Using REST APPS over WAN

sholight · May 5, 2014, 5:25pm

So I have been able to make the REST APPS successfully work on our LAN with no issue however they are not working for remote users over the WAN. We have double and triple checked to make sure that ports 88 and 96 have forwarding on the firewall but we simply don’t seem to be able to get the REST APPS to work. Does anyone have any other thoughts?

We are running the following:
Aastra 6739i (3.2.2.2063)
PBX-In-A-Flash Yellow
FreePBX 2.11.0.37
Asterisk 11.6
CentOS 6.5
Peplink B20 Router on a static IP

SkykingOH · May 6, 2014, 8:41am

I really would not expose the REST apps to the public Internet.

I am sure others would disagree.

sholight · May 6, 2014, 12:45pm

That’s unfortunate as half our users telecommute.

reconwireless · May 6, 2014, 1:57pm

The connectivity via the apps is through the FreePBX REST API, since you are running PBX in a Flash there may be some HT ACCESS rule that are interfering with your connectivity, you may also want to make sure you don’t have iptables rules that are blocking access to those ports.

SkykingOH · May 6, 2014, 1:59pm

That’s unfortunate as half our users telecommute.

They don’t have VPN’s back to the office?

tonyclewis · May 7, 2014, 3:26pm

In your EPM template for remote users is the destination address a external IP that is routable from the remote location.

sholight · May 8, 2014, 7:39pm

The EPM templates are configured with our static external IP. We also have a FQDN; both have been tested neither work.

I will double check iptables but I figured if that were the issue it wouldn’t work on the LAN either.

As for using VPNs it a bit complicated. Our users change locations on as much as daily basis as we setup remote offices at music venues. Sadly not all venues are able to provide us with a direct WAN connection which, given the complexity of the LAN we are connect on, can cause issues for PPTP. Some of our bigger remote setups have Peplink routers that connect via PepVPN which is a really nice “unbreakable” VPN solution. Unfortunately, carrying yet another piece of hardware (vpn) is a lot to ask a single user traveling by plane to do. Eventually when we do end-point upgrades we will likely purchase devices with integrated VPN solutions. Until then I have to find a reasonable work-around.

Open to suggestions…

SkykingOH · May 8, 2014, 8:15pm

The Yealink’s have an OpenVPN client. It also passes through the PC port so you can have office LAN access.

If you are adventurous you can install OpenVPN server on your FreePBX server. If not you could use PFSense.

rchalk · August 1, 2014, 5:11pm

I don’t see a solution to the original question here. I have a plan to use the apps with a system where the PBX is hosted by RentPBX, all offices are therefore “remote” users, and I am using Travelin Man 3 with DynDNS to control access. I would like to know whether the apps are compatible with this kind of setup, and what settings would be required to the firewall to make these work. Thanks.

tonyclewis · August 1, 2014, 7:59pm

We use Rest Apps over WAN all day. It uses its own port that you define in sysadmin module under port management but please note Rest Apps have are not support on PIAF so I suggest getting FreePBX Distro from RentPBX