[YMCS/YDMP Free Trial Program]Yealink would like to offer Free Trial Program of Yealink device management service for our current eligible customers. You can see the details below.
https://www.yealink.com/ydmp-freetrial-2020


Post Reply 
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Openvpn configuration
Author Message
takos120 Offline
Junior Member
**

Posts: 3
Joined: Nov 2014
Reputation: 0
Post: #1
Openvpn configuration
Hello, the server configuration is this

port 1194
proto udp
dev tap
dev-node TAP
ca ca.crt
cert server.crt
key server.key # Este archivo debe ser SECRETO!
dh dh1024.pem
ifconfig-pool-persist ipp.txt
server-bridge 192.168.1.205 255.255.255.0 192.168.1.226 192.168.1.230
server-bridge
client-to-client
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3

And the client configuration is this
Quote:client
nobind
remote xxx.xxx.xxx.xxx
port 1194
proto udp
dev tap
comp-lzo
verb 3
ca /yealink/config/openvpn/keys/ca.crt
cert /yealink/config/openvpn/keys/cliente.crt
key /yealink/config/openvpn/keys/cliente.key

The server configuration work with pc's but don't work in phone. This is the log when the phone is connect
Quote:Mon Nov 17 22:23:44 2014 xxx.xxx.xxx.xxx:1026 TLS: Initial packet from [AF_INET]xxx.xxx.xxx.xxx:1026, sid=9934d9f6 54934050
Mon Nov 17 22:23:47 2014 xxx.xxx.xxx.xxx:1026 VERIFY OK: depth=1, C=ES, ST=MA, L=Madrid, O=OpenVPN, OU=changeme, CN=xxxxxx, name=xxxxx, emailAddress=xxxxx
Mon Nov 17 22:23:47 2014 xxx.xxx.xxx.xxx:1026 VERIFY OK: depth=0, C=ES, ST=MA, L=Madrid, O=OpenVPN, OU=changeme, CN=cliente, name=xxxxx, emailAddress=xxxxx
Mon Nov 17 22:23:48 2014 xxx.xxx.xxx.xxx:1026 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Nov 17 22:23:48 2014 xxx.xxx.xxx.xxx:1026 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Nov 17 22:23:48 2014 xxx.xxx.xxx.xxx:1026 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Nov 17 22:23:48 2014 xxx.xxx.xxx.xxx:1026 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Nov 17 22:23:48 2014 xxx.xxx.xxx.xxx:1026 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Mon Nov 17 22:23:48 2014 xxx.xxx.xxx.xxx:1026 [cliente] Peer Connection Initiated with [AF_INET]xxx.xxx.xxx.xxx:1026
Mon Nov 17 22:23:48 2014 cliente/xxx.xxx.xxx.xxx:1026 MULTI_sva: pool returned IPv4=192.168.1.227, IPv6=(Not enabled)
Mon Nov 17 22:23:49 2014 cliente/xxx.xxx.xxx.xxx:1026 PUSH: Received control message: 'PUSH_REQUEST'
Mon Nov 17 22:23:49 2014 cliente/xxx.xxx.xxx.xxx:1026 send_push_reply(): safe_cap=940
Mon Nov 17 22:23:49 2014 cliente/xxx.xxx.xxx.xxx:1026 SENT CONTROL [cliente]: 'PUSH_REPLY,route-gateway 192.168.1.205,ping 10,ping-restart 120,ifconfig 192.168.1.227 255.255.255.0' (status=1)
Mon Nov 17 22:23:49 2014 cliente/xxx.xxx.xxx.xxx:1026 MULTI: Learn: 00:ff:f1:76:f2:c4 -> cliente/xxx.xxx.xxx.xxx:1026
Mon Nov 17 22:24:59 2014 xxx.xxx.xxx.xxx:1024 TLS: Initial packet from [AF_INET]xxx.xxx.xxx.xxx:1024, sid=6d1346bd 7c77b3de
Mon Nov 17 22:25:08 2014 xxx.xxx.xxx.xxx:1024 VERIFY OK: depth=1, C=ES, ST=MA, L=Madrid, O=OpenVPN, OU=changeme, CN=xxxxx, name=xxxxx, emailAddress=xxxxx
Mon Nov 17 22:25:08 2014 xxx.xxx.xxx.xxx:1024 VERIFY OK: depth=0, C=ES, ST=MA, L=Madrid, O=OpenVPN, OU=changeme, CN=cliente, name=xxxxx, emailAddress=xxxxx
Mon Nov 17 22:25:08 2014 xxx.xxx.xxx.xxx:1024 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Nov 17 22:25:08 2014 xxx.xxx.xxx.xxx:1024 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Nov 17 22:25:08 2014 xxx.xxx.xxx.xxx:1024 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Nov 17 22:25:08 2014 xxx.xxx.xxx.xxx:1024 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Nov 17 22:25:08 2014 xxx.xxx.xxx.xxx:1024 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Mon Nov 17 22:25:08 2014 xxx.xxx.xxx.xxx:1024 [cliente] Peer Connection Initiated with [AF_INET]xxx.xxx.xxx.xxx:1024
Mon Nov 17 22:25:08 2014 MULTI: new connection by client 'cliente' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Mon Nov 17 22:25:08 2014 MULTI_sva: pool returned IPv4=192.168.1.227, IPv6=(Not enabled)
Mon Nov 17 22:25:11 2014 cliente/xxx.xxx.xxx.xxx:1024 PUSH: Received control message: 'PUSH_REQUEST'
Mon Nov 17 22:25:11 2014 cliente/xxx.xxx.xxx.xxx:1024 send_push_reply(): safe_cap=940
Mon Nov 17 22:25:11 2014 cliente/xxx.xxx.xxx.xxx:1024 SENT CONTROL [cliente]: 'PUSH_REPLY,route-gateway 192.168.1.205,ping 10,ping-restart 120,ifconfig 192.168.1.227 255.255.255.0' (status=1)
Mon Nov 17 22:25:11 2014 cliente/xxx.xxx.xxx.xxx:1024 MULTI: Learn: 00:ff:75:ce:30:cc -> cliente/xxx.xxx.xxx.xxx:1024

