This section configures the main system parameters. It is recommended to set these parameters immediately after installing the PBX.

Main Settings

• The name of the PBX - will be displayed on the MikoPBX home page.

• Additional Description - visible only to system administrators.

• PBX sound messages language - specify the language for voice notifications.

• Maximum lenght of extension - maximum length of the internal number (for employees).

• Maximum Timeout Between Digits When Entering Extension.

• Allow incoming calls from any servers

• The PBX is restarted every night - restart Asterisk every night.

• Send developers information about crashes - when an error occurs, its description will be sent to the developers (requires internet access).

Call Recording

• Call Recording - enables/disables call recording.

• Recording internal conversations - enables/disables internal call recording.

• Save recordings in stereo changes the recording mode from mono to stereo. The recording stream will be split into incoming and outgoing channels and merged into a stereo file.

There is a slider that allows you to choose how long call recordings will be stored.

You can also select an audio file for call recording notifications.

Phone calls are saved in mp3 format. Here is an example of the final call recording file information:

Input File     : 'mikopbx-1554098285.0_M1gEr1pgrt.mp3'
Channels       : 1
Sample Rate    : 8000
Precision      : 16-bit
Duration       : 00:00:17.64 = 141120 samples ~ 1323 CDDA sectors
File Size      : 70.6k
Bit Rate       : 32.0k
Sample Encoding: MPEG audio (layer I, II or III)

Call Transfers

Call Park Number

Call parking is a variant of "holding" a customer on the line. It is useful when you need to temporarily disconnect to clarify information. During parking, the customer will hear music.

MikoPBX supports two methods of parking customer calls:

1. To park a customer call, enter *2. The customer's call will be put on hold by MikoPBX, and you will be informed of the parked call slot number. Any employee can pick up the call by dialing the parked call slot number from their phone.

2. In the Call Transfers section, assign a Car Park Number. When the customer's call is transferred to the parking number, MikoPBX will park the call, and you will be informed of the parked call slot number. Any employee can pick up the call by dialing the parked call slot number.

You can set the range of parked call slot numbers in the Call Transfers section: Start Parking Slot and End Parking Slot.

Call Transfers

MikoPBX offers two types of transfers: Attended and Unattended (blind).

• With an attended transfer, you can speak to the person before transferring the call. The caller will be on hold during this time. Once the person handling the transfer hangs up, the transfer is completed successfully.

• An unattended transfer occurs when you transfer the call without first speaking to your colleague. For example, when you receive a second incoming call while already on the phone, you can transfer the new call to a colleague without interrupting your current call.

Timeouts

The return time for a call if there is no answer after an unattended (blind) transfer is 45 seconds.

Call Pickup

If your colleague's phone is ringing, you can intercept the call by dialing *8. If you don't know your colleague's number, simply dial *8.

SIP

Session Initiation Protocol (SIP) is the signaling protocol used by most VoIP phones. You can change the SIP port (default is port 5060) to enhance security. Additionally, some SIP providers require additional parameters, such as Registration Periods (the time before the registration expires). Some firewalls close ports after a period of inactivity, which may require shortening the SIP provider's registration timeout. Another reason might be the need for different registration timeouts for certain SIP providers. The default values are:

• SIPMiniExpiry - minimum registration duration in seconds, default is 60 seconds.

• SIPMaxExpiry - maximum registration duration in seconds, default is 3600 seconds.

In real-time, the Transport Protocol (RTP) defines the standard format for transmitting audio and video over IP networks. By default, RTP uses port ranges between 10000 and 10200. Some routers and firewalls may require the port range to be adjusted. Another reason to adjust the port range is the number of simultaneous calls. Each call uses two RTP ports. This means if there are 200 ports, only 100 simultaneous calls are possible. If your phone system needs to handle more calls at once, you should expand the port range.

• STUN Server Address - helps with PBX operation behind NAT, especially when using WebRTC.

• Use WebRTC - additional settings will be configured for WebRTC connections. For example, for extension 201, an additional endpoint will be created, accessible via WebRTC using the URL sip:201-WS@IP_PBX

Audio/Video Codecs

Configuration of allowed codecs for the PBX.

AMI & AJAM

Asterisk Manager Interface (AMI) is a powerful and convenient API for Asterisk, allowing external programs to control the system. AMI allows external programs to connect to Asterisk via the TCP protocol, execute commands, read results, and receive notifications of real-time events. AMI is often used for integration with business processes and CRM (Customer Relationship Management) systems. AMI listens for connections on a network port (default TCP port 5038). Once a client program connects and authenticates, Asterisk responds to requests and sends notifications about changes in subsystem states.

