> Am 12.04.2021 um 13:48 schrieb Michael Keuter <li...@mksolutions.info>: > > > >> Am 12.04.2021 um 13:01 schrieb nedi <n...@gmx.ch>: >> >> Hi, >> I have my snom phone connected to the PBX trough OpenVPN, (on the display I >> see VPN Active, on PBX VPN Status is User1 connected but I can’t make >> provisioning and can't register, what can bee the issues? >> My Macbook or Android phone with SIP Client work trough this OpenVPN with >> the same VPN >> settings. >> >> My lan PBX is 10.0.0.132 >> My virtual Network IP for VPN Client is 10.10.11.2 >> My LTE Router for testing VPN is 192.168.1.1 >> >> what must be in PUSH section of my PBX VPN Config? >> >> I have This >> dhcp-option DNS 10.0.0.1 >> route 10.0.0.0 255.255.255.0 >> redirect-gateway def1 >> >> >> OpenVPN Status on PBX >> >> >> User1 194.230.148.217:6184 10.10.11.2 4182 4520 >> Mon Apr 12 10:47:57 2021 1618217277 >> >> in sip.conf general I have this >> >> alwaysauthreject=yes >> deny = 0.0.0.0/0.0.0.0 >> permit = 10.0.0.0/255.255.255.0 >> permit = 10.8.0.0/255.255.255.0 >> permit = 10.10.11.0/255.255.255.0 >> >> regards Nedi > > Hi Nedi, > > important is that the phone registers to Asterisk on the virtual IP > "10.10.11.x" and not on 10.0.0.132! > > You also need to add "localnet" in sip.conf for this virtual IP range in the > NAT section. > For provisioning to work you need to add the virtual IP range to "HTTP & > HTTPS /phoneprov/ Allowed IP's:" (if not all (*) is allowed) and restart > AstLinux.
Update: and you need an external time server on the IP-phone and not the internal one from AstLinux (e.g. "europe.pool.ntp.org") >>> Am 10.04.2021 um 18:04 schrieb nedi <n...@gmx.ch>: >>> >>> Hi , >>> has anyone working config for the snom phones and astlinux openVPN i tried >>> and tried , it works with MacBook and Asttlinux OpenVPN, >>> snom won’t connecting , what can I do to get it working? >>> >>> I putting ip adress of vpn server into vpn.cnf >>> This is my snom vpn config: >>> remote IP Adress of my PBX OpenVPN Server 1194 udp >>> comp-lzo yes >>> cipher AES-256-CBC >>> key-direction 1 >>> client >>> ns-cert-type server >>> nobind >>> persist-key >>> persist-tun >>> dev tun >>> verb 3 >>> <ca> >>> -----BEGIN CERTIFICATE----- >>> …..my cert , key, and tl…. >>> >>> After not working i tried this vpn.cnf to put cert key separately as >>> described by snom wiki putting all files into openvpn folder and made >>> tarbal of them >>> >>> remote IP Adress of my PBX OpenVPN Server 1194 udp >>> comp-lzo yes >>> cipher AES-256-CBC >>> key-direction 1 >>> client >>> ns-cert-type server >>> nobind >>> persist-key >>> persist-tun >>> dev tun >>> verb 3 >>> ca /openvpn/ca.crt >>> cert /openvpn/client.crt >>> key /openvpn/client.key >>> >>> Thanks >>> >>> Regards nedi >>> >>> >>>> Am 08.04.2021 um 23:22 schrieb Michael Keuter <li...@mksolutions.info>: >>>> >>>> >>>> >>>>> Am 08.04.2021 um 22:59 schrieb nedi <n...@gmx.ch>: >>>>> >>>>> Hi MIchael, >>>>> I need 2 Phoen connect to pbx from outside >>>>> I have this snom Firmware and Patch for VPN flashed as Update, but this >>>>> not working with my Synology. From Synology I can Export openvpn config >>>>> file and use on Macbook OpenVpn app but there is not user.key included >>>>> and user.crt ther are only ca.crt and openvpn.conf files. >>>> >>>> The Synology OpenVPN server is very limited from the WebGUI. >>>> >>>>> I think is not wrong with snom, I can make those tar file .. and flash >>>>> the snome phone. After that I tried with Astlinux openvpn and forwarded >>>>> port to Astlinux ip but with Astlinux i can’t Connect from snom, can’t >>>>> connect from my smartphone or macbook. There is no connecting to VPN >>>>> server. I thinK on astlinux side is something wrong. >>>>> regards >>>>> nedi >>>> >>>> You should definitely get it working first with your Mac, before trying >>>> the snom. >>>> >>>> https://doc.astlinux.org/userdoc:tt_openvpn_server >>>> >>>> For the snom use "Auth Method" => "Certificate" >>>> >>>> When I download the credentials and import the "openvpn-cert-key" *.ovpn >>>> file into Viscosity or Tunnelblick it works fine on a Mac. >>>> >>>>> >>>>>> Am 08.04.2021 um 22:36 schrieb Michael Keuter <li...