What can i change in the configuration? Thanks
(This post was last modified: 11-18-2014 05:35 AM by takos120.)
11-18-2014 05:31 AM
Find all posts by this user    like0    dislike0 Quote this message in a reply
cptjack Offline
Member
***

Posts: 97
Joined: Jan 2014
Reputation: 8
Post: #2
RE: Openvpn configuration
Hi takos120. Please rename the client certificate and key to client.crt and client.key as these filenames are required in the tar file like that. So not cliente.key, just client.key

Please try again with the renamed key and certificate. The configuration file seems fine to me. Make sure it is named exactly vpn.cnf though.

An example of an openvpn.tar file can also be found in this thread.

Please use the reputation button below if you like this post.
11-18-2014 06:18 AM
Find all posts by this user    like0    dislike0 Quote this message in a reply
James_Yealink Offline
Administrator
*******

Posts: 1,159
Joined: Aug 2014
Reputation: 8
Post: #3
RE: Openvpn configuration
Thanks for yoru reply cptjack.

Hi Takos120,

Change the name of certificate as cptjack said and try again.
BTW, what's your phone model and firmware?

Regards,
James
11-18-2014 02:42 PM
Find all posts by this user    like0    dislike0 Quote this message in a reply
takos120 Offline
Junior Member
**

Posts: 3
Joined: Nov 2014
Reputation: 0
Post: #4
RE: Openvpn configuration
(11-18-2014 06:18 AM)cptjack Wrote:  Hi takos120. Please rename the client certificate and key to client.crt and client.key as these filenames are required in the tar file like that. So not cliente.key, just client.key

Please try again with the renamed key and certificate. The configuration file seems fine to me. Make sure it is named exactly vpn.cnf though.

An example of an openvpn.tar file can also be found in this thread.

Hello, thanks for the help, but the problem continue. The renamed key and certificate not solve the problem. The phone model is a T20 with firmware 9.72.0.80. If you need any log ask me. Thanks.
11-19-2014 01:46 AM
Find all posts by this user    like0    dislike0 Quote this message in a reply
James_Yealink Offline
Administrator
*******

Posts: 1,159
Joined: Aug 2014
Reputation: 8
Post: #5
RE: Openvpn configuration
Yes takos120,

Please send us the level 6 syslog and your .tar fle.(You can change or mask private inforamtion in tar file, we just check the format)

Regards,
James
11-19-2014 10:12 AM
Find all posts by this user    like0    dislike0 Quote this message in a reply
takos120 Offline
Junior Member
**

Posts: 3
Joined: Nov 2014
Reputation: 0
Post: #6
RE: Openvpn configuration
(11-19-2014 10:12 AM)Yealink_James Wrote:  Yes takos120,

Please send us the level 6 syslog and your .tar fle.(You can change or mask private inforamtion in tar file, we just check the format)

Regards,
James
Hello, I attach the syslog of phone.
Thanks.


Attached File(s)
.tar  syslog.tar (Size: 91 KB / Downloads: 15)
11-19-2014 08:34 PM
Find all posts by this user    like0    dislike0 Quote this message in a reply
jind Offline
Junior Member
**

Posts: 1
Joined: Feb 2015
Reputation: 0
Post: #7
RE: Openvpn configuration
hi everybody any one can help me to how to find working host to make free internet with openvpn.thanks
02-08-2015 05:53 PM
Find all posts by this user    like0    dislike0 Quote this message in a reply
Post Reply 


Possibly Related Threads...
Thread: Author Replies: Views: Last Post
  Passing only LDAP traffic through OPENVPN Commensus 0 1,094 02-23-2022 09:47 PM
Last Post: Commensus
  Configuring OPENVPN with Yealink Commensus 0 1,251 02-23-2022 09:45 PM
Last Post: Commensus
  Button with led configuration Wesley666 2 6,415 01-27-2022 05:28 AM
Last Post: Beachnuttz
  Read specific variable from phone configuration saivo 0 2,422 06-13-2021 05:23 PM
Last Post: saivo
  DHCP not working on T26P when OpenVPN is enabled. LandonL 11 30,579 05-12-2021 10:46 AM
Last Post: 1sae
  Solved Openvpn.tar creating the right size file compsos 3 6,199 08-20-2020 06:49 AM
Last Post: complex1
  Proxy configuration Laurentt 2 6,882 01-07-2020 12:25 PM
Last Post: Laurentt
  Detailed boot process and ways to add local configuration? DanH 2 5,629 10-16-2019 04:24 PM
Last Post: justingoldberg
  Common Configuration Filenames Rus 3 9,581 06-27-2019 12:52 AM
Last Post: Evan_Yealink
  LDAP Directory Configuration Issue it_prevent 1 5,266 05-15-2019 05:55 AM
Last Post: Mike_Yealink

Forum Jump:


User(s) browsing this thread: 1 Guest(s)

Contact Us   Yealink   Return to Top   Return to Content   Lite (Archive) Mode   RSS Syndication