Register Remotely with Mobile Zoiper via TLS

Yeastar S-Series VoIP PBX supports TLS protocol for secure remote extension or softphone registration and communications. You can setup Yeastar S-Series VoIP PBX with Secure SIP (TLS) to secure the SIP messaging to ensure the communication between the different devices. In this case, we explain how to register mobile Zoiper softphone to the VoIP PBX remotely.

In this Article:

  1. The configuration in Router and S-Series VoIP PBX
  2. The configuration in Zoiper softphone (iPhone)
  3. The configuration in Zoiper softphone (Android)

Tested Devices:

  • Yeastar S100: firmware version; Local IP address:
  • Zoiper in iPhone: Zoiper version 3.14
  • Zoiper in Android Phone: Zoiper version 2.2.29 

The configuration in Router and S-Series VoIP PBX

Step 1. Configure port forwarding on the router

Example: The router’s public IP is 110.X.X.X.

Since Yeastar S-Series VoIP PBX is behind the router, to register extension or softphone to Yeastar S-Series VoIP PBX remotely, you need to forward the SIP port on the router which is connected to Yeastar S-Series PBX, so that all the packets received on the router WAN port (110.X.X.X:5061) will be forwarded to the Yeastar S-Series VoIP PBX ( Below is the setting page in a Linksys router.

Note: we must map TCP port 5061 and TCP port 10000-12000. Setting page in a Linksys router


Step 2. Configure NAT settings in Yeastar S-Series PBX.

Login Yeastar S-Series VoIP PBX web interface and go to “Setting> General> SIP> NAT”, configure the NAT settings according to the directions below.

  • NAT Type: choose “External IP Address”, you can choose “External Host” or “STUN” if you don’t have a static public IP address.
  • External IP Address: fill in the router’s public IP address
  • Local Network Address: fill in your local network segment and subnet mask (i.e.
  • NAT mode: Yes




Step 3. Setup an extension in Yeastar S-Series PBX.  (i.e. 1002).

  • NAT: Yes
  • Register Remotely: Yes

Setup an extension in Yeastar S-Series PBX



Step 4. Enable TLS on S100.

  • Navigate to Settings> PBX> General> SIP> PBX> TLS.
  • Check the checkbox of Enable TLS.
  • Don't select any certificate of Certificate.
  • Click Save and click Yes on the pop-up window to reboot the PBX.

Enable TLS on S100 VoIP PBX

Step 5. Setup a TLS extension.

Go to Settings> PBX> Extensions> Advanced, choose an extension and edit it, set the transport as TLS.

Setup a TLS extension in S-Series VoIP PBX


The configuration in Zoiper Softphone (iPhone)

Step 1.  Setup Zoiper mobile softphone and fill the information.

  • Account name: the extension number
  • Domain: public IP address of the router, the port is 5061(TLS)
  • User name: the extension number
  • Caller ID:  the extension number
  • Auth Username: the extension number

Access the path: Settings> Accounts in the Zoiper, then click "+" > Yes> Manual configuration> SIP Account (in this case we take the iPhone version as an example)

Setup Zoiper mobile softphone 


Step 2. Enable the TLS in Zoiper.

The path is Settings> Accounts(500)> ADDITIONAL SETTINGS> Network Settings 

Enable the TLS in Zoiper


Then you can registered it.

Register Zoiper softphone


 The Configuration in Zoiper Softphone (Android)

Step 1. Fill the information in Zoiper

Access the path: Settings> Accounts

 Configure Zoiper Softphone (Android)

Step 2. Enable the TLS

Access the path: Network Settings> Accounts> Transport> TLS

Enable the TLS on Zoiper Softphone

Choose the protocol of TLS

Path:Settings> Advanced> Security> TLS Options> Protocol Suite, SSL v2/v3

Enable the TLS on Zoiper Softphone 2

Then you can register and make a call.


Have more questions? Submit a request


Please sign in to leave a comment.