On Wed, 2015-02-18 at 06:38 +0000, Chuck Mariotti wrote: > >That's definitely the cable modem's NAT getting confused. If you can get the > >phones to randomize their source ports on their OpenVPN traffic, that might > >resolve. I'm not sure if that's possible on those phones. In stock OpenVPN, > >specifying "lport 0" >in the config will make it choose a random port. I'm > >not sure if that's configurable for the Yealink phones though. We disable > >that automatically in our OpenVPN client export for Yealink because they > >didn't support it at least up until recently. > > >If you can change the modem to bridge mode to pass through the public IP to > >a router of some sort that will properly handle that circumstance, it'll > >resolve that. That might be hit or miss with consumer-grade routers. A > >completely default pfSense >config will work fine in that circumstance, as > >it'll randomize the source ports on its own so the phones don't have to. > > > Thanks Chris, I've emailed Yealink support but it seems they are "off" until > mid-next week (Chinese New Year). > Not sure what to do, purchase a 3rd party router to see if solves the problem > or if I should wait to see what Yealink's answer is first. > > Reading up on the modem seems like bridge mode is a little problematic... > maybe a call to the cable provider first to see options. > > Thanks Again, > > Chuck
Chuck You could try TCP for the OpenVPN if the phones will support it. The vast majority of your traffic will be UDP so you wont get the joy of TCP in TCP exponential standoffs. Cheers Jon _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
