PBXes » English » Feature Requests » RE: Vpn
Print Page | Recommend to Friend | Add Thread to Favorites
Post New Thread Post Reply
Author
Post « Previous Thread | Next Thread »
joi
Premium Account


Registration Date: 21.11.2013
Posts: 30

Vpn Post Reply with Quote Edit/Delete Post Report Post to a Moderator       IP Information Go to the top of this page

As you may be know Apple in their new OS X and iOS drops support of VPN PPTP so it'll be hard to use VPN service in the nearest feature. Is it possible to add support of L2TP for example?

This post has been edited 1 time(s), it was last edited by joi on 15.10.2016 at 10:33.

14.09.2016 21:32 joinnovate is offline Search for Posts by joinnovate Add joinnovate to your Buddy List
i-p
Super Moderator


Registration Date: 14.01.2006
Posts: 4783

Lampe RE: Vpn Post Reply with Quote Edit/Delete Post Report Post to a Moderator       IP Information Go to the top of this page

OK, ready for testing. We've added the feature on www1.

Because we only use Android it's not been tested from iOS yet. Set the PSK to pbxes.

17.10.2016 12:27 i-p-tel is offline Search for Posts by i-p-tel Add i-p-tel to your Buddy List
joi
Premium Account


Registration Date: 21.11.2013
Posts: 30

RE: Vpn Post Reply with Quote Edit/Delete Post Report Post to a Moderator       IP Information Go to the top of this page

I couldn't connect. Is it L2TP? The password and shared secret are the same - pbxes? Is there Group Name?

If you give through VPN only couple routs for UDP and TCP users will obtain possibility to use VPN for voice and internet access through their own connection.

17.10.2016 12:43 joinnovate is offline Search for Posts by joinnovate Add joinnovate to your Buddy List
i-p
Super Moderator


Registration Date: 14.01.2006
Posts: 4783

RE: Vpn Post Reply with Quote Edit/Delete Post Report Post to a Moderator       IP Information Go to the top of this page

Yes, it is L2TP/IPSec. On Android we had to set IPSec identifier to pbxes as well. Username is your account name - extension number, e.g. account-100.

If it still does not work from iOS please tell us the time of your connection attempt to look it up in the logfiles. Also can you please explain your second paragraph a little bit more?

17.10.2016 14:28 i-p-tel is offline Search for Posts by i-p-tel Add i-p-tel to your Buddy List
joi
Premium Account


Registration Date: 21.11.2013
Posts: 30

RE: Vpn Post Reply with Quote Edit/Delete Post Report Post to a Moderator       IP Information Go to the top of this page

The last time I've tried was 23:19 on 17.10.16, I used user pw: pbxes and PSK: pbxes, without success.

I know that L2TP VPN server can give the routs for using of VPN connection, for the other destinations, if the option "send all traffic over VPN connection" is off, it uses an internal routing tab, it means a regular internet connection.

17.10.2016 22:29 joinnovate is offline Search for Posts by joinnovate Add joinnovate to your Buddy List
i-p
Super Moderator


Registration Date: 14.01.2006
Posts: 4783

RE: Vpn Post Reply with Quote Edit/Delete Post Report Post to a Moderator       IP Information Go to the top of this page

Please give it another try. We hope to have made the connection work.

18.10.2016 22:00 i-p-tel is offline Search for Posts by i-p-tel Add i-p-tel to your Buddy List
joi
Premium Account


Registration Date: 21.11.2013
Posts: 30

RE: Vpn Post Reply with Quote Edit/Delete Post Report Post to a Moderator       IP Information Go to the top of this page

So, at the moment a VPN connection establishes as expected but I get a wrong route, below is a record from my Netstat table:

www1.pbxes.com 192.168.0.1 UGHS 1 0 en3

this route should be pointed out to a VPN address.

19.10.2016 10:07 joinnovate is offline Search for Posts by joinnovate Add joinnovate to your Buddy List
i-p
Super Moderator


Registration Date: 14.01.2006
Posts: 4783

RE: Vpn Post Reply with Quote Edit/Delete Post Report Post to a Moderator       IP Information Go to the top of this page

Routes should be announced on PPTP and L2TP/IPSec. We've tested that successfully on a Windows 7 client. How about the iPhone now?

19.10.2016 20:38 i-p-tel is offline Search for Posts by i-p-tel Add i-p-tel to your Buddy List
joi
Premium Account


Registration Date: 21.11.2013
Posts: 30

RE: Vpn Post Reply with Quote Edit/Delete Post Report Post to a Moderator       IP Information Go to the top of this page

You know, as of now a traffic to the PBX goes through default interface but all other routs to the VPN smile It should be on the contrary. Such behaviour take place at Mac OS.

