Let me said in Using Vultr for FreePBX said in Using Vultr for FreePBX said in Using Vultr for FreePBX Yep. Vultr doesn't have a firewall unless you make one. You sure Vultr firewall isn't blocking TFTP? Was hoping you had run across this issue and made it work (even though it's not recommended). I've checked the freepbx forums (there are similar complaints about tftp, but those are not on a hosted server and tend to be user error). I'm able to tftp locally from another known good remote tftp server. I've set my local firewall wide open for the IP address. The tftp client successfully talks with the server, requests files, but eventually times out with no data transmitted). I've set the xinet service tftp to verbose logging and tracked the activity. I've turned off the IPFW (yes, I know.this is a test box). Nevertheless, it actually does not seem to work in a hosted freepbx environment and I can't figure out (yet) why. tftp is not optimal for security reasons.
The device never sends the registration password in the said in Using Vultr for FreePBX said in Using Vultr for FreePBX Yep. The SIP protocol negotiates a nonce witht he PBX when it begins the registration process for an extension. SIP registration is a totally different issue. To be clear this, is only about keeping the configuration files secret because they contain sensitive information. By doing that, there is no way for someone to get to your data form everywhere around the world. Now, you can mitigate by only allowing known IP addresses through the firewall. I recommend only using https on the public internet. Once someone has your valid credentials, they have access to make calls on your dime. This is a super bad thing because these config files contain the SIP credentials for the device in question. So if somewhere along the way, your traffic is sniffed (most likely is softphone on a mobile device on a public hotspot), the data inside the phone config files is 100% plain text. Using tftp to pull configs over the internet have no possible method to encrypt the information in transit. I was out at breakfast when I made the reply.
So I am left to beleive that the DHCP server in 5.7 is not giving the IP phone the needed options to find the tftp server and download its config files.I would never use tftp over the internet.
I have tested the tftp server part with ftprush client and that works fine from another pc on the network. When I take the same phone and put it on a poe switch and laptop running dhcp and tftp, the phone pulls the ip and tftp info and its config files. The phone simply does an endless loop of restarting and registering. When I tcpdump on the freepbx servers interface I never see the phone trying to pick up its config files. I have rebooted the MB to make sure the changes took effect. I have added options 66 and 150 set to an ip address of 172.16.0.251( the freepbx server that has tftp running under xinetd) and I added those options to the dchp networks tab. All the phones are on the internal network. I am trying to setup in my network a Freepbx Server with Cisco 7941G IP phones. Any ideas how I might be able to get this working without using another machine to give out DHCP info? So I am left to beleive that the DHCP server in 5.7 is not giving the IP phone the needed options to find the tftp server and download its config files.