Need help with getting softphones connected to the pbx over openvpn

I’m having sporadic issues with remote users using Bria (just bought the Sangoma license to try that out as well) are having issues connecting. They get banned sometimes and in one case I think their ISP is blocking SIP traffic. Hoping that there’s a way to connect the soft phones to the pbx via VPN.

Is there a good walk through somewhere for getting this configured on the freepbx server? The walk throughs I’ve found just show how to get a desk phone connected and not how to generate or download the files that would need to be uploaded through the app on the computer or cell phone.

Or is there a better way to do this?

I don’t use the distro, so can’t meaningfully comment on it’s openvpn implementation.

But the first steps I would take:

  • Update to the edge firewall module - there are new options that should help with some banning issues.
  • Use TLS - it should circumvent the ISP mucking with SIP (even un-encrypted TCP on a non-standard port usually suffices).

You could easily download the config and cert files for a user. Need to enable VPN for that user (on userman) and then enable ‘Allow VPN’ on System Admin tab, under UCP tab.
Once you are logged in you can go to Settings and download the VPN config for that user.

Good luck.

Are you referring to the “bypass fail2ban” setting? I may try that. Also made the other changes (TCP, changed port number), will have to see how that works for the remote employees.

Yes. I never looked at the final PR, but I think there should be improvement even without enabling the bypass.

I would try it both ways, and most importantly, report back with more details if the blocks continue. Firewall fixes are in fashion at the moment, but the devs still need feedback from the wild.

If you’re using the VPN feature in System Admin Pro, there are pages here to set up VPN clients from various systems

Thats the one i was looking for, thanks. I have the desktop client installed and connected but in asterisk info i only see the public IP for that extension, so i’ll just assume it’s working correctly. Is there a way to configure what all types of traffic are going over that VPN? Or is that in the .conf file and built based on the asterisk sip settings?

Did you config the client to register to the VPN IP of the PBX?

If we’re talking about the OpenVPN client I just installed the file that I downloaded from UCP. Looking in the conf file the only IP I see is the external address of the PBX. In the PBX I do see that the laptop has a 10.8.0 address

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.