By the other hand on iPhone all traffic (IP and SIP) ignore a VPN connection and pass through usual interface meanwhile VPN is active.

This post has been edited 1 time(s), it was last edited by joi on 20.10.2016 at 16:33.

20.10.2016 12:58 joinnovate is offline Search for Posts by joinnovate Add joinnovate to your Buddy List
i-p
Super Moderator


Registration Date: 14.01.2006
Posts: 4783

RE: Vpn Post Reply with Quote Edit/Delete Post Report Post to a Moderator       IP Information Go to the top of this page

We've altered configuration slightly. Does this help to solve the strange routing on iOS? Please try to access www2 . pbxes . com via the tunnel to www1 . pbxes . com.

24.10.2016 10:45 i-p-tel is offline Search for Posts by i-p-tel Add i-p-tel to your Buddy List
joi
Premium Account


Registration Date: 21.11.2013
Posts: 30

RE: Vpn Post Reply with Quote Edit/Delete Post Report Post to a Moderator       IP Information Go to the top of this page

So, I've tried everything. Packets to www1.pbxes.com go through the public instead of VPN, packets to www2.pbxes.com go through VPN though. All the other traffic go through default gateway. Here you are netstat -r, it's easy to see a misconfiguration in the routing:

Destination Gateway Flags Refs Use Netif Expire
default 192.168.0.1 UGSc 26 0 en0
default link#19 UCSI 3 0 ppp0
a.resolvers.level3 link#19 UHWIi 3 48 ppp0
5.9.79.175/32 ppp0 USc 0 0 ppp0
10.0.0.156 link#19 UHW3I 0 2 ppp0 9
10.84.233.1 10.84.233.2 UH 1 0 ppp0
10.255.255.255 link#19 UHW3I 0 66 ppp0 6
67.231.240.210/32 ppp0 USc 0 0 ppp0
107.155.198.131/32 ppp0 USc 0 5 ppp0
127 localhost UCS 0 0 lo0
localhost localhost UH 5 1642626 lo0
www1.pbxes.com 192.168.0.1 UGHS 4 4829 en0

I guess you have to add routes to all your networks as you did for 107.155.198.131/32 and delete the route to www1.pbxes.com.

05.05.2018 12:43 joinnovate is offline Search for Posts by joinnovate Add joinnovate to your Buddy List
i-p
Super Moderator


Registration Date: 14.01.2006
Posts: 4783

RE: Vpn Post Reply with Quote Edit/Delete Post Report Post to a Moderator       IP Information Go to the top of this page

Today we've reverted back to the configuration of Oct 19, 2017 which included www1 into the list of routes.

08.05.2018 12:18 i-p-tel is offline Search for Posts by i-p-tel Add i-p-tel to your Buddy List
joi
Premium Account


Registration Date: 21.11.2013
Posts: 30

RE: Vpn Post Reply with Quote Edit/Delete Post Report Post to a Moderator       IP Information Go to the top of this page

Now everything has almost done look at netstat

Destination Gateway Flags Refs Use Netif Expire
default 192.168.0.1 UGSc 33 0 en6
default 192.168.0.1 UGScI 2 0 en0
default link#19 UCSI 3 0 ppp0
a.resolvers.level3 link#19 UHWIi 9 40 ppp0
5.9.79.175/32 ppp0 USc 0 0 ppp0
10.84.233.1 10.84.233.2 UH 1 0 ppp0
17.173.254.222 link#19 UHW3I 0 4 ppp0 8
17.173.254.223 link#19 UHWIi 1 2 ppp0
67.231.240.210/32 ppp0 USc 0 0 ppp0
107.155.198.131/32 ppp0 USc 0 0 ppp0
127 localhost UCS 0 0 lo0
localhost localhost UH 5 1993877 lo0
www1.pbxes.com 192.168.0.1 UGHS 0 0 en6

there're routs to www2, www3, www4 to the right interface but still present wrong route to www1 and pbxes.org 144.76.38.78/32

www1.pbxes.com 192.168.0.1 UGHS 0 0 en6

16.05.2018 11:58 joinnovate is offline Search for Posts by joinnovate Add joinnovate to your Buddy List
i-p
Super Moderator


Registration Date: 14.01.2006
Posts: 4783

RE: Vpn Post Reply with Quote Edit/Delete Post Report Post to a Moderator       IP Information Go to the top of this page

OK, then you should register to www3, and also have your account on www3 (you can set this in Personal Data). We've got no idea how to change the routing table.

04.06.2018 12:42 i-p-tel is offline Search for Posts by i-p-tel Add i-p-tel to your Buddy List
 
Post New Thread Post Reply
Go to:

Powered by Burning Board Lite 1.0.2 © 2001-2004 WoltLab GmbH
English Translation by Satelk