[FAQ]Frequently Asked Questions of OpenVPN - Printable Version +- Yealink Forums (http://forum.yealink.com/forum) +-- Forum: FAQs etc (/forumdisplay.php?fid=38) +--- Forum: FAQs (/forumdisplay.php?fid=39) +--- Thread: [FAQ]Frequently Asked Questions of OpenVPN (/showthread.php?tid=1843) |
[FAQ]Frequently Asked Questions of OpenVPN - Yealink Support - 05-30-2014 07:17 PM Phone can’t connect to OpenVPN server (1). Check the OpenVPN server is running successfully Under normal circumstances, the OpenVPN icon in the task bar will show green after the VPN server is running up. If you move the mouse to the icon , you can see the virtual IP address of OpenVPN server as following figure: (2). Check the phone’s OpenVPN.tar Decompression your customer’s or your OpenVPN.tar file, you should find a keys directory and a vpn.cnf file (directory name must be as keys, profile name must be a vpn.cnf, their names are not allowed to be changed), as following figure: (3). Check whether keys for client and vpn.cnf is matched Enter keys directory, the corresponding name of ca, crt, key certificates in vpn.cnf should be consistent with keys three files in the directory name. (4). Check whether server.ovpnand vpn.cnf is matched configurations in client marked with the red arrows should be consistent with the server. (5). Check the validity of certificates Make sure the time of phone is within the validity of the certificates. If not, please rebuild certificate or change the phone time. RE: [FAQ]Frequently Asked Questions of OpenVPN - Yealink Support - 05-30-2014 07:34 PM (6). Check the Signature hash algorithm of certificates Yealink phones support md5 and sha1 signature hash algorithm now; We don’t support sha256 now. (V80 will add it ) Register issues debug (1). Phone can connect to OpenVPN, but can’t register accounts <1> Check whether the user's OpenVPN server has two network cards, you can ping the SIP server from OpenVPN server. <2> Check if the OpenVPN server has enabled TCP/IP forwarding. <3> Check to enable Internet connection sharing <4> Check whether the OpenVPN server configuration file-server.ovpn has granted phone the permission to access the SIP server network segment. For example: SIP server IP address is 192.168.3.3, OpenVPN server configuration file-server.ovpn has this configuration: push "route 192.168.3.0 255.255.255.0“ (2). Phone can’t register accounts via DNS-SRV <1> Check whether you have configured DNS server IP address in OpenVPN server configuration-server.ovpn (To check whether there is a similar configuration in server.ovpn: push “dhcp-option DNS 10.2.1.1“ ) <2> Check to ping IP address from phone Voice issues debug (1). Phone has no sound when in a call Some SIP servers which don’t set up the proxy pattern are no longer responsible for calling on both sides of the RTP data forwarding after the establishment. The RTP data will be transmitted by two callers directly. The phone can’t receive RTP packets because the OpenVPN server is not configured client-to-client option (the configuration was to allow the two clients to communicate directly). So please add the configuration item and restart the OpenVPN server (2). The voice quality is poor <1> The problem is usually due to network conditions, bad network such as packet loss, delay will reduce this issue. <2> Another situation is OpenVPN log level of phone is too high, which leads to the phone processing speed slow down. Please set the log level in vpn.cnf to 3: verb 3 OpenVPN configuration items commonly used functions Common configurations Code: port 1194 Client configurations Code: nobind Server configurations Code: server 10.8.0.0 255.255.255.0 Please be aware: The purpose of these forums is to allow forum members collaborate and help each other. Questions posted here won't be appreciated. If you require assistance from Yealink technical support, please email to support@yealink.com or USA support support.usa@yealink.com |