the folder
1. Open Terminal and navigate to the created folder
2. Run the command vi trust-policy.json
3. Enter editing mode by pressing i and paste the text
4. Press ESC and type :wq to save the file

Similarly, create a file named role-policy.json and change the bucket name value in the text to the name of your created bucket

Similarly, create a file named import-image.sh, change the DEFAULT_BUCKET parameter value to the name of your created bucket and the DEFAULT_IMAGE parameter value to the name of the image uploaded to the bucket

Run the command aws configure, specify the region and copied Access key and Secret access key

Run the command

Run the command

Run the command

If the command executes successfully, a unique AMI identifier will be generated

Creating a virtual machine

Open Services / Compute / EC2 and navigate to Images / AMIs
Select the created image and click Launch an instance from AMI to create a virtual machine

Enter the virtual machine name, for example mikopbx-vm

Specify the instance type - t3.micro

If you have an SSH key

Specify the SSH key in the Key pair field

If you don't have an SSH key

Select Create new key pair and specify the key pair name, for example mikopbx_key

Follow the instructions further

In the Network settings section, check Allow SSH traffic and Allow HTTPS traffic

To deploy the PBX use two disks:

A 1 Gb disk for the main system
A 50+ Gb disk for storing call recordings

If necessary, change the size of the storage disk in Configure storage, default size is 50Gb

For other fields use default values
Click Launch instance

Starting MikoPBX

Go to the created virtual machine mikopbx-vm
On the opened tab, select Connect / EC2 serial console, wait for the system to fully load until the authentication parameters are displayed

Copy the external address of the created virtual machine and enter it in the browser's address bar
Use the login and password provided in EC2 serial console for login

Make sure to configure the Firewall on the MikoPBX

AWS Marketplace

MikoPBX in AWS Marketplace:

Let's get started with the setup

For quick and convenient navigation within the Amazon service, use the search panel

Creating a virtual machine

Open Services / Compute / EC2 and navigate to Images / AMI Catalog
In the open tab enter MikoPBX in the search bar
On the opened tab click Subscribe now
Click the Launch an instance from AMI button to create a virtual machine

Enter the virtual machine name, for example mikopbx-vm

If you have an SSH key

Specify the SSH key in the Key pair field

If you don't have an SSH key

Select Create new key pair and specify the key pair name, for example mikopbx_key

Follow the instructions further

To deploy the PBX use two disks:

A 1 Gb disk for the main system
A 50+ Gb disk for storing call recordings

If necessary, change the size of the storage disk in Configure storage, default size is 50Gb

Under Network settings, all required Firewall rules are configured automatically

For other fields use default values
Click Launch instance

Starting MikoPBX

Go to the created virtual machine mikopbx-vm
On the opened tab, select Connect / EC2 serial console, wait for the system to fully load until the authentication parameters are displayed

Copy the external address of the created virtual machine and enter it in the browser's address bar
Use the login and password provided in EC2 serial console for login

Make sure to configure the Firewall on the MikoPBX

Microsoft Azure

First, log in to the Microsoft Azure portal

Let's proceed with the setup.

For quick and convenient searching on the Azure portal, use the search bar.

Creating a resource group

Open Menu / All services / General / Resource groups
In the Resource groups tab, select Create
Enter the group name, for example MikoPBX_group
Use default values for other fields
After entering the values, click the Review + create button, then the Create button

Creating a storage account

Open Menu / All services / Analyze and transform data / Storage accounts
In the Storage accounts tab, select Create
Specify the created resource group MikoPBX_group
Enter the storage account name, for example pbximgs
Use default values for other fields
After entering the values, click the Review + create button, then the Create button

Configuring the created storage account

Go to the card of the created storage account pbximgs
In the opened tab, go to the Data storage / Containers
Add a new container
Enter the container name, for example imgs
Click the Create button

Open the created container imgs
In the opened tab, select Upload
Select a file from the MikoPBX distribution with the .vhd extension
Click the Upload button

Creating an image

Open Menu / All services / Compute / Images
In the Images tab, select Create, let's create a new image based on the uploaded *.vhd file
Specify the resource group MikoPBX_group
Enter a unique name for the image, for example MikoPBX_Azure

Specify the OS type - Linux
Specify the generation of virtual machines - Gen 1
Select the blob storage object by clicking Browse, Browse / pbximgs / imgs / *.vhd
Specify the account type - Standard HDD
Use default values for other fields
After entering the values, click the Review + create button, then the Create button

Creating a virtual machine

Open Menu / All services / Compute / Virtual machines
In the Virtual machines tab, select Create / Azure virtual machine
Specify the resource group MikoPBX_group
Enter the virtual machine name, for example MikoPBX-vm

Choose the previously created image, See all images / Other items / My images / MikoPBX_Azure
Specify the machine size (combination of CPU / RAM to be at least 1GB / HDD parameters)

Specify the username for the administrator account

If you have an SSH key, do the following

Select the source of the SSH public key - Use existing public key
Specify it in the SSH public key field

If you do not have an SSH key, do the following

Select the source of the SSH public key - Generate new key pair
Specify the key pair name, for example mikopbx_key

Continue with the following instructions:

In the license type field, specify Other
Use default values for the other fields

To deploy the PBX use two disks:

A 1 Gb disk for the main system
A 50+ Gb disk for storing call recordings

Go to the Disks tab
Specify the OS disk type
Check the Delete with VM checkbox

Create a new data disk
Specify the disk size to be at least 50GB
Use default values for the other fields, click OK

After entering the values, click the Review + create button, then click Create

Configuring ports for incoming connections

Open the virtual machine you created and go to Networking / Network settings / Rules
In the tab, choose Create inbound port rule
Specify the destination port ranges - 0 - 65535
Choose the protocol TCP

Specify a name, for example TCP
Use default values for the other fields
After entering the values, click the Add button

Similarly, create a rule for UDP. Specify the destination port ranges - 0 - 65535, protocol UDP, and name

Make sure to configure the Firewall on the MikoPBX

Starting MikoPBX

Open the virtual machine you created and go to the Connect section
In the drop-down menu under More ways to connect, select Serial console

Copy the external address of the created virtual machine and enter it in the browser's address bar
For login use the login and password provided in Serial console

Google Cloud

Installing MikoPBX in Google Cloud can be done in two ways: using an image from the Google Cloud Marketplace or from an image based on a file uploaded from the MikoPBX distribution. The first method provides quick and easy deployment of the standard version of MikoPBX, while the second is suitable for intermediate releases.

Google Cloud deployment guide

Authorize on the platform https://console.cloud.google.com/

Let's start configuring

For quick and convenient navigation on the Google Cloud platform, use the search pane

Creating storage

Open Navigation menu / Products & solutions / Storage / Cloud Storage
On the Cloud Storage tab select Create
Enter the storage name, for example miko-images
Use default values for other fields
After entering the values, click the Create button

Open the created miko-images storage
On the opened tab select UPLOAD FILES
Upload the file from the MikoPBX distribution with the .vhd extension
Wait for the file upload to complete

Connecting Cloud Build API

Open Navigation menu / APIs & Services / Library / Google Enterprise API / Cloud Build API
On the opened tab select ENABLE

Check the roles for the Cloud Build service account:

Open the IAM page https://console.cloud.google.com/projectselector2/iam-admin/iam.
Select your Google Cloud project
Check the Include Google-provided role grants checkbox
In the table, find the row with the email address ending with @cloudbuild.gserviceaccount.com
Select Edit principal
The roles to be granted to the Cloud Build service account are Compute Admin and Service Account User

If the required roles are not present, add them and click SAVE

Connecting Compute Engine API

Open Navigation menu / APIs & Services / Library / Google Enterprise API / Compute Engine API
On the opened tab select ENABLE

Creating an image

Open Navigation menu / Products & solutions / Compute / Compute Engine
Go to the Storage / Images section
Select CREATE IMAGE to create a new image
Enter the image name, for example mikopbx-new-image
Specify the source type - Virtual disk (VMDK, VHD)
Select Virtual disk file under the BROWSE link, Browse / miko-images / .vhd
Uncheck the Install guest packages checkbox
In the Operating system on virtual disk field specify - No operating system. Data only.
Use default values for other fields
After entering the values, click the Create button and wait for the image creation to complete

Creating a virtual machine

In the Compute Engine tab go to the Virtual machines / VM Instance section
Select CREATE INSTANCE
Enter the virtual machine name, for example mikopbx-vm

In the Machine configuration / General purpose table select Series - N1

In the Machine type section choose Shared-core / f1-micro from the dropdown menu

To deploy the PBX use two disks:

A 1 Gb disk for the main system
A 50+ Gb disk for storing call recordings

In the Boot disk section select CHANGE
On the opened tab go to CUSTOM IMAGES
In the Image field select the previously created mikopbx-new-image
Use default values for other fields on the tab
Click the SELECT button

