Accessing UCP outside LAN

I would love for my co-workers to be able to access their voicemail from home, etc. Can this be done? If so, how?

I can point a subdomain (say vm.mydomain.url) to my public and static IP and forward port 81 on that IP, but how would I get that IP to resolve traffic to that url to Free.PBX.IP/UCP/ ?

It can be done safely if they subscribe to a static IP with their ISP. Or they can run a DDNS client on their remote work computer. This will allow you to open up specific ports to specific IPs. In pfSense for example, you can add a FQDN and it will check every 5 min or so what IP it resolves to and update the firewall rules accordingly automatically.

When you say “they” who are you referring to? The user off the network or the network the PBX sits within?

If your remote users (off network, i.e. public internet) subscribe to a static IP or run a DDNS client.

If your remote users have VPN access to the corporate network you could use that.

Otherwise you can open access to UCP only by going to port management under system admin module and setting up a SSL port just for UCP and open the port on your firewall.


I think you are onto the solution I am looking for, but I wonder if SSL and an https port is really required for UCP. Why would it be?

Regardless, I went to add an SSL certificate in the Certificate Module and found “Generate Let’s Encrypt Certificate”. It asks me to specify Host Name which I am assuming would be vm.mydomain.url. Would this be correct? Is this all I would need to do other than open up the port on the firewall and point that domain to my public IP? I’m assuming I would then need to create a host header so that traffic coming into my other 443 sites on my windows server aren’t diverted.

I feel like this is a feature that would be widely sought after (UCP access outside LAN) and I’m surprised there aren’t existing guides or (commercial) modules to simplify this.

Your users’ login credentials will be sent in the clear if you do not use HTTPS.

What more so we need to simplify. We don’t control your corp firewall or your DNS. None of that has anything to do with your PBX. As stated setup UCP on dedicated port and open that port not 443 to your PBX IP on your firewall. That’s all that’s to it.

If you want a FQDN then setup a A record on your domains DNS server and bam go to my domain:port and you are all set.