1 of 13

Phreephoning: a free, private and encrypted retro phone network

by N.Sputnik

2 of 13

WHY?

    • Turn phone system into your playground
    • Landlines are making a comeback
    • Have encrypted phone conversations with friends and relatives for free
    • Let young people experience landlines (they may have only see them in old movies and TV shows)
    • Nostalgia for us old people
    • Fun to shop for and buy unique and novelty phones for their aesthetic value instead of their utility
    • Learning experience with IP addresses, routing, SSH, Raspberry Pi, Asterisk
    • Make phone-based audio puzzle games with recordings and extensions

2

3 of 13

Buy cool phones

3

4 of 13

https://www.youtube.com/watch?v=fdM1V98iIQI

Network Chuck

4

5 of 13

HOW IT WORKS

    • One Raspberry Pi with the RasPBX image to burn to a microSD, preconfigured with Asterisk 16, Fee PBX 15 (web interface), PHP, MySQ http://www.raspbx.org/downloads/
    • Runs on a single Pi 2, 3, 4, or 5 (not Zero or 1)
    • One GL iNet Brume 2 (subnet router) with Tailscale (included install) on the same LAN as the Pi, Linksys ATA
    • One GL iNet and Linksys ATA at each LAN that is participating (connected to your friends or families home router)
    • You can also use software phone on a computer with Tailscale

5

6 of 13

WHAT IS TAILSCALE?

    • Tailscale is a free service that tracks the IPs of the devices in your local network with the Tailscale software and gives them an additional “tailnet” network IP with 100 as the 1st octet, MagicDNS.
    • It is a real VPN. Commercial VPNs for evading geo restrictions are just someone else’s exit node.
    • It’s a hosted version of a open source software called Headscale, which you can run on your own server but that is extra work. It needs to be on the open internet so you would need to worry about security.
    • WireGuard for encryption (on your hardware) and Poly1305 for authentication (between your devices)
    • You don’t need additional Tailscale user accounts in this setup. Each Tailscale user is an admin. Up to 3 users is free. Single admin user, 100 devices is free. More than 3 or more than 100 devices: paid service.
    • You must install the Tailscal desktop client to reach the remote Brume 2 units to admin them.

6

7 of 13

HARDWARE

7

  • GL iNet Brume 2 (subnet router) x number of lines you want
  • Analog Telephone Adapter (ATA) such as Cisco SPA, Linksys PAP2T, Grandstream HT802 x number of lines you want (many have 2)
  • Raspberry Pi (1)
  • Old analog phones x number of lines you want

8 of 13

HOW IT WORKS

8

Internet

ISP

Router

Subnet router with Tailscale

ATA

Phone

ISP

Router

Subnet router with Tailscale

ATA

Phone

ISP

Router

Subnet router with Tailscale

ATA

Phone

ISP

Router

Subnet router with Tailscale

ATA

Phone

FreePBX Pi

Admin

Clients (friends and family)

9 of 13

ADMIN DUTIES

    • Buy all hardware: an ATA (analog telephone adaptor) like Linksys PAP2 for $20 (make sure they are unlocked) and Brume 2s for $55, find or buy analog phones
    • Turn on Tailscale in all the Brume 2s (easier to do on your own separate local network) and link them with your tailnet
    • Set up extensions in FreePBX, SSH into to set up routes
    • Set up each ATA (add server address, extension passwords)
    • SSH into each Brume (192.168.8.1) and set up Tailscale IP routes
    • Distribute all hardware to your friends and family anywhere in the world

9

10 of 13

BENEFITS

    • Data is encrypted: Tailscale uses WireGuard for encryption and Poly1305 for authentication
    • Learn Asterisk
    • Small extension numbers for each line: 2, 3, or 4 digits to call family while reliving the past
    • Friends and family are now on your local network so you can do other cool things like set up a shared NAS with Jellyfin, private websites, private AI chat bots

10

11 of 13

HOW DID I FIGURE IT OUT?

  • I asked ChatGPT: Can I make The Batphone with a Raspberry Pi?
  • ChatGPT recommended Tailscale
  • Network Chuck video showing single house, multi phone setup
  • Vibecoding + Coffee

11

12 of 13

GOTCHAS

  • Maybe some people you propose this to will not want it
  • If you find you need to admin a remote general router (I have not) you will need to give it a different IP, which could disrupt your friends’/familys’ network and might confuse them when they later go to log in and the default router IP (192.168.1.1) does not work.
  • You should put a sticker on the phone that says something like “This is a private network phone not connected to the phone network. In case of emergency dial 911 on a cell phone.”
  • Give the Pi and the Brume 2s static IPs in your router admin. If they ever get different ones, if the power goes out or something, then everything will stop working
  • You will, from that point on, DEFINITELY be the family IT person
  • Complex UCI routing commands needed for OpeWRT (ask AI about it) https://openwrt.org/docs/guide-user/base-system/uci

12

13 of 13

THANK YOU

13