Forum Replies Created
-
AuthorPosts
-
in reply to: High CPU usage #6851
The error regarding Ast log file is a clue. Associated with that, I notice that in you secast.conf’s [asterisk] stanza you have set the securityevents key to an Asterisk log file.
This (securityevents) key is only for compatibility with really old (1.4 and older) versions of Asterisk. This setting also disables SecAst’s ability to get more advanced data from Asterisk. If you are running a more recent Asterisk version please set this key to blank (empty). We actually plan to remove this key in a future release of SecAst.
Once you have made that change let me know how SecAst is working. As well, I suggest you upgrade to SecAst 1.6.x as we have added additional features.
in reply to: High CPU usage #6849To start, lets make sure nothing significant is missing/misconfigured. To diagnose:
1. Stop the SecAst service
2. Delete the SecAst event log (file)
3. Start SecAst from the command line with the -f parameter (foreground)
4. Post the screen output and log file (first 200 lines)
5. Post the output of “ldd secast” (from the /usr/local/secast directory)100% CPU is very unusual for SecAst so I suspect something major is missing/misconfigured. If the above looks ok I suggest you post your secast config file (if you are concerned about posting email it to support@autocommander.aws2.ocg.ca)
in reply to: How to activate / request a license #6846If you are requesting a replacement license, we can use the license request already on file to create a new license file. (So you don’t have to send us any new file).
If you have upgraded your software version at the same time you should generate a new license request to ensure compatibility with the new version you installed.
Please note that we can only generate new licenses for systems covered by a maintenance agreement. If the agreement has expired you will have to stay with the old version or purchase new software to upgrade.
in reply to: How to activate / request a license #6845Licensing is a three step process:
The first step is to request a license file after installation, which you can do by telnetting to the telephony server on port 3001 (for HAast/HAfs) or 3000 (for SecAst) and generate a license request file. For example:
telnet localhost 3001
HAAst telnet interface on ‘Ford Motor Company Lansing Call Center PBX’
HAAst>license request
To create a license request, enter the information specified below. To abort
the request enter a . as the answer to any question.
Enter the name of your organization as it will appear in your license?
organization>My Company
Enter a description for the local node (eg: pair 1 server B, or Texas,
or Rack 1 upper)?
description>Los Angeles Colocation
Virtual machine detected. Automatically selecting Commercial Unlimited
edition (Flex Edition not available in virtual machines).
What type of license activation would you like to use: USB dongle Cloud, or
Volume license server [U, C, V]? (Hardware Fingerprint option not available
in virtual machines. See http://autocommander.aws2.ocg.ca/activation for more information)
activation>u
The license request has been successfully completed and placed in file:
‘/usr/local/haast/haast.licenserequest’
Send this file to support@autocommander.aws2.ocg.ca to receive your license file
HAAst>
This will create a file called haast.licenserequest in your /usr/local/haast directory (or hafs.licenserequest, or secast.licenserequest in the associated directory).
Second, you need to send that file to support@autocommander.aws2.ocg.ca and we will reply with a license file (and optionally send you a USB dongle if you chose that activation type).
Third and final step is to copy the license file we send you to your telephony server. If you chose USB Dongle activation then there is one extra step: plug in the dongle and issue the “license usbdongle” command and send the code on screen to support@autocommander.aws2.ocg.ca We will reply shortly thereafter with the pairing code for the dongle.
