Menu
▾
▴
astlinux-users — AstLinux Users Mailing List
You can subscribe to this list here.
| 2006 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(1) |
Jul
(1) |
Aug
|
Sep
|
Oct
(2) |
Nov
(1) |
Dec
(20) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2007 |
Jan
(91) |
Feb
(111) |
Mar
(226) |
Apr
(65) |
May
(197) |
Jun
(202) |
Jul
(92) |
Aug
(87) |
Sep
(120) |
Oct
(133) |
Nov
(89) |
Dec
(155) |
| 2008 |
Jan
(251) |
Feb
(136) |
Mar
(174) |
Apr
(149) |
May
(56) |
Jun
(32) |
Jul
(36) |
Aug
(171) |
Sep
(245) |
Oct
(244) |
Nov
(218) |
Dec
(272) |
| 2009 |
Jan
(113) |
Feb
(119) |
Mar
(192) |
Apr
(117) |
May
(93) |
Jun
(46) |
Jul
(80) |
Aug
(54) |
Sep
(109) |
Oct
(70) |
Nov
(145) |
Dec
(110) |
| 2010 |
Jan
(137) |
Feb
(87) |
Mar
(45) |
Apr
(157) |
May
(58) |
Jun
(99) |
Jul
(188) |
Aug
(136) |
Sep
(101) |
Oct
(100) |
Nov
(61) |
Dec
(60) |
| 2011 |
Jan
(84) |
Feb
(43) |
Mar
(70) |
Apr
(17) |
May
(69) |
Jun
(28) |
Jul
(43) |
Aug
(21) |
Sep
(151) |
Oct
(120) |
Nov
(84) |
Dec
(101) |
| 2012 |
Jan
(119) |
Feb
(82) |
Mar
(70) |
Apr
(115) |
May
(66) |
Jun
(131) |
Jul
(70) |
Aug
(65) |
Sep
(66) |
Oct
(86) |
Nov
(197) |
Dec
(81) |
| 2013 |
Jan
(65) |
Feb
(48) |
Mar
(32) |
Apr
(68) |
May
(98) |
Jun
(59) |
Jul
(41) |
Aug
(52) |
Sep
(42) |
Oct
(37) |
Nov
(10) |
Dec
(27) |
| 2014 |
Jan
(61) |
Feb
(34) |
Mar
(30) |
Apr
(52) |
May
(45) |
Jun
(40) |
Jul
(28) |
Aug
(9) |
Sep
(39) |
Oct
(69) |
Nov
(55) |
Dec
(19) |
| 2015 |
Jan
(13) |
Feb
(21) |
Mar
(5) |
Apr
(14) |
May
(30) |
Jun
(51) |
Jul
(31) |
Aug
(12) |
Sep
(29) |
Oct
(15) |
Nov
(24) |
Dec
(16) |
| 2016 |
Jan
(62) |
Feb
(76) |
Mar
(30) |
Apr
(43) |
May
(46) |
Jun
(62) |
Jul
(21) |
Aug
(49) |
Sep
(67) |
Oct
(27) |
Nov
(26) |
Dec
(38) |
| 2017 |
Jan
(7) |
Feb
(12) |
Mar
(69) |
Apr
(59) |
May
(54) |
Jun
(40) |
Jul
(76) |
Aug
(82) |
Sep
(92) |
Oct
(51) |
Nov
(32) |
Dec
(30) |
| 2018 |
Jan
(22) |
Feb
(25) |
Mar
(34) |
Apr
(35) |
May
(37) |
Jun
(21) |
Jul
(69) |
Aug
(55) |
Sep
(17) |
Oct
(67) |
Nov
(9) |
Dec
(5) |
| 2019 |
Jan
(19) |
Feb
(12) |
Mar
(15) |
Apr
(19) |
May
|
Jun
(27) |
Jul
(27) |
Aug
(25) |
Sep
(25) |
Oct
(27) |
Nov
(10) |
Dec
(14) |
| 2020 |
Jan
(22) |
Feb
(20) |
Mar
(36) |
Apr
(40) |
May
(52) |
Jun
(35) |
Jul
(21) |
Aug
(32) |
Sep
(71) |
Oct
(27) |
Nov
(11) |
Dec
(16) |
| 2021 |
Jan
(16) |
Feb
(21) |
Mar
(21) |
Apr
(27) |
May
(17) |
Jun
|
Jul
(2) |
Aug
(22) |
Sep
(23) |
Oct
(7) |
Nov
(11) |
Dec
(28) |
| 2022 |
Jan
(23) |
Feb
(18) |
Mar
(9) |
Apr
(15) |
May
(15) |
Jun
(7) |
Jul
(8) |
Aug
(15) |
Sep
(1) |
Oct
|
Nov
(11) |
Dec
(10) |
| 2023 |
Jan
(14) |
Feb
(10) |
Mar
(11) |
Apr
(13) |
May
(2) |
Jun
(30) |
Jul
(1) |
Aug
(15) |
Sep
(13) |
Oct
(3) |
Nov
(25) |
Dec
(5) |
| 2024 |
Jan
(3) |
Feb
(10) |
Mar
(9) |
Apr
|
May
(1) |
Jun
(15) |
Jul
(7) |
Aug
(10) |
Sep
(3) |
Oct
(8) |
Nov
(6) |
Dec
(15) |
| 2025 |
Jan
(3) |
Feb
(1) |
Mar
(7) |
Apr
(5) |
May
(13) |
Jun
(16) |
Jul
(1) |
Aug
(6) |
Sep
|
Oct
|
Nov
|
Dec
|
|
From: nedi <ne...@gm...> - 2021-04-25 08:33:05
|
Hi Michael, can be this CTI with SIP Phone, I use it for one Customer with Astlinux and snom, but this CTI have SIP Client to. https://www.phonesuite.de/hlp/de/client/topics/sip_softphone.htm <https://www.phonesuite.de/hlp/de/client/topics/sip_softphone.htm> Regards Nedi |
|
From: nedi <ne...@gm...> - 2021-04-21 06:18:09
|
Thanks Michael, O. K. I don't know that. I updated trough CLI both astlinux and RUNIX and get new release after rebooted. The Webgui was still old, and after that I copied ower alternate webgui tar and owerwrited files in www. After copy I have new gui. regards Nedi Am 20. Apr. 2021, 22:42, um 22:42, Michael Keuter <li...@mk...> schrieb: >The WebGUI is updated automatically when you update the AstLinux >distro. >The tar.gz files are only needed if your want to use a custom WebGUI >(or test something). > >Sent from a mobile device. > >Michael Keuter > >> Am 20.04.2021 um 18:50 schrieb nedi <ne...@gm...>: >> >> Hi, >> i updated one PBX to the : astlinux-1.2.8 i586 - Asterisk >1.8.32.3 Runnix Release: runnix-0.4-8057 >> >> For the Webgui update Im not sure should I untar both tar files or >only the update file? >> Can I untar and copy all file to my www folder as sample >/stat/var/www folder >> >> my HTTPSDIR is /stat/var/www >> >> AstLinux 1.0.0 through 1.3.6 GUI Version: 1.8.49 >> Untar's into altweb/ directory: altweb.tar.gz >> Untar's into current (./) directory: altweb-update.tar.gz >> >> Regards Nedi >> _______________________________________________ >> Astlinux-users mailing list >> Ast...@li... >> https://lists.sourceforge.net/lists/listinfo/astlinux-users >> >> Donations to support AstLinux are graciously accepted via PayPal to >pa...@kr.... > > >------------------------------------------------------------------------ > > > >------------------------------------------------------------------------ > >_______________________________________________ >Astlinux-users mailing list >Ast...@li... >https://lists.sourceforge.net/lists/listinfo/astlinux-users > >Donations to support AstLinux are graciously accepted via PayPal to >pa...@kr.... |
|
From: Michael K. <li...@mk...> - 2021-04-20 20:42:12
|
The WebGUI is updated automatically when you update the AstLinux distro. The tar.gz files are only needed if your want to use a custom WebGUI (or test something). Sent from a mobile device. Michael Keuter > Am 20.04.2021 um 18:50 schrieb nedi <ne...@gm...>: > > Hi, > i updated one PBX to the : astlinux-1.2.8 i586 - Asterisk 1.8.32.3 Runnix Release: runnix-0.4-8057 > > For the Webgui update Im not sure should I untar both tar files or only the update file? > Can I untar and copy all file to my www folder as sample /stat/var/www folder > > my HTTPSDIR is /stat/var/www > > AstLinux 1.0.0 through 1.3.6 GUI Version: 1.8.49 > Untar's into altweb/ directory: altweb.tar.gz > Untar's into current (./) directory: altweb-update.tar.gz > > Regards Nedi > _______________________________________________ > Astlinux-users mailing list > Ast...@li... > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... |
|
From: nedi <ne...@gm...> - 2021-04-20 16:50:29
|
Hi, i updated one PBX to the : astlinux-1.2.8 i586 - Asterisk 1.8.32.3 Runnix Release: runnix-0.4-8057 For the Webgui update Im not sure should I untar both tar files or only the update file? Can I untar and copy all file to my www folder as sample /stat/var/www folder my HTTPSDIR is /stat/var/www AstLinux 1.0.0 through 1.3.6 GUI Version: 1.8.49 Untar's into altweb/ directory: altweb.tar.gz <https://abelbeck.com/lonnie/astlinux/archive-1-3-6/altweb.tar.gz> Untar's into current (./) directory: altweb-update.tar.gz <https://abelbeck.com/lonnie/astlinux/archive-1-3-6/altweb-update.tar.gz> Regards Nedi |
|
From: Michael K. <li...@mk...> - 2021-04-20 10:24:22
|
But maybe there are more processes than usual and/or they run longer than usual with higher load. Look at periodic stuff like Monit (it does checks usually once per minute). > Am 20.04.2021 um 12:07 schrieb Michael Knill <mic...@ip...>: > > Yes well that's the problem. CPU Utilisation didn't get over 20% > > Regards > Michael Knill > > On 20/4/21, 7:35 pm, "Michael Keuter" <li...@mk...> wrote: > > > >> Am 20.04.2021 um 09:00 schrieb Michael Knill <mic...@ip...>: >> >> Hi Group >> >> For some reason my primary softswitch is running at a much higher CPU Load than normal today. From what I can see there does not appear to be any more traffic than normal. Also nothing onerous in the logs. >> >> 2 CPU System: >> 1281-IPCPROD-SSFE1 kd # uptime >> 16:57:22 up 112 days, 23:44, load average: 1.80, 1.17, 1.11 >> >> Only 26 calls - 1280-IPCPROD-GW1 26/0/0 >> >> <image001.png> >> >> Been fine previously. >> Just wondering where I should go next to troubleshoot other than rebooting the system. >> >> Regards >> Michael Knill > > Hi Michael, > > I would let run "htop" parallel for a while to figure out processes with high CPU load (at least if they are run longer than a few seconds). > > Michael > > http://www.mksolutions.info > > > > > > _______________________________________________ > Astlinux-users mailing list > Ast...@li... > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... > > > _______________________________________________ > Astlinux-users mailing list > Ast...@li... > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... Michael http://www.mksolutions.info |
|
From: Michael K. <mic...@ip...> - 2021-04-20 10:07:27
|
Yes well that's the problem. CPU Utilisation didn't get over 20%
Regards
Michael Knill
On 20/4/21, 7:35 pm, "Michael Keuter" <li...@mk...> wrote:
> Am 20.04.2021 um 09:00 schrieb Michael Knill <mic...@ip...>:
>
> Hi Group
>
> For some reason my primary softswitch is running at a much higher CPU Load than normal today. From what I can see there does not appear to be any more traffic than normal. Also nothing onerous in the logs.
>
> 2 CPU System:
> 1281-IPCPROD-SSFE1 kd # uptime
> 16:57:22 up 112 days, 23:44, load average: 1.80, 1.17, 1.11
>
> Only 26 calls - 1280-IPCPROD-GW1 26/0/0
>
> <image001.png>
>
> Been fine previously.
> Just wondering where I should go next to troubleshoot other than rebooting the system.
>
> Regards
> Michael Knill
Hi Michael,
I would let run "htop" parallel for a while to figure out processes with high CPU load (at least if they are run longer than a few seconds).
Michael
http://www.mksolutions.info
_______________________________________________
Astlinux-users mailing list
Ast...@li...
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....