In the Advanced options / Disks section select ADD NEW DISK
On the opened tab enter the disk name for data storage, for example disk-storage-mikopbx
Specify the disk size of at least 50GB
Use default values for other fields on the tab
Click the SAVE button

If you have an SSH key, proceed as follows:

In the Advanced options / Security / MANAGE ACCESS section, select ADD ITEM
Specify it in the SSH key field

If you don't have an SSH key, proceed directly to step 18

Use default values for other fields
After entering the values, click the CREATE button

Configuring ports for incoming connections

Open Navigation menu / VPC network / Firewall
Select CREATE FIREWALL RULE to create a new rule for incoming connections
Enter the name of the new rule, for example internal-allow

Specify Direction of traffic - Ingress
Specify Targets
From the Source filter dropdown menu select IPV4 ranges and in the Source IPv4 ranges field enter 0.0.0.0/0

In the Protocols and ports section check the TCP (Ports - 0-65535) and UDP (Ports - 0-65535) checkboxes

Use default values for other fields
After entering the values, click the CREATE button

Make sure to configure the Firewall on the MikoPBX

Starting MikoPBX

Open the Compute Engine tab and go to the Virtual machines / VM Instance section
Go to the created virtual machine mikopbx-vm
On the opened tab navigate to Logs / Serial port 1 (console)

Copy the external address of the created virtual machine and enter it in the browser's address bar
For login use the login and password provided in Serial port 1 (console)

Авторизуйтесь на платформе https://console.cloud.google.com/

Приступим к настройке

Для быстрого и удобного поиска на платформе Google Cloud используйте панель поиска

Создание хранилища

Откройте Navigation menu / Products & solutions / Storage / Cloud Storage
На вкладке Cloud Storage выберите Create
Введите имя хранилища, например miko-images
Для других полей используйте значения по умолчанию
Завершив ввод значений, нажмите кнопку Create
Откройте созданное хранилище miko-images
На открывшейся вкладке выберите UPLOAD FILES
Загрузите файл из дистрибутива MikoPBX с расширением .vhd
Дождитесь окончания загрузки файла

Подключение Cloud Build API

Откройте Navigation menu / APIs & Services / Library / Google Enterprise API / Cloud Build API
На открывшейся вкладке выберите ENABLE

Проверьте роли учетной записи службы Cloud Build, для этого

Откройте страницу IAM https://console.cloud.google.com/projectselector2/iam-admin/iam
Выберите свой проект Google Cloud
Установите флажок Include Google-provided role grants
В таблице найдите строку с адресом электронной почты, заканчивающимся на @cloudbuild.gserviceaccount.com
Выберите Править (Edit principal)
Роли, которые должны быть предоставлены учетной записи службы Cloud Build, - Сompute Admin и Service Account User

Если нужных ролей нет, добавьте и нажмите SAVE

Подключение Compute Engine API

Откройте Navigation menu / APIs & Services / Library / Google Enterprise API / Compute Engine API
На открывшейся вкладке выберите ENABLE

Создание образа

Откройте Navigation menu / Products & solutions / Compute / Compute Engine
Перейдите в раздел Storage / Images
Выберите CREATE IMAGE для создания нового образа
Введите имя образа (Name), например mikopbx-new-image
Укажите тип источника (Source) - Virtual disk (VMDK, VHD)
Выберите Virtual disk file по ссылке BROWSE, *Browse / miko-images / .vhd
Уберите флажок Install guest packages
В поле Operating system on virtual disk укажите - No operating system. Data only.
Для других полей используйте значения по умолчанию
Завершив ввод значений, нажмите кнопку Create и дождитесь окончания создания образа

Создание виртуальной машины

Во вкладке Compute Engine перейдите в раздел Virtual machines / VM Instance
Выберите CREATE INSTANCE
Введите имя виртуальной машины (Name), например mikopbx-vm
В таблице Machine configuration / General purpose ****выберите ****Series - N1
В разделе Machine type в выпадающем меню выберите Shared-core / f1-micro
В разделе Boot disk выберите CHANGE
На открытой вкладке перейдите к CUSTOM IMAGES
В поле Image выберите созданный ранее образ mikopbx-new-image
Для других полей на вкладке используйте значения по умолчанию
Нажмите кнопку SELECT
В разделе Firewall ****разрешите HTTP трафик, установите флажок Allow HTTP traffic
В разделе Advanced options / Disks выберите ADD NEW DISK
На открытой вкладке введите имя диска для хранения данных (Name), например disk-storage-mikopbx
Укажите размер диска (Size) не менее 50Гб
Для других полей на вкладке используйте значения по умолчанию
Нажмите кнопку SAVE

Если у вас есть ключ SSH, выполните следующее

В разделе Advanced options / Security / MANAGE ACCESS выберите ADD ITEM
Укажите его в поле SSH key

Если у вас есть нет ключа SSH, сразу перейдите к пункту 19

Для других полей используйте значения по умолчанию
Завершив ввод значений, нажмите кнопку CREATE

Настройка портов для входящих соединений

Откройте Navigation menu / VPC network / Firewall
Выберите CREATE FIREWALL RULE для создания нового правила для входящего соединения
Введите имя нового правила (Name), например http-80
Укажите Direction of traffic - Ingress
Укажите Targets
Из выпадающего меню в поле Source filter выберите IPV4 ranges и в поле Source IPv4 ranges укажите 0.0.0.0/0
В разделе Protocols and ports установите флажок TCP и в поле Ports укажите 80
Для других полей используйте значения по умолчанию
Завершив ввод значений, нажмите кнопку CREATE
Аналогично создайте правило для HTTPS. Укажите имя, Direction of traffic - Ingress, Targets, Source filter - IPV4 ranges, Source IPv4 ranges - 0.0.0.0/0, Protocols and ports - TCP, Ports - 443
Аналогично создайте правило для SIP сигнализации TCP. Укажите имя, Direction of traffic - Ingress, Targets, Source filter - IPV4 ranges, Source IPv4 ranges - 0.0.0.0/0, Protocols and ports - TCP, Ports - 5060
Аналогично создайте правило для SIP сигнализации UDP. Укажите имя, Direction of traffic - Ingress, Targets, Source filter - IPV4 ranges, Source IPv4 ranges - 0.0.0.0/0, Protocols and ports - UDP, Ports - 5060
Аналогично создайте правило для передачи звука RTP. Укажите имя, Direction of traffic - Ingress, Targets, Source filter - IPV4 ranges, Source IPv4 ranges - 0.0.0.0/0, Protocols and ports - UDP, Ports - 10000-10200

Запуск АТС MikoPBX

Откройте вкладку Compute Engine перейдите в раздел Virtual machines / VM Instance
Скопируйте External IP созданной виртуальной машины
Введите в строке браузера External IP
Откройте созданную виртуальную машину
Скопируйте Instance Id - это пароль для входа в АТС по умолчанию
Логин для входа по умолчанию - admin

Google Cloud Marketplace

MikoPBX on Google Cloud Marketplace: https://console.cloud.google.com/marketplace/product/mikopbx-public/mikopbx

Let's start with the setup

For quick and easy search on the Google Cloud platform, use the search bar

Adding roles to a Service account

If you have a service account, check if it has the necessary roles, and add them if needed

If you do not have a service account, create one and add the necessary roles

Open the Navigation menu / Products & solutions / Management / IAM & Admin
Go to the Service accounts tab and click on CREATE SERVICE ACCOUNT
Enter a name for the service account, for example mikopbx-service-account
Click the CREATE AND CONTINUE button

Add the roles Cloud Infrastructure Manager Agent, Compute Admin, Compute Network Admin, Service Account User

Click the DONE button

Creating a virtual machine

Open the Marketplace and enter MikoPBX in the search bar
Select the MikoPBX image
On the opened tab select LAUNCH

In the Deployment name field, enter a name, for example mikopbx-vm
In the Deployment Service Account section, check the Existing account option and select the previously created service account

To deploy the PBX, use two disks:

A 1 GB disk for the main system
A 50+ GB disk for storing call recordings

If necessary, change the size of the data storage disk in the Data Storage section. By default, its size is 50 GB

Under Networking, all required Firewall rules are configured automatically

For other fields, use the default values
After entering the values, click the DEPLOY button

Starting MikoPBX

Open the Compute Engine tab and go to the Virtual machines / VM Instance section
Go to the created virtual machine mikopbx-vm-mikopbx-vm
On the opened tab, go to Logs / Serial port 1 (console)

Copy the external address of the created virtual machine and enter it in the browser address bar
Use the login and password provided in Serial port 1 (console) to log in

Hetzner cloud

Docker container

The "Host system" must run on Linux 5+. Tested on Debian 11, Ubuntu 21.04, and Ubuntu Server 22.04 LTS.

MikoPBX can be run in Docker using two main methods. The first method involves running the container directly using a Docker command with the necessary parameters. The second method involves using Docker Compose, which simplifies managing multi-container applications and allows the entire configuration to be described in a yaml file, making the deployment and maintenance of the system more convenient.

