Phone not able to log in with Auto-provision remotely - Rest Apps doesn't load

I’m hoping I’m just missing something obvious here. I have a PBXact with an S500 I’m trying to connect via VPN. As the first step, I’m getting the phone just to provision. On the internal network, it loads the config and the Phone App for Login is just fine. On the external network, it loads the config without issue, but the Rest App to log in just stays blank (Loading, Please wait…) for about 10 seconds and then goes away.

I see all the traffic on the external IP going to 1443, but nothing going to 3443. (HTTPS, not HTTP) I’ve tried both by FQDN and IP without joy. Doing the external test of the rest app through a browser shows that it’s unlicensed, but I assume this is not an issue with PBXact and Sangoma phones only. It auto-updates weekly so the PBX should have the latest of everything. I’ve updated the firmware to through EPM so I know it’s talking to the PBX at least for that leg of the provisioning.

I did try opening HTTP for the phone apps as well to test but again saw no traffic traverse the firewall.

Any insight as to what I could be missing would be greatly appreciated.

(For reference, this is exactly as in number 2 of the webinars posted on sangoma under solutions/secure-remote-user-management )

Have you read the wiki?

I have. But when looking at all traffic hitting the firewall from the IP the phone is coming from, only port 1443 is ever hit. It’s not trying any other ports. It should be on 3443 for the phone apps, but it’s not. When internal, there is no firewall since it’s on the same subnet, but it’s connecting to the phone apps without a hitch.

I’m not sure if I’m missing something obvious, but I want to make sure I’m not just missing something stupid.

The phones are being provisioned using the Deployment ID in the Sangoma portal. I did have https working fine, and then moved to deployment so I could check in case one or the other was able to resolve the external provisioning issue. The SSL is valid (Let’s Encrypt) so I’ve tried with both FQDN and IP. 1443 is picked up either way without issue. 3443 is not. Even switching to non-https and opening 82/84 (with IP address restrictions set on the firewall of course) only shows the external provisioning hitting on 84. Nothing gets to 82.

If I can’t find a simple “You missed this setting” type answer I may see if I can open a ticket with Sangoma. (At least the PBX and phones are under support.) I just prefer to understand the issue rather than call support if I can.

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.