Hi Nedi, I never used snom phones for OpenVPN (only Yealink) since the stripped VPN from their default firmware (years ago). Have you followed their instructions at:
https://service.snom.com/display/wiki/Configuring+VPN+on+Snom+Deskphones It looks at they need separate files for the keys and cert. There are example configs. BTW: Depending how old the phones are e.g. "AES-256-CBC" might not be supported by the phones hardware. > Am 10.04.2021 um 18:04 schrieb nedi <n...@gmx.ch>: > > Hi , > has anyone working config for the snom phones and astlinux openVPN i tried > and tried , it works with MacBook and Asttlinux OpenVPN, > snom won’t connecting , what can I do to get it working? > > I putting ip adress of vpn server into vpn.cnf > This is my snom vpn config: > remote IP Adress of my PBX OpenVPN Server 1194 udp > comp-lzo yes > cipher AES-256-CBC > key-direction 1 > client > ns-cert-type server > nobind > persist-key > persist-tun > dev tun > verb 3 > <ca> > -----BEGIN CERTIFICATE----- > …..my cert , key, and tl…. > > After not working i tried this vpn.cnf to put cert key separately as > described by snom wiki putting all files into openvpn folder and made > tarbal of them > > remote IP Adress of my PBX OpenVPN Server 1194 udp > comp-lzo yes > cipher AES-256-CBC > key-direction 1 > client > ns-cert-type server > nobind > persist-key > persist-tun > dev tun > verb 3 > ca /openvpn/ca.crt > cert /openvpn/client.crt > key /openvpn/client.key > > Thanks > > Regards nedi > > >> Am 08.04.2021 um 23:22 schrieb Michael Keuter <li...@mksolutions.info>: >> >> >> >>> Am 08.04.2021 um 22:59 schrieb nedi <n...@gmx.ch>: >>> >>> Hi MIchael, >>> I need 2 Phoen connect to pbx from outside >>> I have this snom Firmware and Patch for VPN flashed as Update, but this >>> not working with my Synology. From Synology I can Export openvpn config >>> file and use on Macbook OpenVpn app but there is not user.key included and >>> user.crt ther are only ca.crt and openvpn.conf files. >> >> The Synology OpenVPN server is very limited from the WebGUI. >> >>> I think is not wrong with snom, I can make those tar file .. and flash the >>> snome phone. After that I tried with Astlinux openvpn and forwarded port >>> to Astlinux ip but with Astlinux i can’t Connect from snom, can’t connect >>> from my smartphone or macbook. There is no connecting to VPN server. I >>> thinK on astlinux side is something wrong. >>> regards >>> nedi >> >> You should definitely get it working first with your Mac, before trying the >> snom. >> >> https://doc.astlinux.org/userdoc:tt_openvpn_server >> >> For the snom use "Auth Method" => "Certificate" >> >> When I download the credentials and import the "openvpn-cert-key" *.ovpn >> file into Viscosity or Tunnelblick it works fine on a Mac. >> >>> >>>> Am 08.04.2021 um 22:36 schrieb Michael Keuter <li...@mksolutions.info>: >>>> >>>> >>>> >>>>> Am 08.04.2021 um 22:24 schrieb nedi <n...@gmx.ch>: >>>>> >>>>> Hi, >>>>> I tried to configure OpenVpn for the Snom phone without success on >>>>> Astlinux box and on Synology. >>>>> On Synology I have VPN working but I think is not compatible to the Snom >>>>> phone I need a key file. >>>>> >>>>> >>>>> astlinux-1.2.6.1 i586 - Asterisk 1.8.32.3 Runnix Release: runnix-0.4-7671 >>>>> GUI Version: 1.8.40 >>>>> >>>>> Can Anyone help me to configure OpenVPN on Astlinux box. I Have Alix >>>>> with only one Lan Port can be this is the issue because VPN won’t work or >>>>> iptables firewall make some issues? >>>>> I tried with firewall enabled or disabled, I rebooted, tried import >>>>> openvpn.conf on Macbook. I made port-forwarding . >>>>> >>>>> In Firewal options is all disabled and I put into firewall Pass >>>>> EXT->Local UDP 0/0 1194 >> >> You don't need that, it is done by the openvpn firewall plugin automatically. >> >>>>> >>>>> My network is: 10.0.0.1 DNS: 10.0.0.1 NM: 255.255.255.0 ipv4 >>>>> Gateway: 10.0.0.1 >>>>> >>>>> Tunnel Options: >>>>> Protocol: UDPv4 Port: 1194 >>>>> Log Verbosity: medium Compression: yes >>>>> QoS Passthrough:Yes Legacy Cipher: >>>>> AES-256-CBC >>>>> Device:tun0 Auth >>>>> HMAC: Use default >>>>> Raw Commands: >>>>> >>>>> Authentication: >>>>> Auth Method: Certificate >>>>> Extra TLS-Auth: Yes >>>>> >>>>> Firewall Options: >>>>> External Hosts: 0/0 >>>>> >>>>> Server Mode: >>>>> Server Hostname(s): my dyndns >> >> Is this domain reachable? >> Depending on your network/DNS configuration you might fail to test the VPN >> connection from your internal network. >> >> Try testing with your MacBook via a smartphone with Wifi Hotspot and mobile >> data instead. >> >>>>> Network IPv4 NM: 10.10.11.0 255.255.255.0 >>>>> Network IPv6/nn: >>>>> >>>>> Topology: subnet latest , requires openvpn 2.1+ clients >>>>> "push": dhcp-option DOMAIN priv.mydomain.ch <== can be >>>>> it is wrong what i have here , do I need this? >> >> The domain option is not needed at first, you can still add it later. >> >>>>> dhcp-option DNS 10.10.10.1 >>>>> route10.10.10.0 255.255.255.0 >>>>> redirect-gateway def1 >>>>> >>>>> Server Certificate and Key: >>>>> >>>>> Private Key Size: 2048 >>>>> Signature Algorithm: SHA-256 >>>>> >>>>> I made 2 Usr and downloaded zip files >>>>> >>>>> after import into openvpn app won’r connecting. >>>>> >>>>> regards Nedi >>>> >>>> I think some years ago snom removed OpenVPN from their default firmware >>>> images. You need a special firmware that enables OpenVPN. >>>> >>>> https://service.snom.com/display/wiki/Configuring+VPN+on+Snom+Deskphones#ConfiguringVPNonSnomDeskphones-InstallandconfigureOpenVPNontheSnomphones.1 >>>> >>>> Michael >> >> Michael Michael http://www.mksolutions.info _______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to pay...@krisk.org.
