I’ve got no issue with users connecting to my on site FreePBX server using our public ip, but i don’t know how to get a certificate for the internal ip.
I’ve been told it’s not a good idea to have Softphones originating from inside the lan to connect to freepbx using the public wan address. Would be kind of an unnecessary loop
Correct, create a DNS entry (in your internal DNS server) to the domain you used for the certificate to the internal ip so your clients will access zulu.yourdomain.com (or the domain you used for create the certificate) but that will point to XX.XX.XX.XX (your local ip)
are you using mydomain.com that will resolve 222.222.222.22 in your lan or you are you using directly the ip? you need to use mydomain.com as it will match with the cert.