When you are all done restart the HAast (or HAfs or SECast) service and you will see in the event log, or from the web GUI, or from the telnet interface, that the system is running as the commercial edition (whichever edition you purchased)
in reply to: Run firewalld with HAAst #6843Assuming your nodes are 192.168.0.10 and 192.168.0.11, then issue the following commands on both nodes:
firewall-cmd –new-zone=haast –permanent
firewall-cmd –reload
firewall-cmd –zone=haast –permanent –add-source=192.168.0.10/32
firewall-cmd –zone=haast –permanent –add-source=192.168.0.11/32
firewall-cmd –zone=haast –permanent –add-port=3001/tcp
firewall-cmd –zone=haast –permanent –add-port=3002/tcp
firewall-cmd –zone=haast –permanent –add-port=873/tcp
firewall-cmd –zone=haast –permanent –add-port=3306/tcp
If you want to know exactly what the above does, here is a line-by-line description:
- Create a new firewall zone called “haast” and make it permanent (survive the next reboot)
- Add the local IP address as a trusted source in zone haast
- Add the remote IP address as a trusted source in zone haast
- Add the port 3001 (HAAst telnet interface) as accessible from the trusted sources
- Add the port 3002 (HAAst peerlinkinterface) as accessible from the trusted sources
- Add the port 873 (sync) as accessible from the trusted sources
- Add the port 3306 (sync) as accessible from the trusted sources
Other users reading this post must consider their network topology and adjust the above to fit their needs. For example, if you setting up a firewall BETWEEN nodes, or IN FRONT of nodes, or ON the nodes.
As well, if you use our subscription service you must ensure TCP port 443 (outbound) is open from each node.
in reply to: AstDB database is locked error #6844The error you are seeing in the Asterisk CLI is due to an app not properly handling concurrent use of the AstDB (SQLite 3 database). When synchronizing the AstDB HAAst will briefly lock the database (with a SQL lock), at which point apps should queue their commands until the lock is released.
Most properly designed apps respect concurrency by checking for the lock, then either blocking or retrying for a period of time, to acquire the lock. An overly simplistic application might not check for a lock, and simply report an error (“database is locked”) following an attempt to write. We have seen this error before with FreePBX and a couple of open source Asterisk add ons.
Although the proper solution involves asking the app developer to correct their code, we realize that some developers have no interest in doing so (or become hostile if you suggest anything is wrong with their code). So until the developer in question fixes their code, we do offer a workaround.
Create an Asterisk pre-start event handler (/usr/local/haast/events/asterisk.start.pre) in HAAst containing the following code:
#!/bin/bash
sqlite3 /var/lib/asterisk/astdb.sqlite3 “PRAGMA journal_mode=wal”;
This will enable the “WAL” feature of SQLite3 – which effectively prevents reader and writer processes from locking each other out of the database. You can also issue this command from any bash prompt and you should see the response “wal”. If you don’t see this respnose, repeat the command every 10 seconds until “wal” is returned. (The command can fail if the database is already locked).
in reply to: VirtualBox with USB Dongle #6842To attach the USB Dongle to the virtual machine running the Telium software:
- Optional: install the free VirtualBox Extension Pack to take advantage of USB 3.0
- Start your virtual machine
- Plug the USB Dongle into a USB port of your host computer
- In VirtualBox click on Devices -> USB, then click on ‘USB device to share’.
Once VirtualBox configures the USB connection, the USB Dongle will appear in your guest OS. Issue the commands ‘lsusb’ from a command prompt to confirm the USB dongle is visible. (Probably reports as ‘Philips Elite’)
If you would prefer to connect to the dongle on a separate/shared device you can read more here
-
This reply was modified 4 years, 9 months ago by
WebMaster.
in reply to: How do I get my license? #6840You can download the products directly from our website (without the need for a key/link). The “Free” edition you can download directly actually turns into the “Commercial” edition once you add a license file.
You can request your license files at any time, after you have installed the product. Once the product is installed and running, you must telnet to the built-in telnet server and there you must enter the command “license request”.
Answer the questions presented on screen, and then send the resulting license request file to support@autocommander.aws2.ocg.ca (you will see more instructions on the telnet screen). In response you will get a license file (and optionally a USB dongle depending on the activation options you chose onscreen) from the Telium support team.
For more information on activation options see
in reply to: How do I get my license? #6841You can download the products directly from our website (without the need for a key/link). The “Free” edition you can download directly actually turns into the “Commercial” edition once you add a license file.
You can request your license files at any time, after you have installed the product. Once the product is installed and running, you must telnet to the built-in telnet server and there you must enter the command “license request”.