Docker installation and creating a user and directories

Installing Docker and Docker Compose on Ubuntu 22.04

Before working with Docker, you need to install Docker and Docker Compose themselves. Here's how to do it:

# Update package list and install required dependencies
sudo apt update
sudo apt install apt-transport-https ca-certificates curl software-properties-common

# Add the GPG key for Docker's official repository
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

# Add Docker's repository to the APT sources list
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"

# Install Docker CE
sudo apt update
sudo apt install docker-ce

# Install Docker Compose
sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose

# Verify Docker Compose version
sudo docker-compose --version

Creating a user and directories on the host system

Before creating the container on the host machine, it's necessary to create a user and group with limited permissions, as well as a folder for storing configuration settings and call recordings

# Creating a new user (e.g., www-user) without superuser rights
sudo adduser --disabled-password --gecos "" www-user

# Creating directories for data storage
sudo mkdir -p /var/spool/mikopbx/cf
sudo mkdir -p /var/spool/mikopbx/storage

# Granting the created user ownership of the directories
sudo chown -R www-user:www-user /var/spool/mikopbx/

Useful commands

Command to connect to the PBX console:

sudo docker exec -it mikopbx sh

Command to connect to the PBX console menu:

sudo docker exec -it mikopbx /etc/rc/console_menu

Connecting to sngrep for SIP analysis

sudo docker exec -it mikopbx sngrep

Running MikoPBX in a container

To work with MikoPBX in a container, you need to install Docker and Docker Compose, as well as create a user and directories for storing configuration settings and call recordings according to the instructions

Launching the Docker container

To launch the container with your application, use the following commands:

# Pulling the container image
sudo docker pull ghcr.io/mikopbx/mikopbx-x86-64

# Running the container in unprivileged mode
sudo docker run --cap-add=NET_ADMIN --net=host --name mikopbx --hostname mikopbx \
           -v /var/spool/mikopbx/cf:/cf \
           -v /var/spool/mikopbx/storage:/storage \
           -e SSH_PORT=23 \
           -e ID_WWW_USER="$(id -u www-user)" \
           -e ID_WWW_GROUP="$(id -g www-user)" \
           -it -d --restart always ghcr.io/mikopbx/mikopbx-x86-64

Testing the functionality

To ensure that your MikoPBX application is posted and working in the Docker container, you can follow these steps after launching it. These steps will help you verify the container's status and view its logs.

Step 1: Check container status

First, ensure that the container is successfully launched and running. To do this, use the command docker ps, which will show a list of running containers and their statuses.

sudo docker ps

This command will display information about all active containers. Make sure that the mikopbx container is present in the list and its status indicates that it is running (e.g., status up).

Step 2: View container logs

After confirming that the container is running, the next step is to view the logs to ensure that the application has loaded without errors and is functioning properly. The docker logs command will allow you to see the output generated by your application.

sudo docker logs mikopbx

Check the command output for a message similar to the one below. This message indicates that MikoPBX is successfully loaded and ready for use:

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
|               All services are fully loaded welcome                |
|                       MikoPBX 2024.1.60.                           |
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
|                        Web Interface Access                        |
|                                                                    |
| Local Network Address:                                             |
| https://10.0.0.4                                                   |
|                                                                    |
| Web credentials:                                                   |
|    Login: admin                                                    |
|    Password: admin                                                 |
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
| SSH access disabled!                                               |
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

If you see the MikoPBX startup process, wait a moment and re-run the command sudo docker logs mikopbx

Step 3: Check access to the web Interface

When the container starts, it lacks information about the host system's address, so you need to open the external address of the host system, in this case, Ubuntu, in a web browser. https://<host machine IP>

Log into the web interface using the admin login and the admin password to make sure that the web interface is accessible and functioning correctly.

Features of containerized MikoPBX

The NET_ADMIN flag is required for the proactive protection system fail2ban and the firewall iptables to function inside the container. When an access block is triggered, for example, by entering an incorrect password, access from the IP address of the attacker will be blocked.
If you need to use the "Backup Module", the container should be run with the –privileged flag. When MikoPBX is run in a container, backups can also be performed by manually archiving the cf and storage directories. In this case, the privileged mode is not necessary, but the container must be stopped during copying.
The –net=host flag indicates that NAT between the host and container will not be used. MikoPBX will be directly connected to the host machine's network. All ports that the container needs to occupy will also be occupied on the host machine. If any port on the host machine is unavailable, errors will occur when loading MikoPBX. More details in the Docker documentation...
If necessary, you can adjust the standard set of ports used by MikoPBX. This can be done by declaring environment variables when launching the container.

Creating a container from a tar archive

In addition to using our official registry, you might need to create a container from an image, for example, for a beta version. Our published releases and pre-releases include a tar archive, which we use to create a container.

Here is an example code for its use:

# Create a container from a tar archive
sudo docker import \
  --change 'ENTRYPOINT ["/bin/sh", "/sbin/docker-entrypoint"]' \
  mikopbx-2024.1.114-x86_64.tar \
  "mikopbx:2024.1.114"

# Launch the created container
sudo docker run --cap-add=NET_ADMIN --net=host --name mikopbx --hostname mikopbx \
	 -v mikopbx_cf:/cf \
	 -v mikopbx_storage:/storage \
	 -e SSH_PORT=23 \
	 -e ID_WWW_USER="$(id -u www-user)" \
	 -e ID_WWW_GROUP="$(id -g www-user)" \
	 -it mikopbx:2024.1.114

Environment variables for configuring MikoPBX

Below are some of the environment variables that will allow you to adjust the MikoPBX ports and settings used.

SSH_PORT - port for SSH (22)
WEB_PORT - port for the web interface via HTTP protocol (80)
WEB_HTTPS_PORT - port for the web interface via HTTPS protocol (443)
SIP_PORT - port for connecting a SIP client (5060)
TLS_PORT - port for connecting a SIP client with encryption (5061)
RTP_PORT_FROM - beginning of the RTP port range, voice transmission (10000)
RTP_PORT_TO - end of the RTP port range, voice transmission (10800)
IAX_PORT - port for connecting IAX clients (4569)
AMI_PORT - AMI port (5038)
AJAM_PORT - AJAM port used for connecting the telephony panel for 1C (8088)
AJAM_PORT_TLS - AJAM port used for connecting the telephony panel for 1C (8089)
BEANSTALK_PORT - port for the Beanstalkd queue server (4229)
REDIS_PORT - port for the Redis server (6379)
GNATS_PORT - port for the gnatsd server (4223)
ID_WWW_USER - identifier for www-user (can be set with the expression $(id -u www-user), where www-user is NOT a root user)
ID_WWW_GROUP - group identifier for www-user (can be set with the expression $(id -g www-user), where www-user is NOT a root group)
WEB_ADMIN_LOGIN - login for Web interface access
WEB_ADMIN_PASSWORD - password for Web interface access

A full list of all possible setting parameters is available in the source code here.

Running MikoPBX using docker compose

To work with MikoPBX in a container, you need to install Docker and Docker Compose following the instructions

Docker compose launch option

Here is an example of a docker-compose.yml file that can be used to manage your MikoPBX container via Docker Compose:

docker-compose.yml

services:
  mikopbx:
    container_name: "mikopbx"
    image: "ghcr.io/mikopbx/mikopbx-x86-64"
    network_mode: "host"
    cap_add:
      - NET_ADMIN
    entrypoint: "/sbin/docker-entrypoint"
    hostname:  "mikopbx-in-a-docker"
    volumes:
      - /var/spool/mikopbx/cf:/cf
      - /var/spool/mikopbx/storage:/storage
    tty: true
    environment:
      - ID_WWW_USER=${ID_WWW_USER}
      - ID_WWW_GROUP=${ID_WWW_GROUP}
      # Change the station name through environment variables
      - PBX_NAME=MikoPBX-in-Docker
      # Change the default SSH port to 23
      - SSH_PORT=23
      # Change the default WEB port to 8080
      - WEB_PORT=8080
      # Change the default WEB HTTPS port to 8443
      - WEB_HTTPS_PORT=8443

Save the contents into a file named docker-compose.yml, make the necessary adjustments, and launch MikoPBX using the command:

export ID_WWW_USER=$(id -u www-user)
export ID_WWW_GROUP=$(id -g www-user)
sudo docker compose -f docker-compose.yml up

Running Multiple MikoPBX Instances on One Host

Mode Without Network Isolation Between Host and Containers (–net=host)

It is also possible to organize the launch of multiple MikoPBX containers on a single host. However, you need to consider Docker's port handling features. If the –net=host mode is not used, it will lead to a high load on the host system's CPU because Docker creates a separate rule in Iptables for each allocated port.