|
|
From: nedi <ne...@gm...> - 2021-04-20 09:44:51
|
Hi, can anyone tell me how easy to update astlinux from: AstLinux Release: astlinux-1.2.4.1 - Asterisk 1.8.32.3 Runnix Release: runnix-0.4-6956 GUI Version: 1.8.21 to: AstLinux Release:astlinux-1.2.6.1 i586 - Asterisk 1.8.32.3 Runnix Release:runnix-0.4-7671 GUI Version:1.8.40 by one PBX I have openvpn config downloaded and there is no openvpn config file only key and cert. Regards nedi > Am 15.04.2021 um 23:19 schrieb nedi <ne...@gm...>: > > Hi Michael, > Thanks, > I get it working with putting this to my vpn.cnf on snom phone > dhcp-option DNS 10.0.0.1 > route 10.0.0.0 255.255.255.0 > > > > remote xx.xx.xx.xx 1194 udp > comp-lzo yes > cipher AES-256-CBC > auth SHA1 > key-direction 1 > client > ns-cert-type server > nobind > persist-key > persist-tun > dev tun > verb 3 > dhcp-option DNS 10.0.0.1 > route 10.0.0.0 255.255.255.0 > redirect-gateway def1 > ca /openvpn/ca.crt > cert /openvpn/client.crt > key /openvpn/client.key > > Regards Nedi > >> Am 13.04.2021 um 07:12 schrieb Michael Keuter <li...@mk...>: >> >> >> >>> Am 12.04.2021 um 21:32 schrieb nedi <ne...@gm...>: >>> >>> Hi Michael, >>> i don't understand you exactly >>> >>> I have NTP Server ch.pool.ntp.org >>> >>> I have in my sip.conf >>> >>> deny = 0.0.0.0/0.0.0.0 >>> permit = 10.0.0.0/255.255.255.0 >>> permit = 10.8.0.0/255.255.255.0 >>> permit = 10.10.11.0/255.255.255.0 >>> >>> you mean i must put into my sip.conf under [general] localnet for all network’s to? Or only localnet and remove this with deny and permit? >>> after nat=yes? >>> localnet = 10.0.0.0/255.255.255.0 >>> localnet = 10.8.0.0/255.255.255.0 >>> localnet = 10.10.11.0/255.255.255.0 >> >> Looks good. >> >>> I don’t understand must configure phone to register to IP adress 10.10.11.? if my pbx is 10.0.0.132? >> >> This is the IP address of your OpenVPN server (possibly 10.10.11.1). The phone does not need to know anything else about your network (e.g. other routes). >> >>> all others clinets on mac and android working only snom not. >>> >>> regards Nedi >>> >>> >>>> Am 12.04.2021 um 13:54 schrieb Michael Keuter <li...@mk...>: >>>> >>>> >>>> >>>>> Am 12.04.2021 um 13:48 schrieb Michael Keuter <li...@mk...>: >>>>> >>>>> >>>>> >>>>>> Am 12.04.2021 um 13:01 schrieb nedi <ne...@gm...>: >>>>>> >>>>>> Hi, >>>>>> I have my snom phone connected to the PBX trough OpenVPN, (on the display I see VPN Active, on PBX VPN Status is User1 connected but I can’t make provisioning and can't register, what can bee the issues? >>>>>> My Macbook or Android phone with SIP Client work trough this OpenVPN with the same VPN >>>>>> settings. >>>>>> >>>>>> My lan PBX is 10.0.0.132 >>>>>> My virtual Network IP for VPN Client is 10.10.11.2 >>>>>> My LTE Router for testing VPN is 192.168.1.1 >>>>>> >>>>>> what must be in PUSH section of my PBX VPN Config? >>>>>> >>>>>> I have This >>>>>> dhcp-option DNS 10.0.0.1 >>>>>> route 10.0.0.0 255.255.255.0 >>>>>> redirect-gateway def1 >>>>>> >>>>>> >>>>>> OpenVPN Status on PBX >>>>>> >>>>>> >>>>>> User1 194.230.148.217:6184 10.10.11.2 4182 4520 Mon Apr 12 10:47:57 2021 1618217277 >>>>>> >>>>>> in sip.conf general I have this >>>>>> >>>>>> alwaysauthreject=yes >>>>>> deny = 0.0.0.0/0.0.0.0 >>>>>> permit = 10.0.0.0/255.255.255.0 >>>>>> permit = 10.8.0.0/255.255.255.0 >>>>>> permit = 10.10.11.0/255.255.255.0 >>>>>> >>>>>> regards Nedi >>>>> >>>>> Hi Nedi, >>>>> >>>>> important is that the phone registers to Asterisk on the virtual IP "10.10.11.x" and not on 10.0.0.132! >>>>> >>>>> You also need to add "localnet" in sip.conf for this virtual IP range in the NAT section. >>>>> For provisioning to work you need to add the virtual IP range to "HTTP & HTTPS /phoneprov/ Allowed IP's:" (if not all (*) is allowed) and restart AstLinux. >>>> >>>> Update: and you need an external time server on the IP-phone and not the internal one from AstLinux (e.g. "europe.pool.ntp.org") >>>> >>>>>>> Am 10.04.2021 um 18:04 schrieb nedi <ne...@gm...>: >>>>>>> >>>>>>> Hi , >>>>>>> has anyone working config for the snom phones and astlinux openVPN i tried and tried , it works with MacBook and Asttlinux OpenVPN, >>>>>>> snom won’t connecting , what can I do to get it working? >>>>>>> >>>>>>> I putting ip adress of vpn server into vpn.cnf >>>>>>> This is my snom vpn config: >>>>>>> remote IP Adress of my PBX OpenVPN Server 1194 udp >>>>>>> comp-lzo yes >>>>>>> cipher AES-256-CBC >>>>>>> key-direction 1 >>>>>>> client >>>>>>> ns-cert-type server >>>>>>> nobind >>>>>>> persist-key >>>>>>> persist-tun >>>>>>> dev tun >>>>>>> verb 3 >>>>>>> <ca> >>>>>>> -----BEGIN CERTIFICATE----- >>>>>>> …..my cert , key, and tl…. >>>>>>> >>>>>>> After not working i tried this vpn.cnf to put cert key separately as described by snom wiki putting all files into openvpn folder and made tarbal of them >>>>>>> >>>>>>> remote IP Adress of my PBX OpenVPN Server 1194 udp >>>>>>> comp-lzo yes >>>>>>> cipher AES-256-CBC >>>>>>> key-direction 1 >>>>>>> client >>>>>>> ns-cert-type server >>>>>>> nobind >>>>>>> persist-key >>>>>>> persist-tun >>>>>>> dev tun >>>>>>> verb 3 >>>>>>> ca /openvpn/ca.crt >>>>>>> cert /openvpn/client.crt >>>>>>> key /openvpn/client.key >>>>>>> >>>>>>> Thanks >>>>>>> >>>>>>> Regards nedi >>>>>>> >>>>>>> >>>>>>>> Am 08.04.2021 um 23:22 schrieb Michael Keuter <li...@mk...>: >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>>> Am 08.04.2021 um 22:59 schrieb nedi <ne...@gm...>: >>>>>>>>> >>>>>>>>> Hi MIchael, >>>>>>>>> I need 2 Phoen connect to pbx from outside >>>>>>>>> I have this snom Firmware and Patch for VPN flashed as Update, but this not working with my Synology. From Synology I can Export openvpn config file and use on Macbook OpenVpn app but there is not user.key included and user.crt ther are only ca.crt and openvpn.conf files. >>>>>>>> >>>>>>>> The Synology OpenVPN server is very limited from the WebGUI. >>>>>>>> >>>>>>>>> I think is not wrong with snom, I can make those tar file .. and flash the snome phone. After that I tried with Astlinux openvpn and forwarded port to Astlinux ip but with Astlinux i can’t Connect from snom, can’t connect from my smartphone or macbook. There is no connecting to VPN server. I thinK on astlinux side is something wrong. >>>>>>>>> regards >>>>>>>>> nedi >>>>>>>> >>>>>>>> You should definitely get it working first with your Mac, before trying the snom. >>>>>>>> >>>>>>>> https://doc.astlinux.org/userdoc:tt_openvpn_server >>>>>>>> >>>>>>>> For the snom use "Auth Method" => "Certificate" >>>>>>>> >>>>>>>> When I download the credentials and import the "openvpn-cert-key" *.ovpn file into Viscosity or Tunnelblick it works fine on a Mac. >>>>>>>> >>>>>>>>> >>>>>>>>>> Am 08.04.2021 um 22:36 schrieb Michael Keuter <li...@mk...>: >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>>> Am 08.04.2021 um 22:24 schrieb nedi <ne...@gm...>: >>>>>>>>>>> >>>>>>>>>>> Hi, >>>>>>>>>>> I tried to configure OpenVpn for the Snom phone without success on Astlinux box and on Synology. >>>>>>>>>>> On Synology I have VPN working but I think is not compatible to the Snom phone I need a key file. >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> astlinux-1.2.6.1 i586 - Asterisk 1.8.32.3 Runnix Release: runnix-0.4-7671 GUI Version: 1.8.40 >>>>>>>>>>> >>>>>>>>>>> Can Anyone help me to configure OpenVPN on Astlinux box. I Have Alix with only one Lan Port can be this is the issue because VPN won’t work or iptables firewall make some issues? >>>>>>>>>>> I tried with firewall enabled or disabled, I rebooted, tried import openvpn.conf on Macbook. I made port-forwarding . >>>>>>>>>>> >>>>>>>>>>> In Firewal options is all disabled and I put into firewall Pass EXT->Local UDP 0/0 1194 >>>>>>>> >>>>>>>> You don't need that, it is done by the openvpn firewall plugin automatically. >>>>>>>> >>>>>>>>>>> >>>>>>>>>>> My network is: 10.0.0.1 DNS: 10.0.0.1 NM: 255.255.255.0 ipv4 Gateway: 10.0.0.1 >>>>>>>>>>> >>>>>>>>>>> Tunnel Options: >>>>>>>>>>> Protocol: UDPv4 Port: 1194 >>>>>>>>>>> Log Verbosity: medium Compression: yes >>>>>>>>>>> QoS Passthrough:Yes Legacy Cipher: AES-256-CBC >>>>>>>>>>> Device:tun0 Auth HMAC: Use default >>>>>>>>>>> Raw Commands: >>>>>>>>>>> >>>>>>>>>>> Authentication: >>>>>>>>>>> Auth Method: Certificate >>>>>>>>>>> Extra TLS-Auth: Yes >>>>>>>>>>> >>>>>>>>>>> Firewall Options: >>>>>>>>>>> External Hosts: 0/0 >>>>>>>>>>> >>>>>>>>>>> Server Mode: >>>>>>>>>>> Server Hostname(s): my dyndns >>>>>>>> >>>>>>>> Is this domain reachable? >>>>>>>> Depending on your network/DNS configuration you might fail to test the VPN connection from your internal network. >>>>>>>> >>>>>>>> Try testing with your MacBook via a smartphone with Wifi Hotspot and mobile data instead. >>>>>>>> >>>>>>>>>>> Network IPv4 NM: 10.10.11.0 255.255.255.0 >>>>>>>>>>> Network IPv6/nn: >>>>>>>>>>> >>>>>>>>>>> Topology: subnet latest , requires openvpn 2.1+ clients >>>>>>>>>>> "push": dhcp-option DOMAIN priv.mydomain.ch <== can be it is wrong what i have here , do I need this? >>>>>>>> >>>>>>>> The domain option is not needed at first, you can still add it later. >>>>>>>> >>>>>>>>>>> dhcp-option DNS 10.10.10.1 >>>>>>>>>>> route10.10.10.0 255.255.255.0 >>>>>>>>>>> redirect-gateway def1 >>>>>>>>>>> >>>>>>>>>>> Server Certificate and Key: >>>>>>>>>>> >>>>>>>>>>> Private Key Size: 2048 >>>>>>>>>>> Signature Algorithm: SHA-256 >>>>>>>>>>> >>>>>>>>>>> I made 2 Usr and downloaded zip files >>>>>>>>>>> >>>>>>>>>>> after import into openvpn app won’r connecting. >>>>>>>>>>> >>>>>>>>>>> regards Nedi >>>>>>>>>> >>>>>>>>>> I think some years ago snom removed OpenVPN from their default firmware images. You need a special firmware that enables OpenVPN. >>>>>>>>>> >>>>>>>>>> https://service.snom.com/display/wiki/Configuring+VPN+on+Snom+Deskphones#ConfiguringVPNonSnomDeskphones-InstallandconfigureOpenVPNontheSnomphones.1 >>>>>>>>>> >>>>>>>>>> Michael >>>>>>>> >>>>>>>> Michael >>>>> >>>>> Michael >>>>> >>>> >>>> Michael >> >> Michael >> >> http://www.mksolutions.info >> >> >> >> _______________________________________________ >> Astlinux-users mailing list >> Ast...@li... >> https://lists.sourceforge.net/lists/listinfo/astlinux-users >> >> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... > > _______________________________________________ > Astlinux-users mailing list > Ast...@li... > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... |
|
From: Michael K. <li...@mk...> - 2021-04-20 09:35:17
|
> Am 20.04.2021 um 09:00 schrieb Michael Knill <mic...@ip...>: > > Hi Group > > For some reason my primary softswitch is running at a much higher CPU Load than normal today. From what I can see there does not appear to be any more traffic than normal. Also nothing onerous in the logs. > > 2 CPU System: > 1281-IPCPROD-SSFE1 kd # uptime > 16:57:22 up 112 days, 23:44, load average: 1.80, 1.17, 1.11 > > Only 26 calls - 1280-IPCPROD-GW1 26/0/0 > > <image001.png> > > Been fine previously. > Just wondering where I should go next to troubleshoot other than rebooting the system. > > Regards > Michael Knill Hi Michael, I would let run "htop" parallel for a while to figure out processes with high CPU load (at least if they are run longer than a few seconds). Michael http://www.mksolutions.info |
|
From: Michael K. <mic...@ip...> - 2021-04-20 07:00:56
|
Hi Group For some reason my primary softswitch is running at a much higher CPU Load than normal today. From what I can see there does not appear to be any more traffic than normal. Also nothing onerous in the logs. 2 CPU System: 1281-IPCPROD-SSFE1 kd # uptime 16:57:22 up 112 days, 23:44, load average: 1.80, 1.17, 1.11 Only 26 calls - 1280-IPCPROD-GW1 26/0/0 [cid:image001.png@01D73606.A9F4B7D0] Been fine previously. Just wondering where I should go next to troubleshoot other than rebooting the system. Regards Michael Knill |
|
From: nedi <ne...@gm...> - 2021-04-15 21:19:37
|
Hi Michael, Thanks, I get it working with putting this to my vpn.cnf on snom phone dhcp-option DNS 10.0.0.1 route 10.0.0.0 255.255.255.0 remote xx.xx.xx.xx 1194 udp comp-lzo yes cipher AES-256-CBC auth SHA1 key-direction 1 client ns-cert-type server nobind persist-key persist-tun dev tun verb 3 dhcp-option DNS 10.0.0.1 route 10.0.0.0 255.255.255.0 redirect-gateway def1 ca /openvpn/ca.crt cert /openvpn/client.crt key /openvpn/client.key Regards Nedi > Am 13.04.2021 um 07:12 schrieb Michael Keuter <li...@mk...>: > > > >> Am 12.04.2021 um 21:32 schrieb nedi <ne...@gm... <mailto:ne...@gm...>>: >> >> Hi Michael, >> i don't understand you exactly >> >> I have NTP Server ch.pool.ntp.org <http://ch.pool.ntp.org/> >> >> I have in my sip.conf >> >> deny = 0.0.0.0/0.0.0.0 >> permit = 10.0.0.0/255.255.255.0 >> permit = 10.8.0.0/255.255.255.0 >> permit = 10.10.11.0/255.255.255.0 >> >> you mean i must put into my sip.conf under [general] localnet for all network’s to? Or only localnet and remove this with deny and permit? >> after nat=yes? >> localnet = 10.0.0.0/255.255.255.0 >> localnet = 10.8.0.0/255.255.255.0 >> localnet = 10.10.11.0/255.255.255.0 > > Looks good. > >> I don’t understand must configure phone to register to IP adress 10.10.11.? if my pbx is 10.0.0.132? > > This is the IP address of your OpenVPN server (possibly 10.10.11.1). The phone does not need to know anything else about your network (e.g. other routes). > >> all others clinets on mac and android working only snom not. >> >> regards Nedi >> >> >>> Am 12.04.2021 um 13:54 schrieb Michael Keuter <li...@mk... <mailto:li...@mk...>>: >>> >>> >>> >>>> Am 12.04.2021 um 13:48 schrieb Michael Keuter <li...@mk... <mailto:li...@mk...>>: >>>> >>>> >>>> >>>>> Am 12.04.2021 um 13:01 schrieb nedi <ne...@gm... <mailto:ne...@gm...>>: >>>>> >>>>> Hi, >>>>> I have my snom phone connected to the PBX trough OpenVPN, (on the display I see VPN Active, on PBX VPN Status is User1 connected but I can’t make provisioning and can't register, what can bee the issues? >>>>> My Macbook or Android phone with SIP Client work trough this OpenVPN with the same VPN >>>>> settings. >>>>> >>>>> My lan PBX is 10.0.0.132 >>>>> My virtual Network IP for VPN Client is 10.10.11.2 >>>>> My LTE Router for testing VPN is 192.168.1.1 >>>>> >>>>> what must be in PUSH section of my PBX VPN Config? >>>>> >>>>> I have This >>>>> dhcp-option DNS 10.0.0.1 >>>>> route 10.0.0.0 255.255.255.0 >>>>> redirect-gateway def1 >>>>> >>>>> >>>>> OpenVPN Status on PBX >>>>> >>>>> >>>>> User1 194.230.148.217:6184 10.10.11.2 4182 4520 Mon Apr 12 10:47:57 2021 1618217277 >>>>> >>>>> in sip.conf general I have this >>>>> >>>>> alwaysauthreject=yes >>>>> deny = 0.0.0.0/0.0.0.0 >>>>> permit = 10.0.0.0/255.255.255.0 >>>>> permit = 10.8.0.0/255.255.255.0 >>>>> permit = 10.10.11.0/255.255.255.0 >>>>> >>>>> regards Nedi >>>> >>>> Hi Nedi, >>>> >>>> important is that the phone registers to Asterisk on the virtual IP "10.10.11.x" and not on 10.0.0.132! >>>> >>>> You also need to add "localnet" in sip.conf for this virtual IP range in the NAT section. >>>> For provisioning to work you need to add the virtual IP range to "HTTP & HTTPS /phoneprov/ Allowed IP's:" (if not all (*) is allowed) and restart AstLinux. >>> >>> Update: and you need an external time server on the IP-phone and not the internal one from AstLinux (e.g. "europe.pool.ntp.org <http://europe.pool.ntp.org/>") >>> >>>>>> Am 10.04.2021 um 18:04 schrieb nedi <ne...