If i was to place a phone server in the DMZ, would i do it at the modem level or at the pfsense firewall level. We cant use PBX VPN because we use Grandstream phones. The Sangoma phones we have aren’t working with the VPN and EPM like described in documentation, and we don’t have 300 bucks for hours of looking by Sangoma. We need a solution for our remote phones that, now, haven’t worked in over a month. I can set up internal phone systems blind folded, but setting up a hosted phone solution, has eluded me.
HELP PLEASE.
If you have a pfsense in the remote sites, then you could:
- Create an openVPN client in the pfsense to connect to FreePBX VPN server, then
- Set the phones (IP address) to use the openVPN client as a gateway to connect to the FreePBX VPN server
Are you having trouble with registration or passing configs to the phones using EPM? Or Both?
Since you are using EPM, do you also have System Admin Pro?
You don’t need to pay for Sangoma support if you have bought Sangoma phones. You can resolve your VPN and EPM issues for free, open a ticket with Sangoma.
1 Like
I using both, but im not using redirect
They are trying now, but cant tell why the sangoma phone wont utilize the vpn to connect. sangoma sees no requests from phone to use vpn.
Thats the only thing we dont have. That makes great sense putting in a pfsense firewall with a vpn between theirs and ours. Not an option for us. One place has a company/building wide firewall, that messed with ours, and only one phone would connect at a time. The other we didnt think about doing because we had figured out the vpn puzzle with freepbx and grandstream phones.
Check route 10.8.0.0 is set to Enabled Yes in SysAdmin. It’s also worth using Zero-Touch Provisioning and the redirect server to firstly to bring the phone online without VPN and then applying the VPN to the handset from EPM > Extension Mapping. And remember to wait. The second reboot to register with VPN can take 5-10 mins, so be patient. We’ve spent hours learning this process with mistake after mistake and you will have forgotten to do something.
If i changed that route to 10.6.0.0 will it matter?
I don’t know, I’m sorry. Go with the default first and play later when it’s online. And factory reset the phone each time rather than reboot: *** then hold X for 12 seconds. It will factory reset after a few seconds.
Using the redirect server might be the missing piece of the puzzle. We have never used it with grandstream phones. We just configured them internally to the phone server. He is a very small company and his biggest is maybe 56 peers.
Give that a go then, check Provisioning Protocols in SysAdmin, select https and match the credentials in the redirection server settings.
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.