I finally got TLS configured and working to allow encrypted communication between a remote telephone and our PBX however it is still showing UNREACHABLE in the Endpoint Manager.
I did change the TLS port to a non-standard port of 5062 however it shows 5060 in EM.
Anyone know how to resolve this? I’d like to have it show up as being registered to facilitate troubleshooting.
Change SIP Settings to enable TLS, change port to 5062
Set to no for Don’t check server
Change Endpoint manager > global settings > external IP address to match FQDN name associated with our certificate.
Opened TCP port 5062 in Firewall going to the FreePBX server
Set the extension Transport to TLS Only, Enable Encryption: Yes (SRTP only)
Rebuild the provisioning profile
Factory reset the phone - have it provision via HTTPS provisioning by way of DHCP option 66
You are correct, the picture was of the SIP Peers. See the picture below of the Endpoint Manager