New Forum system requires email address which you used to apply for your account to replace your original username. Password stays the same.Please see this post for more details
http://forum.yealink.com/forum/showthread.php?tid=40344

Yealink Test Club has been officially launched. Please visit post below to get detail information. Come and join us!
http://forum.yealink.com/forum/announcements.php?aid=18

We just had the YMCS online and we are also working on the features plan on the future versions, in this regard we are need to hear your voice about the YMCS.
Please visit : http://forum.yealink.com/forum/showthread.php?tid=42322


Post Reply 
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
OpenVPN connection to Elastix failing
Author Message
l4telcom Offline
Junior Member
**

Posts: 6
Joined: Dec 2013
Reputation: 0
Post: #1
OpenVPN connection to Elastix failing
We have a test server running that has Elastix 2.4 with OpenVPN installed. I have confirmed that I can connect from a Windows PC running an OpenVPN client, but when I try to connect a T38, it fails.
The T38 is running firmware version 38.70.0.125 and the openvpn software running on the server is

Server config: server.conf
Code:
port 1194
proto udp
dev tun
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/pbx102.crt
key /etc/openvpn/easy-rsa/keys/pbx102.key  
dh /etc/openvpn/easy-rsa/keys/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 208.67.222.222"
client-to-client
keepalive 10 120
max-clients 10
persist-key
persist-tun
status /var/log/openvpn-status.log
log         /var/log/openvpn.log
log-append  /var/log/openvpn.log
verb 6

Windows PC client config: ext101.ovpn
Code:
client
setenv SERVER_POLL_TIMEOUT 4
nobind
remote xxx.xxx.xxx.xxx 1194 udp
remote xxx.xxx.xxx.xxx 443 tcp
dev tun
dev-type tun
ns-cert-type server
reneg-sec 604800
sndbuf 100000
rcvbuf 100000
auth-retry nointeract
# NOTE: LZO commands are pushed by the Access Server at connect time.
# NOTE: The below line doesn't disable LZO.
# comp-lzo no
verb 3

ca "C:\\Program Files (x86)\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files (x86)\\OpenVPN\\config\\ext101.crt"
key "C:\\Program Files (x86)\\OpenVPN\\config\\ext101.key"

T38 config: vpn.cnf
Code:
client
setenv SERVER_POLL_TIMEOUT 4
nobind
remote xxx.xxx.xxx.xxx 1194 udp
remote xxx.xxx.xxx.xxx 443 tcp
dev tun
dev-type tun
ns-cert-type server
reneg-sec 604800
sndbuf 100000
rcvbuf 100000
auth-retry nointeract
# NOTE: LZO commands are pushed by the Access Server at connect time.
# NOTE: The below line doesn't disable LZO.
comp-lzo no
verb 3

ca /config/openvpn/keys/ca.crt
cert /config/openvpn/keys/ext101.crt
key /config/openvpn/keys/ext101.key

On the server logs, the following is shown and just indefinitely repeats:
Code:
Wed Feb 26 17:10:12 2014 us=521050 xxx.xxx.xxx.xxx:1025 UDPv4 WRITE [114] to [AF_INET]xxx.xxx.xxx.xxx:1025: P_CONTROL_V1 kid=0 [ ] pid=24 DATA len=100
Wed Feb 26 17:10:12 2014 us=521192 xxx.xxx.xxx.xxx:1025 UDPv4 WRITE [114] to [AF_INET]xxx.xxx.xxx.xxx:1025: P_CONTROL_V1 kid=0 [ ] pid=21 DATA len=100
Wed Feb 26 17:10:13 2014 us=611876 xxx.xxx.xxx.xxx:1025 UDPv4 WRITE [114] to [AF_INET]xxx.xxx.xxx.xxx:1025: P_CONTROL_V1 kid=0 [ ] pid=22 DATA len=100
Wed Feb 26 17:10:14 2014 us=666310 xxx.xxx.xxx.xxx:1025 UDPv4 READ [14] from [AF_INET]xxx.xxx.xxx.xxx:1025: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
Wed Feb 26 17:10:14 2014 us=666343 xxx.xxx.xxx.xxx:1025 TLS: new session incoming connection from [AF_INET]xxx.xxx.xxx.xxx:1025
Wed Feb 26 17:10:14 2014 us=666398 xxx.xxx.xxx.xxx:1025 UDPv4 WRITE [22] to [AF_INET]xxx.xxx.xxx.xxx:1025: P_ACK_V1 kid=0 [ 0 ]
Wed Feb 26 17:10:15 2014 us=817441 xxx.xxx.xxx.xxx:1025 UDPv4 WRITE [114] to [AF_INET]xxx.xxx.xxx.xxx:1025: P_CONTROL_V1 kid=0 [ ] pid=23 DATA len=100
Wed Feb 26 17:10:16 2014 us=968274 xxx.xxx.xxx.xxx:1025 UDPv4 WRITE [114] to [AF_INET]xxx.xxx.xxx.xxx:1025: P_CONTROL_V1 kid=0 [ ] pid=24 DATA len=100
Wed Feb 26 17:10:17 2014 us=4181 xxx.xxx.xxx.xxx:1025 UDPv4 READ [14] from [AF_INET]xxx.xxx.xxx.xxx:1025: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
Wed Feb 26 17:10:17 2014 us=4222 xxx.xxx.xxx.xxx:1025 UDPv4 WRITE [22] to [AF_INET]xxx.xxx.xxx.xxx:1025: P_ACK_V1 kid=0 [ 0 ]
Wed Feb 26 17:10:20 2014 us=364755 xxx.xxx.xxx.xxx:1025 UDPv4 READ [14] from [AF_INET]xxx.xxx.xxx.xxx:1025: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
Wed Feb 26 17:10:20 2014 us=364797 xxx.xxx.xxx.xxx:1025 TLS: new session incoming connection from [AF_INET]xxx.xxx.xxx.xxx:1025
Wed Feb 26 17:10:20 2014 us=364877 xxx.xxx.xxx.xxx:1025 UDPv4 WRITE [22] to [AF_INET]xxx.xxx.xxx.xxx:1025: P_ACK_V1 kid=0 [ 0 ]