@gm... <mailto:ne...@gm...>>: >>>>>> >>>>>> Hi , >>>>>> has anyone working config for the snom phones and astlinux openVPN i tried and tried , it works with MacBook and Asttlinux OpenVPN, >>>>>> snom won’t connecting , what can I do to get it working? >>>>>> >>>>>> I putting ip adress of vpn server into vpn.cnf >>>>>> This is my snom vpn config: >>>>>> remote IP Adress of my PBX OpenVPN Server 1194 udp >>>>>> comp-lzo yes >>>>>> cipher AES-256-CBC >>>>>> key-direction 1 >>>>>> client >>>>>> ns-cert-type server >>>>>> nobind >>>>>> persist-key >>>>>> persist-tun >>>>>> dev tun >>>>>> verb 3 >>>>>> <ca> >>>>>> -----BEGIN CERTIFICATE----- >>>>>> …..my cert , key, and tl…. >>>>>> >>>>>> After not working i tried this vpn.cnf to put cert key separately as described by snom wiki putting all files into openvpn folder and made tarbal of them >>>>>> >>>>>> remote IP Adress of my PBX OpenVPN Server 1194 udp >>>>>> comp-lzo yes >>>>>> cipher AES-256-CBC >>>>>> key-direction 1 >>>>>> client >>>>>> ns-cert-type server >>>>>> nobind >>>>>> persist-key >>>>>> persist-tun >>>>>> dev tun >>>>>> verb 3 >>>>>> ca /openvpn/ca.crt >>>>>> cert /openvpn/client.crt >>>>>> key /openvpn/client.key >>>>>> >>>>>> Thanks >>>>>> >>>>>> Regards nedi >>>>>> >>>>>> >>>>>>> Am 08.04.2021 um 23:22 schrieb Michael Keuter <li...@mk... <mailto:li...@mk...>>: >>>>>>> >>>>>>> >>>>>>> >>>>>>>> Am 08.04.2021 um 22:59 schrieb nedi <ne...@gm... <mailto:ne...@gm...>>: >>>>>>>> >>>>>>>> Hi MIchael, >>>>>>>> I need 2 Phoen connect to pbx from outside >>>>>>>> I have this snom Firmware and Patch for VPN flashed as Update, but this not working with my Synology. From Synology I can Export openvpn config file and use on Macbook OpenVpn app but there is not user.key included and user.crt ther are only ca.crt and openvpn.conf files. >>>>>>> >>>>>>> The Synology OpenVPN server is very limited from the WebGUI. >>>>>>> >>>>>>>> I think is not wrong with snom, I can make those tar file .. and flash the snome phone. After that I tried with Astlinux openvpn and forwarded port to Astlinux ip but with Astlinux i can’t Connect from snom, can’t connect from my smartphone or macbook. There is no connecting to VPN server. I thinK on astlinux side is something wrong. >>>>>>>> regards >>>>>>>> nedi >>>>>>> >>>>>>> You should definitely get it working first with your Mac, before trying the snom. >>>>>>> >>>>>>> https://doc.astlinux.org/userdoc:tt_openvpn_server <https://doc.astlinux.org/userdoc:tt_openvpn_server> >>>>>>> >>>>>>> For the snom use "Auth Method" => "Certificate" >>>>>>> >>>>>>> When I download the credentials and import the "openvpn-cert-key" *.ovpn file into Viscosity or Tunnelblick it works fine on a Mac. >>>>>>> >>>>>>>> >>>>>>>>> Am 08.04.2021 um 22:36 schrieb Michael Keuter <li...@mk...>: >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>>> Am 08.04.2021 um 22:24 schrieb nedi <ne...@gm...>: >>>>>>>>>> >>>>>>>>>> Hi, >>>>>>>>>> I tried to configure OpenVpn for the Snom phone without success on Astlinux box and on Synology. >>>>>>>>>> On Synology I have VPN working but I think is not compatible to the Snom phone I need a key file. >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> astlinux-1.2.6.1 i586 - Asterisk 1.8.32.3 Runnix Release: runnix-0.4-7671 GUI Version: 1.8.40 >>>>>>>>>> >>>>>>>>>> Can Anyone help me to configure OpenVPN on Astlinux box. I Have Alix with only one Lan Port can be this is the issue because VPN won’t work or iptables firewall make some issues? >>>>>>>>>> I tried with firewall enabled or disabled, I rebooted, tried import openvpn.conf on Macbook. I made port-forwarding . >>>>>>>>>> >>>>>>>>>> In Firewal options is all disabled and I put into firewall Pass EXT->Local UDP 0/0 1194 >>>>>>> >>>>>>> You don't need that, it is done by the openvpn firewall plugin automatically. >>>>>>> >>>>>>>>>> >>>>>>>>>> My network is: 10.0.0.1 DNS: 10.0.0.1 NM: 255.255.255.0 ipv4 Gateway: 10.0.0.1 >>>>>>>>>> >>>>>>>>>> Tunnel Options: >>>>>>>>>> Protocol: UDPv4 Port: 1194 >>>>>>>>>> Log Verbosity: medium Compression: yes >>>>>>>>>> QoS Passthrough:Yes Legacy Cipher: AES-256-CBC >>>>>>>>>> Device:tun0 Auth HMAC: Use default >>>>>>>>>> Raw Commands: >>>>>>>>>> >>>>>>>>>> Authentication: >>>>>>>>>> Auth Method: Certificate >>>>>>>>>> Extra TLS-Auth: Yes >>>>>>>>>> >>>>>>>>>> Firewall Options: >>>>>>>>>> External Hosts: 0/0 >>>>>>>>>> >>>>>>>>>> Server Mode: >>>>>>>>>> Server Hostname(s): my dyndns >>>>>>> >>>>>>> Is this domain reachable? >>>>>>> Depending on your network/DNS configuration you might fail to test the VPN connection from your internal network. >>>>>>> >>>>>>> Try testing with your MacBook via a smartphone with Wifi Hotspot and mobile data instead. >>>>>>> >>>>>>>>>> Network IPv4 NM: 10.10.11.0 255.255.255.0 >>>>>>>>>> Network IPv6/nn: >>>>>>>>>> >>>>>>>>>> Topology: subnet latest , requires openvpn 2.1+ clients >>>>>>>>>> "push": dhcp-option DOMAIN priv.mydomain.ch <== can be it is wrong what i have here , do I need this? >>>>>>> >>>>>>> The domain option is not needed at first, you can still add it later. >>>>>>> >>>>>>>>>> dhcp-option DNS 10.10.10.1 >>>>>>>>>> route10.10.10.0 255.255.255.0 >>>>>>>>>> redirect-gateway def1 >>>>>>>>>> >>>>>>>>>> Server Certificate and Key: >>>>>>>>>> >>>>>>>>>> Private Key Size: 2048 >>>>>>>>>> Signature Algorithm: SHA-256 >>>>>>>>>> >>>>>>>>>> I made 2 Usr and downloaded zip files >>>>>>>>>> >>>>>>>>>> after import into openvpn app won’r connecting. >>>>>>>>>> >>>>>>>>>> regards Nedi >>>>>>>>> >>>>>>>>> I think some years ago snom removed OpenVPN from their default firmware images. You need a special firmware that enables OpenVPN. >>>>>>>>> >>>>>>>>> https://service.snom.com/display/wiki/Configuring+VPN+on+Snom+Deskphones#ConfiguringVPNonSnomDeskphones-InstallandconfigureOpenVPNontheSnomphones.1 >>>>>>>>> >>>>>>>>> Michael >>>>>>> >>>>>>> Michael >>>> >>>> Michael >>>> >>> >>> Michael > > Michael > > http://www.mksolutions.info <http://www.mksolutions.info/> > > > _______________________________________________ > Astlinux-users mailing list > Ast...@li... > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... |
|
From: Michael K. <li...@mk...> - 2021-04-13 05:12:43
|
> Am 12.04.2021 um 21:32 schrieb nedi <ne...@gm...>: > > Hi Michael, > i don't understand you exactly > > I have NTP Server ch.pool.ntp.org > > I have in my sip.conf > > deny = 0.0.0.0/0.0.0.0 > permit = 10.0.0.0/255.255.255.0 > permit = 10.8.0.0/255.255.255.0 > permit = 10.10.11.0/255.255.255.0 > > you mean i must put into my sip.conf under [general] localnet for all network’s to? Or only localnet and remove this with deny and permit? > after nat=yes? > localnet = 10.0.0.0/255.255.255.0 > localnet = 10.8.0.0/255.255.255.0 > localnet = 10.10.11.0/255.255.255.0 Looks good. > I don’t understand must configure phone to register to IP adress 10.10.11.? if my pbx is 10.0.0.132? This is the IP address of your OpenVPN server (possibly 10.10.11.1). The phone does not need to know anything else about your network (e.g. other routes). > all others clinets on mac and android working only snom not. > > regards Nedi > > >> Am 12.04.2021 um 13:54 schrieb Michael Keuter <li...@mk...>: >> >> >> >>> Am 12.04.2021 um 13:48 schrieb Michael Keuter <li...@mk...>: >>> >>> >>> >>>> Am 12.04.2021 um 13:01 schrieb nedi <ne...@gm...>: >>>> >>>> Hi, >>>> I have my snom phone connected to the PBX trough OpenVPN, (on the display I see VPN Active, on PBX VPN Status is User1 connected but I can’t make provisioning and can't register, what can bee the issues? >>>> My Macbook or Android phone with SIP Client work trough this OpenVPN with the same VPN >>>> settings. >>>> >>>> My lan PBX is 10.0.0.132 >>>> My virtual Network IP for VPN Client is 10.10.11.2 >>>> My LTE Router for testing VPN is 192.168.1.1 >>>> >>>> what must be in PUSH section of my PBX VPN Config? >>>> >>>> I have This >>>> dhcp-option DNS 10.0.0.1 >>>> route 10.0.0.0 255.255.255.0 >>>> redirect-gateway def1 >>>> >>>> >>>> OpenVPN Status on PBX >>>> >>>> >>>> User1 194.230.148.217:6184 10.10.11.2 4182 4520 Mon Apr 12 10:47:57 2021 1618217277 >>>> >>>> in sip.conf general I have this >>>> >>>> alwaysauthreject=yes >>>> deny = 0.0.0.0/0.0.0.0 >>>> permit = 10.0.0.0/255.255.255.0 >>>> permit = 10.8.0.0/255.255.255.0 >>>> permit = 10.10.11.0/255.255.255.0 >>>> >>>> regards Nedi >>> >>> Hi Nedi, >>> >>> important is that the phone registers to Asterisk on the virtual IP "10.10.11.x" and not on 10.0.0.132! >>> >>> You also need to add "localnet" in sip.conf for this virtual IP range in the NAT section. >>> For provisioning to work you need to add the virtual IP range to "HTTP & HTTPS /phoneprov/ Allowed IP's:" (if not all (*) is allowed) and restart AstLinux. >> >> Update: and you need an external time server on the IP-phone and not the internal one from AstLinux (e.g. "europe.pool.ntp.org") >> >>>>> Am 10.04.2021 um 18:04 schrieb nedi <ne...@gm...>: >>>>> >>>>> Hi , >>>>> has anyone working config for the snom phones and astlinux openVPN i tried and tried , it works with MacBook and Asttlinux OpenVPN, >>>>> snom won’t connecting , what can I do to get it working? >>>>> >>>>> I putting ip adress of vpn server into vpn.cnf >>>>> This is my snom vpn config: >>>>> remote IP Adress of my PBX OpenVPN Server 1194 udp >>>>> comp-lzo yes >>>>> cipher AES-256-CBC >>>>> key-direction 1 >>>>> client >>>>> ns-cert-type server >>>>> nobind >>>>> persist-key >>>>> persist-tun >>>>> dev tun >>>>> verb 3 >>>>> <ca> >>>>> -----BEGIN CERTIFICATE----- >>>>> …..my cert , key, and tl…. >>>>> >>>>> After not working i tried this vpn.cnf to put cert key separately as described by snom wiki putting all files into openvpn folder and made tarbal of them >>>>> >>>>> remote IP Adress of my PBX OpenVPN Server 1194 udp >>>>> comp-lzo yes >>>>> cipher AES-256-CBC >>>>> key-direction 1 >>>>> client >>>>> ns-cert-type server >>>>> nobind >>>>> persist-key >>>>> persist-tun >>>>> dev tun >>>>> verb 3 >>>>> ca /openvpn/ca.crt >>>>> cert /openvpn/client.crt >>>>> key /openvpn/client.key >>>>> >>>>> Thanks >>>>> >>>>> Regards nedi >>>>> >>>>> >>>>>> Am 08.04.2021 um 23:22 schrieb Michael Keuter <li...@mk...>: >>>>>> >>>>>> >>>>>> >>>>>>> Am 08.04.2021 um 22:59 schrieb nedi <ne...@gm...>: >>>>>>> >>>>>>> Hi MIchael, >>>>>>> I need 2 Phoen connect to pbx from outside >>>>>>> I have this snom Firmware and Patch for VPN flashed as Update, but this not working with my Synology. From Synology I can Export openvpn config file and use on Macbook OpenVpn app but there is not user.key included and user.crt ther are only ca.crt and openvpn.conf files. >>>>>> >>>>>> The Synology OpenVPN server is very limited from the WebGUI. >>>>>> >>>>>>> I think is not wrong with snom, I can make those tar file .. and flash the snome phone. After that I tried with Astlinux openvpn and forwarded port to Astlinux ip but with Astlinux i can’t Connect from snom, can’t connect from my smartphone or macbook. There is no connecting to VPN server. I thinK on astlinux side is something wrong. >>>>>>> regards >>>>>>> nedi >>>>>> >>>>>> You should definitely get it working first with your Mac, before trying the snom. >>>>>> >>>>>> https://doc.astlinux.org/userdoc:tt_openvpn_server >>>>>> >>>>>> For the snom use "Auth Method" => "Certificate" >>>>>> >>>>>> When I download the credentials and import the "openvpn-cert-key" *.ovpn file into Viscosity or Tunnelblick it works fine on a Mac. >>>>>> >>>>>>> >>>>>>>> Am 08.04.2021 um 22:36 schrieb Michael Keuter <li...@mk...>: >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>>> Am 08.04.2021 um 22:24 schrieb nedi <ne...@gm...>: >>>>>>>>> >>>>>>>>> Hi, >>>>>>>>> I tried to configure OpenVpn for the Snom phone without success on Astlinux box and on Synology. >>>>>>>>> On Synology I have VPN working but I think is not compatible to the Snom phone I need a key file. >>>>>>>>> >>>>>>>>> >>>>>>>>> astlinux-1.2.6.1 i586 - Asterisk 1.8.32.3 Runnix Release: runnix-0.4-7671 GUI Version: 1.8.40 >>>>>>>>> >>>>>>>>> Can Anyone help me to configure OpenVPN on Astlinux box. I Have Alix with only one Lan Port can be this is the issue because VPN won’t work or iptables firewall make some issues? >>>>>>>>> I tried with firewall enabled or disabled, I rebooted, tried import openvpn.conf on Macbook. I made port-forwarding . >>>>>>>>> >>>>>>>>> In Firewal options is all disabled and I put into firewall Pass EXT->Local UDP 0/0 1194 >>>>>> >>>>>> You don't need that, it is done by the openvpn firewall plugin automatically. >>>>>> >>>>>>>>> >>>>>>>>> My network is: 10.0.0.1 DNS: 10.0.0.1 NM: 255.255.255.0 ipv4 Gateway: 10.0.0.1 >>>>>>>>> >>>>>>>>> Tunnel Options: >>>>>>>>> Protocol: UDPv4 Port: 1194 >>>>>>>>> Log Verbosity: medium Compression: yes >>>>>>>>> QoS Passthrough:Yes Legacy Cipher: AES-256-CBC >>>>>>>>> Device:tun0 Auth HMAC: Use default >>>>>>>>> Raw Commands: >>>>>>>>> >>>>>>>>> Authentication: >>>>>>>>> Auth Method: Certificate >>>>>>>>> Extra TLS-Auth: Yes >>>>>>>>> >>>>>>>>> Firewall Options: >>>>>>>>> External Hosts: 0/0 >>>>>>>>> >>>>>>>>> Server Mode: >>>>>>>>> Server Hostname(s): my dyndns >>>>>> >>>>>> Is this domain reachable? >>>>>> Depending on your network/DNS configuration you might fail to test the VPN connection from your internal network. >>>>>> >>>>>> Try testing with your MacBook via a smartphone with Wifi Hotspot and mobile data instead. >>>>>> >>>>>>>>> Network IPv4 NM: 10.10.11.0 255.255.255.0 >>>>>>>>> Network IPv6/nn: >>>>>>>>> >>>>>>>>> Topology: subnet latest , requires openvpn 2.1+ clients >>>>>>>>> "push": dhcp-option DOMAIN priv.mydomain.ch <== can be it is wrong what i have here , do I need this? >>>>>> >>>>>> The domain option is not needed at first, you can still add it later. >>>>>> >>>>>>>>> dhcp-option DNS 10.10.10.1 >>>>>>>>> route10.10.10.0 255.255.255.0 >>>>>>>>> redirect-gateway def1 >>>>>>>>> >>>>>>>>> Server Certificate and Key: >>>>>>>>> >>>>>>>>> Private Key Size: 2048 >>>>>>>>> Signature Algorithm: SHA-256 >>>>>>>>> >>>>>>>>> I made 2 Usr and downloaded zip files >>>>>>>>> >>>>>>>>> after import into openvpn app won’r connecting. >>>>>>>>> >>>>>>>>> regards Nedi >>>>>>>> >>>>>>>> I think some years ago snom removed OpenVPN from their default firmware images. You need a special firmware that enables OpenVPN. >>>>>>>> >>>>>>>> https://service.snom.com/display/wiki/Configuring+VPN+on+Snom+Deskphones#ConfiguringVPNonSnomDeskphones-InstallandconfigureOpenVPNontheSnomphones.1 >>>>>>>> >>>>>>>> Michael >>>>>> >>>>>> Michael >>> >>> Michael >>> >> >> Michael Michael http://www.mksolutions.info |
|
From: Michael K. <mic...@ip...> - 2021-04-12 22:08:06
|
PS Only need to add the range to localnet for sip.conf if you are behind a NAT device. Will need to add it to the ACL though.