With the –net=host mode enabled, you need to manually monitor the distribution of available ports between the running containers and built-in applications. For instance, to run two MikoPBX containers on one host, you can use the following configuration file:

docker-compose.yml

services:
  mikopbx-first:
    container_name: "mikopbx-first"
    image: "ghcr.io/mikopbx/mikopbx-x86-64"
    network_mode: "host"
    entrypoint: "/sbin/docker-entrypoint"
    hostname: "mikopbx-in-docker-first"
    volumes:
      - /var/spool/mikopbx/first/cf:/cf
      - /var/spool/mikopbx/first/storage:/storage
    tty: true
    environment:
      - ID_WWW_USER=${ID_WWW_USER}
      - ID_WWW_GROUP=${ID_WWW_GROUP}
      - PBX_NAME=MikoPBXFirst
      - PBX_FIREWALL_ENABLED=0
      - PBX_FAIL2BAN_ENABLED=0
      - SSH_PORT=123
      - WEB_PORT=8080
      - WEB_HTTPS_PORT=8443
      - SIP_PORT=5060
      - TLS_PORT=5061
      - RTP_PORT_FROM=10000
      - RTP_PORT_TO=10800
      - IAX_PORT=4569
      - AMI_PORT=5038
      - AJAM_PORT=8088
      - AJAM_PORT_TLS=8089
      - BEANSTALK_PORT=4229
      - REDIS_PORT=6379
      - GNATS_PORT=4223
  mikopbx-second:
    container_name: "mikopbx-second"
    image: "ghcr.io/mikopbx/mikopbx-x86-64"
    network_mode: "host"
    tty: true
    entrypoint: "/sbin/docker-entrypoint"
    hostname: "mikopbx-in-docker-second"
    volumes:
      - /var/spool/mikopbx/second/cf:/cf
      - /var/spool/mikopbx/second/storage:/storage
    environment:
      - ID_WWW_USER=${ID_WWW_USER}
      - ID_WWW_GROUP=${ID_WWW_GROUP}
      - PBX_NAME=MikoPBXSecond
      - PBX_FIREWALL_ENABLED=0
      - PBX_FAIL2BAN_ENABLED=0
      - SSH_PORT=2223
      - WEB_PORT=8081
      - WEB_HTTPS_PORT=9443
      - SIP_PORT=6060
      - TLS_PORT=6061
      - RTP_PORT_FROM=20000
      - RTP_PORT_TO=20800
      - IAX_PORT=5569
      - AMI_PORT=6038
      - AJAM_PORT=9088
      - AJAM_PORT_TLS=9089
      - BEANSTALK_PORT=5229
      - REDIS_PORT=7379
      - GNATS_PORT=5223

Save the contents into a file named docker-compose.yml, make the necessary adjustments, and launch MikoPBX using the command:

export ID_WWW_USER=$(id -u www-user)
export ID_WWW_GROUP=$(id -g www-user)
sudo docker compose -f docker-compose.yml up

Network Bridge Mode (–net=bridge)

There is an option to launch MikoPBX containers in the –net=bridge mode. However, as mentioned above, to use this mode you either need to significantly limit the range of RTP ports or open them on the host machine without using Docker's capabilities.

For this, you will need to write a small script to determine the name of the current bridge interface and the IP address of each container. After running Docker Compose, you will then need to add the necessary iptables rules for the RTP port range as follows:

start-multiple-mikopbx.sh

#!/bin/bash

COMPOSE_FILE="$1"

if [ -z "$COMPOSE_FILE" ]; then
    echo "Usage: $0 path/to/docker-compose.yaml"
    exit 1
fi

# We will obtain the user ID for running the container
export ID_WWW_USER=$(id -u www-user)
export ID_WWW_GROUP=$(id -g www-user)

# Stop current containers if they are running
docker compose -f "$COMPOSE_FILE" down

# Remove them
docker compose -f "$COMPOSE_FILE" rm

# Start containers in the background
docker compose -f "$COMPOSE_FILE" up -d
sleep 60

# Create a label for IPTABLES rules
IPTABLES_COMMENT="mikopbx-custom-rule"

# Determine the project identifier, used when creating a network bridge
project_prefix=$(cat "$COMPOSE_FILE" | yq e '.x-project-name' -)

# If the prefix is not set, use a default value
if [ -z "$project_prefix" ]; then
    project_prefix="default_prefix"
fi

# Function to get container IP address
function get_container_ip() {
    docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' "$1"
}

# Function to get the name of the bridge interface
function get_bridge_name() {
    local network_name="$1"
    local prefix="$2"
    local network_id=$(docker network inspect "${prefix}_${network_name}" -f '{{.Id}}')

    if [ -z "$network_id" ]; then
        echo "Error: Network ${prefix}_${network_name} not found."
        return 1
    fi

    local bridge_name=$(ip link show type bridge | grep -o "br-${network_id:0:12}\b")
    echo $bridge_name
}

echo "Delete tagged iptables rules"
# Delete all iptables rules tagged with our comment
iptables -S | grep "$IPTABLES_COMMENT" | sed 's/-A /-D /' | while read rule; do
        echo "Delete rule $rule"
        iptables $rule
done

# Delete all NAT iptables rules tagged with our comment
iptables -S -t nat | grep "$IPTABLES_COMMENT" | sed 's/-A /-D /' | while read rule; do
     echo "Delete rule $rule"
     iptables -t nat $rule
done

# Parse the docker-compose file and obtain all necessary parameters.
echo "Parsing docker-compose file and configuring iptables rules"
cat "$COMPOSE_FILE" | yq e '.services[] | select(.environment[] | test("RTP_PORT_FROM")) | {"container_name": .container_name, "environment": .environment, "network": .networks[0]}' -o=json | jq -c '.' | while read -r service; do
    container_name=$(echo $service | jq -r '.container_name')
    network_name=$(echo $service | jq -r '.network')
    bridge_name=$(get_bridge_name "$network_name" "$project_prefix")
    container_ip=$(get_container_ip "$container_name")

    RTP_PORT_FROM=$(echo $service | jq -r '.environment[] | select(contains("RTP_PORT_FROM")) | split("=")[1]')
    RTP_PORT_TO=$(echo $service | jq -r '.environment[] | select(contains("RTP_PORT_TO")) | split("=")[1]')

    echo "Configuring iptables for $container_name ($container_ip) on $bridge_name from port $RTP_PORT_FROM to $RTP_PORT_TO"

    iptables -A DOCKER -t nat ! -i "$bridge_name" -p udp -m udp --dport $RTP_PORT_FROM:$RTP_PORT_TO -j DNAT --to-destination $container_ip:$RTP_PORT_FROM-$RTP_PORT_TO -m comment --comment "$IPTABLES_COMMENT"
    iptables -A DOCKER -d $container_ip/32 ! -i "$bridge_name" -o "$bridge_name" -p udp -m udp --dport $RTP_PORT_FROM:$RTP_PORT_TO -j ACCEPT -m comment --comment "$IPTABLES_COMMENT"
    iptables -A POSTROUTING -t nat -s $container_ip/32 -d $container_ip/32 -p udp -m udp --dport $RTP_PORT_FROM:$RTP_PORT_TO -j MASQUERADE -m comment --comment "$IPTABLES_COMMENT"

    echo "Don't forget to open UDP ports $RTP_PORT_FROM to $RTP_PORT_TO on external firewall if it exists"
done

echo "iptables configuration completed successfully."

Let's describe several containers in the docker-compose.yaml file, specify different ports for the web interface, SIP ports, and ranges of RTP ports to ensure they do not overlap.

docker-compose.yaml

services:
  mikopbx-first:
    container_name: "mikopbx-first"
    image: "ghcr.io/mikopbx/mikopbx-x86-64"
    entrypoint: "/sbin/docker-entrypoint"
    hostname:  "mikopbx-in-docker-first"
    volumes:
      - /var/spool/mikopbx/first/cf:/cf
      - /var/spool/mikopbx/first/storage:/storage
    tty: true
    cap_add:
      - net_admin
    networks:
      - network-bridge1
    environment:
      - ID_WWW_USER=${ID_WWW_USER}
      - ID_WWW_GROUP=${ID_WWW_GROUP}
      - PBX_NAME=MikoPBXFirst
      - RTP_PORT_FROM=10000 # UDP range 10000-10800 on host will be directed to the container
      - RTP_PORT_TO=10800
      - WEB_ADMIN_PASSWORD=mikopbx-first-password
      - ENABLE_USE_NAT=1
      - PBX_FIREWALL_ENABLED=1
      - PBX_FAIL2BAN_ENABLED=1
    ports:
      - "8443:443"  # TCP port 8443 on the host is directed to port 443 in the container
      - "5060:5060/udp"  # UDP port 5060 on the host is directed to port 5060 in the container
  mikopbx-second:
    container_name: "mikopbx-second"
    image: "ghcr.io/mikopbx/mikopbx-x86-64"
    tty: true
    cap_add:
      - net_admin
    networks:
      - network-bridge2
    entrypoint: "/sbin/docker-entrypoint"
    hostname:  "mikopbx-in-docker-second"
    volumes:
      - /var/spool/mikopbx/second/cf:/cf
      - /var/spool/mikopbx/second/storage:/storage
    environment:
      - ID_WWW_USER=${ID_WWW_USER}
      - ID_WWW_GROUP=${ID_WWW_GROUP}
      - PBX_NAME=MikoPBXSecond
      - RTP_PORT_FROM=20000 # UDP range 20000-20800 on host will be directed to the container
      - RTP_PORT_TO=20800
      - EXTERNAL_SIP_PORT=6060 # Inform MikoPBX about its external SIP port
      - WEB_ADMIN_PASSWORD=mikopbx-second-password
      - ENABLE_USE_NAT=1
      - PBX_FIREWALL_ENABLED=1
      - PBX_FAIL2BAN_ENABLED=1
    ports:
      - "9443:443"  # TCP port 9443 on the host is directed to port 443 in the container
      - "6060:5060/udp"  # UDP port 6060 on the host is directed to port 5060 in the container
x-project-name: mikopbx # This parameter must be present
networks:
  network-bridge1:
    driver: bridge
  network-bridge2:
    driver: bridge

Creating a directory for scripts

mkdir -p /usr/src/mikopbx

Save the start-multiple-mikopbx.sh and docker-compose.yaml files into this folder.