Asynchronous Javascript Asterisk Manager (AJAM) is a new technology that allows web browsers or other HTTP-capable applications to directly interact with the Asterisk Manager (AMI) interface via HTTP/HTTPS. By default, port 8088 is used.

SSH

SSH or Secure Shell is an encrypted protocol commonly used for interacting with and remotely managing servers. The SSH server can authenticate users using various algorithms. The most popular method is password authentication. It's simple but not very secure. Passwords are transmitted over a secure channel, but they may not be strong enough to resist brute-force attempts. The computing power of modern systems, combined with special scripts, makes brute-forcing very easy.

A more secure and reliable authentication method is SSH keys. Each key pair consists of a public and private key. The private key is stored on the client side and should not be accessible to anyone else. If the private key is leaked, the attacker will be able to log in to the server unless additional password authentication is set up.

The public key is used to encrypt messages, which can only be decrypted with the private key. This property is used for authentication with key pairs. The public key is uploaded to the remote server where access is needed. It should be added to the special file ~/.ssh/authorized_keys.

When the client tries to authenticate with this key, the server sends a message encrypted with the public key. If the client can decrypt it and return the correct response, authentication is successful.

You can save the public SSH key on the PBX in the SSH Authorized Keys field. If you have multiple public keys, you can paste them one after the other, separated by a blank line.

Web Interface

In this subsection, you can increase security by changing the HTTP port (default is port 80) or activating HTTPS mode.

HTTPS (HyperText Transfer Protocol Secure) is an extension of HTTP that supports encryption for enhanced security. HTTPS data is transmitted over cryptographic protocols such as SSL or TLS. Unlike HTTP, which uses TCP port 80, HTTPS uses TCP port 443 by default.

• Redirect to HTTPS - when attempting to open the web interface via HTTP, the user will be redirected to HTTPS.

When the system starts, the PBX generates its own certificate for HTTPS operation - this is a "self-signed" certificate, not verified by a public "registrar," but it still allows HTTPS operation and encrypts traffic between the PBX and the browser. You can use Let's encrypt module.

Web Interface Password

In this subsection, you need to change the WEB interface Login and Password.

Delete all system settings

Asterisk Manager Interface (AMI) is a powerful and convenient Asterisk programming interface (API) for managing the system from external programs. Thanks to the AMI, external programs can connect to Asterisk via the TCP protocol, initiate the execution of commands, read the result of their execution, as well as receive notifications about events in real time.

AMI is often used for integration with business processes and systems, CRM software (Customer Relationship Management - customer interaction management). Asterisk is often managed from the CLI console, but using AMI does not require direct access to the server running Asterisk. AMI is the simplest tool, which in the hands of a developer can be a very powerful and flexible tool for integration with other software products. It enables developers to use the information generated by Asterisk in real time.

The first thing to do is to enable the AMI and create a user with which the client program will authenticate. "System" - "Asterisk Manager Interface"

To add a new account, you must specify a Username and Password. In addition, it is necessary to set a Network filter, i.e. from which subnet the connection to the AMI user is allowed. You can allow connections from any addresses, or specify a specific network that you have configured in the Network and Firewall → Network Firewall.

AMI User Options and Rights

AMI user rights set in the [user] section of the configuration file /etc/asterisk/manager.conf

The system file customization section can be found under System -> System file customization:

This section allows for customization of system and Asterisk configuration files. We recommend using this section only for experienced Asterisk administrators. MikoPBX provides the ability to modify the following configuration files via the web interface:

You will be presented with the configuration file editing form:

Choose one of four editing options:

• "Not change" - prevents modifications, read-only mode.

• "Add to end of file" - appends content to the end of the selected configuration file (recommended).

• "To replace all" - your changes will completely overwrite the configuration file.

• "Script" mode in MikoPBX system file customization allows administrators to add custom scripts or commands directly into the configuration files. This mode is ideal for advanced users who need to execute specific actions, automate tasks, or modify system behavior dynamically, enhancing the flexibility of the PBX configuration. It should be used with caution to avoid system disruptions.

Customizing System Files with Scripts

In some cases, more complex modifications to system files are required than simply adding text to the end of a configuration file. For instance, you may need to redistribute PJSIP account parameters while retaining the ability to configure the system through the web interface.

