Hello,
I recently had reason to add OpenVPN to my FreePBX 13 setup, and found the instructions on the Wiki at http://wiki.freepbx.org/display/FPG/System+Admin+-+VPN+Server#SystemAdmin-VPNServer-DownloadingClientConfigs
I setup according to the Wiki, but in the UCP, I was unable to see the VPN Clients screen to download the configuration. After flying around the interface looking for what was missing, I stumbled across an un-documented setting.
In the “Downloading Client Configs” I needed to attach my VPN clients as shown in the wiki, but then I also had to go to the UCP tab and under the System Admin tab, move Allow VPN from Inherit to Yes. I could then see the download link in the UCP.
Tony / Kate -> Please update the Wiki, or explain why my inherited preference did not work.
Second, I did successfully download and examine the OpenVPN configuration for my client. I love OpenVPN, and have used it to keep offices linked together for 10+ years, but I have found problems in the past with comp-lzo (enable compression) on the connections that dealt with voice traffic.
My firewalls at the offices tend to be older Pentium 4’s that were Windoze XP machines now re-tasked as Linux firewalls.
Questions:
-
Is there a way to not require comp-lzo, outside of hacking the .cfg files? I know the server and client sections need to match… how about editing the setups to do this?
-
Experimenting with Ciphers, I have found Camellia-128-cbc to be a great performance option. Any chance we would be able to choose a cipher opposed to the default?
Thanks,
Christian