Install the necessary dependencies for the script.

sudo apt-get update
sudo apt-get install jq
sudo snap install yq

Navigate to our folder, add execution rights and launch our script.

cd /usr/src/mikopbx
sudo chmod +x start-multiple-mikopbx.sh
sudo ./start-multiple-mikopbx.sh docker-compose.yaml

While waiting for the containers to start, check the firewall settings on the host, and if necessary, open the ports specified in our docker-compose.yaml file, specifically:

TCP/UDP ports 5060 and 6060 for SIP
UDP ranges 10000-10800 and 20000-20800 for RTP voice transmission
TCP ports 8443 and 9443 for HTTPS protocol, for web interface operation.

Access each station in turn at the addresses:

https://<host machine IP>:8443
https://<host machine IP>:9443

To access the web interface of the first MikoPBX, use the login admin and the password mikopbx-first-password

To access the web interface of the second MikoPBX, use the login admin and the password mikopbx-second-password

Each machine should have NAT mode enabled, indicating that the container is behind a router in the network interface settings. If the stations will be used within a local network, then in the external IP field, enter the local IP address of the host machine, otherwise its public IP address.

Important note! One of our containers uses port forwarding from SIP port changing its value from 5060 to 6060. In this case, for the system to function correctly, you need to add the external value of the SIP port in the NAT settings in the network interfaces section of MikoPBX. This setting can also be made by setting the corresponding value of the environment variable EXTERNAL_SIP_PORT=6060 in the docker-compose file.

With that, the setup is complete, and you can configure accounts and make calls.

Environment variables for configuring MikoPBX

Below are some of the environment variables that will allow you to adjust the MikoPBX ports and settings used.

SSH_PORT - port for SSH (22)
WEB_PORT - port for the web interface via HTTP protocol (80)
WEB_HTTPS_PORT - port for the web interface via HTTPS protocol (443)
SIP_PORT - port for connecting a SIP client (5060)
TLS_PORT - port for connecting a SIP client with encryption (5061)
RTP_PORT_FROM - beginning of the RTP port range, voice transmission (10000)
RTP_PORT_TO - end of the RTP port range, voice transmission (10800)
IAX_PORT - port for connecting IAX clients (4569)
AMI_PORT - AMI port (5038)
AJAM_PORT - AJAM port used for connecting the telephony panel for 1C (8088)
AJAM_PORT_TLS - AJAM port used for connecting the telephony panel for 1C (8089)
BEANSTALK_PORT - port for the Beanstalkd queue server (4229)
REDIS_PORT - port for the Redis server (6379)
GNATS_PORT - port for the gnatsd server (4223)
ID_WWW_USER - identifier for www-user (can be set with the expression $(id -u www-user), where www-user is NOT a root user)
ID_WWW_GROUP - group identifier for www-user (can be set with the expression $(id -g www-user), where www-user is NOT a root group)
WEB_ADMIN_LOGIN - login for Web interface access
WEB_ADMIN_PASSWORD - password for Web interface access

A full list of all possible setting parameters is available in the source code here.

User manual

Telephony

Extensions

Setting Primary Phone Numbers

Connecting softphones

Connecting telephones

Yealink T19
Yealink T21
Yealink T28
Snom D120

Extensions List

The "Extensions" section displays a list of internal user accounts for employees. On the left side of each employee, the status of the authorized device is displayed. If the device is successfully authorized under the respective internal user account, a green circle is shown; otherwise, it appears gray.

In the search bar, you can find the desired contact. You can search by the employee's name, internal number, mobile number, or email address.

The form also provides the ability to sort the list of employees by name, internal number, mobile number, or email address. There are buttons for copying the account password to the clipboard, editing the account, and deleting the account.

Adding an Employee

To add a new employee, simply click on the "Add new extension" button.

Main Account Settings

On the "Basic Parameters" tab, you can configure the general settings for an employee's internal account:

Username: This value will be used for name substitution and displayed in the corresponding field on the phone screen.
Internal Number: This is the employee's internal extension number, which is also used as the login when connecting the phone.
Mobile Number: It is used for additional routing purposes.
Email Address: It is used for email notifications.
Password for SIP

Please ensure that the passwords for SIP accounts meet the following requirements:

The password length should be greater than eight characters.
The password should contain both uppercase and lowercase letters. The password should include numbers and special characters: "-", "_", "[]", "{}", "@", ";".
By setting complex passwords, you can enhance the security of the user accounts and protect them from unauthorized access.

Advanced Account Settings

Accesses the Advanced drop-down list.

Redefining the set string

In the "Redefining the set string" field, enter the dialing rule for mobile numbers according to your provider's requirements.

Call recording

If you want employees to have the ability to record conversations, you can enable the Сall recording feature.

DTMF Mode

The setting determines how DTMF (Dual Tone Multi-Frequency) signals are transmitted over the SIP protocol. DTMF signals are used, for example, when dialing phone numbers or interacting with IVR systems.

Transport protocol

This setting allows you to specify the transport protocol used for this account. The transport protocol determines how data is transmitted over the network. The most common transport protocols used in SIP (Session Initiation Protocol) are UDP (User Datagram Protocol), TCP (Transmission Control Protocol), and TLS (Transport Layer Security)

Network filter

The subnet described in the "Network Firewall" section specifies the allowed subnet for this account. It determines which IP addresses or networks are permitted to connect to this account. Connections originating from other subnets will result in authentication errors.

Manual additional attributes for SIP

This field is used to modify/override the configuration files of Asterisk. You can override almost all parameters. For example, when using chan_pjsip, a SIP account for an employee is described by the following sections:

[***]
type = aor
max_contacts = 10
; ----

[***]
type = auth
; ----

[***]
type = endpoint
context = all_peers
; ----

[acl_***] 
deny = 0.0.0.0/0.0.0.0
permit = 0.0.0.0/0.0.0.0
; ----

To override fields in the sections, you should fill in the "Additional Parameters" field as follows:

[acl]
; Describe access parameters from different subnets [acl_***]

[auth] 
; Describe authentication parameters for outbound calls

[aor]
; Edit AOR section for the endpoint

[endpoint] 
; Edit endpoint parameters

Routing Settings

On this tab, you can set rules for call forwarding when the employee is unavailable, busy, or does not answer.

Set the time period in seconds during which the call will be directed to the employee's internal account. If the employee cannot answer the call within the specified time, indicate to which number the call should be forwarded. By default, the call will be redirected to the employee's mobile number.

You can also specify the numbers to which the call should be redirected in case of busy and unavailable status.

Feel free to configure these parameters according to your preferences and requirements.

Call queues

Queues allow you to:

Distribute phone calls among a group of employees (agents): You can create a call queue and add multiple employees to it. When a call comes in, the system automatically routes it to an available employee in the queue, ensuring a more even distribution of workload and increasing call handling efficiency.
Hold the customer on the line when all employees are busy: If all employees in the queue are occupied with other calls, the customer will be placed on hold until one of the employees becomes available. This helps avoid call abandonment and ensures better customer service.
Notify the customer of their position in the queue and approximate wait time: While the customer is in the queue, the system can provide information about their current position in the queue and an estimated wait time. This helps keep the customer informed and improves their waiting experience.
Display the queue name along with the customer's number on the employee's phone: When an employee answers a call from the queue, their phone displays not only the customer's number but also the name of the corresponding queue. This helps the employee handle calls more effectively and provide personalized service.

To configure call queues in MikoPBX, go to the "Telephony" section and select "Call Queue." Here, you can create and customize your queues according to your business requirements and customer service needs.