PPS I'm pretty sure you can register to the LAN address as long as you Push the route to it via OpenVPN.
Regards
Michael Knill
On 12/4/21, 9:49 pm, "Michael Keuter" <li...@mk...> wrote:
> Am 12.04.2021 um 13:01 schrieb nedi <ne...@gm...>:
>
> Hi,
> I have my snom phone connected to the PBX trough OpenVPN, (on the display I see VPN Active, on PBX VPN Status is User1 connected but I can’t make provisioning and can't register, what can bee the issues?
> My Macbook or Android phone with SIP Client work trough this OpenVPN with the same VPN
> settings.
>
> My lan PBX is 10.0.0.132
> My virtual Network IP for VPN Client is 10.10.11.2
> My LTE Router for testing VPN is 192.168.1.1
>
> what must be in PUSH section of my PBX VPN Config?
>
> I have This
> dhcp-option DNS 10.0.0.1
> route 10.0.0.0 255.255.255.0
> redirect-gateway def1
>
>
> OpenVPN Status on PBX
>
>
> User1 194.230.148.217:6184 10.10.11.2 4182 4520 Mon Apr 12 10:47:57 2021 1618217277
>
> in sip.conf general I have this
>
> alwaysauthreject=yes
> deny = 0.0.0.0/0.0.0.0
> permit = 10.0.0.0/255.255.255.0
> permit = 10.8.0.0/255.255.255.0
> permit = 10.10.11.0/255.255.255.0
>
> regards Nedi
Hi Nedi,
important is that the phone registers to Asterisk on the virtual IP "10.10.11.x" and not on 10.0.0.132!
You also need to add "localnet" in sip.conf for this virtual IP range in the NAT section.
For provisioning to work you need to add the virtual IP range to "HTTP & HTTPS /phoneprov/ Allowed IP's:" (if not all (*) is allowed) and restart AstLinux.
>
>> Am 10.04.2021 um 18:04 schrieb nedi <ne...@gm...>:
>>
>> Hi ,
>> has anyone working config for the snom phones and astlinux openVPN i tried and tried , it works with MacBook and Asttlinux OpenVPN,
>> snom won’t connecting , what can I do to get it working?
>>
>> I putting ip adress of vpn server into vpn.cnf
>> This is my snom vpn config:
>> remote IP Adress of my PBX OpenVPN Server 1194 udp
>> comp-lzo yes
>> cipher AES-256-CBC
>> key-direction 1
>> client
>> ns-cert-type server
>> nobind
>> persist-key
>> persist-tun
>> dev tun
>> verb 3
>> <ca>
>> -----BEGIN CERTIFICATE-----
>> …..my cert , key, and tl….
>>
>> After not working i tried this vpn.cnf to put cert key separately as described by snom wiki putting all files into openvpn folder and made tarbal of them
>>
>> remote IP Adress of my PBX OpenVPN Server 1194 udp
>> comp-lzo yes
>> cipher AES-256-CBC
>> key-direction 1
>> client
>> ns-cert-type server
>> nobind
>> persist-key
>> persist-tun
>> dev tun
>> verb 3
>> ca /openvpn/ca.crt
>> cert /openvpn/client.crt
>> key /openvpn/client.key
>>
>> Thanks
>>
>> Regards nedi
>>
>>
>>> Am 08.04.2021 um 23:22 schrieb Michael Keuter <li...@mk...>:
>>>
>>>
>>>
>>>> Am 08.04.2021 um 22:59 schrieb nedi <ne...@gm...>:
>>>>
>>>> Hi MIchael,
>>>> I need 2 Phoen connect to pbx from outside
>>>> I have this snom Firmware and Patch for VPN flashed as Update, but this not working with my Synology. From Synology I can Export openvpn config file and use on Macbook OpenVpn app but there is not user.key included and user.crt ther are only ca.crt and openvpn.conf files.
>>>
>>> The Synology OpenVPN server is very limited from the WebGUI.
>>>
>>>> I think is not wrong with snom, I can make those tar file .. and flash the snome phone. After that I tried with Astlinux openvpn and forwarded port to Astlinux ip but with Astlinux i can’t Connect from snom, can’t connect from my smartphone or macbook. There is no connecting to VPN server. I thinK on astlinux side is something wrong.
>>>> regards
>>>> nedi
>>>
>>> You should definitely get it working first with your Mac, before trying the snom.
>>>
>>> https://doc.astlinux.org/userdoc:tt_openvpn_server
>>>
>>> For the snom use "Auth Method" => "Certificate"
>>>
>>> When I download the credentials and import the "openvpn-cert-key" *.ovpn file into Viscosity or Tunnelblick it works fine on a Mac.
>>>
>>>>
>>>>> Am 08.04.2021 um 22:36 schrieb Michael Keuter <li...@mk...>:
>>>>>
>>>>>
>>>>>
>>>>>> Am 08.04.2021 um 22:24 schrieb nedi <ne...@gm...>:
>>>>>>
>>>>>> Hi,
>>>>>> I tried to configure OpenVpn for the Snom phone without success on Astlinux box and on Synology.
>>>>>> On Synology I have VPN working but I think is not compatible to the Snom phone I need a key file.
>>>>>>
>>>>>>
>>>>>> astlinux-1.2.6.1 i586 - Asterisk 1.8.32.3 Runnix Release: runnix-0.4-7671 GUI Version: 1.8.40
>>>>>>
>>>>>> Can Anyone help me to configure OpenVPN on Astlinux box. I Have Alix with only one Lan Port can be this is the issue because VPN won’t work or iptables firewall make some issues?
>>>>>> I tried with firewall enabled or disabled, I rebooted, tried import openvpn.conf on Macbook. I made port-forwarding .
>>>>>>
>>>>>> In Firewal options is all disabled and I put into firewall Pass EXT->Local UDP 0/0 1194
>>>
>>> You don't need that, it is done by the openvpn firewall plugin automatically.
>>>
>>>>>>
>>>>>> My network is: 10.0.0.1 DNS: 10.0.0.1 NM: 255.255.255.0 ipv4 Gateway: 10.0.0.1
>>>>>>
>>>>>> Tunnel Options:
>>>>>> Protocol: UDPv4 Port: 1194
>>>>>> Log Verbosity: medium Compression: yes
>>>>>> QoS Passthrough:Yes Legacy Cipher: AES-256-CBC
>>>>>> Device:tun0 Auth HMAC: Use default
>>>>>> Raw Commands:
>>>>>>
>>>>>> Authentication:
>>>>>> Auth Method: Certificate
>>>>>> Extra TLS-Auth: Yes
>>>>>>
>>>>>> Firewall Options:
>>>>>> External Hosts: 0/0
>>>>>>
>>>>>> Server Mode:
>>>>>> Server Hostname(s): my dyndns
>>>
>>> Is this domain reachable?
>>> Depending on your network/DNS configuration you might fail to test the VPN connection from your internal network.
>>>
>>> Try testing with your MacBook via a smartphone with Wifi Hotspot and mobile data instead.
>>>
>>>>>> Network IPv4 NM: 10.10.11.0 255.255.255.0
>>>>>> Network IPv6/nn:
>>>>>>
>>>>>> Topology: subnet latest , requires openvpn 2.1+ clients
>>>>>> "push": dhcp-option DOMAIN priv.mydomain.ch <== can be it is wrong what i have here , do I need this?
>>>
>>> The domain option is not needed at first, you can still add it later.
>>>
>>>>>> dhcp-option DNS 10.10.10.1
>>>>>> route10.10.10.0 255.255.255.0
>>>>>> redirect-gateway def1
>>>>>>
>>>>>> Server Certificate and Key:
>>>>>>
>>>>>> Private Key Size: 2048
>>>>>> Signature Algorithm: SHA-256
>>>>>>
>>>>>> I made 2 Usr and downloaded zip files
>>>>>>
>>>>>> after import into openvpn app won’r connecting.
>>>>>>
>>>>>> regards Nedi
>>>>>
>>>>> I think some years ago snom removed OpenVPN from their default firmware images. You need a special firmware that enables OpenVPN.
>>>>>
>>>>> https://service.snom.com/display/wiki/Configuring+VPN+on+Snom+Deskphones#ConfiguringVPNonSnomDeskphones-InstallandconfigureOpenVPNontheSnomphones.1
>>>>>
>>>>> Michael
>>>
>>> Michael
Michael
http://www.mksolutions.info
_______________________________________________
Astlinux-users mailing list
Ast...@li...
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....
|
|
From: nedi <ne...@gm...> - 2021-04-12 19:32:33
|
Hi Michael, i don't understand you exactly I have NTP Server ch.pool.ntp.org I have in my sip.conf deny = 0.0.0.0/0.0.0.0 permit = 10.0.0.0/255.255.255.0 permit = 10.8.0.0/255.255.255.0 permit = 10.10.11.0/255.255.255.0 you mean i must put into my sip.conf under [general] localnet for all network’s to? Or only localnet and remove this with deny and permit? after nat=yes? localnet = 10.0.0.0/255.255.255.0 localnet = 10.8.0.0/255.255.255.0 localnet = 10.10.11.0/255.255.255.0 I don’t understand must configure phone to register to IP adress 10.10.11.? if my pbx is 10.0.0.132? all others clinets on mac and android working only snom not. regards Nedi > Am 12.04.2021 um 13:54 schrieb Michael Keuter <li...@mk...>: > > > >> Am 12.04.2021 um 13:48 schrieb Michael Keuter <li...@mk...>: >> >> >> >>> Am 12.04.2021 um 13:01 schrieb nedi <ne...@gm...>: >>> >>> Hi, >>> I have my snom phone connected to the PBX trough OpenVPN, (on the display I see VPN Active, on PBX VPN Status is User1 connected but I can’t make provisioning and can't register, what can bee the issues? >>> My Macbook or Android phone with SIP Client work trough this OpenVPN with the same VPN >>> settings. >>> >>> My lan PBX is 10.0.0.132 >>> My virtual Network IP for VPN Client is 10.10.11.2 >>> My LTE Router for testing VPN is 192.168.1.1 >>> >>> what must be in PUSH section of my PBX VPN Config? >>> >>> I have This >>> dhcp-option DNS 10.0.0.1 >>> route 10.0.0.0 255.255.255.0 >>> redirect-gateway def1 >>> >>> >>> OpenVPN Status on PBX >>> >>> >>> User1 194.230.148.217:6184 10.10.11.2 4182 4520 Mon Apr 12 10:47:57 2021 1618217277 >>> >>> in sip.conf general I have this >>> >>> alwaysauthreject=yes >>> deny = 0.0.0.0/0.0.0.0 >>> permit = 10.0.0.0/255.255.255.0 >>> permit = 10.8.0.0/255.255.255.0 >>> permit = 10.10.11.0/255.255.255.0 >>> >>> regards Nedi >> >> Hi Nedi, >> >> important is that the phone registers to Asterisk on the virtual IP "10.10.11.x" and not on 10.0.0.132! >> >> You also need to add "localnet" in sip.conf for this virtual IP range in the NAT section. >> For provisioning to work you need to add the virtual IP range to "HTTP & HTTPS /phoneprov/ Allowed IP's:" (if not all (*) is allowed) and restart AstLinux. > > Update: and you need an external time server on the IP-phone and not the internal one from AstLinux (e.g. "europe.pool.ntp.org") > >>>> Am 10.04.2021 um 18:04 schrieb nedi <ne...@gm...>: >>>> >>>> Hi , >>>> has anyone working config for the snom phones and astlinux openVPN i tried and tried , it works with MacBook and Asttlinux OpenVPN, >>>> snom won’t connecting , what can I do to get it working? >>>> >>>> I putting ip adress of vpn server into vpn.cnf >>>> This is my snom vpn config: >>>> remote IP Adress of my PBX OpenVPN Server 1194 udp >>>> comp-lzo yes >>>> cipher AES-256-CBC >>>> key-direction 1 >>>> client >>>> ns-cert-type server >>>> nobind >>>> persist-key >>>> persist-tun >>>> dev tun >>>> verb 3 >>>> <ca> >>>> -----BEGIN CERTIFICATE----- >>>> …..my cert , key, and tl…. >>>> >>>> After not working i tried this vpn.cnf to put cert key separately as described by snom wiki putting all files into openvpn folder and made tarbal of them >>>> >>>> remote IP Adress of my PBX OpenVPN Server 1194 udp >>>> comp-lzo yes >>>> cipher AES-256-CBC >>>> key-direction 1 >>>> client >>>> ns-cert-type server >>>> nobind >>>> persist-key >>>> persist-tun >>>> dev tun >>>> verb 3 >>>> ca /openvpn/ca.crt >>>> cert /openvpn/client.crt >>>> key /openvpn/client.key >>>> >>>> Thanks >>>> >>>> Regards nedi >>>> >>>> >>>>> Am 08.04.2021 um 23:22 schrieb Michael Keuter <li...@mk...>: >>>>> >>>>> >>>>> >>>>>> Am 08.04.2021 um 22:59 schrieb nedi <ne...@gm...>: >>>>>> >>>>>> Hi MIchael, >>>>>> I need 2 Phoen connect to pbx from outside >>>>>> I have this snom Firmware and Patch for VPN flashed as Update, but this not working with my Synology. From Synology I can Export openvpn config file and use on Macbook OpenVpn app but there is not user.key included and user.crt ther are only ca.crt and openvpn.conf files. >>>>> >>>>> The Synology OpenVPN server is very limited from the WebGUI. >>>>> >>>>>> I think is not wrong with snom, I can make those tar file .. and flash the snome phone. After that I tried with Astlinux openvpn and forwarded port to Astlinux ip but with Astlinux i can’t Connect from snom, can’t connect from my smartphone or macbook. There is no connecting to VPN server. I thinK on astlinux side is something wrong. >>>>>> regards >>>>>> nedi >>>>> >>>>> You should definitely get it working first with your Mac, before trying the snom. >>>>> >>>>> https://doc.astlinux.org/userdoc:tt_openvpn_server >>>>> >>>>> For the snom use "Auth Method" => "Certificate" >>>>> >>>>> When I download the credentials and import the "openvpn-cert-key" *.ovpn file into Viscosity or Tunnelblick it works fine on a Mac. >>>>> >>>>>> >>>>>>> Am 08.04.2021 um 22:36 schrieb Michael Keuter <li...@mk...>: >>>>>>> >>>>>>> >>>>>>> >>>>>>>> Am 08.04.2021 um 22:24 schrieb nedi <ne...@gm...>: >>>>>>>> >>>>>>>> Hi, >>>>>>>> I tried to configure OpenVpn for the Snom phone without success on Astlinux box and on Synology. >>>>>>>> On Synology I have VPN working but I think is not compatible to the Snom phone I need a key file. >>>>>>>> >>>>>>>> >>>>>>>> astlinux-1.2.6.1 i586 - Asterisk 1.8.32.3 Runnix Release: runnix-0.4-7671 GUI Version: 1.8.40 >>>>>>>> >>>>>>>> Can Anyone help me to configure OpenVPN on Astlinux box. I Have Alix with only one Lan Port can be this is the issue because VPN won’t work or iptables firewall make some issues? >>>>>>>> I tried with firewall enabled or disabled, I rebooted, tried import openvpn.conf on Macbook. I made port-forwarding . >>>>>>>> >>>>>>>> In Firewal options is all disabled and I put into firewall Pass EXT->Local UDP 0/0 1194 >>>>> >>>>> You don't need that, it is done by the openvpn firewall plugin automatically. >>>>> >>>>>>>> >>>>>>>> My network is: 10.0.0.1 DNS: 10.0.0.1 NM: 255.255.255.0 ipv4 Gateway: 10.0.0.1 >>>>>>>> >>>>>>>> Tunnel Options: >>>>>>>> Protocol: UDPv4 Port: 1194 >>>>>>>> Log Verbosity: medium Compression: yes >>>>>>>> QoS Passthrough:Yes Legacy Cipher: AES-256-CBC >>>>>>>> Device:tun0 Auth HMAC: Use default >>>>>>>> Raw Commands: >>>>>>>> >>>>>>>> Authentication: >>>>>>>> Auth Method: Certificate >>>>>>>> Extra TLS-Auth: Yes >>>>>>>> >>>>>>>> Firewall Options: >>>>>>>> External Hosts: 0/0 >>>>>>>> >>>>>>>> Server Mode: >>>>>>>> Server Hostname(s): my dyndns >>>>> >>>>> Is this domain reachable? >>>>> Depending on your network/DNS configuration you might fail to test the VPN connection from your internal network. >>>>> >>>>> Try testing with your MacBook via a smartphone with Wifi Hotspot and mobile data instead. >>>>> >>>>>>>> Network IPv4 NM: 10.10.11.0 255.255.255.0 >>>>>>>> Network IPv6/nn: >>>>>>>> >>>>>>>> Topology: subnet latest , requires openvpn 2.1+ clients >>>>>>>> "push": dhcp-option DOMAIN priv.mydomain.ch <== can be it is wrong what i have here , do I need this? >>>>> >>>>> The domain option is not needed at first, you can still add it later. >>>>> >>>>>>>> dhcp-option DNS 10.10.10.1 >>>>>>>> route10.10.10.0 255.255.255.0 >>>>>>>> redirect-gateway def1 >>>>>>>> >>>>>>>> Server Certificate and Key: >>>>>>>> >>>>>>>> Private Key Size: 2048 >>>>>>>> Signature Algorithm: SHA-256 >>>>>>>> >>>>>>>> I made 2 Usr and downloaded zip files >>>>>>>> >>>>>>>> after import into openvpn app won’r connecting. >>>>>>>> >>>>>>>> regards Nedi >>>>>>> >>>>>>> I think some years ago snom removed OpenVPN from their default firmware images. You need a special firmware that enables OpenVPN. >>>>>>> >>>>>>> https://service.snom.com/display/wiki/Configuring+VPN+on+Snom+Deskphones#ConfiguringVPNonSnomDeskphones-InstallandconfigureOpenVPNontheSnomphones.1 >>>>>>> >>>>>>> Michael >>>>> >>>>> Michael >> >> Michael >> >> http://www.mksolutions.info >> >> >> >> >> >> _______________________________________________ >> Astlinux-users mailing list >> Ast...@li... >> https://lists.sourceforge.net/lists/listinfo/astlinux-users >> >> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... > > > Michael > > http://www.mksolutions.info > > > > > > _______________________________________________ > Astlinux-users mailing list > Ast...@li... > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... |