@mksolutions.info>: >>>>>> >>>>>> >>>>>> >>>>>>> Am 08.04.2021 um 22:24 schrieb nedi <n...@gmx.ch>: >>>>>>> >>>>>>> Hi, >>>>>>> I tried to configure OpenVpn for the Snom phone without success on >>>>>>> Astlinux box and on Synology. >>>>>>> On Synology I have VPN working but I think is not compatible to the >>>>>>> Snom phone I need a key file. >>>>>>> >>>>>>> >>>>>>> astlinux-1.2.6.1 i586 - Asterisk 1.8.32.3 Runnix Release: >>>>>>> runnix-0.4-7671 GUI Version: 1.8.40 >>>>>>> >>>>>>> Can Anyone help me to configure OpenVPN on Astlinux box. I Have Alix >>>>>>> with only one Lan Port can be this is the issue because VPN won’t work >>>>>>> or iptables firewall make some issues? >>>>>>> I tried with firewall enabled or disabled, I rebooted, tried import >>>>>>> openvpn.conf on Macbook. I made port-forwarding . >>>>>>> >>>>>>> In Firewal options is all disabled and I put into firewall Pass >>>>>>> EXT->Local UDP 0/0 1194 >>>> >>>> You don't need that, it is done by the openvpn firewall plugin >>>> automatically. >>>> >>>>>>> >>>>>>> My network is: 10.0.0.1 DNS: 10.0.0.1 NM: 255.255.255.0 ipv4 >>>>>>> Gateway: 10.0.0.1 >>>>>>> >>>>>>> Tunnel Options: >>>>>>> Protocol: UDPv4 Port: 1194 >>>>>>> Log Verbosity: medium Compression: yes >>>>>>> QoS Passthrough:Yes Legacy Cipher: >>>>>>> AES-256-CBC >>>>>>> Device:tun0 Auth >>>>>>> HMAC: Use default >>>>>>> Raw Commands: >>>>>>> >>>>>>> Authentication: >>>>>>> Auth Method: Certificate >>>>>>> Extra TLS-Auth: Yes >>>>>>> >>>>>>> Firewall Options: >>>>>>> External Hosts: 0/0 >>>>>>> >>>>>>> Server Mode: >>>>>>> Server Hostname(s): my dyndns >>>> >>>> Is this domain reachable? >>>> Depending on your network/DNS configuration you might fail to test the VPN >>>> connection from your internal network. >>>> >>>> Try testing with your MacBook via a smartphone with Wifi Hotspot and >>>> mobile data instead. >>>> >>>>>>> Network IPv4 NM: 10.10.11.0 255.255.255.0 >>>>>>> Network IPv6/nn: >>>>>>> >>>>>>> Topology: subnet latest , requires openvpn 2.1+ clients >>>>>>> "push": dhcp-option DOMAIN priv.mydomain.ch <== can be >>>>>>> it is wrong what i have here , do I need this? >>>> >>>> The domain option is not needed at first, you can still add it later. >>>> >>>>>>> dhcp-option DNS 10.10.10.1 >>>>>>> route10.10.10.0 255.255.255.0 >>>>>>> redirect-gateway def1 >>>>>>> >>>>>>> Server Certificate and Key: >>>>>>> >>>>>>> Private Key Size: 2048 >>>>>>> Signature Algorithm: SHA-256 >>>>>>> >>>>>>> I made 2 Usr and downloaded zip files >>>>>>> >>>>>>> after import into openvpn app won’r connecting. >>>>>>> >>>>>>> regards Nedi >>>>>> >>>>>> I think some years ago snom removed OpenVPN from their default firmware >>>>>> images. You need a special firmware that enables OpenVPN. >>>>>> >>>>>> https://service.snom.com/display/wiki/Configuring+VPN+on+Snom+Deskphones#ConfiguringVPNonSnomDeskphones-InstallandconfigureOpenVPNontheSnomphones.1 >>>>>> >>>>>> Michael >>>> >>>> Michael > > Michael > > http://www.mksolutions.info > > > > > > _______________________________________________ > Astlinux-users mailing list > Astlinux-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to > pay...@krisk.org. Michael http://www.mksolutions.info _______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to pay...@krisk.org.
