Update your modules. That has been resolved already
1 Like
All the modules have been updated, before today. I cannot start VPN.
Any help please?
Asterisk Info
This page supplies various information about Asterisk
Current Asterisk Version: 13.22.0
Summary
Asterisk System uptime: 2 hours, 54 minutes, 4 seconds
Last reload: 24 minutes, 7 seconds
Active SIP Channel(s): 9 Active IAX2 Channel(s): 0
Sip Registry: 2 IAX2 Registry: 1
Sip Peers:
Online: 1
Online-Unmonitored: 0
Offline: 36
Offline-Unmonitored: 0 IAX2 Peers:
Online: 0
Offline: 0
Unmonitored: 0
If you do not have a need for the VPN, don’t use it. Adding pieces only makes things harder when things break.
Unfortunately, if your phones cannot reach the PBX without the VPN currently, you cannot easily just change the settings in EPM and tell the phones to update to the new settings that do not require the VPN.
A lot more specific detail would be needed to help with this change.
I have never used the built in VPN functionality, so I cannot offer any help from past experience.
Right, it has always worked great until bout 4 hours ago, and I cannot figure out how to restart the vpn server, as per my previous posts.
At this point, I need to get the VPN server up.
If your commercial modules are under active maint contract open a support ticket and someone can assist you. If you do not have active maint renewals on your modules you also won’t be able to update to latest.
Which module, I have never submitted a ticket. It is VPN that is having issues. I do have some commercial modules, I am not sure if they are under contract, but I can ad if needed and not current. I think FAX is current,
Can you give me a little more detail please?
Never mind, I do have commercial, am submitting ticket now,thanks.
Hmmm, " commercial modules are under active maint contract" as NO CONTRACT
even though I do have subscription. Hope they help.
| General Information | |
|---|---|
| Ticket ID | #869868 |
|---|---|
| First and Last Name | Mike |
|Type|No Contract|
EPM would need to be current as that is what handles the VPN configs for your phones.
I updated EPM to edge, still no phone connections. I changed nothing today before the vpn issue, so no idea what caused this, or how to start the vpn.
fwconsole ma --edge upgrade endpoint
Edge repository temporarily enabled
No repos specified, using: [standard,commercial] from last GUI settings
endpoint is the same as the online version, unable to upgrade
Updating Hooks…Done
Resetting temporarily repository state
Not sure why all the extensions show in yellow:
Extension rows highlighted yellow have not been rebuilt since changes were made to the template
I have not changed the template in ages, and did a complete restore to last night, so no idea why vpn not working.
OK, got it working, fingers crossed, as I have no idea why it stopped working. I could not restart the VPN server, much as I tired, via ssh.
So I went ahead into System Admin and disabled it, and re-enabled it, and it seems to be working, for now at least. I was leery to do this disable based on the warnings you get if you disable it.
then I could use the ssh command to also check status, and it was up, so I am not sure why it got in such a funky state, and why I could not start it in ssh.
systemctl status openvpn@sysadmin_server1.service
this command starts it if it is not running, but I was too chicken to stop it and try to start it. They gotta work tomorrow, and its my a… if there are problems.
? openvpn@sysadmin_server1.service - OpenVPN Robust And Highly Flexible Tunneling Application On sysadmin_server1
Loaded: loaded (/usr/lib/systemd/system/[email protected]; enabled; vendor preset: disabled)
Drop-In: /etc/systemd/system/[email protected]
+-sangoma_openvpn_override.conf
Active: active (running) since Tue 2019-01-29 20:31:16 CST; 6h ago
Main PID: 5315 (openvpn)
Status: "Initialization Sequence Completed"
CGroup: /system.slice/system-openvpn.slice/openvpn@sysadmin_server1.service
+-5315 /usr/sbin/openvpn --cd /etc/openvpn/ --config sysadmin_server1.conf
Jan 30 02:36:20 pbx.XXX.biz openvpn[5315]: Wed Jan 30 02:36:20 2019 client24/XX.XX.XX.XXXX:39481 peer info: IV_COMP_STUB=1
Jan 30 02:36:20 pbx.XXX.biz openvpn[5315]: Wed Jan 30 02:36:20 2019 client24/XX.XX.XX.XXXX:39481 peer info: IV_COMP_STUBv2=1
Jan 30 02:36:20 pbx.XXX.biz openvpn[5315]: Wed Jan 30 02:36:20 2019 client24/XX.XX.XX.XXXX:39481 peer info: IV_TCPNL=1
Jan 30 02:36:20 pbx.XXX.biz openvpn[5315]: Wed Jan 30 02:36:20 2019 client24/XX.XX.XX.XXXX:39481 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Jan 30 02:36:20 pbx.XXX.biz openvpn[5315]: Wed Jan 30 02:36:20 2019 client24/XX.XX.XX.XXXX:39481 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Jan 30 02:36:20 pbx.XXX.biz openvpn[5315]: Wed Jan 30 02:36:20 2019 client24/XX.XX.XX.XXXX:39481 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Jan 30 02:46:32 pbx.XXX.biz openvpn[5315]: Wed Jan 30 02:46:32 2019 YYY.YYY.YYY.YY:32840 TLS: Initial packet from [AF_INET]YYY.YYY.YYY.YY:32840, sid=12121212 12121212
Jan 30 02:47:32 pbx.XXX.biz openvpn[5315]: Wed Jan 30 02:47:32 2019 YYY.YYY.YYY.YY:32840 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Jan 30 02:47:32 pbx.XXX.biz openvpn[5315]: Wed Jan 30 02:47:32 2019 YYY.YYY.YYY.YY:32840 TLS Error: TLS handshake failed
Jan 30 02:47:32 pbx.XXX.biz openvpn[5315]: Wed Jan 30 02:47:32 2019 YYY.YYY.YYY.YY:32840 SIGUSR1[soft,tls-error] received, client-instance restarting```If you did a backup and restore the issue is things related to certs and VPN are not part of the backup process and they have to be resetup. I suggest going back through setting up your VPN and clients like it was a new box.
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.