I need some help getting zero touch configuration working for remote users. I am currently testing with Sangoma s305. I have been able to setup OpenVPN and have a template that will allow a phone to connect via VPN successfully. If a phone is first provisioned on the PBX LAN, it will work fine when moved to a remote location. However provisioning fails when initiated fully remote. I end up with a “blank” template of some sort.
I currently have ports 1194, 83-84 forwarded to my freePBX server.
I have been following instructions in the wiki
The issue seems to be with the Sangoma Smart Firewall settings. If eth0 of the FreePBX server is set to internet then remote provisioning fails. If however I set it briefly to trusted then remote provisioning occurs. I have whitelisted my internal LAN subnet so that would explain why provisioning works internally but not externally. I feel like I just want to allow the provisioning ports through the SRF but don’t see how to do that. Any suggestions on how to properly configure this would be appreciated.