Want to route 5060 port traffic throught openvpn
-
Hi all.
I have a pfsense box virtualized configured with openvpn, i can connect to my openvpn and i get a ip 10.8.0.2 address.
In certain cases i connect to my openvpn pfsense from computers that cannot "reach" correctly a asterisk server working in port 5060 for strange ISP configurations (i can connect my softphone from "vodafone" ISP well, but "movistar" ISP not
I want to use my openvpn network from my home to route this 5060 sip traffic throught openvpn to get working this sip softphone.
How i can do that? thx all
-
Hi Oscar,
I can confirm that this will definitely work. However, can you provide your network diagram, so we can be sure where each device is located (local/remote) and where the unfriendly ISP sits in relation to these.- I have my PBX closed to external extension registration.
- I connect my iPhone via OpenVPN.
- The SIP app connects to my PBX and call quality is excellent.
I don't use NAT/Port Forwarding in this situation, just regular Firewall Rules.
Good luck.
-
@awair hi. Can you post your setup ? I want connect remote extention via openvpn.
-
NB - All IPv4 only
iPhone running SIP client & openVPN app
SIP client option: use VPN if active
Config imported from pfsense connects to a.b.c.d or via DNS
vpn ip: 192.168.2.2PBX ip: 192.168.1.2
pfsense running openVPN server
public IP: a.b.c.d
lan ip: 192.168.1.1
openVPN ip: 192.168.2.1
Firewall/Rules/OpenVPN: * * * * * (from OpenVPN Server Wizard)
Firewall/Rules/WAN: * * WAN address - OpenVPN port * (from OpenVPN Server Wizard)
VPN/OpenVPN/Servers:
Remote Access
UDP4
tun
OpenVPN port (you might want to change this in case your ISP blocks?)
IPv4 tunnel network:192.168.2.0/24
IPv4 local networks:192.168.1.0/24
inter-client communication: yes...and make sure the OpenVPN server is running...
Good luck, and sorry about the formatting.
-
I've just successfully troubleshot a 2nd extension today:
Depending on your OpenVPN connection (all traffic, DNS etc) you may want to change your PBX hostname in the SIP client from FQDN to LAN IP, and make sure that all Local networks are listed in the appropriate sip.conf file.