Answer the questions presented on screen, and then send the resulting license request file to support@autocommander.aws2.ocg.ca (you will see more instructions on the telnet screen). In response you will get a license file (and optionally a USB dongle depending on the activation options you chose onscreen) from the Telium support team.
For more information on activation options see
Yes you can! Like your other syncjobs, setup a new syncjob which requires the remotestate be ‘asterisk running’, localstate as ‘asterisk stopped’. Then set the syncjob to sync a single file:
/tmp/secast.state
Your tertiary PBX will always pull the latest security data from the active PBX. And if the tertiary promotes, there is no risk overwriting the local security data because of the localstate requirement.
in reply to: Sync not working after upgrade #6811HAAst version 2.5.0 contains a number of significant changes, including changes to config files. For example:
- Sync job config files have been renamed XXX.syncjob.conf
- Event handlers have been renamed SYNCJOBID.EVENT.TIMING (eg: asterisk.start.post, or mysyncjob.stop.post)
- Main config file keys have been renamed (eg: friendlyhostname)
You need to rename your event handlers accordingly, and check the sample haast.conf file to ensure you are using new key names.
PBXSync is designed to handle a mix of internal and external hosts. When you setup your pbxsync.conf file, you will notice that the rsync and MySQL IP address entries allow for up to 3 IP addresses. These three addresses represent:
- Public IP – this is the IP address that PBXSync will publish to other PBXSync hosts not on your local subnet.
- Private IP – this is the IP address that PBXSync will publish to other PBXSync hosts on your local subnet.
- Local IP – this is the IP address that PBXSync uses when connecting to itself.
So for the Public IP use the IP address of your firewall, and for your Private IP use the internal (non-routable) IP address of an internal host. The local IP should probably be set to ‘localhostipv4’. Also be sure to set the localsubnets setting to match your internal network(s).
Next, on your firewall setup porting mapping from the public IP address to the internal private IP addresses & port. After that the external host will be able to reach the internal host as well.
in reply to: Selecting a configuration generator #14148HAAst sits between the OS and Asterisk, while the configuration generator (the pretty GUI that creates config files) sits above Asterisk. For that reason HAAst is compatible with a wide range of configuration generators.
One noteworthy difference between configuration generators is the database they use to hold their configuration data. While HAAst can sync many different database management systems, from our experience MySQL is most popular in critical/commercial implementations of Asterisk.
The demand for supporting other database is so low that we have already begun deprecating support for other databases. If you are purchasing a large number of licenses (e.g. under the OEM or ITSP program) we are happy to re-institute support for a particular database – but please contact our sales or support group to discuss your needs.
If you aren’t sure which configuration generator is right for you, have a look at some feedback from customers: Configuration Generator Comparison
in reply to: HAAst can’t login to Asterisk #6827In some (particularly recent) Asterisk versions quotes are considered just another character in the value of a setting. So
Quote:
secret=ABCand
Quote:
secret=”ABC”are different. Please remove quotes the credential setting values in your Asterisk /etc/asterisk/manager.conf file and restart the HAAst services.
in reply to: Errors / warnings after sync #6826A summary of common exit codes and their causes:
- 255 – Likely a connection problem to the remote host. You should be able to resolve this by checking the IP address / fqdn of the remote host.
- 107 – Protocol error or unexpected response. You may have to work with Telium support to trace the cause (if this is intermittent then diagnosing can require many steps)
- 23 – Error during transfer. You should be able to resolve this by checking the file/directory being synced really exists on the source.
- 10 – RSync server unreachable. You should check the ensure the RSync service is running on the remote host, and that the remote host is reachable.
- 5 – RSync file permissions error. You should check to ensure rsync config files holding passwords are mode 600.
The HAAst installation guide provides guidance on how to enable debugging to capture more information. The specific settings, and location of log files, varies by HAAst version. If you need further help capturing and understanding debug information please contact Telium support (you will need an active maintenance agreement for the support team to assist you)
-
AuthorPosts
