One final Question Call Transfer w/ Grandstream and Ast1.6

On my internal office phone system from October until Mid December my Grandstream GXP2000 phones were able to do unattended Call Transfers from SIP Extension to SIP Extension. There was/is no coding in the extensions.conf to handle call transfers.

Sometime in December this broke for me, and I have been struggling to figure this out. I am pretty certain it was something I did that caused this, but since it was a couple of weeks from change to notification I have no idea what I did.

Mid December my VoIP account got hacked, and my Truck (flowroute) consumed $150 of calls to some foriegn country. The hack was done via SIP Registration, so nothing on my side could have prevented or interupted it. BUT Flowroute insists that it was my fault that it happened, and in their defense I did find holes in my system.

Anyway We locked down my system at that time, and these were the holes/fixes I had:

  1. Anyone getting to our IVR could then turn around and make outgoing calls because the I had the incoming and outgoing scripts in the same context. I created an outgoing context and set the SIP/Extensions to default to that context. To allow extension to extension calls I imported the incoming context into this one.

  2. Outgoing was using SIP Registration, I turned off SIP Registration, and locked my Flowroute accounts to my IP Address.

  3. Put allow/deny IP addresses into each extension to lock registration of extensions to local private IP addresses

Somewhere in these three I broke both call transfer and Call Pickup.

Call Pickup broke because the context changed, I was able to fix this using a Set Variable, but the call transfer still remains broken and I cannot figure out whats wrong.

It is usually your fault if someone hijacks a station on your system. Also can we see your extensions.conf and sip.conf minus the passwords?

The hacking that took place in December wasn’t my server at all. They figured out my SIP Registration password and username with FlowRoute and they were connecting directly to FlowRoute’s systems. Nothing about the call originated from my system at all.

The steps I took were suggested from Flowroute and were legitimate holes in my system, but none of them lead to the whoever got my information and used it.

I’ll be back in a little bit, I have to get the extensions and sip files moved around to a workstation I can send them from…

OK, here are sanitized versions of my sip.conf and extensions.conf

;Relevant portions of my SIP.Conf


;Relevant portions of Extensions.conf


;DID Lines
exten => 19999994005,1,Goto(inbound,9004,1)
exten => 19999994126,1,Goto(inbound,8004,1)

exten => 19999992677,1,Answer()
exten => 19999992677,n,Wait(1)
exten => 19999992677,n,Background(/var/asterisk/Prompts/JSI_Welcome01)
exten => 19999992677,n,Background(/var/asterisk/Prompts/JSI_Welcome02)
exten => 19999992677,n,Background(/var/asterisk/Prompts/JSI_Extension9004)
exten => 19999992677,n,Background(/var/asterisk/Prompts/JSI_Extension8004)
exten => 19999992677,n,wait(5)
exten => 19999992677,n,goto(19999992677,1)

; ---------------------------------------
; – Extension (Dial Desktop)
; ---------------------------------------
exten => 8004,1,Answer()
exten => 8004,n,Set(cCallerID=CompanyName, Inc. <9999992677>)
exten => 8004,n,Wait(1)
exten => 8004,n,Playback(/var/asterisk/Prompts/JSI_Recorded)
exten => 8004,n,Set(CDRGUID=UnAssigned)
exten => 8004,n,AGI(PBXInitiateCall.php,${CALLERID(num)},${EXTEN:0},8,${CALLERID(name)})
exten => 8004,n,AGI(PBXStartBilling.php,${CDRGUID})
exten => 8004,n,Mixmonitor(/var/asterisk/${CDRGUID}.wav)
exten => 8004,n,Set(CALLERID(all)=${cCallerID})
exten => 8004,n,Set(__PICKUPMARK=8003)
exten => 8004,n,Dial(SIP/8003,30)
exten => 8004,n,VoiceMail(8003@office)
exten => 8004,n,Hangup()

; ---------------------------------------
; – Extension (Dial Cell and Desktop)
; ---------------------------------------
exten => 9004,1,Answer()
exten => 9004,n,Set(cCallerID=CompanyName, Inc. <9999992677>)
exten => 9004,n,wait(1)
exten => 9004,n,Playback(/var/asterisk/Prompts/JSI_Recorded)
exten => 9004,n,Set(CDRGUID=UnAssigned)
exten => 9004,n,AGI(PBXInitiateCall.php,${CALLERID(num)},${EXTEN:0},8,${CALLERID(name)})
exten => 9004,n,AGI(PBXStartBilling.php,${CDRGUID})
exten => 9004,n,Set(CALLERID(all)=${cCallerID})
exten => 9004,n,Mixmonitor(/var/asterisk/${CDRGUID}.wav)
exten => 9004,n,Set(__PICKUPMARK=9004)
exten => 9004,n,Dial(SIP/9004,40)
exten => 9004,n,VoiceMail(9004@office)
exten => 9004,n,Hangup()

; ---------------------------------------
; – When a call is hungup
; ---------------------------------------
exten => h,1,NoOp(Call was Hungup)
exten => h,n,NoOp(${HANGUPCAUSE})
exten => h,n,AGI(PBXEndBilling.php,${CDRGUID})

include => inbound
include => voicemail

exten => _1.,1,Set(CDRGUID=UnAssigned)
exten => _1.,n,AGI(PBXInitiateCall.php,${CALLERID(num)},${EXTEN:0},8,${CALLERID(name)})
exten => _1.,n,AGI(PBXStartBilling.php,${CDRGUID})
exten => _1.,n,Set(CALLERID(all)=“CompanyName, Inc.” <9999992677>)
exten => _1.,n,Mixmonitor(/var/asterisk/${CDRGUID}.wav)
exten => _1.,n,Dial(SIP/88888888*${EXTEN:0}@flowroute)

; --------------------------------------
; – To support Line Pickup
; --------------------------------------
exten => _**9XXX,1,Pickup(${EXTEN:2}@PICKUPMARK)
exten => _**9XX,n,Hangup()

exten => _**8XXX,1,Pickup(${EXTEN:2})
exten => _**8XXX,n,Hangup()

exten => s,1,Wait(0.2)
exten => s,n,set(CDRGUID=${ARG2})
exten => s,n,NoOp(GUID coming next)
exten => s,n,NoOp(${CDRGUID})
exten => s,n,Playback(/var/lib/asterisk/JPSSounds/screen-from)
exten => s,n,Playback(${ARG1})
exten => s,n,Read(ACCEPT,/var/lib/asterisk/JPSSounds/screen-accept,1)
exten => s,n,GotoIf($[${ACCEPT} = 1 ] ?yes:no)
;exten => s,n(yes),Set(MACRO_RESULT=CONTINUE)
exten => s,n(yes),AGI(JPSStartBilling.php,${CDRGUID})
exten => s,n(no),System(/bin/rm ${ARG1})

exten => 9004,hint,SIP/9004
exten => 8004,hint,SIP/8004