The phone log shows this:
Code:
Feb 26 22:13:49 openvpn[289]: LZO compression initialized
Feb 26 22:13:49 openvpn[289]: Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Feb 26 22:13:49 openvpn[289]: Socket Buffers: R=[112640->200000] S=[112640->200000]
Feb 26 22:13:49 openvpn[289]: Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Feb 26 22:13:49 openvpn[289]: Local Options hash (VER=V4): '41690919'
Feb 26 22:13:49 openvpn[289]: Expected Remote Options hash (VER=V4): '530fdded'
Feb 26 22:13:49 openvpn[289]: UDPv4 link local: [undef]
Feb 26 22:13:49 openvpn[289]: UDPv4 link remote: xxx.xxx.xxx.xxx:1194
Feb 26 22:13:49 openvpn[289]: TLS Error: Unroutable control packet received from xxx.xxx.xxx.xxx:1194 (si=3 op=P_ACK_V1)
Feb 26 22:13:51 openvpn[289]: TLS Error: Unroutable control packet received from xxx.xxx.xxx.xxx:1194 (si=3 op=P_ACK_V1)
Feb 26 22:13:53 openvpn[289]: Server poll timeout, restarting
Feb 26 22:13:53 openvpn[289]: TCP/UDP: Closing socket
Feb 26 22:13:53 openvpn[289]: SIGUSR1[soft,server_poll] received, process restarting
Feb 26 22:13:53 openvpn[289]: NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Feb 26 22:13:53 openvpn[289]: LZO compression initialized
Feb 26 22:13:53 openvpn[289]: Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Feb 26 22:13:53 openvpn[289]: Socket Buffers: R=[87380->200000] S=[16384->200000]
Feb 26 22:13:53 openvpn[289]: Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Feb 26 22:13:53 openvpn[289]: Local Options hash (VER=V4): '69109d17'
Feb 26 22:13:53 openvpn[289]: Expected Remote Options hash (VER=V4): 'c0103fa8'
Feb 26 22:13:53 openvpn[289]: Attempting to establish TCP connection with xxx.xxx.xxx.xxx:443 [nonblock]
Feb 26 22:13:54 openvpn[289]: TCP connection established with xxx.xxx.xxx.xxx:443
Feb 26 22:13:54 openvpn[289]: TCPv4_CLIENT link local: [undef]
Feb 26 22:13:54 openvpn[289]: TCPv4_CLIENT link remote: xxx.xxx.xxx.xxx:443
Feb 26 22:13:54 openvpn[289]: Connection reset, restarting [0]
Feb 26 22:13:54 IPP[502]: IPP <4+warnin>834.575.431:unkown msg,00010102,00000000,00000000
Feb 26 22:13:54 openvpn[289]: TCP/UDP: Closing socket
Feb 26 22:13:54 openvpn[289]: SIGUSR1[soft,connection-reset] received, process restarting
Feb 26 22:13:54 openvpn[289]: Restart pause, 1 second(s)


To make things even more confusing, I setup the Windows PC to act as a server with the same configuration, just modifying the paths to the key files, and then I adjusted the phone's config to point to the Windows PC's IP address. The phone connected to that VPN without error.

Can anyone shed some light on what I'm missing?

Thanks.
(This post was last modified: 02-28-2014 12:38 AM by l4telcom.)
02-27-2014 06:37 AM
Find all posts by this user    like0    dislike0 Quote this message in a reply
Post Reply 


Messages In This Thread
OpenVPN connection to Elastix failing - l4telcom - 02-27-2014 06:37 AM

Possibly Related Threads...
Thread: Author Replies: Views: Last Post
  OpenVPN and QoS/TOS roelvanmeer 0 225 02-19-2019 09:27 AM
Last Post: roelvanmeer
  OpenVPN Timeout connecting p2xt 3 1,176 07-13-2018 07:37 PM
Last Post: jolouis
  Network Directory gives Connection Error TelNet Worldwide_Support 1 1,282 09-15-2017 02:59 AM
Last Post: Lucia_Yealink
  openvpn w52p setup rafael 4 6,389 08-10-2017 02:03 PM
Last Post: indicato
  can't setup openvpn with t48g zzz 8 7,199 07-18-2017 09:04 AM
Last Post: sj
  BLF Trunk Monitor Elastix Ricardo111 1 2,303 12-30-2016 10:13 AM
Last Post: Jensen_Yealink
  Inconditional Forward Failing. warawara 1 1,793 10-01-2016 01:06 AM
Last Post: Kevin_Yealink
  OpenVPN in T27P arcsistemes 1 2,165 07-13-2016 04:50 PM
Last Post: Klaus_Yealink
  DHCP not working on T26P when OpenVPN is enabled. LandonL 10 10,901 07-03-2016 04:42 AM
Last Post: mfvianna
  Remote ip connection problem riccardoc 0 1,568 07-01-2016 05:12 PM
Last Post: riccardoc

Forum Jump:


User(s) browsing this thread: 1 Guest(s)

Contact Us   Yealink   Return to Top   Return to Content   Lite (Archive) Mode   RSS Syndication