I think something vital is missing here. Let’s take this example:
Phone - 192.168.1.20 (Gateway 192.168.1.1)
PBX - 192.168.1.10 (Gateway 192.168.1.1)
When the phone sends a request to 192.168.1.10 it does not send it to the gateway, it sends it to the .10 address and L2 routing is used. The only time that phone is going to send traffic out the Gateway is when there is nothing that the L2 can answer for. So if the phone has its DNS set to 188.8.131.52 then DNS queries will be routed out the gateway to the Internet or where ever the gateway sends that request.
You actually don’t need to set the gateway in your network settings when you’re doing L2 traffic. You could set up two devices with static IPs on the same subnet and plug them into a dummy switch (not connected to anything else) and you can communicate between the two devices over that subnet. No gateway required or used.
But since phones and the PBX are going to need to use DNS they will need to point to an internal DNS system (L2 traffic as the DNS system is doing L3) or a public DNS which will route out the gateway.
I think the first hurdle here is to fill in the lack of networking knowledge and then look at this because it will change how you even think about or look at this type of solution.