[YMCS/YDMP Free Trial Program]Yealink would like to offer Free Trial Program of Yealink device management service for our current eligible customers. You can see the details below.
https://www.yealink.com/ydmp-freetrial-2020


Post Reply 
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Phone logs and OpenVPN
Author Message
AndyInNYC Offline
Junior Member
**

Posts: 10
Joined: Jul 2014
Reputation: 1
Post: #2
RE: Phone logs and OpenVPN
Knerd,

I have been having OpenVPN issues as well. My last round ended up being 'bad' certificates. They worked everywhere except on the phone (other PCs, iPhones, etc. could use them just fine). I used certificates created on another machine and ported them to the server.

Prior to that I had an issue many have had - the .tar file must been in a very specific format:

vpn.cnf (the 'client.conf' everywhere else)
a keys subdirectory
\keys\client.crt
\keys\client.key
\keys\ca.crt (I think from memory)

The vpn.cnf must reference the certificates as though they were in another directory - like this:
ca /config/openvpn/keys/ca.crt

Here is my working vpn.cnf (client side) file:
client
persist-tun
persist-key
cipher BF-CBC
auth SHA1
tls-client
ns-cert-type server
remote X.Y.Z.A # You fill in your VPN address here
nobind
port 1190
proto udp
dev tun
comp-lzo
verb 3
ca /config/openvpn/keys/ca.crt
cert /config/openvpn/keys/client1.crt
key /config/openvpn/keys/client1.key

Here is the working server.conf file:

local X.Y.Z.A # Fill in your IP address here
port 1194
proto udp
dev tun
# added based on pbxinaflaah.com
daemon
persist-tun
persist-key
cipher BF-CBC
tls-server
#end added

mode server
server 10.8.0.0 255.255.255.0
push "route 10.2.1.0 255.255.255.0"
push "dhcp-option DNS 10.2.1.1"
keepalive 20 60
client-to-client
duplicate-cn
comp-lzo
verb 3
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
dh /etc/openvpn/dh1024.pem
log-append /etc/openvpn/openvpn.log

I'm using iptables on my machine, you need to open the firewall - here's what I have as additions

-A INPUT -s 10.8.0.0/16 -j ACCEPT
-I INPUT -p udp --dport 1194 -j ACCEPT

in the *nat section as the very first line:

-A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

Hope this helps you. You can look at the created openvpn.log file (now in /etc/openvpn) to see if your phone is at least trying to hit the VPN.

Andrew
08-10-2014 09:16 AM
Find all posts by this user    like0    dislike0 Quote this message in a reply
Post Reply 


Messages In This Thread
Phone logs and OpenVPN - KNERD - 08-06-2014, 08:48 AM
RE: Phone logs and OpenVPN - AndyInNYC - 08-10-2014 09:16 AM

Possibly Related Threads...
Thread: Author Replies: Views: Last Post
Question 3CX / Yealink passthrough VLAN issue (when phone is rebooted) maindriver 4 8,830 03-24-2022 10:25 PM
Last Post: maindriver
  Passing only LDAP traffic through OPENVPN Commensus 0 1,212 02-23-2022 09:47 PM
Last Post: Commensus
  Configuring OPENVPN with Yealink Commensus 0 1,407 02-23-2022 09:45 PM
Last Post: Commensus
  W70B - 3CX phone book is not displayed completely ChrisGER 0 1,488 02-05-2022 04:57 PM
Last Post: ChrisGER
  Limit maximum of active calls per phone elastalink 5 12,705 09-09-2021 03:52 AM
Last Post: kapetrosyan
  Read specific variable from phone configuration saivo 0 2,573 06-13-2021 05:23 PM
Last Post: saivo
  DHCP not working on T26P when OpenVPN is enabled. LandonL 11 31,391 05-12-2021 10:46 AM
Last Post: 1sae
  Solved Openvpn.tar creating the right size file compsos 3 6,453 08-20-2020 06:49 AM
Last Post: complex1
  Raw XML for Remote Phone Book rgranholm 1 5,600 03-24-2020 06:14 AM
Last Post: crazyau
  Setting phone to default to No Account by default when Off Hook InterLynx 4 13,232 01-08-2020 01:20 AM
Last Post: tfrazer

Forum Jump:


User(s) browsing this thread: 1 Guest(s)

Contact Us   Yealink   Return to Top   Return to Content   Lite (Archive) Mode   RSS Syndication