I’m at my wit’s end here. Quick history: Every time I do a major upgrade to my FreePBX, which runs in a VM bridged directly into my network, I simply delete the virtual disk and install the new FreePBX version in the new vhd. This keeps all the rest of my “hardware” the same (most notable the MAC address) as to no trigger a hardware license reset in the system activation. This also allows me to keep my IP and firewall rules untouched between upgrades. I did the same thing here when I upgraded to FreePBX17 and there are absolutely no issues with any other area of this fresh FreePBX17 install besides this Let’sEncrypt issue. FreePBX16 (CentOS) was working perfectly fine including Let’sEncrypt. I did update my FQDN to read xxxpbx07.xxx.com from xxxpbx06.xxx.com and updated the DNS in my registrar appropriately and gave it many days to update and propagate. DNS checker verified it’s very propagated lol.
Network setup:
Business fiber internet with 5 static IPs, fairly simple pfsense router setup (2.8.1) with all appropriate ports forwarded in NAT, 1 of my 5 static IPs dedicated to this FreePBX17 vm along with a 1:1 NAT, firewalls rules auto-created to match NAT settings and double-checked before posting here, sub-domain pointed to dedicated IP and DNS resolution checked backward and forward so that my FQDN definitely resolves to the appropriate dedicated static IP and vice versa, hostname set properly in System Admin, “Detect Network Settings” in Asterisk SIP Settings correctly sees itself internally and externally with the static IP that I expect. Left the responsive firewall for the Let’sEncrypt service as default but also tried turning it off and manually choosing to allow the service through internet and local in the firewall advanced settings. Can’t think of anything else significant enough to post here.
Not sure why it doesn’t work. Doesn’t seem to have a reason not to. The only thing I noticed is in that error message I get. The local IP is shown as 127.0.0.1. Should that be my actual local IP for this VM? If so, where do I change that? I’m grasping at straws here and don’t know what I’m missing. I also tried disabling the FreePBX firewall altogether to see if that helped and it didn’t. The only thing I can think of is disabling my entire firewall (or allowing all to this vm), but I shouldn’t need to as it was working just fine before. Forgot to mention that I have a DNS reflection in my pfsense for the FQDN so that I can reach various other devices (hardware and vm) internally via their FQDN instead of local IP. All local extensions and extensions outside of my network connect fine using the FQDN. Ext to ext calls work fine, DIDs from outside to inside exts work fine, internal ext to outside numbers work fine, etc. You get the picture. No issues anywhere except Let’sEncrypt. Anyone know where I could be going wrong here? Thanks so much in advance!