|
From: Michael K. <li...@mk...> - 2021-04-12 11:54:50
|
> Am 12.04.2021 um 13:48 schrieb Michael Keuter <li...@mk...>: > > > >> Am 12.04.2021 um 13:01 schrieb nedi <ne...@gm...>: >> >> Hi, >> I have my snom phone connected to the PBX trough OpenVPN, (on the display I see VPN Active, on PBX VPN Status is User1 connected but I can’t make provisioning and can't register, what can bee the issues? >> My Macbook or Android phone with SIP Client work trough this OpenVPN with the same VPN >> settings. >> >> My lan PBX is 10.0.0.132 >> My virtual Network IP for VPN Client is 10.10.11.2 >> My LTE Router for testing VPN is 192.168.1.1 >> >> what must be in PUSH section of my PBX VPN Config? >> >> I have This >> dhcp-option DNS 10.0.0.1 >> route 10.0.0.0 255.255.255.0 >> redirect-gateway def1 >> >> >> OpenVPN Status on PBX >> >> >> User1 194.230.148.217:6184 10.10.11.2 4182 4520 Mon Apr 12 10:47:57 2021 1618217277 >> >> in sip.conf general I have this >> >> alwaysauthreject=yes >> deny = 0.0.0.0/0.0.0.0 >> permit = 10.0.0.0/255.255.255.0 >> permit = 10.8.0.0/255.255.255.0 >> permit = 10.10.11.0/255.255.255.0 >> >> regards Nedi > > Hi Nedi, > > important is that the phone registers to Asterisk on the virtual IP "10.10.11.x" and not on 10.0.0.132! > > You also need to add "localnet" in sip.conf for this virtual IP range in the NAT section. > For provisioning to work you need to add the virtual IP range to "HTTP & HTTPS /phoneprov/ Allowed IP's:" (if not all (*) is allowed) and restart AstLinux. Update: and you need an external time server on the IP-phone and not the internal one from AstLinux (e.g. "europe.pool.ntp.org") >>> Am 10.04.2021 um 18:04 schrieb nedi <ne...@gm...>: >>> >>> Hi , >>> has anyone working config for the snom phones and astlinux openVPN i tried and tried , it works with MacBook and Asttlinux OpenVPN, >>> snom won’t connecting , what can I do to get it working? >>> >>> I putting ip adress of vpn server into vpn.cnf >>> This is my snom vpn config: >>> remote IP Adress of my PBX OpenVPN Server 1194 udp >>> comp-lzo yes >>> cipher AES-256-CBC >>> key-direction 1 >>> client >>> ns-cert-type server >>> nobind >>> persist-key >>> persist-tun >>> dev tun >>> verb 3 >>> <ca> >>> -----BEGIN CERTIFICATE----- >>> …..my cert , key, and tl…. >>> >>> After not working i tried this vpn.cnf to put cert key separately as described by snom wiki putting all files into openvpn folder and made tarbal of them >>> >>> remote IP Adress of my PBX OpenVPN Server 1194 udp >>> comp-lzo yes >>> cipher AES-256-CBC >>> key-direction 1 >>> client >>> ns-cert-type server >>> nobind >>> persist-key >>> persist-tun >>> dev tun >>> verb 3 >>> ca /openvpn/ca.crt >>> cert /openvpn/client.crt >>> key /openvpn/client.key >>> >>> Thanks >>> >>> Regards nedi >>> >>> >>>> Am 08.04.2021 um 23:22 schrieb Michael Keuter <li...@mk...>: >>>> >>>> >>>> >>>>> Am 08.04.2021 um 22:59 schrieb nedi <ne...@gm...>: >>>>> >>>>> Hi MIchael, >>>>> I need 2 Phoen connect to pbx from outside >>>>> I have this snom Firmware and Patch for VPN flashed as Update, but this not working with my Synology. From Synology I can Export openvpn config file and use on Macbook OpenVpn app but there is not user.key included and user.crt ther are only ca.crt and openvpn.conf files. >>>> >>>> The Synology OpenVPN server is very limited from the WebGUI. >>>> >>>>> I think is not wrong with snom, I can make those tar file .. and flash the snome phone. After that I tried with Astlinux openvpn and forwarded port to Astlinux ip but with Astlinux i can’t Connect from snom, can’t connect from my smartphone or macbook. There is no connecting to VPN server. I thinK on astlinux side is something wrong. >>>>> regards >>>>> nedi >>>> >>>> You should definitely get it working first with your Mac, before trying the snom. >>>> >>>> https://doc.astlinux.org/userdoc:tt_openvpn_server >>>> >>>> For the snom use "Auth Method" => "Certificate" >>>> >>>> When I download the credentials and import the "openvpn-cert-key" *.ovpn file into Viscosity or Tunnelblick it works fine on a Mac. >>>> >>>>> >>>>>> Am 08.04.2021 um 22:36 schrieb Michael Keuter <li...@mk...>: >>>>>> >>>>>> >>>>>> >>>>>>> Am 08.04.2021 um 22:24 schrieb nedi <ne...@gm...>: >>>>>>> >>>>>>> Hi, >>>>>>> I tried to configure OpenVpn for the Snom phone without success on Astlinux box and on Synology. >>>>>>> On Synology I have VPN working but I think is not compatible to the Snom phone I need a key file. >>>>>>> >>>>>>> >>>>>>> astlinux-1.2.6.1 i586 - Asterisk 1.8.32.3 Runnix Release: runnix-0.4-7671 GUI Version: 1.8.40 >>>>>>> >>>>>>> Can Anyone help me to configure OpenVPN on Astlinux box. I Have Alix with only one Lan Port can be this is the issue because VPN won’t work or iptables firewall make some issues? >>>>>>> I tried with firewall enabled or disabled, I rebooted, tried import openvpn.conf on Macbook. I made port-forwarding . >>>>>>> >>>>>>> In Firewal options is all disabled and I put into firewall Pass EXT->Local UDP 0/0 1194 >>>> >>>> You don't need that, it is done by the openvpn firewall plugin automatically. >>>> >>>>>>> >>>>>>> My network is: 10.0.0.1 DNS: 10.0.0.1 NM: 255.255.255.0 ipv4 Gateway: 10.0.0.1 >>>>>>> >>>>>>> Tunnel Options: >>>>>>> Protocol: UDPv4 Port: 1194 >>>>>>> Log Verbosity: medium Compression: yes >>>>>>> QoS Passthrough:Yes Legacy Cipher: AES-256-CBC >>>>>>> Device:tun0 Auth HMAC: Use default >>>>>>> Raw Commands: >>>>>>> >>>>>>> Authentication: >>>>>>> Auth Method: Certificate >>>>>>> Extra TLS-Auth: Yes >>>>>>> >>>>>>> Firewall Options: >>>>>>> External Hosts: 0/0 >>>>>>> >>>>>>> Server Mode: >>>>>>> Server Hostname(s): my dyndns >>>> >>>> Is this domain reachable? >>>> Depending on your network/DNS configuration you might fail to test the VPN connection from your internal network. >>>> >>>> Try testing with your MacBook via a smartphone with Wifi Hotspot and mobile data instead. >>>> >>>>>>> Network IPv4 NM: 10.10.11.0 255.255.255.0 >>>>>>> Network IPv6/nn: >>>>>>> >>>>>>> Topology: subnet latest , requires openvpn 2.1+ clients >>>>>>> "push": dhcp-option DOMAIN priv.mydomain.ch <== can be it is wrong what i have here , do I need this? >>>> >>>> The domain option is not needed at first, you can still add it later. >>>> >>>>>>> dhcp-option DNS 10.10.10.1 >>>>>>> route10.10.10.0 255.255.255.0 >>>>>>> redirect-gateway def1 >>>>>>> >>>>>>> Server Certificate and Key: >>>>>>> >>>>>>> Private Key Size: 2048 >>>>>>> Signature Algorithm: SHA-256 >>>>>>> >>>>>>> I made 2 Usr and downloaded zip files >>>>>>> >>>>>>> after import into openvpn app won’r connecting. >>>>>>> >>>>>>> regards Nedi >>>>>> >>>>>> I think some years ago snom removed OpenVPN from their default firmware images. You need a special firmware that enables OpenVPN. >>>>>> >>>>>> https://service.snom.com/display/wiki/Configuring+VPN+on+Snom+Deskphones#ConfiguringVPNonSnomDeskphones-InstallandconfigureOpenVPNontheSnomphones.1 >>>>>> >>>>>> Michael >>>> >>>> Michael > > Michael > > http://www.mksolutions.info > > > > > > _______________________________________________ > Astlinux-users mailing list > Ast...@li... > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... Michael http://www.mksolutions.info |
|
From: Michael K. <li...@mk...> - 2021-04-12 11:48:38
|
> Am 12.04.2021 um 13:01 schrieb nedi <ne...@gm...>: > > Hi, > I have my snom phone connected to the PBX trough OpenVPN, (on the display I see VPN Active, on PBX VPN Status is User1 connected but I can’t make provisioning and can't register, what can bee the issues? > My Macbook or Android phone with SIP Client work trough this OpenVPN with the same VPN > settings. > > My lan PBX is 10.0.0.132 > My virtual Network IP for VPN Client is 10.10.11.2 > My LTE Router for testing VPN is 192.168.1.1 > > what must be in PUSH section of my PBX VPN Config? > > I have This > dhcp-option DNS 10.0.0.1 > route 10.0.0.0 255.255.255.0 > redirect-gateway def1 > > > OpenVPN Status on PBX > > > User1 194.230.148.217:6184 10.10.11.2 4182 4520 Mon Apr 12 10:47:57 2021 1618217277 > > in sip.conf general I have this > > alwaysauthreject=yes > deny = 0.0.0.0/0.0.0.0 > permit = 10.0.0.0/255.255.255.0 > permit = 10.8.0.0/255.255.255.0 > permit = 10.10.11.0/255.255.255.0 > > regards Nedi Hi Nedi, important is that the phone registers to Asterisk on the virtual IP "10.10.11.x" and not on 10.0.0.132! You also need to add "localnet" in sip.conf for this virtual IP range in the NAT section. For provisioning to work you need to add the virtual IP range to "HTTP & HTTPS /phoneprov/ Allowed IP's:" (if not all (*) is allowed) and restart AstLinux. > >> Am 10.04.2021 um 18:04 schrieb nedi <ne...@gm...>: >> >> Hi , >> has anyone working config for the snom phones and astlinux openVPN i tried and tried , it works with MacBook and Asttlinux OpenVPN, >> snom won’t connecting , what can I do to get it working? >> >> I putting ip adress of vpn server into vpn.cnf >> This is my snom vpn config: >> remote IP Adress of my PBX OpenVPN Server 1194 udp >> comp-lzo yes >> cipher AES-256-CBC >> key-direction 1 >> client >> ns-cert-type server >> nobind >> persist-key >> persist-tun >> dev tun >> verb 3 >> <ca> >> -----BEGIN CERTIFICATE----- >> …..my cert , key, and tl…. >> >> After not working i tried this vpn.cnf to put cert key separately as described by snom wiki putting all files into openvpn folder and made tarbal of them >> >> remote IP Adress of my PBX OpenVPN Server 1194 udp >> comp-lzo yes >> cipher AES-256-CBC >> key-direction 1 >> client >> ns-cert-type server >> nobind >> persist-key >> persist-tun >> dev tun >> verb 3 >> ca /openvpn/ca.crt >> cert /openvpn/client.crt >> key /openvpn/client.key >> >> Thanks >> >> Regards nedi >> >> >>> Am 08.04.2021 um 23:22 schrieb Michael Keuter <li...@mk...>: >>> >>> >>> >>>> Am 08.04.2021 um 22:59 schrieb nedi <ne...@gm...>: >>>> >>>> Hi MIchael, >>>> I need 2 Phoen connect to pbx from outside >>>> I have this snom Firmware and Patch for VPN flashed as Update, but this not working with my Synology. From Synology I can Export openvpn config file and use on Macbook OpenVpn app but there is not user.key included and user.crt ther are only ca.crt and openvpn.conf files. >>> >>> The Synology OpenVPN server is very limited from the WebGUI. >>> >>>> I think is not wrong with snom, I can make those tar file .. and flash the snome phone. After that I tried with Astlinux openvpn and forwarded port to Astlinux ip but with Astlinux i can’t Connect from snom, can’t connect from my smartphone or macbook. There is no connecting to VPN server. I thinK on astlinux side is something wrong. >>>> regards >>>> nedi >>> >>> You should definitely get it working first with your Mac, before trying the snom. >>> >>> https://doc.astlinux.org/userdoc:tt_openvpn_server >>> >>> For the snom use "Auth Method" => "Certificate" >>> >>> When I download the credentials and import the "openvpn-cert-key" *.ovpn file into Viscosity or Tunnelblick it works fine on a Mac. >>> >>>> >>>>> Am 08.04.2021 um 22:36 schrieb Michael Keuter <li...@mk...>: >>>>> >>>>> >>>>> >>>>>> Am 08.04.2021 um 22:24 schrieb nedi <ne...@gm...>: >>>>>> >>>>>> Hi, >>>>>> I tried to configure OpenVpn for the Snom phone without success on Astlinux box and on Synology. >>>>>> On Synology I have VPN working but I think is not compatible to the Snom phone I need a key file. >>>>>> >>>>>> >>>>>> astlinux-1.2.6.1 i586 - Asterisk 1.8.32.3 Runnix Release: runnix-0.4-7671 GUI Version: 1.8.40 >>>>>> >>>>>> Can Anyone help me to configure OpenVPN on Astlinux box. I Have Alix with only one Lan Port can be this is the issue because VPN won’t work or iptables firewall make some issues? >>>>>> I tried with firewall enabled or disabled, I rebooted, tried import openvpn.conf on Macbook. I made port-forwarding . >>>>>> >>>>>> In Firewal options is all disabled and I put into firewall Pass EXT->Local UDP 0/0 1194 >>> >>> You don't need that, it is done by the openvpn firewall plugin automatically. >>> >>>>>> >>>>>> My network is: 10.0.0.1 DNS: 10.0.0.1 NM: 255.255.255.0 ipv4 Gateway: 10.0.0.1 >>>>>> >>>>>> Tunnel Options: >>>>>> Protocol: UDPv4 Port: 1194 >>>>>> Log Verbosity: medium Compression: yes >>>>>> QoS Passthrough:Yes Legacy Cipher: AES-256-CBC >>>>>> Device:tun0 Auth HMAC: Use default >>>>>> Raw Commands: >>>>>> >>>>>> Authentication: >>>>>> Auth Method: Certificate >>>>>> Extra TLS-Auth: Yes >>>>>> >>>>>> Firewall Options: >>>>>> External Hosts: 0/0 >>>>>> >>>>>> Server Mode: >>>>>> Server Hostname(s): my dyndns >>> >>> Is this domain reachable? >>> Depending on your network/DNS configuration you might fail to test the VPN connection from your internal network. >>> >>> Try testing with your MacBook via a smartphone with Wifi Hotspot and mobile data instead. >>> >>>>>> Network IPv4 NM: 10.10.11.0 255.255.255.0 >>>>>> Network IPv6/nn: >>>>>> >>>>>> Topology: subnet latest , requires openvpn 2.1+ clients >>>>>> "push": dhcp-option DOMAIN priv.mydomain.ch <== can be it is wrong what i have here , do I need this? >>> >>> The domain option is not needed at first, you can still add it later. >>> >>>>>> dhcp-option DNS 10.10.10.1 >>>>>> route10.10.10.0 255.255.255.0 >>>>>> redirect-gateway def1 >>>>>> >>>>>> Server Certificate and Key: >>>>>> >>>>>> Private Key Size: 2048 >>>>>> Signature Algorithm: SHA-256 >>>>>> >>>>>> I made 2 Usr and downloaded zip files >>>>>> >>>>>> after import into openvpn app won’r connecting. >>>>>> >>>>>> regards Nedi >>>>> >>>>> I think some years ago snom removed OpenVPN from their default firmware images. You need a special firmware that enables OpenVPN. >>>>> >>>>> https://service.snom.com/display/wiki/Configuring+VPN+on+Snom+Deskphones#ConfiguringVPNonSnomDeskphones-InstallandconfigureOpenVPNontheSnomphones.1 >>>>> >>>>> Michael >>> >>> Michael Michael http://www.mksolutions.info |