The default call duration for a queue is set to 300 seconds (5 minutes). After this time limit is reached, the call will be automatically terminated. To bypass this limitation, you can configure "Scenario 1" as described in the instructions for "Call Routing on Failures".

Main settings

To add a new queue, perform the "Add a new call queue" action

In the queue creation form or dialog, you will find the following fields:

Queue Name: Enter a name for the queue. This name will be used for reference when setting up call routing rules.
Note: Provide a brief description or note about the queue. This information will be visible in the queue list, allowing you to provide additional details or instructions.

Queue Operators

In the Queue Operators section, you can add an arbitrary number of employees (queue agents) and specify a call distribution strategy.

Here are the options for queue strategy:

Ring All: Calls are distributed to all available agents until someone answers the call (default behavior).
Least Recent: The call is routed to the agent who has been idle for the longest time within the queue.
Fewest Calls: The call is routed to the agent who has handled the fewest number of calls within the queue.
Random: A random available agent within the queue is selected to receive the call.
Round Robin: The call is distributed to each agent in a sequential manner, cycling through the list of agents.
Memory Hunt: The system remembers the last agent who answered a call and starts the distribution from that agent onwards.

When setting up a queue, you can choose one of these strategies to determine how calls are distributed among the agents in the queue. The strategy you select will depend on your specific call handling requirements and the desired distribution behavior

Advanced Settings

In this section, you can provide additional information:

Phone number for this queue - you can call the queue using this number from any internal employee extension. Calls can also be transferred to this number.
Short name for the queue - for display before the CallerID on the telephone device of the subscriber, for example, "consult."

Queue settings for the agent

Time attempt call to agents - the duration in seconds for which a call will ring on an individual agent's phone. After this time elapses, the call to the agent will be logged as a missed call in the call history. Once the ring time is over, the call will be routed to the next available agent based on the selected strategy.
The rest time of the agent after the processing of the call, before starting to accept new calls - the duration in seconds that is counted from the moment an agent finishes a call from the queue until they are ready to receive new calls. This period allows agents to update notes, complete necessary tasks, or take a short break before being assigned another call.
Receive New Calls During A Call - this toggle switch enables or disables the ability to receive new calls while the agent is already on a call. When enabled, agents can handle multiple calls simultaneously.

Queue settings for the caller

What the caller hears while waiting - During the wait for their call to be answered, the caller can hear either hold music or a ringing tone.
Background Music (MOH) - You can specify a unique audio file to be played to the caller during the wait, such as promotional materials.
Notify about current queue position - If all operators (queue agents) are occupied, enabling this toggle switch allows you to notify the caller about their position in the queue. If the Additional Audio Announcement option is activated, this announcement will supplement the information about the position.
Notify about estimated hold time - If all operators (queue agents) are occupied, enabling this toggle switch allows you to inform the caller about the approximate wait time for a call to be answered. If the Additional Audio Announcement option is activated, this announcement will supplement the information about the estimated wait time.
Additional notification - A sound message is played only if all participants in the queue are occupied.
Time in seconds to repeat all alerts periodically - Describes the interval at which to announce the queue position, wait time, and announcement.

Call routing in case of failures

The script #1 - In this scenario, you can configure the maximum allowable wait time for a client in the queue. If none of the queue agents can answer the client within the specified time, you can set a number to which the call will be redirected.
The script #2 - If there are no agents available in the queue (meaning no agents are currently logged into the phone system), you can specify a number to which the client's call will be transferred.

In these scenarios, as a redirection number, you can choose not only an internal extension but also options such as a conference, queue, IVR (Interactive Voice Response), or a special number within the dial plan application. These options provide flexibility in directing the call to different destinations based on your specific requirements or business needs.

The default call duration for the queue is set to 300 seconds (5 minutes). If you require a longer interval, you can specify a higher duration in Scenario 1 and provide a backup number to redirect the call to. This allows you to customize the wait time and ensure that if none of the queue agents can answer the call within the specified duration, it will be redirected to the designated backup number.

IVR Menu

An IVR menu includes options for routing incoming calls using an interactive voice menu. It allows callers to navigate through a series of menu prompts using their telephone keypad or voice input. The IVR menu typically provides various choices or options for callers to select based on their needs or preferences. Each option in the menu can be associated with a specific action or routing destination, such as transferring the call to a particular department, providing self-service options, or connecting the caller to a specific extension or queue. The IVR menu enhances the caller's experience by offering a self-service mechanism and streamlining call routing based on their selections.

Pre-configuration

Before creating an IVR menu, it is necessary to upload audio files that will be played to callers when they contact your company. The audio files can be added in the "Telephony" -> "Sound files"

Choose your music file using "Upload a new file"

Additionally, there is the option to record a file using a microphone if you connect to the MikoPBX over HTTPS.

Go to Telephony → IVR menu.

Press "Add New IVR Menu."

Set the name, number, and, if necessary, a comment for the IVR menu. Select the audio file that you uploaded in the previous step.

Configure Actions when you extend. In the first column, specify the extension number, and in the second column, set the addressing rule.

Set the number of retries before transferring to the default number.

Set the timeout for entering an extension number (value in seconds) after which the voice greeting will be repeated.

The Default extension is required in case the client does not enter an extension number (for example, due to technical limitations).

Enable the "Allow Dialing of any extension" toggle switch if needed.

Enter the IVR menu number that can be dialed to reach that specific IVR menu.

Press "Save."

How IVR works

The principle of operation of an IVR (Interactive Voice Response) is as follows:

When calling the IVR menu number, the Voice Greeting audio file starts playing.
During the playback of the voice menu, the caller can enter an extension number. The "Allow Dialing Any Internal Number" flag determines if callers can dial any internal number, including queues, IVRs, or internal extensions.
After the voice menu is played, there is a waiting period of the "Input Extension Timeout" for entering an extension number.
The total time allowed for entering the extension number is calculated as the sum of the audio file duration and the input extension timeout.
If the total time for entering the extension number expires, a repeat voice announcement occurs, and there is another waiting period within the timeout for the next IVR attempt.
If the user enters an incorrect number or does not enter any number at all, a repeat voice announcement occurs, and there is another waiting period within the timeout for the next IVR attempt.
The maximum number of attempts is set by the "Number of Retries" parameter before transferring to the default number.
Once the number of attempts exceeds the specified value, the call is redirected to the default number.

Conferences

Conference calling is used for conducting group discussions, meetings, or negotiations in cases where participants are unable to meet in person. It is also used when a particular matter needs to be discussed with multiple participants simultaneously.

Create conference rooms

The list of conference rooms is located in the Telephony -> Conferences section.

To create a new conference room, click the "Add conference".

You must specify the name of the conference and its internal number, by calling which you can enter this conference

To prevent unauthorized access to the conference by employees for whom the discussion is not intended, you can secure the conference room with a password. To do this, fill in the "Conference Pin" field. Only digits can be entered in this field, with a minimum requirement of at least one digit.

In this case, to join the conference, employees will need to enter the PIN code after dialing the conference PIN.

Characteristics of conference calling include:

Communication is conducted solely through voice (no other means of information transmission besides speech are provided).
All participants can speak and hear each other simultaneously, ensuring duplex communication.
Participants use telephones (hardware or software) for communication.

Usage:

Each participant dials the conference number. The first participant hears hold music until at least one more participant joins the conference. An employee can transfer their caller into the conference by using specific key combinations on their phone. Transfers can be made to both internal and external numbers. The key combination for transfers is set in the System -> General Settings -> Call Transfers section.
Example: An employee dials the combination **1111 (the combination for unconditional transfer), and their caller joins the conference as its first participant. The call is completed for the transferring employee, and to join the conference, they dial the conference number 1111.

The maximum number of conference participants is not limited.

Sound files

Uploading a sound file to the PBX

Supported file format mp3 and wav

Audio files in MikoPBX are used in various call scenarios and interactive voice menus (In IVR menu, during non-working hours, in call queues, for various system notifications, and in hold music.) to play voice greetings or notify customers.

The list of available sound files is displayed in the Telephony -> Sound files.

To add a new sound file, click "Add a new sound file".

Click "Upload a new file" and select a sound file.

Correct the file name if necessary.

Сохраните изменения.

When working over the https protocol, it is possible to record an audio file using a microphone.

Sound files are stored on the PBX along the path /storage/usbdisk1/mikopbx/media/custom

Music on hold

The function is available starting from version 2020.2.XXX

If a client gets into a queue during a call or is waiting for redirection, the PBX plays a melody for him. It is possible to download your own tunes for listening while waiting.

You can do this on the Music on Hold tab as described above.

Call detail records (CDR)

Here you can find information about Call Detail Rescords (CDR)

Call History provides a log of all incoming, outgoing, and internal calls. It is located under Telephony -> Call History.

Benefits

The Call History feature in MikoPBX enables users to:

Display all calls;
Filter calls based on criteria;
Visually identify missed calls from the call log;
Download or listen to call recordings.

