Not needing this yet, but in anticipation…
LetsEncrypt cert in place and enabled for provisioning
Modules up to date on non-edge
If we have an OOB phone, what is required for remote provisioning? Here’s what in place now, and doesn’t seem to be working:
Local (where the phone is) option 66 set to https://myphones.mydomain.com:1443 (matches https provisioning port). Have also tried http://myphones.mydomain.com:84)
Remote public IP listed as trusted in Responsive firewall
Remote public IP is not blocked in Responsive firewall or listed as blocked in IPTables
Remote and local address for FreePBX is listed as myphones.mydomain.com (dummy host name here), which resolves to the LAN IP on the LAN and the natted public IP on the internet side.
Ports 5060, 5161, 10001-20000, 84, and 1443 allowed through the network firewall to FreePBX from the one remote public IP where the OOB phone is.
On the Extra Services page of the Responsive firewall I’ve enabled Internet for Provisioning and get the apache test page when browsing to the host name on port 84 from the same network as the remote phone
Remote phone (S705) boots, the screen says it’s checking for config, I see the network firewall pass the packets to the FreePBX IP on the LAN side (have tried both https on 1443 and http on 84), but the phone doesn’t seem to configure.