|
From: nedi <ne...@gm...> - 2021-04-12 11:01:23
|
Hi, I have my snom phone connected to the PBX trough OpenVPN, (on the display I see VPN Active, on PBX VPN Status is User1 connected but I can’t make provisioning and can't register, what can bee the issues? My Macbook or Android phone with SIP Client work trough this OpenVPN with the same VPN settings. My lan PBX is 10.0.0.132 My virtual Network IP for VPN Client is 10.10.11.2 My LTE Router for testing VPN is 192.168.1.1 what must be in PUSH section of my PBX VPN Config? I have This dhcp-option DNS 10.0.0.1 route 10.0.0.0 255.255.255.0 redirect-gateway def1 OpenVPN Status on PBX User1 194.230.148.217:6184 10.10.11.2 4182 4520 Mon Apr 12 10:47:57 2021 1618217277 in sip.conf general I have this alwaysauthreject=yes deny = 0.0.0.0/0.0.0.0 permit = 10.0.0.0/255.255.255.0 permit = 10.8.0.0/255.255.255.0 permit = 10.10.11.0/255.255.255.0 regards Nedi > Am 10.04.2021 um 18:04 schrieb nedi <ne...@gm...>: > > Hi , > has anyone working config for the snom phones and astlinux openVPN i tried and tried , it works with MacBook and Asttlinux OpenVPN, > snom won’t connecting , what can I do to get it working? > > I putting ip adress of vpn server into vpn.cnf > This is my snom vpn config: > remote IP Adress of my PBX OpenVPN Server 1194 udp > comp-lzo yes > cipher AES-256-CBC > key-direction 1 > client > ns-cert-type server > nobind > persist-key > persist-tun > dev tun > verb 3 > <ca> > -----BEGIN CERTIFICATE----- > …..my cert , key, and tl…. > > After not working i tried this vpn.cnf to put cert key separately as described by snom wiki putting all files into openvpn folder and made tarbal of them > > remote IP Adress of my PBX OpenVPN Server 1194 udp > comp-lzo yes > cipher AES-256-CBC > key-direction 1 > client > ns-cert-type server > nobind > persist-key > persist-tun > dev tun > verb 3 > ca /openvpn/ca.crt > cert /openvpn/client.crt > key /openvpn/client.key > > Thanks > > Regards nedi > > >> Am 08.04.2021 um 23:22 schrieb Michael Keuter <li...@mk...>: >> >> >> >>> Am 08.04.2021 um 22:59 schrieb nedi <ne...@gm...>: >>> >>> Hi MIchael, >>> I need 2 Phoen connect to pbx from outside >>> I have this snom Firmware and Patch for VPN flashed as Update, but this not working with my Synology. From Synology I can Export openvpn config file and use on Macbook OpenVpn app but there is not user.key included and user.crt ther are only ca.crt and openvpn.conf files. >> >> The Synology OpenVPN server is very limited from the WebGUI. >> >>> I think is not wrong with snom, I can make those tar file .. and flash the snome phone. After that I tried with Astlinux openvpn and forwarded port to Astlinux ip but with Astlinux i can’t Connect from snom, can’t connect from my smartphone or macbook. There is no connecting to VPN server. I thinK on astlinux side is something wrong. >>> regards >>> nedi >> >> You should definitely get it working first with your Mac, before trying the snom. >> >> https://doc.astlinux.org/userdoc:tt_openvpn_server >> >> For the snom use "Auth Method" => "Certificate" >> >> When I download the credentials and import the "openvpn-cert-key" *.ovpn file into Viscosity or Tunnelblick it works fine on a Mac. >> >>> >>>> Am 08.04.2021 um 22:36 schrieb Michael Keuter <li...@mk...>: >>>> >>>> >>>> >>>>> Am 08.04.2021 um 22:24 schrieb nedi <ne...@gm...>: >>>>> >>>>> Hi, >>>>> I tried to configure OpenVpn for the Snom phone without success on Astlinux box and on Synology. >>>>> On Synology I have VPN working but I think is not compatible to the Snom phone I need a key file. >>>>> >>>>> >>>>> astlinux-1.2.6.1 i586 - Asterisk 1.8.32.3 Runnix Release: runnix-0.4-7671 GUI Version: 1.8.40 >>>>> >>>>> Can Anyone help me to configure OpenVPN on Astlinux box. I Have Alix with only one Lan Port can be this is the issue because VPN won’t work or iptables firewall make some issues? >>>>> I tried with firewall enabled or disabled, I rebooted, tried import openvpn.conf on Macbook. I made port-forwarding . >>>>> >>>>> In Firewal options is all disabled and I put into firewall Pass EXT->Local UDP 0/0 1194 >> >> You don't need that, it is done by the openvpn firewall plugin automatically. >> >>>>> >>>>> My network is: 10.0.0.1 DNS: 10.0.0.1 NM: 255.255.255.0 ipv4 Gateway: 10.0.0.1 >>>>> >>>>> Tunnel Options: >>>>> Protocol: UDPv4 Port: 1194 >>>>> Log Verbosity: medium Compression: yes >>>>> QoS Passthrough:Yes Legacy Cipher: AES-256-CBC >>>>> Device:tun0 Auth HMAC: Use default >>>>> Raw Commands: >>>>> >>>>> Authentication: >>>>> Auth Method: Certificate >>>>> Extra TLS-Auth: Yes >>>>> >>>>> Firewall Options: >>>>> External Hosts: 0/0 >>>>> >>>>> Server Mode: >>>>> Server Hostname(s): my dyndns >> >> Is this domain reachable? >> Depending on your network/DNS configuration you might fail to test the VPN connection from your internal network. >> >> Try testing with your MacBook via a smartphone with Wifi Hotspot and mobile data instead. >> >>>>> Network IPv4 NM: 10.10.11.0 255.255.255.0 >>>>> Network IPv6/nn: >>>>> >>>>> Topology: subnet latest , requires openvpn 2.1+ clients >>>>> "push": dhcp-option DOMAIN priv.mydomain.ch <== can be it is wrong what i have here , do I need this? >> >> The domain option is not needed at first, you can still add it later. >> >>>>> dhcp-option DNS 10.10.10.1 >>>>> route10.10.10.0 255.255.255.0 >>>>> redirect-gateway def1 >>>>> >>>>> Server Certificate and Key: >>>>> >>>>> Private Key Size: 2048 >>>>> Signature Algorithm: SHA-256 >>>>> >>>>> I made 2 Usr and downloaded zip files >>>>> >>>>> after import into openvpn app won’r connecting. >>>>> >>>>> regards Nedi >>>> >>>> I think some years ago snom removed OpenVPN from their default firmware images. You need a special firmware that enables OpenVPN. >>>> >>>> https://service.snom.com/display/wiki/Configuring+VPN+on+Snom+Deskphones#ConfiguringVPNonSnomDeskphones-InstallandconfigureOpenVPNontheSnomphones.1 >>>> >>>> Michael >> >> Michael >> >> http://www.mksolutions.info >> >> >> >> >> >> _______________________________________________ >> Astlinux-users mailing list >> Ast...@li... >> https://lists.sourceforge.net/lists/listinfo/astlinux-users >> >> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... > > > > |
|
From: Michael K. <mic...@ip...> - 2021-04-11 10:21:15
|
Hi Nedi I have about 100 Yealink phones working over OpenVPN and can assure you they are excellent. Some have been in for years. No brainer as far as I'm concerned. Regards Michael Knill From: Nedeljko Grgic <ne...@gm...> Reply to: AstLinux List <ast...@li...> Date: Sunday, 11 April 2021 at 3:49 am To: AstLinux List <ast...@li...> Subject: Re: [Astlinux-users] how to confogure OpenVPN on Astlinux for Snom Phone HI Michael, I see the wiki and use separate files. how is it with yealink? I need 2 phones to connect trough vpn. Does yealink working good? regards Nedi Am 10. Apr. 2021, um 18:23, Michael Keuter <li...@mk...<mailto:li...@mk...>> schrieb: Hi Nedi, I never used snom phones for OpenVPN (only Yealink) since the stripped VPN from their default firmware (years ago). Have you followed their instructions at: https://service.snom.com/display/wiki/Configuring+VPN+on+Snom+Deskphones It looks at they need separate files for the keys and cert. There are example configs. BTW: Depending how old the phones are e.g. "AES-256-CBC" might not be supported by the phones hardware. Am 10.04.2021 um 18:04 schrieb nedi <ne...@gm...>: Hi , has anyone working config for the snom phones and astlinux openVPN i tried and tried , it works with MacBook and Asttlinux OpenVPN, snom won’t connecting , what can I do to get it working? I putting ip adress of vpn server into vpn.cnf This is my snom vpn config: remote IP Adress of my PBX OpenVPN Server 1194 udp comp-lzo yes cipher AES-256-CBC key-direction 1 client ns-cert-type server nobind persist-key persist-tun dev tun verb 3 <ca> -----BEGIN CERTIFICATE----- …..my cert , key, and tl…. After not working i tried this vpn.cnf to put cert key separately as described by snom wiki putting all files into openvpn folder and made tarbal of them remote IP Adress of my PBX OpenVPN Server 1194 udp comp-lzo yes cipher AES-256-CBC key-direction 1 client ns-cert-type server nobind persist-key persist-tun dev tun verb 3 ca /openvpn/ca.crt cert /openvpn/client.crt key /openvpn/client.key Thanks Regards nedi Am 08.04.2021 um 23:22 schrieb Michael Keuter <li...@mk...>: Am 08.04.2021 um 22:59 schrieb nedi <ne...@gm...>: Hi MIchael, I need 2 Phoen connect to pbx from outside I have this snom Firmware and Patch for VPN flashed as Update, but this not working with my Synology. From Synology I can Export openvpn config file and use on Macbook OpenVpn app but there is not user.key included and user.crt ther are only ca.crt and openvpn.conf files. The Synology OpenVPN server is very limited from the WebGUI. I think is not wrong with snom, I can make those tar file .. and flash the snome phone. After that I tried with Astlinux openvpn and forwarded port to Astlinux ip but with Astlinux i can’t Connect from snom, can’t connect from my smartphone or macbook. There is no connecting to VPN server. I thinK on astlinux side is something wrong. regards nedi You should definitely get it working first with your Mac, before trying the snom. https://doc.astlinux.org/userdoc:tt_openvpn_server For the snom use "Auth Method" => "Certificate" When I download the credentials and import the "openvpn-cert-key" *.ovpn file into Viscosity or Tunnelblick it works fine on a Mac. Am 08.04.2021 um 22:36 schrieb Michael Keuter <li...@mk...>: Am 08.04.2021 um 22:24 schrieb nedi <ne...@gm...>: Hi, I tried to configure OpenVpn for the Snom phone without success on Astlinux box and on Synology. On Synology I have VPN working but I think is not compatible to the Snom phone I need a key file. astlinux-1.2.6.1<http://1.2.6.1> i586 - Asterisk 1.8.32.3<http://1.8.32.3> Runnix Release: runnix-0.4-7671 GUI Version: 1.8.40 Can Anyone help me to configure OpenVPN on Astlinux box. I Have Alix with only one Lan Port can be this is the issue because VPN won’t work or iptables firewall make some issues? I tried with firewall enabled or disabled, I rebooted, tried import openvpn.conf on Macbook. I made port-forwarding . In Firewal options is all disabled and I put into firewall Pass EXT->Local UDP 0/0 1194 You don't need that, it is done by the openvpn firewall plugin automatically. My network is: 10.0.0.1<http://10.0.0.1> DNS: 10.0.0.1<http://10.0.0.1> NM: 255.255.255.0<http://255.255.255.0> ipv4 Gateway: 10.0.0.1<http://10.0.0.1> Tunnel Options: Protocol: UDPv4 Port: 1194 Log Verbosity: medium Compression: yes QoS Passthrough:Yes Legacy Cipher: AES-256-CBC Device:tun0 Auth HMAC: Use default Raw Commands: Authentication: Auth Method: Certificate Extra TLS-Auth: Yes Firewall Options: External Hosts: 0/0 Server Mode: Server Hostname(s): my dyndns Is this domain reachable? Depending on your network/DNS configuration you might fail to test the VPN connection from your internal network. Try testing with your MacBook via a smartphone with Wifi Hotspot and mobile data instead. Network IPv4 NM: 10.10.11.0<http://10.10.11.0> 255.255.255.0<http://255.255.255.0> Network IPv6/nn: Topology: subnet latest , requires openvpn 2.1+ clients "push": dhcp-option DOMAIN priv.mydomain.ch<http://priv.mydomain.ch> <== can be it is wrong what i have here , do I need this? The domain option is not needed at first, you can still add it later. dhcp-option DNS 10.10.10.1<http://10.10.10.1> route10.10.10.0<http://10.10.10.0> 255.255.255.0<http://255.255.255.0> redirect-gateway def1 Server Certificate and Key: Private Key Size: 2048 Signature Algorithm: SHA-256 I made 2 Usr and downloaded zip files after import into openvpn app won’r connecting. regards Nedi I think some years ago snom removed OpenVPN from their default firmware images. You need a special firmware that enables OpenVPN. https://service.snom.com/display/wiki/Configuring+VPN+on+Snom+Deskphones#ConfiguringVPNonSnomDeskphones-InstallandconfigureOpenVPNontheSnomphones.1 Michael Michael Michael http://www.mksolutions.info ________________________________ Astlinux-users mailing list Ast...@li... https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... |
|
From: Nedeljko G. <ne...@gm...> - 2021-04-10 17:49:10
|
