Softphones, External Clients, VPN, Etc

I have a few questions with best configuration options…

  1. If we want our users (less than 10) to be able to log into softphone software at home or on mobile phones, can this be done with just setting up firewall/routing rules or is VPN required?
  2. Should we allow users to be able to log into their own desk extension with softphone? And are there any problems with logging into a softphone with the same extension as a user’s desk phone? As in, multiple clients on the same extension… Or, do we need to get into setting up separate extensions for softphone use. The problem I see with that is the voicemail is attached to the extension and not the user. For ease, the extension passwords would be easier to remember and not the auto generated Secret.
  3. If we want Sangoma phones to be installed off-site (homes), should we get the FreePBX VPN add-on or can this work with router VPN?

Thanks!

Any pointers here?

1.If we want our users (less than 10) to be able to log into softphone software at home or on mobile phones, can this be done with just setting up firewall/routing rules or is VPN required?

Could you? It depends on if your server is publicly accessible or not. If the phones can reach the PBX directly or via routing from a public address then you wouldn’t need VPN, if your PBX is only accessible privately, then you probably would need a VPN to get your phones on a network that can reach the PBX. I would recommend consulting your network/security engineer to determine what you should do.

2.Should we allow users to be able to log into their own desk extension with softphone? And are there any problems with logging into a softphone with the same extension as a user’s desk phone? As in, multiple clients on the same extension… Or, do we need to get into setting up separate extensions for softphone use. The problem I see with that is the voicemail is attached to the extension and not the user. For ease, the extension passwords would be easier to remember and not the auto generated Secret.

To enable login in to multiple endpoints, edit the extension and increase the number of contacts. My recommendation would be to test the setup to ensure it meets all of your workflow and security specifications.

3.If we want Sangoma phones to be installed off-site (homes), should we get the FreePBX VPN add-on or can this work with router VPN?

You should be able to do it with either option. The best approach depends on your network topology and resource requirements. A collaboration with your network/security engineer to determine what you should do.