Oh Da!! that was truly a forest & trees thing. As soon as I saw it on the video … BTW very good job, well done!
Once I made the change, other VPN’d clients I am testing with could no longer connect. What I did to resolve this was to enable HTTP Provisioning on the internet. I am going to assume you would say the best practice is going to be not to do that and I should add the remote IP as trusted?
Since this system is sitting behind a FW, I am allowing specific IPs there since it is the edge of the network and would rather stop any untrusted IPs at the front gate.
What I am still struggling with is, I have multiple VPN’d devices coming in just fine and another remote that will not get a VPN IP and register. I duplicated the working TEMPLATE, modified the phone profile in the template and assigned it in EPM. The extensions have been assigned users and VPN enabled, but this one will not register.
I have confirmed the remote site is the same as the working devices with the exception it is an S500 and the working models are S300, S700, S705. I did just replace a local S500 with the S700 because it would not register using the same template I am using now for the S700.
Again thanks for providing the FIREWALL video link, would love to see a detailed VPN setup and trouble shooting version…