Yealink Please Upload Vpn Config File First
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: one 2
(05-27-2014 04:47 PM)siny Wrote: [ -> ](05-27-2014 03:56 PM)mahan77 Wrote: [ -> ](05-27-2014 03:51 AM)siny Wrote: [ -> ](05-27-2014 12:xx AM)mahan77 Wrote: [ -> ](05-23-2014 04:18 PM)siny Wrote: [ -> ]Can you please elaborate on that: what was the problem with Easy-RSA?Thanks.
All-time regards,
Sinisa Bandin
Lamentable for belatedly replay I was decorated with piece of work.You need public cardinal MD5 for the Yealink phone. Latest piece of cake-rsa uses deferent alga rhythm chosen sha256. I didn't know to change back to MD5. Best fashion to do this use piece of cake-rsa 2.2.0. Utilise openssl-1.0.0.cnf on your vars file, every think will be ok.
Many thanks
Thank you for your reply, but...Actualy, I am using piece of cake-rsa ii.0-rc1 (all of the other 20+ keys are made by it so I did not want to change).
in "openssl.cnf" at that place is this line:
default_md = md5
then I suppose that should be OK, correct?(simply to compare, I take downloaded like shooting fish in a barrel-rsa 2.2.2, and there it says "sha256")
Information technology seems I shall look for the webinar on Wednesday, possibly there will pop up something new: http://forum.yealink.com/forum/showthrea...ht=openvpn
Best regards,
Sinisa BandinYes! it should exist ok. Long as you have this default_md = md5 line in your .cnf it volition work.
Many Thanks
SatheesWell, it is non OK
I create .tar file, as instructed in docs, get to Network -> Avant-garde menu, Scan file, Upload it, get the message "Upload success!", so Enable the VPN and when I click Ostend, message says "Please upload VPN config file starting time!".
I have other clients working with same certificates, using Linux, Android, Mikrotik routers and Windows.
Best regards,
Sinisa Bandin
Send me your email accost. I volition send you the sample conf file. Then you lot can create your own.
Many thank you
Sathees
Hi siny,
Delight name keys directory as keys and vpn.cnf. Please don't change the proper name.
(05-thirty-2014 05:36 PM)Yealink Support Wrote: [ -> ]Howdy siny,Delight proper name keys directory every bit keys and vpn.cnf. Please don't change the name.
All of the names are right, simply the phone won't accept the file.
Hither is directory list:
# dir
-rw-r--r-- 1 root root 20480 May 30 23:34 customer.tar
drwxr-xr-x 2 root root 53 May 26 23:48 keys
-rw-r--r-- one root root 216 May 30 23:33 vpn.cnf
Client tar is fabricated like this:
# tar cf client.tar vpn.cnf keys/
This is the content of keys/ directory:
# dir
-rw-r--r-- i root root 1192 May 26 23:47 ca.crt
-rw-r--r-- 1 root root 3711 May 26 23:48 client.crt
-rw------- 1 root root 912 May 26 23:48 client.key
I have also tried changing file mode to 0777 on everything, with same furnishings.
The contents of the vpn.cnf:
client
dev tun
dev-blazon tun
remote xx.xx.xx.twenty 1194 udp
nobind
ca /config/openvpn/keys/ca.crt
cert /config/openvpn/keys/client.crt
key /config/openvpn/keys/client.key
ns-cert-type server
comp-lzo no
verb 3
mute 5
Can you see anything out of guild?
Thank you and best regards,
Sinisa Bandin
I have (accidentally) solved the problem:
normally, I employ Linux for all of my work, just yesterday tried to unpack client.tar in Windows using 7zip and saw an unexpected directory named "PaxHeaders.2950".
Later some searching, found out that my GNU tar 1.26 is past default adding POSIX info to the tar file, then I tried to re/create archive with "-H gnu" and finally was able to successfully upload the file to the phone and run across text "vpn.cnf" in the text box after upload (it used to be empty on previous attempts).
Everything worked after reboot, so I am a happy user at present.
May I advise adding this to the official guide?
But now I have another problem: when trying to Autoprovision phone from my TFTP server, I can ready all of the parameters except VPN. Relevant part of the "0015xxxxxxxx.cfg" is this:
network.vpn_enable = 1
openvpn.url = http://192.168.11.two/client1.tar
If I put the same lines in "y000000000005.cfg" information technology downloads the .tar file from server, just does not enable VPN.
Best regards,
Sinisa Bandin
One more proposition to the developers: I think it would be very practiced to see the VPN status in the Status screen: IP address, server'southward address (public and VPN), assigned routes....
Best regards,
Sinisa Bandin
I cannot become this garbage to work at all.
I gave followed various threads here (including this one), by Yealink, an FAQ by them ( http://forum.yealink.com/forum/showthrea...tid=1843), and their webinar information from this past May(http://forum.yealink.com/forum/showthrea...=openvpn). Still nothing after a working on this for a week.
At that place is no testify the phone is trying to connect, looking in the openvpn.log, and using tcpdump watching port 1194.
Why is there no logging arrangement on these phones and so we can see what sort of fault, if any, so nosotros could correct the trouble?
Any other suggestions?
I encounter I made a pocket-sized typo in the client config file which was causing it to not connect. I see it trying to connect now, but still errors:
I am using MD5 in the cardinal and getting this in the openvpn.log
Quote:Wed Aug 6 sixteen:x:07 2014 united states=992883 192.168.5.133:1027 TLS Fault: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed Aug 6 sixteen:10:07 2014 us=992977 192.168.5.133:1027 TLS Error: TLS handshake failed
Wed Aug 6 16:10:07 2014 us=993119 192.168.five.133:1027 SIGUSR1[soft,tls-error] received, customer-instance restarting
(08-07-2014 04:36 AM)KNERD Wrote: [ -> ]I cannot go this garbage to piece of work at all.I gave followed various threads here (including this one), by Yealink, an FAQ by them ( http://forum.yealink.com/forum/showthrea...tid=1843), and their webinar information from this past May(http://forum.yealink.com/forum/showthrea...=openvpn). Still cypher after a working on this for a week.
In that location is no show the phone is trying to connect, looking in the openvpn.log, and using tcpdump watching port 1194.
Why is there no logging organization on these phones so we tin see what sort of mistake, if any, then we could correct the problem?
Whatever other suggestions?
I see I fabricated a small typo in the client config file which was causing it to not connect. I see information technology trying to connect now, merely all the same errors:I am using MD5 in the cardinal and getting this in the openvpn.log
Quote:Wed Aug 6 16:ten:07 2014 us=992883 192.168.5.133:1027 TLS Error: TLS key negotiation failed to occur within lx seconds (check your network connectivity)
Wednesday Aug 6 16:10:07 2014 us=992977 192.168.5.133:1027 TLS Error: TLS handshake failed
Wed Aug six 16:x:07 2014 u.s.a.=993119 192.168.5.133:1027 SIGUSR1[soft,tls-error] received, client-instance restarting
Since noone from Yealink support seems to exist reading this, I will throw in my €¢2:
From the logs, it seems that you have enabled TLS on one side, and not on the other.
Or, there is a trouble with NAT firewall, letting packets IN but not OUT (I have seen both of these earlier)
Could you postal service both server's and phone's .conf/.cfg files (without any sensitive data like IP'due south of grade)?
All-time regards,
Sinisa
Pages: one 2
Source: http://forum.yealink.com/forum/archive/index.php?thread-1385-2.html
0 Response to "Yealink Please Upload Vpn Config File First"
Post a Comment