Acrobits Groundwire via VPN Push Server

Good afternoon,

Famous Acrobits Groundwire questions again so bare with me.

I have a running extension via TLS working via an FQDN to the FreePBX Server.

Push notifications work fine everything works ok.

I have all the acrobits sipis whitelisted.

Recently i decided to try the onboard OPENVPN server on the PBX.

I have created a working Server and Client and i uploaded it to my phone.
I connect ok and the phone registers ok as long as i keep the phone running everything is ok.

Problem is PUSH notifications fail and when i do the test it fails.
Seems that a public IP is necessary for it to work.

Any approach i can take a look at or anybody faced this issue?

Thank you.

If you’re female and cute, that could be fun, but if not, I’ll still bear with you.

Fine, but why are you trying to run Groundwire through it? The SIPIS servers won’t have the OpenVPN client cert, so won’t be able to register on your behalf. Acrobits does open source SIPIS, so you could potentially add that capability and operate your own.

However, you also have a problem on the client side – I don’t believe that Groundwire has the ability to bring up the VPN when you get a call and drop it when you disconnect. And if the VPN is up 24/7, it will eat battery, negating the benefit of push notification.

If you feel that the present TLS security is inadequate, you could put it on a non-standard port and/or set up iptables rules to drop the connection unless the attacker has supplied the correct domain name. You could also require a client certificate to connect (which would give you security equivalent to OpenVPN), but I believe that you would need to run your own SIPIS.

:rofl: :rofl: :rofl: :rofl:

Exactly what i wanted but if not possible oh well we scrap that idea.

I am using a non standard port nonetheless

Back to the drawing board.

Thank you Stewart for your time!

If you care to upload the certificate every couple of months to the individual phones and ‘verify client’ then TLS is much more secure.