The OpenVPN server certificate expired. I’ve stopped the OpenVPN Server, saved rebooted, enabled, saved and the certificate was re-issued for another 729 Days.
I went into EPN, re-built the phones configs and factory rest one of the phones… it boots up, gets the dhcp66 and connects, updates its firmware and connects. Then Set the phone’s config to use OpenVPN and save the settings… Phone receives it’s updated settings, reboots and then tries to connect to 10.8.0.1 but it doesn’t complete the OpenVPN connection so it can’t grab it’s config.
After disabling the VPN server, deleting all the VPN clients, deleting an extension and it’s user, then recreating it all. Still no good. On the D62 phone under vpn settings I can see it has a config file but wont connect.
enabling the firewall on the PBX and then going to interfaces I see there is no interface for the VPN 10.8.0.1 address as there used to be. Something is seriously wrong here.
The TUN1 interface doesn’t even exist on the server in system admin > network settings
Went to UCP, downloaded the OpenVPN config file… certs included are 0 bytes.
Looking in the /etc/openvpn directory, the certs are there but they are 0 Bytes as well:
[root@advcardsucpbx openvpn]# ls -lah
total 24K
drwxr-xr-x. 7 root root 235 Feb 17 20:48 .
drwxr-xr-x. 110 root root 8.0K Oct 31 13:53 …
drwx------ 2 root root 4.0K Feb 17 19:37 ccd
drwxr-x—. 2 root openvpn 6 Apr 24 2020 client
drwxr-xr-x 2 root root 94 Feb 17 19:53 clients
drwxr-xr-x. 6 root root 213 Feb 17 18:53 easyrsa3
-rw------- 1 root root 196 Feb 17 19:29 ipp.txt
drwxr-x—. 2 root openvpn 6 Apr 24 2020 server
-rw------- 1 root root 0 Feb 17 20:48 sysadmin_crl.pem
-rw------- 1 root root 557 Feb 17 20:48 sysadmin_server1.conf
-rw------- 1 root root 0 Feb 17 20:48 sysadmin_server1.crt
-rw------- 1 root root 0 Feb 17 20:48 sysadmin_server1.key
-rw-r–r-- 1 root root 0 Feb 17 20:48 sysadmin_server1-status.log