HI Michael, I see the wiki and use separate files. how is it with yealink? I need 2 phones to connect trough vpn. Does yealink working good? regards Nedi Am 10. Apr. 2021, 18:23, um 18:23, Michael Keuter <li...@mk...> schrieb: >Hi Nedi, > >I never used snom phones for OpenVPN (only Yealink) since the stripped >VPN from their default firmware (years ago). >Have you followed their instructions at: > >https://service.snom.com/display/wiki/Configuring+VPN+on+Snom+Deskphones > >It looks at they need separate files for the keys and cert. There are >example configs. >BTW: Depending how old the phones are e.g. "AES-256-CBC" might not be >supported by the phones hardware. > >> Am 10.04.2021 um 18:04 schrieb nedi <ne...@gm...>: >> >> Hi , >> has anyone working config for the snom phones and astlinux openVPN i >tried and tried , it works with MacBook and Asttlinux OpenVPN, >> snom won’t connecting , what can I do to get it working? >> >> I putting ip adress of vpn server into vpn.cnf >> This is my snom vpn config: >> remote IP Adress of my PBX OpenVPN Server 1194 udp >> comp-lzo yes >> cipher AES-256-CBC >> key-direction 1 >> client >> ns-cert-type server >> nobind >> persist-key >> persist-tun >> dev tun >> verb 3 >> <ca> >> -----BEGIN CERTIFICATE----- >> …..my cert , key, and tl…. >> >> After not working i tried this vpn.cnf to put cert key separately >as described by snom wiki putting all files into openvpn folder and >made tarbal of them >> >> remote IP Adress of my PBX OpenVPN Server 1194 udp >> comp-lzo yes >> cipher AES-256-CBC >> key-direction 1 >> client >> ns-cert-type server >> nobind >> persist-key >> persist-tun >> dev tun >> verb 3 >> ca /openvpn/ca.crt >> cert /openvpn/client.crt >> key /openvpn/client.key >> >> Thanks >> >> Regards nedi >> >> >>> Am 08.04.2021 um 23:22 schrieb Michael Keuter ><li...@mk...>: >>> >>> >>> >>>> Am 08.04.2021 um 22:59 schrieb nedi <ne...@gm...>: >>>> >>>> Hi MIchael, >>>> I need 2 Phoen connect to pbx from outside >>>> I have this snom Firmware and Patch for VPN flashed as Update, but >this not working with my Synology. From Synology I can Export openvpn >config file and use on Macbook OpenVpn app but there is not user.key >included and user.crt ther are only ca.crt and openvpn.conf files. >>> >>> The Synology OpenVPN server is very limited from the WebGUI. >>> >>>> I think is not wrong with snom, I can make those tar file .. and >flash the snome phone. After that I tried with Astlinux openvpn and >forwarded port to Astlinux ip but with Astlinux i can’t Connect from >snom, can’t connect from my smartphone or macbook. There is no >connecting to VPN server. I thinK on astlinux side is something wrong. >>>> regards >>>> nedi >>> >>> You should definitely get it working first with your Mac, before >trying the snom. >>> >>> https://doc.astlinux.org/userdoc:tt_openvpn_server >>> >>> For the snom use "Auth Method" => "Certificate" >>> >>> When I download the credentials and import the "openvpn-cert-key" >*.ovpn file into Viscosity or Tunnelblick it works fine on a Mac. >>> >>>> >>>>> Am 08.04.2021 um 22:36 schrieb Michael Keuter ><li...@mk...>: >>>>> >>>>> >>>>> >>>>>> Am 08.04.2021 um 22:24 schrieb nedi <ne...@gm...>: >>>>>> >>>>>> Hi, >>>>>> I tried to configure OpenVpn for the Snom phone without success >on Astlinux box and on Synology. >>>>>> On Synology I have VPN working but I think is not compatible to >the Snom phone I need a key file. >>>>>> >>>>>> >>>>>> astlinux-1.2.6.1 i586 - Asterisk 1.8.32.3 Runnix >Release: runnix-0.4-7671 GUI Version: 1.8.40 >>>>>> >>>>>> Can Anyone help me to configure OpenVPN on Astlinux box. I Have >Alix with only one Lan Port can be this is the issue because VPN won’t >work or iptables firewall make some issues? >>>>>> I tried with firewall enabled or disabled, I rebooted, tried >import openvpn.conf on Macbook. I made port-forwarding . >>>>>> >>>>>> In Firewal options is all disabled and I put into firewall Pass >EXT->Local UDP 0/0 1194 >>> >>> You don't need that, it is done by the openvpn firewall plugin >automatically. >>> >>>>>> >>>>>> My network is: 10.0.0.1 DNS: 10.0.0.1 NM: 255.255.255.0 >ipv4 Gateway: 10.0.0.1 >>>>>> >>>>>> Tunnel Options: >>>>>> Protocol: UDPv4 Port: 1194 >>>>>> Log Verbosity: medium Compression: yes >>>>>> QoS Passthrough:Yes Legacy Cipher: AES-256-CBC >>>>>> Device:tun0 Auth HMAC: Use default >>>>>> Raw Commands: >>>>>> >>>>>> Authentication: >>>>>> Auth Method: Certificate >>>>>> Extra TLS-Auth: Yes >>>>>> >>>>>> Firewall Options: >>>>>> External Hosts: 0/0 >>>>>> >>>>>> Server Mode: >>>>>> Server Hostname(s): my dyndns >>> >>> Is this domain reachable? >>> Depending on your network/DNS configuration you might fail to test >the VPN connection from your internal network. >>> >>> Try testing with your MacBook via a smartphone with Wifi Hotspot and >mobile data instead. >>> >>>>>> Network IPv4 NM: 10.10.11.0 255.255.255.0 >>>>>> Network IPv6/nn: >>>>>> >>>>>> Topology: subnet latest , requires openvpn 2.1+ clients >>>>>> "push": dhcp-option DOMAIN priv.mydomain.ch <== >can be it is wrong what i have here , do I need this? >>> >>> The domain option is not needed at first, you can still add it >later. >>> >>>>>> dhcp-option DNS 10.10.10.1 >>>>>> route10.10.10.0 255.255.255.0 >>>>>> redirect-gateway def1 >>>>>> >>>>>> Server Certificate and Key: >>>>>> >>>>>> Private Key Size: 2048 >>>>>> Signature Algorithm: SHA-256 >>>>>> >>>>>> I made 2 Usr and downloaded zip files >>>>>> >>>>>> after import into openvpn app won’r connecting. >>>>>> >>>>>> regards Nedi >>>>> >>>>> I think some years ago snom removed OpenVPN from their default >firmware images. You need a special firmware that enables OpenVPN. >>>>> >>>>> >https://service.snom.com/display/wiki/Configuring+VPN+on+Snom+Deskphones#ConfiguringVPNonSnomDeskphones-InstallandconfigureOpenVPNontheSnomphones.1 >>>>> >>>>> Michael >>> >>> Michael > >Michael > >http://www.mksolutions.info > > > > > >_______________________________________________ >Astlinux-users mailing list >Ast...@li... >https://lists.sourceforge.net/lists/listinfo/astlinux-users > >Donations to support AstLinux are graciously accepted via PayPal to >pa...@kr.... |
|
From: Michael K. <li...@mk...> - 2021-04-10 16:22:40
|
Hi Nedi, I never used snom phones for OpenVPN (only Yealink) since the stripped VPN from their default firmware (years ago). Have you followed their instructions at: https://service.snom.com/display/wiki/Configuring+VPN+on+Snom+Deskphones It looks at they need separate files for the keys and cert. There are example configs. BTW: Depending how old the phones are e.g. "AES-256-CBC" might not be supported by the phones hardware. > Am 10.04.2021 um 18:04 schrieb nedi <ne...@gm...>: > > Hi , > has anyone working config for the snom phones and astlinux openVPN i tried and tried , it works with MacBook and Asttlinux OpenVPN, > snom won’t connecting , what can I do to get it working? > > I putting ip adress of vpn server into vpn.cnf > This is my snom vpn config: > remote IP Adress of my PBX OpenVPN Server 1194 udp > comp-lzo yes > cipher AES-256-CBC > key-direction 1 > client > ns-cert-type server > nobind > persist-key > persist-tun > dev tun > verb 3 > <ca> > -----BEGIN CERTIFICATE----- > …..my cert , key, and tl…. > > After not working i tried this vpn.cnf to put cert key separately as described by snom wiki putting all files into openvpn folder and made tarbal of them > > remote IP Adress of my PBX OpenVPN Server 1194 udp > comp-lzo yes > cipher AES-256-CBC > key-direction 1 > client > ns-cert-type server > nobind > persist-key > persist-tun > dev tun > verb 3 > ca /openvpn/ca.crt > cert /openvpn/client.crt > key /openvpn/client.key > > Thanks > > Regards nedi > > >> Am 08.04.2021 um 23:22 schrieb Michael Keuter <li...@mk...>: >> >> >> >>> Am 08.04.2021 um 22:59 schrieb nedi <ne...@gm...>: >>> >>> Hi MIchael, >>> I need 2 Phoen connect to pbx from outside >>> I have this snom Firmware and Patch for VPN flashed as Update, but this not working with my Synology. From Synology I can Export openvpn config file and use on Macbook OpenVpn app but there is not user.key included and user.crt ther are only ca.crt and openvpn.conf files. >> >> The Synology OpenVPN server is very limited from the WebGUI. >> >>> I think is not wrong with snom, I can make those tar file .. and flash the snome phone. After that I tried with Astlinux openvpn and forwarded port to Astlinux ip but with Astlinux i can’t Connect from snom, can’t connect from my smartphone or macbook. There is no connecting to VPN server. I thinK on astlinux side is something wrong. >>> regards >>> nedi >> >> You should definitely get it working first with your Mac, before trying the snom. >> >> https://doc.astlinux.org/userdoc:tt_openvpn_server >> >> For the snom use "Auth Method" => "Certificate" >> >> When I download the credentials and import the "openvpn-cert-key" *.ovpn file into Viscosity or Tunnelblick it works fine on a Mac. >> >>> >>>> Am 08.04.2021 um 22:36 schrieb Michael Keuter <li...@mk...>: >>>> >>>> >>>> >>>>> Am 08.04.2021 um 22:24 schrieb nedi <ne...@gm...>: >>>>> >>>>> Hi, >>>>> I tried to configure OpenVpn for the Snom phone without success on Astlinux box and on Synology. >>>>> On Synology I have VPN working but I think is not compatible to the Snom phone I need a key file. >>>>> >>>>> >>>>> astlinux-1.2.6.1 i586 - Asterisk 1.8.32.3 Runnix Release: runnix-0.4-7671 GUI Version: 1.8.40 >>>>> >>>>> Can Anyone help me to configure OpenVPN on Astlinux box. I Have Alix with only one Lan Port can be this is the issue because VPN won’t work or iptables firewall make some issues? >>>>> I tried with firewall enabled or disabled, I rebooted, tried import openvpn.conf on Macbook. I made port-forwarding . >>>>> >>>>> In Firewal options is all disabled and I put into firewall Pass EXT->Local UDP 0/0 1194 >> >> You don't need that, it is done by the openvpn firewall plugin automatically. >> >>>>> >>>>> My network is: 10.0.0.1 DNS: 10.0.0.1 NM: 255.255.255.0 ipv4 Gateway: 10.0.0.1 >>>>> >>>>> Tunnel Options: >>>>> Protocol: UDPv4 Port: 1194 >>>>> Log Verbosity: medium Compression: yes >>>>> QoS Passthrough:Yes Legacy Cipher: AES-256-CBC >>>>> Device:tun0 Auth HMAC: Use default >>>>> Raw Commands: >>>>> >>>>> Authentication: >>>>> Auth Method: Certificate >>>>> Extra TLS-Auth: Yes >>>>> >>>>> Firewall Options: >>>>> External Hosts: 0/0 >>>>> >>>>> Server Mode: >>>>> Server Hostname(s): my dyndns >> >> Is this domain reachable? >> Depending on your network/DNS configuration you might fail to test the VPN connection from your internal network. >> >> Try testing with your MacBook via a smartphone with Wifi Hotspot and mobile data instead. >> >>>>> Network IPv4 NM: 10.10.11.0 255.255.255.0 >>>>> Network IPv6/nn: >>>>> >>>>> Topology: subnet latest , requires openvpn 2.1+ clients >>>>> "push": dhcp-option DOMAIN priv.mydomain.ch <== can be it is wrong what i have here , do I need this? >> >> The domain option is not needed at first, you can still add it later. >> >>>>> dhcp-option DNS 10.10.10.1 >>>>> route10.10.10.0 255.255.255.0 >>>>> redirect-gateway def1 >>>>> >>>>> Server Certificate and Key: >>>>> >>>>> Private Key Size: 2048 >>>>> Signature Algorithm: SHA-256 >>>>> >>>>> I made 2 Usr and downloaded zip files >>>>> >>>>> after import into openvpn app won’r connecting. >>>>> >>>>> regards Nedi >>>> >>>> I think some years ago snom removed OpenVPN from their default firmware images. You need a special firmware that enables OpenVPN. >>>> >>>> https://service.snom.com/display/wiki/Configuring+VPN+on+Snom+Deskphones#ConfiguringVPNonSnomDeskphones-InstallandconfigureOpenVPNontheSnomphones.1 >>>> >>>> Michael >> >> Michael Michael http://www.mksolutions.info |
|
From: nedi <ne...@gm...> - 2021-04-10 16:05:08
|
Hi , has anyone working config for the snom phones and astlinux openVPN i tried and tried , it works with MacBook and Asttlinux OpenVPN, snom won’t connecting , what can I do to get it working? I putting ip adress of vpn server into vpn.cnf This is my snom vpn config: remote IP Adress of my PBX OpenVPN Server 1194 udp comp-lzo yes cipher AES-256-CBC key-direction 1 client ns-cert-type server nobind persist-key persist-tun dev tun verb 3 <ca> -----BEGIN CERTIFICATE----- …..my cert , key, and tl…. After not working i tried this vpn.cnf to put cert key separately as described by snom wiki putting all files into openvpn folder and made tarbal of them remote IP Adress of my PBX OpenVPN Server 1194 udp comp-lzo yes cipher AES-256-CBC key-direction 1 client ns-cert-type server nobind persist-key persist-tun dev tun verb 3 ca /openvpn/ca.crt cert /openvpn/client.crt key /openvpn/client.key Thanks Regards nedi > Am 08.04.2021 um 23:22 schrieb Michael Keuter <li...@mk...>: > > > >> Am 08.04.2021 um 22:59 schrieb nedi <ne...@gm...>: >> >> Hi MIchael, >> I need 2 Phoen connect to pbx from outside >> I have this snom Firmware and Patch for VPN flashed as Update, but this not working with my Synology. From Synology I can Export openvpn config file and use on Macbook OpenVpn app but there is not user.key included and user.crt ther are only ca.crt and openvpn.conf files. > > The Synology OpenVPN server is very limited from the WebGUI. > >> I think is not wrong with snom, I can make those tar file .. and flash the snome phone. After that I tried with Astlinux openvpn and forwarded port to Astlinux ip but with Astlinux i can’t Connect from snom, can’t connect from my smartphone or macbook. There is no connecting to VPN server. I thinK on astlinux side is something wrong. >> regards >> nedi > > You should definitely get it working first with your Mac, before trying the snom. > > https://doc.astlinux.org/userdoc:tt_openvpn_server > > For the snom use "Auth Method" => "Certificate" > > When I download the credentials and import the "openvpn-cert-key" *.ovpn file into Viscosity or Tunnelblick it works fine on a Mac. > >> >>> Am 08.04.2021 um 22:36 schrieb Michael Keuter <li...@mk...>: >>> >>> >>> >>>> Am 08.04.2021 um 22:24 schrieb nedi <ne...@gm...>: >>>> >>>> Hi, >>>> I tried to configure OpenVpn for the Snom phone without success on Astlinux box and on Synology. >>>> On Synology I have VPN working but I think is not compatible to the Snom phone I need a key file. >>>> >>>> >>>> astlinux-1.2.6.1 i586 - Asterisk 1.8.32.3 Runnix Release: runnix-0.4-7671 GUI Version: 1.8.40 >>>> >>>> Can Anyone help me to configure OpenVPN on Astlinux box. I Have Alix with only one Lan Port can be this is the issue because VPN won’t work or iptables firewall make some issues? >>>> I tried with firewall enabled or disabled, I rebooted, tried import openvpn.conf on Macbook. I made port-forwarding . >>>> >>>> In Firewal options is all disabled and I put into firewall Pass EXT->Local UDP 0/0 1194 > > You don't need that, it is done by the openvpn firewall plugin automatically. > >>>> >>>> My network is: 10.0.0.1 DNS: 10.0.0.1 NM: 255.255.255.0 ipv4 Gateway: 10.0.0.1 >>>> >>>> Tunnel Options: >>>> Protocol: UDPv4 Port: 1194 >>>> Log Verbosity: medium Compression: yes >>>> QoS Passthrough:Yes Legacy Cipher: AES-256-CBC >>>> Device:tun0 Auth HMAC: Use default >>>> Raw Commands: >>>> >>>> Authentication: >>>> Auth Method: Certificate >>>> Extra TLS-Auth: Yes >>>> >>>> Firewall Options: >>>> External Hosts: 0/0 >>>> >>>> Server Mode: >>>> Server Hostname(s): my dyndns > > Is this domain reachable? > Depending on your network/DNS configuration you might fail to test the VPN connection from your internal network. > > Try testing with your MacBook via a smartphone with Wifi Hotspot and mobile data instead. > >>>> Network IPv4 NM: 10.10.11.0 255.255.255.0 >>>> Network IPv6/nn: >>>> >>>> Topology: subnet latest , requires openvpn 2.1+ clients >>>> "push": dhcp-option DOMAIN priv.mydomain.ch <== can be it is wrong what i have here , do I need this? > > The domain option is not needed at first, you can still add it later. > >>>> dhcp-option DNS 10.10.10.1 >>>> route10.10.10.0 255.255.255.0 >>>> redirect-gateway def1 >>>> >>>> Server Certificate and Key: >>>> >>>> Private Key Size: 2048 >>>> Signature Algorithm: SHA-256 >>>> >>>> I made 2 Usr and downloaded zip files >>>> >>>> after import into openvpn app won’r connecting. >>>> >>>> regards Nedi >>> >>> I think some years ago snom removed OpenVPN from their default firmware images. You need a special firmware that enables OpenVPN. >>> >>> https://service.snom.com/display/wiki/Configuring+VPN+on+Snom+Deskphones#ConfiguringVPNonSnomDeskphones-InstallandconfigureOpenVPNontheSnomphones.1 >>> >>> Michael > > Michael > > http://www.mksolutions.info > > > > > > _______________________________________________ > Astlinux-users mailing list > Ast...@li... > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... |
