SIP-T32G OpenVPN Missing? - Printable Version +- Yealink Forums (http://forum.yealink.com/forum) +-- Forum: IP Phone Series (/forumdisplay.php?fid=4) +--- Forum: Configuration (/forumdisplay.php?fid=24) +--- Thread: SIP-T32G OpenVPN Missing? (/showthread.php?tid=1613) |
SIP-T32G OpenVPN Missing? - raggamofin - 04-19-2014 04:37 AM I currently have an OpenVPN server working using Snom SIP phones. I am trying to configure my first Yealink phone (T32G), but I'm not having much luck. I increased the log level to 6 and exported the log, however I do not see any OpenVPN errors. The log file does not have OpenVPN in the process list which makes me wonder if the OpenVPN service is running on the T32G. Any ideas as to what I may be missing? openvpn.tar \vpn.cnf \keys\ca.crt \keys\vpn.crt \keys\vpn.key [vpn.cnf] client dev tun proto udp remote X.X.X.X 61010 remote-random resolv-retry infinite auth-retry nointeract nobind tun-mtu 1500 fragment 1300 mssfix persist-key persist-tun ca /phone/config/openvpn/keys/ca.crt cert /phone/config/openvpn/keys/client.crt key /phone/config/openvpn/keys/client.key ns-cert-type server verb 5 RE: SIP-T32G OpenVPN Missing? - Yealink Support - 04-19-2014 09:39 AM 1. Do you upload to T32G successful? 2. Can you share your server.conf or server.ovpn for me that i can debug? 3. Do you use the certificate using SHA1 or MD5 (encryption algorithm)? RE: SIP-T32G OpenVPN Missing? - raggamofin - 04-22-2014 11:22 PM 1. Yes, I uploaded the client configuration and then vpn to active. I also confirmed that vpn was set to active on the phone itself. 2. I am using OpenVPN on Vyatta. Here's the config from there... openvpn vtun0 { local-port 61010 mode server openvpn-option "--tun-mtu 1500 --fragment 1300 --mssfix" [this line was put in for the Snom phones] protocol udp server { push-route 192.168.0.0/16 push-route 10.0.0.0/8 push-route 172.16.0.0/12 subnet 172.17.21.0/24 } tls { ca-cert-file /config/auth/ca.crt cert-file /config/auth/mymachine.domain.com.crt crl-file /config/auth/crl-v2.pem dh-file /config/auth/dh1024.pem key-file /config/auth/mymaching.domain.com.key 3. SHA1 RE: SIP-T32G OpenVPN Missing? - Yealink Support - 04-23-2014 08:47 PM Please use "/config/openvpn/keys/ " but not "/config/auth/". RE: SIP-T32G OpenVPN Missing? - raggamofin - 04-24-2014 12:03 AM The /config/auth/ is in the server configuration and is relative to the server and not the client. Is there something else I could try? (04-23-2014 08:47 PM)Yealink Support Wrote: Please use "/config/openvpn/keys/ " but not "/config/auth/". RE: SIP-T32G OpenVPN Missing? - Yealink Support - 04-24-2014 07:54 PM \keys\ca.crt \keys\vpn.crt \keys\vpn.key Red color should be the same . ca /phone/config/openvpn/keys/ca.crt cert /phone/config/openvpn/keys/client.crt key /phone/config/openvpn/keys/client.key RE: SIP-T32G OpenVPN Missing? - raggamofin - 04-24-2014 10:47 PM Ah!!!!! Sorry. I completely missed that! Let me fix that and let you know what happens. RE: SIP-T32G OpenVPN Missing? - gdewey - 07-11-2014 05:27 AM I configured several T48G and now I got some new T32G using the cert path /phone/config/openvpn/keys/ but when I do the upload the file wont be taken. it shows as if nothing happened. name of files are fine and all certs also.. client.tar \vpn.cnf \keys\ca.crt \keys\client.crt \keys\client.key \keys\ta.key any ideas ? I followed about 20 times the same procedure with other model .. took me some time to get the right configs but it just wont work on this model RE: SIP-T32G OpenVPN Missing? - pasha - 01-12-2015 05:41 PM I'm having some issues getting openvpn going on my t32 as well. I know that openvpn (or any vpn software for that matter) is quite dependant on system time / date, I would make sure that on your end that is set correctly. In my case for some reason ntp was not working even though I set it to multiple free ntp servers, it sets it to march of 2013, I have a feeling as soon as I resolve this issue vpn will start functioning. As a test I tested the client config on my ubuntu laptop and was successfully able to make the vpn tunnel as well as login to the pbx through it, so it is likely the date. I thought I'd mention that as the date is quite easy to overlook. Hope it helps someone. |