Manually connect a remote sangoma S series to freepbx vpn server


(Kyriakos) #1

Hello to all.

After some experimentation I managed to successfully connect a remote sangoma 705 to the vpn server of the freepbx.
I will describe the steps that I made so if any other user find them useful to follow them.

  1. I purchased the module SysAdmin Pro 25$/25 years. This enables the vpn server that is missing at the free System Admin.
  1. Made a pjsip extension with a new user.
  2. I enabled the vpn server using my external ip address of the freepbx. I used the server range for the vpn as is produced by default. 10.8.0.0/24
  3. At the clients tab of the vpn server I enabled the user that was created with the extension and I enbled the vpn for this user using the first available vpn address 10.8.0.3.
  4. I connect at ucp of the freepbx with user credential and I downloaded the vpn zip file.
  5. I unzipped the file and at the ovpn file inserted the ca, cert and key and deleted the lines that was calling the seperate files. So I made a ovpn file with all the appropriate files inside.
  6. I connected to the sangoma 705 interface via its web interface. I went to network ->advanced and I imported the ovpn file to the phone.
  7. At the provisioning tab of the web interface of the phone I enabled provisioning address the 10.8.0.1. saved all and restart.
  8. At this point the vpn server had recognized that the client (sangoma 705) was connected.
  9. At the end point manager I connected the extension with the mac address of the phone by hand. For some reason it couldn’t find the phone from the network scan at the 10.8.0.0/24.
  10. At the end point manager still the extension hadn’t recognized the ip of the phone. And I declared the account information (SIP server 10.8.0.1, sip user id, secret, etc) and restarted.
  11. Voila I have enabled the phone form a remote location to my freepbx. Now the provisioning of the phone is exactly as it was connected locally. At the endpoint manager I have declared the ip 10.8.0.1 at the global settings because this freepbx will only have remote phones.

Hope the above helps someone.

Best Regards to all.


(Lorne Gaetz) #2

Glad it’s working for you, but you took the hard road to your destination. The easiest way to get a phone VPN client working is to:

  1. enable the VPN for the user in User Management,
  2. edit the device in EPM Extension Mapping to link to the VPN cert
  3. provision the phone like normal

https://wiki.freepbx.org/display/PHON/VPN+Setup


(Kyriakos) #3

Yes you are right this guide you mentioned was the start of my experimentation.

But the key phrase at the guide is:
The phone will need to be able to reach the PBX direct to receive its configuration files and VPN information

And for this to happen you have to enable ports in the firewalls of the two locations (freepbx and phone).
With the way I used it it I didn’t mess with the firewalls.


(Kyriakos) #4

Another think that I noticed is that with the firmwares before the 1.58 the 705 phone has a strange behaviour with the vpn (discnnections).
With the 1.58 is very stable as far as the vpn connection.