Each entry in the call log contains information about:

The caller’s phone number (Who);
The recipient’s phone number (To Whom);
The date and time of the call (Call Date);
The duration of the call (Duration) – this excludes time spent on greetings or announcements.

Calls marked in red are missed calls. Their duration is logged as zero, and these calls cannot be played back:

For answered calls, users can listen to or download the recording. Call recordings are downloaded locally to your PC in .mp3 format.

Each call log entry provides detailed information about the participants involved.

Filters

To apply a filter, press Enter after entering the search criteria.

The search bar in the Call History page supports the following filters:

Phone Number Filter

You can search using either an internal staff number or an external client number.

Two Phone Numbers Filter

Enter two phone numbers separated by a space. For example, entering "74952293042 302" will display all answered calls between these numbers. Answered calls are those with a duration greater than 0 seconds, excluding greeting time.

Date Filter

When opening the Call History, the log defaults to the current date. To filter for a specific period, select the date range and click Apply.

Call Routing

VoIP providers

General Information

To make or receive external phone calls over the public switched telephone network or the Internet, you must create at least one provider account. Each technology has its own account type. To add a new account or modify an existing one, go to Routing -> Telephony Providers.

The provider overview contains a list of all available service providers. A green icon next to the provider's name indicates that MikoPBX has registered this provider, and you can start using this provider. You can enable or disable the use of the provider using the switch on the left.

To connect a new provider account, click Connect SIP or Connect IAX depending on the type of account you are connecting.

Setting up SIP Provider

General Settings

In the general settings of the SIP provider, specify the following settings:

Provider Name - an arbitrary name that is convenient for you. It will be displayed in the selection lists in the corresponding menus.

Account Type - the type of registration for the provider account.

Provider host URL or IP Address - can be either a URL or an IP address.

Username and Password provided by your provider.

DTMF Mode - determines how DTMF signals are transmitted over SIP. There are different standards used to transmit DTMF to SIP providers. Try using different standards to find the mode that suits you.

inband sends keypresses as "tones." To use this standard, you need a high-quality audio codec.
Auto, rfc, and info transmit keypresses through SIP encoding.

Advanced SIP Provider Settings

Additional provider hosts or ip

In this section, list all communication service provider addresses from which incoming calls can arrive. Access to these addresses for SIP and RTP ports will be automatically opened on the firewall.

SIP Connection Port

By default, it is set to 5060. The SIP protocol describes how a client application (e.g., a softphone) can request the initiation of a connection from another, possibly physically remote client in the same network using its unique name. The protocol defines how clients agree on opening exchange channels based on other protocols that can be used for direct information transmission (e.g., RTP).

Transport Protocol

Allows you to specify the transport protocol used for this provider account.

Outbound Proxy

This is the provider's SIP proxy server for processing requests. The actual SIP server may differ from this address. The outbound proxy takes on primary requests and forwards them to the appropriate server.

Support NAT Session

When this option is enabled, Asterisk will send SIP OPTIONS packets. This is necessary to support NAT tunneling on your router.

Specify the frequency with which Asterisk will send OPTIONS-type SIP messages to check if this device is working and available for making calls.

If this device does not respond within the specified period (default is 60 seconds), Asterisk considers it turned off and unavailable for making calls.

Redefining SIP Header "From"

You can disable the use of the fromuser field of the SIP packet header.

The fromuser and fromdomain parameters in the pjsip.conf file are used for outgoing calls from Asterisk to the SIP device.

You can override:

the username in the From field in SIP packets (fromuser).
the domain name in the From field in SIP packets (fromdomain).

The fields User and Domain serve this purpose.

Additional Parameters

In this field, you can modify Asterisk configuration files.

You can override almost all parameters. For example, when using chan_pjsip, the provider is described with the following sections:

To override fields in sections, fill in the Additional Parameters field as follows:

To complete the configuration, click Save Settings.

Multiple Providers on One IP

There are cases when you need to connect multiple accounts from one communication service provider. In this case, the settings Host or IP Address and SIP Connection Port may be the same for all accounts.

Asterisk handles this situation differently. The PBX will not be able to correctly route the call to the desired provider, and the call will be dropped.

As a solution, in older versions of the PBX, you could describe additional inbound routes for which you would fill in the Additional Number (DID) field with the Username value for each account of the provider. This required creating N number of additional routes, equal to the number of provider accounts.

The Username field, in most cases, will be used as the destination number Additional Number (DID) for incoming calls. Considering that outgoing routes for all Usernames will be configured, the call will be correctly processed by the PBX.

More about Registration Types

Outgoing Registration

This option is used when connecting most providers.

Registration is necessary when the provider cannot know from which IP address the client will connect. For example, when the PBX is behind NAT. The provider's server is usually on a public IP address.

Incoming Registration

This option is relevant for the operation of some FXO / GSM gateways when an external device must connect to your PBX using a login and password.

This option is also relevant when the remote device is behind NAT, and MikoPBX cannot know its IP address.

IP Authentication, No Password

Relevant for secure private networks. For example, Rostelecom often lays its network cable and connects the client to its local network.

In this case, the PBX and the provider must be in the same network.

Incoming routing

General information

In this section, you need to create rules and templates for distributing incoming calls for providers created in MikoPBX. The rules for incoming calls describe the route of a call from the moment it arrives at the PBX to the moment it is completed. You can create an unlimited number of inbound routing rules. You can create several rules for one provider.

Routing rule priority and default route

Rules are listed in order of priority. If no one answers the incoming call within the time interval specified in the rule, the call will be routed to the next priority rule. Rules can be moved up and down in the list, that is, their priority can be changed by dragging them by the arrows.

If the call is not answered according to any of the rules, the Default incoming route is used.

The following actions are available and can be specified as the default rule:

Play busy signal - the client will play a busy signal and the incoming call will be ended;
Hang up;
Redirect the call - the call can be transferred to a number that you can select in the field located to the right of the action. You can select an IVR menu, call queue, conference, or employee extension number as the number for transfer.

Multiple routes for one provider

For one provider, you can describe several incoming routes.

First, the call goes along the upper route. If the client does not get through, then the call goes according to the lower rule (lower priority). If the client does not get through via the second route, then the call goes through the default route.

Create a routing rule

To add a new incoming routing rule, click the Add a new rule button.

In the Note field, describe the route you want to implement. In the future, this will help you debug the call circuit.

Select the Provider for which you are creating a new incoming call distribution template.

The additional DID number is the number the client called you on. This field is optional and should be completed if you need to route calls more accurately.

At the next step, you need to indicate to which phone number the incoming call from the client will be sent. The telephone number can be IVR menu numbers, call queues, conferences, or employee internal numbers.

Specify the time during which the call will be sent to the phone number you specified.

If after the specified time interval no one answers the incoming call, the call will be routed to the next priority rule.

Night and Holiday Switch

Purpose

In this section, rules for operating the station during non-working hours, holidays, and weekends are described. During non-working days, typically no employees are available to answer calls, so a voice notification is played to the caller requesting them to call back during regular business hours.

Creating a rule

To add a new rule, click on the "Add Time Interval" button.

A form for creating a new rule will open.

In the form, you will find the following fields:

Period: The calendar period when employees are absent from the office, such as during New Year's or May holidays.
Weekdays: Specific weekdays for which the rule will be applied.
Time Range: The time period during the day when employees are absent.
Incoming Call Action: You can choose to play a sound file or perform a call transfer. Call transfer options include transferring the call to a conference, IVR menu, queue, internal employee extension, or specific termination numbers.

In the Note field, you can add a note with a description of the created rule, so that you can quickly navigate through the essence of this rule using this description. With the eraser button, you can clear the fields opposite which this button is located.

Apply only to certain incoming routes

By activating this function, a new menu "Route restrictions" will appear on top of you

Here you can choose which specific routes the rule you are creating will apply to.

Examples of rules

This rule is used for calls during non-working hours from Monday to Friday, specifically from 7:00 PM to 9:00 AM

This rule is used to handle calls on Saturdays and Sundays.

Outbound routing

Purpose

Create a rule

In this section, you need to create rules and templates for distributing outgoing calls for providers connected to the PBX.

You can create an unlimited number of outbound routing rules.

You can create several rules for one provider.

Step 1: Add a new rule

To add a new outgoing routing rule, click the Add a new rule button.

Step 2: Title and Note

The name of the rule can be set arbitrarily.

In a note, you can describe the call route that you want to implement; this can help you in debugging in the future.

Step 3. Setting the number template

The example in the picture above means the following: if the dialed number starts with "345" or "375" and the rest of the number consists of 10 digits.

If the dialed number matches the rules of several routes, then the call will be made in the order of the route descriptions, one by one, until the call is answered, or until there are no more suitable routes.

Step 4: Number Conversion

Convert number - this setting is intended to remove the number prefix and replace it with the desired prefix.

In the example given, digits are not cut off at the beginning of the number and digits are not added.

Step 5. Selecting a provider

Select from the list the provider for which you configured outgoing routing and save the changes.

