Primer for Remote Provision setup

FreerPBXer · March 24, 2020, 6:55pm

Not needing this yet, but in anticipation…

FreePBX 10.13.66-21
LetsEncrypt cert in place and enabled for provisioning
Modules up to date on non-edge

If we have an OOB phone, what is required for remote provisioning? Here’s what in place now, and doesn’t seem to be working:

Local (where the phone is) option 66 set to https://myphones.mydomain.com:1443 (matches https provisioning port). Have also tried http://myphones.mydomain.com:84)
Remote public IP listed as trusted in Responsive firewall
Remote public IP is not blocked in Responsive firewall or listed as blocked in IPTables
Remote and local address for FreePBX is listed as myphones.mydomain.com (dummy host name here), which resolves to the LAN IP on the LAN and the natted public IP on the internet side.
Ports 5060, 5161, 10001-20000, 84, and 1443 allowed through the network firewall to FreePBX from the one remote public IP where the OOB phone is.
On the Extra Services page of the Responsive firewall I’ve enabled Internet for Provisioning and get the apache test page when browsing to the host name on port 84 from the same network as the remote phone

Remote phone (S705) boots, the screen says it’s checking for config, I see the network firewall pass the packets to the FreePBX IP on the LAN side (have tried both https on 1443 and http on 84), but the phone doesn’t seem to configure.

dolesec · March 24, 2020, 7:42pm

thats all you need , if you want to troubleshoot the connectivity use http on 84 and fire up a phone grabbing option 66 or after entering config server info and watch the logs

tail -f /var/log/httpd/access_log | grep -i sangoma

you can remove the pipe to grep and confirm its logging by simply hitting the any web responsive portion of the pbx too

you’ll be able to confirm if the request is making it there or not and if the request is making it and failing , you’ll see why …

Ajhad · March 26, 2020, 9:35pm

Are you able to confirm that the phone is using option 66?
Double check the mac of the phone in question with EPM.

I would also try the Sangoma portal for remote provisioning.
You can set the phone to automagically pull the correct server information from Sangoma’s default remote provisioning.

system · April 2, 2020, 9:35pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.