Default Configuration Overview

From FreeSWITCH Wiki
Revision as of 20:20, 21 February 2011 by Sjmudd (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

This page is intended to provide a brief functional description of the default configuration provided by FreeSWITCH. The technical side of things is described in Getting_Started_Guide but this page is intended to explain some of the basic settings that are used as some of these may or may not fit with your intended setup.

Before you start

The default configuration is intended to show you many of the things you can do with FreeSWITCH and as such is very useful. As this configuration is quite complex it's quite handy to understand some of the things that are setup in this default configuration as otherwise this can possibly overwhelm newcomers with so much data.

The default configuration comprises of:

  • There are no gateways configured, except for a connection to the FreeSWTICH conference channel, so initially this configuration is safe.
  • user agents (sip listeners), 1 listening on port 5060 intended to be used by internal users and an external public interface listening on port 5080 designed to accept incoming connections from outside.
  • There are 20 default users configured with extensions 1000..1019.
    • These are configured to be able to call to each other and use other internal services which are described elsewhere.
    • These extensions are also reachable from external callers, so are not just internal extensions. (you may want to change this for your setup).
    • Registration will work if you configure a phone to register as <user>@<freeswitch.ip.address> unless you change this. If your system is reachablable from outside it may be interesting to change this setting to only allow calls using a realm/domain that you define.
    • Registration of the extensions is possible from _any_ ip address. You may expect or want registration to be from a smaller network range like your local network. If so you may need to change this default setting.
    • CHANGE THE DEFAULT PASSWORD TO SOMETHING DIFFERENT AND SECURE. With the above configuration an attacker may be able to guess your password and get in. You will probably be safe if you have no gateways configured but it's likely that this is one of the first things you are likely to setup. So change the default password. Do NOT use something simple and if possible mix letters of both lower and upper case, numbers perhaps punctuation and keep the password to a length of at least 6 characters. If you get this wrong and have a gateway configured you may be in for an expensive phone bill.