Good morning all,
I am posting these questions in hopes someone will be kind enough to take a little time and answer them with best practices. I have used Asterisk for many years, but I am new to the whole FreePBX/PBXact ecosystem, and there is a lot to digest.
** Zulu issue **
When sign in with Zulu, I can only get the option to dial with deskphone. I can’t select anything else. Some forum posts have suggested reinstalling zulu, others have cited the freepbx guide for setting up Zulu, which I have gone through.
Q: Why doesn’t the softphone option show up?
** UCP Error **
I had a UCP error – I kept getting an error talking about requesting a valid directory. I did a bunch of reading on the forums and blog posts and I finally ran across someone from back in 2018 I believe suggest to reinstall the PMS module. I thought, why would this help, its a brand new install, but figured I would try it. Sure enough, it worked after that.
One thing that may or may not be related is that I was setting up the Groups, and I saw one called “Property Management”. I thought, hmm, I don’t need this group, it must be a demo group or something and deleted it.
Q: Did I bork up UCP by deleting this group, or was it likely something in the fresh install/update process that wasn’t working right?
** Firewall ports **
This install is behind a pfSense firewall. I have port forwarded the following ports unrestricted (and are configured in PBXact) :
… TCP/4443(ucp)
… TCP/8003 (node secure)
… TCP/8089(webrtc encrypted)
… TCP/1443(https provisioning)
… TCP/2443(restful api)
… TCP/3443(restful phone apps)
… TCP/8002(zulu3)
… UDP/10000-20000
I also have the following ports open but restricted to the CIDRs the SIP provider provided :
… TCP/5060-5061
… UDP/5060
I have to move an existing OpenVPN server to another port so I can use OpenVPN with PBXact. It is my understanding we cannot modify the port in PBXact. Once done, I will open UDP/1194.
One side note - I had to modify the Smart Office bind port as it was stepping on toes with 3443. Smart Office is disabled, yet it still would not let me set 3443 for RESTful Apps.
All HTTP ports are disabled in port management, except for my admin port…
Q: Does this seem like a reasonable configuration and everything should work?
Q: Should I be re-enabling the HTTP ports (but not port forwarding through firewall) as phones will be used almost entirely from the local network?
** Endpoint Manager & inside/outside profiles **
Currently I have only https ports enabled. PBX and phones are on their own VLAN at office. There are two other VLANs in use at office that will access Zulu. These are all separate networks, connected only by a common firewall to the world but firewalled from eachother.
Q: Given the above configuration, do you expect I will be fine without change, or will need to setup some local routing and DNS overrides, or perhaps some NAT reflection to get Zulu to login from one private network to another private network, behind the same firewall?
Q: For local phones, do you recommend re-enabling HTTP ports and using this on the inside profiles only?
Q: How does this (re-neabling local ports) work with VPN users?
Q: Is it true, you cannot have more than 1 user at a remote location access FreePBX/PBXact via VPN at the same time?
Thanks,