HI Michael, I see the wiki and use separate files. how is it with yealink? I need 2 phones to connect trough vpn. Does yealink working good? regards Nedi
Am 10. Apr. 2021, 18:23, um 18:23, Michael Keuter <li...@mksolutions.info> schrieb: >Hi Nedi, > >I never used snom phones for OpenVPN (only Yealink) since the stripped >VPN from their default firmware (years ago). >Have you followed their instructions at: > >https://service.snom.com/display/wiki/Configuring+VPN+on+Snom+Deskphones > >It looks at they need separate files for the keys and cert. There are >example configs. >BTW: Depending how old the phones are e.g. "AES-256-CBC" might not be >supported by the phones hardware. > >> Am 10.04.2021 um 18:04 schrieb nedi <n...@gmx.ch>: >> >> Hi , >> has anyone working config for the snom phones and astlinux openVPN i >tried and tried , it works with MacBook and Asttlinux OpenVPN, >> snom won’t connecting , what can I do to get it working? >> >> I putting ip adress of vpn server into vpn.cnf >> This is my snom vpn config: >> remote IP Adress of my PBX OpenVPN Server 1194 udp >> comp-lzo yes >> cipher AES-256-CBC >> key-direction 1 >> client >> ns-cert-type server >> nobind >> persist-key >> persist-tun >> dev tun >> verb 3 >> <ca> >> -----BEGIN CERTIFICATE----- >> …..my cert , key, and tl…. >> >> After not working i tried this vpn.cnf to put cert key separately >as described by snom wiki putting all files into openvpn folder and >made tarbal of them >> >> remote IP Adress of my PBX OpenVPN Server 1194 udp >> comp-lzo yes >> cipher AES-256-CBC >> key-direction 1 >> client >> ns-cert-type server >> nobind >> persist-key >> persist-tun >> dev tun >> verb 3 >> ca /openvpn/ca.crt >> cert /openvpn/client.crt >> key /openvpn/client.key >> >> Thanks >> >> Regards nedi >> >> >>> Am 08.04.2021 um 23:22 schrieb Michael Keuter ><li...@mksolutions.info>: >>> >>> >>> >>>> Am 08.04.2021 um 22:59 schrieb nedi <n...@gmx.ch>: >>>> >>>> Hi MIchael, >>>> I need 2 Phoen connect to pbx from outside >>>> I have this snom Firmware and Patch for VPN flashed as Update, but >this not working with my Synology. From Synology I can Export openvpn >config file and use on Macbook OpenVpn app but there is not user.key >included and user.crt ther are only ca.crt and openvpn.conf files. >>> >>> The Synology OpenVPN server is very limited from the WebGUI. >>> >>>> I think is not wrong with snom, I can make those tar file .. and >flash the snome phone. After that I tried with Astlinux openvpn and >forwarded port to Astlinux ip but with Astlinux i can’t Connect from >snom, can’t connect from my smartphone or macbook. There is no >connecting to VPN server. I thinK on astlinux side is something wrong. >>>> regards >>>> nedi >>> >>> You should definitely get it working first with your Mac, before >trying the snom. >>> >>> https://doc.astlinux.org/userdoc:tt_openvpn_server >>> >>> For the snom use "Auth Method" => "Certificate" >>> >>> When I download the credentials and import the "openvpn-cert-key" >*.ovpn file into Viscosity or Tunnelblick it works fine on a Mac. >>> >>>> >>>>> Am 08.04.2021 um 22:36 schrieb Michael Keuter ><li...@mksolutions.info>: >>>>> >>>>> >>>>> >>>>>> Am 08.04.2021 um 22:24 schrieb nedi <n...@gmx.ch>: >>>>>> >>>>>> Hi, >>>>>> I tried to configure OpenVpn for the Snom phone without success >on Astlinux box and on Synology. >>>>>> On Synology I have VPN working but I think is not compatible to >the Snom phone I need a key file. >>>>>> >>>>>> >>>>>> astlinux-1.2.6.1 i586 - Asterisk 1.8.32.3 Runnix >Release: runnix-0.4-7671 GUI Version: 1.8.40 >>>>>> >>>>>> Can Anyone help me to configure OpenVPN on Astlinux box. I Have >Alix with only one Lan Port can be this is the issue because VPN won’t >work or iptables firewall make some issues? >>>>>> I tried with firewall enabled or disabled, I rebooted, tried >import openvpn.conf on Macbook. I made port-forwarding . >>>>>> >>>>>> In Firewal options is all disabled and I put into firewall Pass >EXT->Local UDP 0/0 1194 >>> >>> You don't need that, it is done by the openvpn firewall plugin >automatically. >>> >>>>>> >>>>>> My network is: 10.0.0.1 DNS: 10.0.0.1 NM: 255.255.255.0 >ipv4 Gateway: 10.0.0.1 >>>>>> >>>>>> Tunnel Options: >>>>>> Protocol: UDPv4 Port: 1194 >>>>>> Log Verbosity: medium Compression: yes >>>>>> QoS Passthrough:Yes Legacy Cipher: >>>>>> AES-256-CBC >>>>>> Device:tun0 Auth >>>>>> HMAC: Use default >>>>>> Raw Commands: >>>>>> >>>>>> Authentication: >>>>>> Auth Method: Certificate >>>>>> Extra TLS-Auth: Yes >>>>>> >>>>>> Firewall Options: >>>>>> External Hosts: 0/0 >>>>>> >>>>>> Server Mode: >>>>>> Server Hostname(s): my dyndns >>> >>> Is this domain reachable? >>> Depending on your network/DNS configuration you might fail to test >the VPN connection from your internal network. >>> >>> Try testing with your MacBook via a smartphone with Wifi Hotspot and >mobile data instead. >>> >>>>>> Network IPv4 NM: 10.10.11.0 255.255.255.0 >>>>>> Network IPv6/nn: >>>>>> >>>>>> Topology: subnet latest , requires openvpn 2.1+ clients >>>>>> "push": dhcp-option DOMAIN priv.mydomain.ch <== >can be it is wrong what i have here , do I need this? >>> >>> The domain option is not needed at first, you can still add it >later. >>> >>>>>> dhcp-option DNS 10.10.10.1 >>>>>> route10.10.10.0 255.255.255.0 >>>>>> redirect-gateway def1 >>>>>> >>>>>> Server Certificate and Key: >>>>>> >>>>>> Private Key Size: 2048 >>>>>> Signature Algorithm: SHA-256 >>>>>> >>>>>> I made 2 Usr and downloaded zip files >>>>>> >>>>>> after import into openvpn app won’r connecting. >>>>>> >>>>>> regards Nedi >>>>> >>>>> I think some years ago snom removed OpenVPN from their default >firmware images. You need a special firmware that enables OpenVPN. >>>>> >>>>> >https://service.snom.com/display/wiki/Configuring+VPN+on+Snom+Deskphones#ConfiguringVPNonSnomDeskphones-InstallandconfigureOpenVPNontheSnomphones.1 >>>>> >>>>> Michael >>> >>> Michael > >Michael > >http://www.mksolutions.info > > > > > >_______________________________________________ >Astlinux-users mailing list >Astlinux-users@lists.sourceforge.net >https://lists.sourceforge.net/lists/listinfo/astlinux-users > >Donations to support AstLinux are graciously accepted via PayPal to >pay...@krisk.org.
_______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to pay...@krisk.org.