|
From: Michael K. <li...@mk...> - 2021-04-08 21:23:22
|
> Am 08.04.2021 um 22:59 schrieb nedi <ne...@gm...>: > > Hi MIchael, > I need 2 Phoen connect to pbx from outside > I have this snom Firmware and Patch for VPN flashed as Update, but this not working with my Synology. From Synology I can Export openvpn config file and use on Macbook OpenVpn app but there is not user.key included and user.crt ther are only ca.crt and openvpn.conf files. The Synology OpenVPN server is very limited from the WebGUI. > I think is not wrong with snom, I can make those tar file .. and flash the snome phone. After that I tried with Astlinux openvpn and forwarded port to Astlinux ip but with Astlinux i can’t Connect from snom, can’t connect from my smartphone or macbook. There is no connecting to VPN server. I thinK on astlinux side is something wrong. > regards > nedi You should definitely get it working first with your Mac, before trying the snom. https://doc.astlinux.org/userdoc:tt_openvpn_server For the snom use "Auth Method" => "Certificate" When I download the credentials and import the "openvpn-cert-key" *.ovpn file into Viscosity or Tunnelblick it works fine on a Mac. > >> Am 08.04.2021 um 22:36 schrieb Michael Keuter <li...@mk...>: >> >> >> >>> Am 08.04.2021 um 22:24 schrieb nedi <ne...@gm...>: >>> >>> Hi, >>> I tried to configure OpenVpn for the Snom phone without success on Astlinux box and on Synology. >>> On Synology I have VPN working but I think is not compatible to the Snom phone I need a key file. >>> >>> >>> astlinux-1.2.6.1 i586 - Asterisk 1.8.32.3 Runnix Release: runnix-0.4-7671 GUI Version: 1.8.40 >>> >>> Can Anyone help me to configure OpenVPN on Astlinux box. I Have Alix with only one Lan Port can be this is the issue because VPN won’t work or iptables firewall make some issues? >>> I tried with firewall enabled or disabled, I rebooted, tried import openvpn.conf on Macbook. I made port-forwarding . >>> >>> In Firewal options is all disabled and I put into firewall Pass EXT->Local UDP 0/0 1194 You don't need that, it is done by the openvpn firewall plugin automatically. >>> >>> My network is: 10.0.0.1 DNS: 10.0.0.1 NM: 255.255.255.0 ipv4 Gateway: 10.0.0.1 >>> >>> Tunnel Options: >>> Protocol: UDPv4 Port: 1194 >>> Log Verbosity: medium Compression: yes >>> QoS Passthrough:Yes Legacy Cipher: AES-256-CBC >>> Device:tun0 Auth HMAC: Use default >>> Raw Commands: >>> >>> Authentication: >>> Auth Method: Certificate >>> Extra TLS-Auth: Yes >>> >>> Firewall Options: >>> External Hosts: 0/0 >>> >>> Server Mode: >>> Server Hostname(s): my dyndns Is this domain reachable? Depending on your network/DNS configuration you might fail to test the VPN connection from your internal network. Try testing with your MacBook via a smartphone with Wifi Hotspot and mobile data instead. >>> Network IPv4 NM: 10.10.11.0 255.255.255.0 >>> Network IPv6/nn: >>> >>> Topology: subnet latest , requires openvpn 2.1+ clients >>> "push": dhcp-option DOMAIN priv.mydomain.ch <== can be it is wrong what i have here , do I need this? The domain option is not needed at first, you can still add it later. >>> dhcp-option DNS 10.10.10.1 >>> route10.10.10.0 255.255.255.0 >>> redirect-gateway def1 >>> >>> Server Certificate and Key: >>> >>> Private Key Size: 2048 >>> Signature Algorithm: SHA-256 >>> >>> I made 2 Usr and downloaded zip files >>> >>> after import into openvpn app won’r connecting. >>> >>> regards Nedi >> >> I think some years ago snom removed OpenVPN from their default firmware images. You need a special firmware that enables OpenVPN. >> >> https://service.snom.com/display/wiki/Configuring+VPN+on+Snom+Deskphones#ConfiguringVPNonSnomDeskphones-InstallandconfigureOpenVPNontheSnomphones.1 >> >> Michael Michael http://www.mksolutions.info |
|
From: nedi <ne...@gm...> - 2021-04-08 20:59:57
|
Hi MIchael, I need 2 Phoen connect to pbx from outside I have this snom Firmware and Patch for VPN flashed as Update, but this not working with my Synology. From Synology I can Export openvpn config file and use on Macbook OpenVpn app but there is not user.key included and user.crt ther are only ca.crt and openvpn.conf files. I think is not wrong with snom, I can make those tar file .. and flash the snome phone. After that I tried with Astlinux openvpn and forwarded port to Astlinux ip but with Astlinux i can’t Connect from snom, can’t connect from my smartphone or macbook. There is no connecting to VPN server. I thinK on astlinux side is something wrong. regards nedi > Am 08.04.2021 um 22:36 schrieb Michael Keuter <li...@mk...>: > > > >> Am 08.04.2021 um 22:24 schrieb nedi <ne...@gm...>: >> >> Hi, >> I tried to configure OpenVpn for the Snom phone without success on Astlinux box and on Synology. >> On Synology I have VPN working but I think is not compatible to the Snom phone I need a key file. >> >> >> astlinux-1.2.6.1 i586 - Asterisk 1.8.32.3 Runnix Release: runnix-0.4-7671 GUI Version: 1.8.40 >> >> Can Anyone help me to configure OpenVPN on Astlinux box. I Have Alix with only one Lan Port can be this is the issue because VPN won’t work or iptables firewall make some issues? >> I tried with firewall enabled or disabled, I rebooted, tried import openvpn.conf on Macbook. I made port-forwarding . >> >> In Firewal options is all disabled and I put into firewall Pass EXT->Local UDP 0/0 1194 >> >> My network is: 10.0.0.1 DNS: 10.0.0.1 NM: 255.255.255.0 ipv4 Gateway: 10.0.0.1 >> >> Tunnel Options: >> Protocol: UDPv4 Port: 1194 >> Log Verbosity: medium Compression: yes >> QoS Passthrough:Yes Legacy Cipher: AES-256-CBC >> Device:tun0 Auth HMAC: Use default >> Raw Commands: >> >> Authentication: >> Auth Method: Certificate >> Extra TLS-Auth: Yes >> >> Firewall Options: >> External Hosts: 0/0 >> >> Server Mode: >> Server Hostname(s): my dyndns >> Network IPv4 NM: 10.10.11.0 255.255.255.0 >> Network IPv6/nn: >> >> Topology: subnet latest , requires openvpn 2.1+ clients >> "push": dhcp-option DOMAIN priv.mydomain.ch <== can be it is wrong what i have here , do I need this? >> dhcp-option DNS 10.10.10.1 >> route10.10.10.0 255.255.255.0 >> redirect-gateway def1 >> >> Server Certificate and Key: >> >> Private Key Size: 2048 >> Signature Algorithm: SHA-256 >> >> I made 2 Usr and downloaded zip files >> >> after import into openvpn app won’r connecting. >> >> regards Nedi > > I think some years ago snom removed OpenVPN from their default firmware images. You need a special firmware that enables OpenVPN. > > https://service.snom.com/display/wiki/Configuring+VPN+on+Snom+Deskphones#ConfiguringVPNonSnomDeskphones-InstallandconfigureOpenVPNontheSnomphones.1 > > Michael > > http://www.mksolutions.info > > > > > > _______________________________________________ > Astlinux-users mailing list > Ast...@li... > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... |
|
From: Michael K. <li...@mk...> - 2021-04-08 20:37:08
|
> Am 08.04.2021 um 22:24 schrieb nedi <ne...@gm...>: > > Hi, > I tried to configure OpenVpn for the Snom phone without success on Astlinux box and on Synology. > On Synology I have VPN working but I think is not compatible to the Snom phone I need a key file. > > > astlinux-1.2.6.1 i586 - Asterisk 1.8.32.3 Runnix Release: runnix-0.4-7671 GUI Version: 1.8.40 > > Can Anyone help me to configure OpenVPN on Astlinux box. I Have Alix with only one Lan Port can be this is the issue because VPN won’t work or iptables firewall make some issues? > I tried with firewall enabled or disabled, I rebooted, tried import openvpn.conf on Macbook. I made port-forwarding . > > In Firewal options is all disabled and I put into firewall Pass EXT->Local UDP 0/0 1194 > > My network is: 10.0.0.1 DNS: 10.0.0.1 NM: 255.255.255.0 ipv4 Gateway: 10.0.0.1 > > Tunnel Options: > Protocol: UDPv4 Port: 1194 > Log Verbosity: medium Compression: yes > QoS Passthrough:Yes Legacy Cipher: AES-256-CBC > Device:tun0 Auth HMAC: Use default > Raw Commands: > > Authentication: > Auth Method: Certificate > Extra TLS-Auth: Yes > > Firewall Options: > External Hosts: 0/0 > > Server Mode: > Server Hostname(s): my dyndns > Network IPv4 NM: 10.10.11.0 255.255.255.0 > Network IPv6/nn: > > Topology: subnet latest , requires openvpn 2.1+ clients > "push": dhcp-option DOMAIN priv.mydomain.ch <== can be it is wrong what i have here , do I need this? > dhcp-option DNS 10.10.10.1 > route10.10.10.0 255.255.255.0 > redirect-gateway def1 > > Server Certificate and Key: > > Private Key Size: 2048 > Signature Algorithm: SHA-256 > > I made 2 Usr and downloaded zip files > > after import into openvpn app won’r connecting. > > regards Nedi I think some years ago snom removed OpenVPN from their default firmware images. You need a special firmware that enables OpenVPN. https://service.snom.com/display/wiki/Configuring+VPN+on+Snom+Deskphones#ConfiguringVPNonSnomDeskphones-InstallandconfigureOpenVPNontheSnomphones.1 Michael http://www.mksolutions.info |
|
From: nedi <ne...@gm...> - 2021-04-08 20:24:23
|
Hi, I tried to configure OpenVpn for the Snom phone without success on Astlinux box and on Synology. On Synology I have VPN working but I think is not compatible to the Snom phone I need a key file. astlinux-1.2.6.1 i586 - Asterisk 1.8.32.3 Runnix Release: runnix-0.4-7671 GUI Version: 1.8.40 Can Anyone help me to configure OpenVPN on Astlinux box. I Have Alix with only one Lan Port can be this is the issue because VPN won’t work or iptables firewall make some issues? I tried with firewall enabled or disabled, I rebooted, tried import openvpn.conf on Macbook. I made port-forwarding . In Firewal options is all disabled and I put into firewall Pass EXT->Local UDP 0/0 1194 My network is: 10.0.0.1 DNS: 10.0.0.1 NM: 255.255.255.0 ipv4 Gateway: 10.0.0.1 Tunnel Options: Protocol: UDPv4 Port: 1194 Log Verbosity: medium Compression: yes QoS Passthrough:Yes Legacy Cipher: AES-256-CBC Device:tun0 Auth HMAC: Use default Raw Commands: Authentication: Auth Method: Certificate Extra TLS-Auth: Yes Firewall Options: External Hosts: 0/0 Server Mode: Server Hostname(s): my dyndns Network IPv4 NM: 10.10.11.0 255.255.255.0 Network IPv6/nn: Topology: subnet latest , requires openvpn 2.1+ clients "push": dhcp-option DOMAIN priv.mydomain.ch <== can be it is wrong what i have here , do I need this? dhcp-option DNS 10.10.10.1 route10.10.10.0 255.255.255.0 redirect-gateway def1 Server Certificate and Key: Private Key Size: 2048 Signature Algorithm: SHA-256 I made 2 Usr and downloaded zip files after import into openvpn app won’r connecting. regards Nedi |
|
From: Lonnie A. <li...@lo...> - 2021-04-04 15:34:02
|
Announcing AstLinux Pre-Release: astlinux-1.4-5100-cd87d1
** The AstLinux Team is regularly upgrading packages containing security and bug fixes as well as adding new features of our own.
-- Linux Kernel 4.19.184 (version bump), security and bug fixes
-- initrd, check for ASTURW /etc/inittab and copy it forward so the linuxrc's /sbin/init can use it.
Note: AstLinux 1.3.10 through 1.4.2 ignored any user edits to the /etc/inittab file, rather
it always used the default /etc/inittab file (the default is what most users want anyway).
Now edits to the /etc/inittab file are honored again, as they were before AstLinux 1.3.10.
-- OpenSSL, version bump to 1.1.1k, security fixes: CVE-2021-3449, CVE-2021-3450
-- WireGuard VPN, module 1.0.20210219 (no change), tools 1.0.20210315 (version bump)
-- libcurl (curl) version bump to 7.76.0, security fixes: CVE-2021-22876, CVE-2021-22890
-- Monit, version bump to 5.28.0
-- Asterisk 13.29.2 ('13se' no change)
Older than latest Asterisk 13.x version but more tested, built --without-pjproject
-- Asterisk 13.38.2 (no change) and 16.17.0 (version bump)
-- Complete Pre-Release ChangeLog:
https://s3.amazonaws.com/beta.astlinux-project/astlinux-changelog/ChangeLog.txt
The "AstLinux Pre-Release ChangeLog" and "Pre-Release Repository URL" entries can be found under the "Development" tab of the AstLinux Project web site ...
AstLinux Project -> Development
https://www.astlinux-project.org/dev.html
AstLinux Team
|
63 messages has been excluded from this view by a project administrator.
