[YMCS/YDMP Free Trial Program]Yealink would like to offer Free Trial Program of Yealink device management service for our current eligible customers. You can see the details below.
https://www.yealink.com/ydmp-freetrial-2020

Yealink Forums » IP Phone Series » T4x Series » T4xG VPN to Watchguard

Post Reply 
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
T4xG VPN to Watchguard
Author Message
HiBit Offline
Junior Member
**

Posts: 3
Joined: Jan 2015
Reputation: 0
Post: #1
T4xG VPN to Watchguard
Hello,

did anyone get theese devices connected?
I tried several settings in the box, but unfortunately
I didn't get a connection from a T42G or T46G to my
XTM Watchguard (Version 11.9.4 )

I saw several error messages:

TLS Error: TLS handshake failed

TLS Error: TLS object -> incoming plaintext read error

TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

VERIFY nsCertType ERROR: /O=WatchGuard_Technologies/OU=Fireware/CN=Fireware_SSLVPN_Server, require nsCertType=SERVER

VERIFY OK: depth=1, /O=WatchGuard_Technologies/OU=Fireware/CN=Fireware_SSLVPN__SN_V1C5000000000_2014-04-06_16:16:09_GMT__CA

TLS: Initial packet from 1.2.3.4:444, sid=c85c67bc fadb0671

TCPv4_CLIENT link remote: 1.2.3.4:444

TCPv4_CLIENT link local: [undef]

TCP connection established with 1.2.3.4:444

(I changed the correct IP above)

Any suggestions to get it working?
01-25-2015 04:00 AM
Find all posts by this user    like0    dislike0 Quote this message in a reply
tsukraw Offline
Member
***

Posts: 145
Joined: Jan 2014
Reputation: 3
Post: #2
RE: T4xG VPN to Watchguard
Are you trying to get the VPN client on the phone its self to connect to the Watchguard SSL?

If so that is a very interesting idea. Never thought of trying that but i would be very interested in if this would work.
01-25-2015 10:40 AM
Find all posts by this user    like0    dislike0 Quote this message in a reply
HiBit Offline
Junior Member
**

Posts: 3
Joined: Jan 2015
Reputation: 0
Post: #3
RE: T4xG VPN to Watchguard
Hi tsukraw,

yes, why not? The Watchgaurd supports openssl. If you connect to the box (htttps://<yourwatchgaurdip>:<theportyou confured>/sslvpn.html) your can login to a webinterface, where you can download the openssl config file. If you take a look at the configuration file you'll find the CA, the CERT and the KEY.
At this moment, I figured out the following things, beside extracting the certificates and the key to separate files - CERT and KEY files has to be named to ext_<extension>.CRT and EXT_<extension>.KEY, it is necessary to crate an auth.txt (maybe this has also to be named auth_<extension>.txt, I didn't test it up to now) file with username and Password ( I saw this anywhere else in one posting). But I didn't get through, the VPN didn't came up. I set up a syslog server to get some more information from the phone and there I got the error messages, I posted before.
I have several customers, which will be happy if I will solve this.
01-25-2015 05:02 PM
Find all posts by this user    like0    dislike0 Quote this message in a reply
Post Reply 


Possibly Related Threads...
Thread: Author Replies: Views: Last Post
  Yealink VPN with Watchguard M200 YiannosCy 2 6,429 11-12-2020 01:51 AM
Last Post: YiannosCy
  T4xG no OpenVPN IP when using TAP Output101 2 7,905 04-11-2020 08:16 PM
Last Post: gordon0193
  Vpn with Watchguard error andrea.s 2 5,875 05-29-2019 05:51 PM
Last Post: Jimmy jb
  T4xG series having time issues KNERD 4 11,240 04-20-2018 08:51 PM
Last Post: KNERD
  T4XG series not able to autoprovision over https with FreePBX 14 JaredBusch 5 14,032 02-27-2018 11:20 PM
Last Post: JaredBusch

Forum Jump:


User(s) browsing this thread: 1 Guest(s)

Contact Us   Yealink   Return to Top   Return to Content   Lite (Archive) Mode   RSS Syndication