Yeastar S-Series VoIP PBX supports TLS protocol for secure remote extension or softphone registration and communications. You can setup Yeastar S-Series VoIP PBX with Secure SIP (TLS) to secure the SIP messaging to ensure the communication between the different devices. In this case, we explain how to register mobile Zoiper softphone to the VoIP PBX remotely.
In this Article:
- The configuration in Router and S-Series VoIP PBX
- The configuration in Zoiper softphone (iPhone)
- The configuration in Zoiper softphone (Android)
- Yeastar S100: firmware version 22.214.171.124; Local IP address: 192.168.5.150
- Zoiper in iPhone: Zoiper version 3.14
- Zoiper in Android Phone: Zoiper version 2.2.29
The configuration in Router and S-Series VoIP PBX
Step 1. Configure port forwarding on the router
Example: The router’s public IP is 110.X.X.X.
Since Yeastar S-Series VoIP PBX is behind the router, to register extension or softphone to Yeastar S-Series VoIP PBX remotely, you need to forward the SIP port on the router which is connected to Yeastar S-Series PBX, so that all the packets received on the router WAN port (110.X.X.X:5061) will be forwarded to the Yeastar S-Series VoIP PBX (192.168.5.150:5061). Below is the setting page in a Linksys router.
Note: we must map TCP port 5061 and TCP port 10000-12000.
Step 2. Configure NAT settings in Yeastar S-Series PBX.
Login Yeastar S-Series VoIP PBX web interface and go to “Setting> General> SIP> NAT”, configure the NAT settings according to the directions below.
- NAT Type: choose “External IP Address”, you can choose “External Host” or “STUN” if you don’t have a static public IP address.
- External IP Address: fill in the router’s public IP address
- Local Network Address: fill in your local network segment and subnet mask (i.e.192.168.5.150/255.255.255.0)
- NAT mode: Yes
Step 3. Setup an extension in Yeastar S-Series PBX. (i.e. 1002).
- NAT: Yes
- Register Remotely: Yes
Step 4. Enable TLS on S100.
- Navigate to Settings> PBX> General> SIP> PBX> TLS.
- Check the checkbox of Enable TLS.
- Don't select any certificate of Certificate.
- Click Save and click Yes on the pop-up window to reboot the PBX.
Step 5. Setup a TLS extension.
Go to Settings> PBX> Extensions> Advanced, choose an extension and edit it, set the transport as TLS.
The configuration in Zoiper Softphone (iPhone)
Step 1. Setup Zoiper mobile softphone and fill the information.
- Account name: the extension number
- Domain: public IP address of the router, the port is 5061(TLS)
- User name: the extension number
- Caller ID: the extension number
- Auth Username: the extension number
Access the path: Settings> Accounts in the Zoiper, then click "+" > Yes> Manual configuration> SIP Account (in this case we take the iPhone version as an example)
Step 2. Enable the TLS in Zoiper.
The path is Settings> Accounts(500)> ADDITIONAL SETTINGS> Network Settings
Then you can registered it.
The Configuration in Zoiper Softphone (Android)
Step 1. Fill the information in Zoiper
Access the path: Settings> Accounts
Step 2. Enable the TLS
Access the path: Network Settings> Accounts> Transport> TLS
Choose the protocol of TLS
Path:Settings> Advanced> Security> TLS Options> Protocol Suite, SSL v2/v3
Then you can register and make a call.