Enabled and configured the VPN server as well as made a client.
Set the User and Group to have VPN access in User Management
Manually downloaded the file generated and uploaded it into the phone (which was not being pulled when the phone would FTP it’s config file)
Registered the phone in the Schmooze portal
Verified that the config shows the correct info (shows the IP I gave it and the correct link to the vpn.tar file)
Tried using the internal IP of the PBX
Gave up and came here.
I’m confused by this line of the wiki page regarding the Remote Address, which I would assume would be the IP/URL of the remote phone, but the wiki seems to indicate the opposite:
Remote Address will be used as a fallback.The DDNS FQDN is managed inside the DDNS section of System Admin. You can also define a Remote Address, which would be the external IP address or FQDN at which the OpenVPN server is reachable for connecting clients.
Then there’s this, which I’m not sure is actually affecting anything
derp. It was autofilling the IP range in the server settings and putting the phone on the 10.8.0 subnet. The VPN is actually connecting but the phone isn’t able to reach the PBX due to being on a different network.
edit: that didn’t fix anything. The phone continues to FTP it’s config files but it just will not register. Though now it’s not even establishing the VPN connection anymore.
That is the correct field. When you do that and have it rebuild the config the config should show the VPN IP address in it. The phone then needs to reach the PBX not on the VPN update the config and pull down the cert. It does this all for you.
We do this daily and it works just fine.
Make sure all your modules are fully updated on 13.
Whats interesting is that when I left the Server Range as the default and my phone got a 10.8.0 address the VPN connected but the phone would not register. Changing it to a different range kills the VPN. In neither case will the phone register. It FTPs it’s config just fine though. Also, changing the config to not use the VPN allows the phone to register.
I’m confused by the text in the Client tab. First off, it looks different than in the wiki page. In the PBX there is both a Server Remote Address and a Client Remote Address. I’m not clear on what the CLient Remote Address is actually supposed to be. The text in the help field makes it sound like it should be the same as the Server Remote Address, which is presumably the PBX address.
I also updated all the modules, which included updates to the paid Endpoint Manager as well as the VPN server.
For whatever reason I don’t see it downloading the MAC-vpn.tar file in the xferlog.
Tue Jul 5 16:07:32 2016 1 0 /tftpboot/factory0500.bin b _ o r phone ftp 0 * i
Tue Jul 5 16:07:32 2016 1 148 /tftpboot/cfg0500.xml b _ o r phone ftp 0 * c
Tue Jul 5 16:07:34 2016 1 0 /tftpboot/MAC.cfg b _ o r phone ftp 0 * i
Tue Jul 5 16:07:34 2016 1 0 /tftpboot/cfgMAC b _ o r phone ftp 0 * i
Tue Jul 5 16:07:35 2016 1 51354 /tftpboot/cfgMAC.xml b _ o r phone ftp 0 * c
did you ever get this to work? You want your phone to use 10.8.0.1 as the sip server and the proxy server, on the phone, to register to the phone server.