Examples

Examples of number templates

Examples of changing number prefixes

Example 1. It is necessary to replace the number prefixes “+7” with “8”.

For example, the number +74952293042 should be converted to the number 84952293042.

The implementation of the rule looks like this:

Example 2. It is necessary to replace the number prefixes “8”, “7” with “+7”.

For example, the numbers 84952293042 and 74952293042 should be converted to +74952293042.

The implementation of the rule looks like this:

Example 3: You need to add the prefix "8" to the number.

For example, the numbers 4952293042 and 4996382584 should be converted to 84952293042 and 84996382584 respectively.

The implementation of the rule looks like this:

Example 4: You need to remove the area code "8495" or "7495" or "8499" or "7499" and leave the 7-digit number.

For example, the numbers 84952293042 and 74996382584 should be converted to 2293042 and 6382584 respectively.

The implementation of the rule looks like this:

Modules

Registration in the modules marketplace

Description of the registration process

General Information

Registering in the MikoPBX Module Marketplace is not required for the system’s basic functionality. You can fully utilize MikoPBX for handling calls without registration or installing additional modules. However, we recommend registering in the marketplace to expand your system’s capabilities.

Registration gives you access to additional modules and extensions. These include both free modules (moved out of the core system for easier initial setup) and paid modules from us and third-party developers. If you are a developer, you can contact us at [email protected] to get instructions on creating and adding your module to the Marketplace.

MikoPBX is a free solution and does not require registration. The absence of a license does not impact call functionality. You can register or cancel your Marketplace registration anytime.

To begin the registration process, navigate to "Modules" -> "Marketplace of modules":

If you are not registered in the Marketplace, the section will look as follows:

Registration Process

One license key is issued per company. If your company uses multiple MikoPBX instances, a single registration is sufficient.

To start the registration process, click the Register in Marketplace button:

The license key stores all your licenses for MikoPBX products. If you already have a key, you can enter it in the corresponding field. If you've forgotten your key, search your email inbox for messages from [email protected]

If you don’t have a key, you can generate a new one by completing the registration form:

Organization Name – Enter your company/organization name.
Contact Email – Enter your organization’s email address.
Contact Person – Enter the name of the contact person.
Contact Phone (optional) – Provide a contact number.
Unique Company Identifier (e.g., Tax ID, VAT) (optional).

Click Register.

Upon successful registration, you will see the following screen:

A notification confirming the system's registration.
The license key field will display a blurred value by default. Hover over it to view or copy the key.

License Management

To manage your license, go to Marketplace -> License Management and click the corresponding option:

Enter your license key in the Enter your license key or activated coupon field and click Login:

You will access a system with nine sections:

Go to the Session monitor section:

In the Info column, click the i button for each binding to view detailed host information.

In the Action column, use the Drop button to unbind the license from the current host.

Potential Issues

Registration Issues

If you encounter issues during registration, check for internet access to the MikoPBX server. Ensure connectivity to lic.miko.ru and lic.mikopbx.com over port 443 (HTTPS). Verify firewall settings and network permissions.

Strikethrough Key Icon

MikoPBX periodically connects to licensing servers to verify installed modules. If a module license becomes unavailable, the module will be disabled, and a strikethrough key icon will appear next to its name.

Module management

This guide explains how to connect, configure, and manage modules in MikoPBX. It also covers how to install applications using the built-in Marketplace.

Additional modules allow you to expand the functionality of the main system. In this guide, you will find information on managing modules and installing applications using the built-in Marketplace.

To use both paid and free modules, you need to register your copy of MikoPBX and obtain a free license key. Instructions on how to do this can be found .

Detailed instructions for configuring and operating each module can be found .

You can find the Module Management section under "Modules" -> "Marketplace of modules".

Installed Modules

All installed modules are listed under the tab of the same name:

You can upload your own module using the "Upload New Module" button. You need to upload .zip files. After uploading, the module will appear in the list under the "Installed Modules" tab.

You can also access the settings of any module for further configuration:

Additionally, you can enable or disable a module.

From the interface of an installed module, you can quickly access its documentation by clicking on the question mark to the right of the module's short description:

Quick Access to Modules

You can add any module to the sidebar menu for quick access, which can be useful if you need constant access to the module's settings to change parameters or its status.

To do this, follow these instructions:

Go to the settings of the module you want to add to the sidebar menu by clicking on the edit icon to the right of the module's version:

Click on the settings icon to the right of the module's status to access the display settings for the module in the sidebar menu:

In this section, you can:

Toggle the display of the module in the sidebar menu—"Show module in sidebar menu".
Choose the section where it will be displayed—in the example, the "Modules" section is selected.
Specify a custom name for the module if desired.

After completing the settings, click "Save".

Marketplace

In this section, you can install modules from MIKO as well as from partner developers.

Each module has a button for downloading and installing it. Basic information about the module with a short description is also displayed here.

To the left of the module's name, you can find an icon indicating whether it is paid or free. For example, in the image above, the "Access Control Management" module is paid, while the "Backup&Recovery module" module is free.

Module Card

You can access a module's detailed page by clicking on its name in the Marketplace interface.

Here you can find the version of the current release, information about the developer, and whether the module is paid or free. There are also three sections:

Module Description

This section contains images illustrating the module's functionality and settings. Additionally, there is a basic description of the module and a "Useful Links" section with a link to detailed documentation on configuring and operating the module.

Version History

In this section, you can find the module's version history with detailed descriptions of changes, as well as the minimum compatible version of MikoPBX for proper operation. You can also install a specific version of the module by clicking on the blue link under its description.

Activating Coupons

If you purchase a module, you will receive a coupon. To activate it, go to Modules -> Marketplace of modules:

Then navigate to the "License Management" section.

In the "Activate Coupon" field, enter your coupon code and click "Activate Coupon"

The protection key always starts with MIKO-. Coupons for modifying product composition always start with MIKOUPD-.

Maintenance

System upgrade

This article contains step-by-step instructions for updating MikoPBX to a newer version.

Before updating, be sure to back up your PBX settings using the .

Updating from the MikoPBX console

Below is an example of a PBX installed on a VirtualBOX virtual machine, updated from version 2023.1.223 to version 2023.2.206. Download the iso image of the required PBX version from the .

In VirtualBOX, open the settings of the virtual machine where the PBX is installed. Go to the Storage section. Select the virtual optical drive. Click the icon in the Attributes group, and click Choose Disk File. Select the downloaded PBX iso image. Start the machine.

The console will display the line "The system loaded in Recovery mode".

Select Install / Repair (or press the number 8 on the keyboard) and press Enter.

You need the command "Update to version ****.*.**". Press the number 2 on the keyboard, then press Enter. The update installation will begin. When it is complete, the PBX will reboot.

After the PBX reboots, the message "The system loaded in Recovery mode" will no longer appear, indicating that the PBX has booted from the hard disk and not from the virtual optical drive. The installed update version will be displayed in green at the top.

System diagnostic

Contains 3 tabs: Show log, System information, Capturing network packets.

Show log section

This section allows you to view log files for detailed analysis of PBX operations.

To start, select a file.
Set the lines for the number of lines to fetch.
Set the offset value to shift the selection.
Set the filter by entering a string to be included in the selection.

The following options are available:

Example: Call Analysis

Suppose you need to analyze an outgoing call to the number 74952293042.

Select the log file asterisk/verbose.
Set the phone number 74952293042 as the filter.
Set the limit to a sufficient value, such as 2000, to ensure all log entries are included.
In the last line of the log selection, find the identifier:

In this example, the ID = C-0000000f.
Repeat the log query but use the filter C-0000000f this time.
You will receive the entire log of the dialplan process.
The obtained data can be sent to technical support for further assistance.

System Information

The tab displays the following information:

Network settings
CPU load
RAM usage
iptables settings

Campuring network packets

This section allows you to perform a detailed analysis of errors in PBX operation.

Capturing Network Packets

You can start capturing network packets passing through the network interface.

To start the process, press the Start button.

Reproduce your issue: make a call or perform an action that causes the error or failure.
Press the Stop and Download button.

The network packets will automatically be saved in the archive MikoPBXLogs_log-tcpdump-XXXXXXXXXX. They should also automatically save in your browser's Downloads folder.

You can use the search function in WinSCP by entering "log-tcpdump*" in the file name field and specifying the search directory as "/storage"

Download All System Logs

You can download all system logs accumulated on the PBX. To do this, click the Download All System Logs button.

The system logs will automatically be saved in the archive MikoPBXLogs_log-sys-XXXXXXXXXX.zip. The logs should also automatically save in your browser's Downloads folder. You can also obtain this log archive from the /storage/usbdisk1/mikopbx/tmp directory by connecting to the PBX using WinSCP. The file will be log-sys-XXXXXXXXXX.zip.

Be careful! If there are many calls or heavy network "load" on the PBX, logs can take up a significant amount of disk space.