I am unable to get extensions on a different subnet to register. My set up is, zycoo pabx that runs asterisk sitting behind pfsense.
I have used pfsense to create a VPN using OpenVPN to create a tunnel to a second site. The site has pfsense at the gateway. All relevant ports are opened and I can reach the phones (Fanvil X3) at site 2 through my browser from site 1.
The phones are not registering on the pabx though. Here is the error I am getting from the logs.
[2017-10-07 10:46:06] NOTICE acl.c: SIP Peer ACL: Rejecting ‘192.168.90.222’ due to a failure to pass ACL ‘local_extensions_acl’
[2017-10-07 10:46:06] NOTICE chan_sip.c: Registration from ‘119 sip:firstname.lastname@example.org:5060’ failed for ‘192.168.90.222:5060’ - Device does not match ACL
I have gone ahead and tried to edit acl.conf file but nothing seems to be working.
deny = 0.0.0.0/0.0.0.0
permit = 10.0.10.0/24
permit = 192.168.90.0/255.255.255.0
deny = 0.0.0.0/0
permit = 127.0.0.1/8
permit = 192.168.7.200/24
permit = 192.168.5.200/24
permit = 192.168.90.1 (this one keeps changing back to gateway IP even after I try to add whole network 192.168.90.0/24)
What am I missing? Please help. I have been going at it for the last three days.