I am trying to connect some phones which are outside my company network.
I’ve set up an openvpn tunnel ( bridged ), if I open the tunnel on a notebook, I get an IP Adress inside my company network, and everything works fine. But if I add this tunnel into my firewall, which then makes NAT to several IP Phones and Softphones, I can’t access my FreePBX Server.
It is always stucked at "Rx: REGISTER"
I can access my FreePBX server via GUI, I can ping it. But I can’t register my phones.
Has anyone an idea how to solve this problem, or another idea how to create a suitable Openvpn tunnel? Do I need site to site?
I’ve set protocoll to all, and I can see with show nat translations details, that there are udp translations, also for 5060.
My SIP Server gets the Register request, but I think I can not get an answer back. But how can this happen?
I found out, that as soon as I open my bridge br0, my FreePBX gets another IP Address via DHCP, so it has 2 ip adresses ( on both the webgui is reachable ) and because of that I have problems with the SIP registration.
I had similar problem when I setup my OpenVPN gateway initially couple of years back … if I remember correctly was a routing issue … I would recommend to check this issue on OpenVPN forum and good luck.
yes you were right!
I can make outbound calls now, but no inbound.
Am I right, that I has to specify for all phones behind NAT a special SIP Port which I should forward in my Firewall, and tell my FreePBX on which port this phone is reachable? e.g. 5061 ? Or am I absolutely wrong?
Can you make a graph of your network because I don’t understand the topology that you have.
Also in your server run the following commnds and post the output
I get 192.168.0.220, because this is the ip I am advertising ( I have set this IP in the server.conf )
if I make an arp to the secondary ip, I get the mac address from the br0 interface.
The secondary IP is assigned from my DHCP Server. The other IP 192.168.0.220 is set manually in the bridge br0 configuration
I’ve set up an openvpn tunnel ( bridged ), if I open the tunnel on a notebook, I get an IP Adress inside my company network, and everything works fine. But if I add this tunnel into my firewall, which then makes NAT to several IP Phones and Softphones, I can’t access my FreePBX Server.