Set IP addresses using OpenVPN to access UCP

I’ve been working with the default Freepbx 13 (responsive) firewall and when you connect to an extension directly using the server IP then the connecting device’s IP address can access the UCP. That is a great feature and I am trying to get that to work with OpenVPN.

I setup openvpn through Freepbx, I formatted the OpenVPN file how my Yealink wants it, my Yealink connected to the VPN server, and calls out through the VPN. The problem is that the public IP I am using to connect to the OpenVPN server cannot connect to the UCP as it is not being allowed through like if I was directly registering my endpoint without using the VPN tunnel.

Ip connects to and gets the IP It uses to talk to the Freepbx server to avoid firewall issues. I want to be able to access the UCP.

How do I get IP’s using the OpenVPN to be able to access the UCP automatically?

You can’t, nor can I think of a work around to this. I suppose your users could run an OpenVPN client on their PC then connect to UCP using the VPN ip.

On our CSF firewall servers we would pull all the unique IP addresses from /etc/openvpn/openvpn-status.log, make them into a list, then tell CSF to read/allow that list every X minutes. Can this firewall do something similar?

Can it? Probably. Does it at present? No. Feature requests received at the above link marked ‘Issues’.