We've introduced a new approach to customization, where you can describe a Bash script that will execute each time the system generates a configuration file. This way, integrators can make precise changes to configuration files without developing additional modules.

For example, you can modify the pjsip.conf file and change the max_contacts parameter for all internal numbers, except one.

sip.conf

You can add parameters to an existing section using the (+) syntax:

extensions.conf

It is possible to intercept the execution of the dialplan by defining custom contexts. Currently, you can intercept executions in the following contexts:

• internal-originate-custom - used for calls originating from the telephony panel for 1C.

• <PROVIDER-ID>-incoming-custom - used for handling incoming calls from the provider.

• <PROVIDER-ID>-outgoing-custom - used for handling outgoing calls via the provider.

• all_peers-custom - used for direct outgoing calls from a phone.

• outgoing-custom - used when dialing an external number, before selecting an outbound route.

• add-trim-prefix-clid-custom - used for handling incoming calls, best suited for normalizing incoming phone numbers by adding/removing a prefix.

• internal-users-custom - used for handling calls to internal extensions.

• public-direct-dial-custom - used for handling incoming calls without authentication.

Example context:

Make sure to call the method "return" at the end.

You need to set the time zone correctly to ensure accurate system time display. If the time zone is not set, notifications and call history will be recorded with incorrect timestamps.

To configure the time zone, go to the "System" section and select "Time Settings":

To manually set the time, toggle the switch "Adjust the time manually."

To receive notifications about missed calls by email, you need to configure the SMTP client. Detailed information about notifications in MikoPBX is reviewed . As part of this instruction, an example of setting up missed call notifications for the Gmail mail service will be considered.

1. Enter the IP address of the MikoPBX PBX in the browser and go to System → Mail Settings

SMTP Client Settings for Gmail service:

• SMPT host - smtp.gmail.com

• SMPT port - 465 (Customer Service port)

• SMPT login and Sender address- the E-mail from which messages about missed calls will be sent

• SMPT Password - the email password required for authorization

• Encryption Method - Use TLS

2. Go back to System → Mail Settings. We will send a test letter to the e-mail of any service. In case of successful testing, a test email will be sent to the email address you specified.

Connecting to the SMTP server

To receive notifications about missed calls and voicemail messages by email, you need to configure the SMTP client. SMTP (Simple Mail Transfer Protocol) is used to send e-mail over the Internet. SMTP clients interact with an SMTP server that sends email.

• SMTP host - address of the mail server

• SMTP port - the port of the mail server

• SMTP login, SMTP password - authorization parameters

• Sender's address - Emails will be sent on behalf of this address Email of the system administrator - all system notifications will be sent to this email address, for example, about the lack of disk space. When changing and saving the settings, a test email will be sent to this address

• Use TLS - activates the use of encryption when connecting to the server, to connect via SSL, you need to add a protocol description to the server address

• Validate server certificate - in some cases it is necessary to disable it when using self-signed certificates

• Use mail motifications - allows you to enable/disable all email alerts, including voice mail

Missed Notifications

• Email for missed notifications - by default, missed notifications are sent to the email specified in the employee card. If the call cannot be matched with an employee or email is not specified, the call will be sent to this "shared" address

• The subject, text, and footer of the letter may contain parameters in the form of PARAMETER_NAME

List of available "parameters":

• NOTIFICATION_MISSEDCAUSE - currently always takes the value "NOANSWER", i.e. a missed call

• NOTIFICATION_CALLERID - who was the call from

• NOTIFICATION_TO - who was the call to

• NOTIFICATION_DURATION - duration in seconds

• NOTIFICATION_DATE - date of the call

Voice mail

It is possible to set up an address and a template for a voicemail notification:

• Voice mail will be sent to each employee who missed the call (if the email is specified in his card).

• Voicemail will always be sent to the "Email address to receive all voice mail records"

The following "parameters" can be used in the subject, body and footer of the email:

• VM_DATE - date and time

• VM_CALLERID - caller's callerid, consists of name and num, example "Alex Magnet" <101>

• VM_DUR - message duration

• VM_CALLER_NAME - caller's name (taken from VM_CALLERID)

• VM_CALLER_NUM - caller's phone number (taken from VM_CALLERID)

To specify a parameter, you need to use a construction of the form PARAMETER_NAME.

Click Save to complete the setup.