Topic: Snom 370 and SME8 with Openvpn

[Drifting]

Hi People.

Has anyone actually managed to get open vpn working with the Snom 370? As usual the documentation assumes an awful lot (Snom site) That and my poor knowledge of Opendvpn and certificates does little to help.

Anyway, managed to install openvpn-bridge and PKI with the excellent contribs from this site (Credit to those who made them for us) I can connect to the SME server with openvpn fine from Mac, Ubuntu, and Windslows 7.

This is the Snom document I was working to:- http://wiki.snom.com/Networking/Virtual_Private_Network_%28VPN%29
And here is my vpn.cnf that Snom say I need to create :-
rport 1194
proto udp
dev tap
nobind
# Uncomment the following line if your system
# support passtos (not supported on Windows)
# passtos
remote <server-remote-ip>

tls-client
ns-cert-type server


# Replace user.p12 with the certificate
# bundle in PKCS12 format
#pkcs12 voip1.p12

# You can replace the pkcs12
# directive with the old ones
ca /openvpn/main-ca.pem
cert /openvpn/voip1.pem
key /openvpn/voip1-key.pem


These parameters work with linux, and I created the required vpnclient.tgz on the sme server itself, and shared the resultant file from a web ibay.
The phone connects fine to the website, downloads the tgz file and seems to uncompress fine. However after a reboot, all I get is a very terse vpn error on the phone, and nothing in the phone logs (verbosity increased to 9) And if I mine through the phone display for the error, then all it says is "Key Unassigned" ?

Any help appreciated.

P

[Drifting]

Oh, thought someone might have given this a try, you must all be confident in your security then?

Seriously, if anyone has any ideas, I would really appreciate some help. Been banging my head on a wall with this, not even got an answer off the Snom forums, or the distributors.

P

[Drifting]

Problem now resolved.

It was the config file, and the way the snom worked.

[SARK devs]

can you share your procedure please?

I'm sure there are others who would like to run Snoms over openvpn

Best

S

[Drifting]

Sorry for the delay in responding, yes I most certainly will.
The install itself was very straightforward as long as you follow the instructions for installing PHPki and OpenVPN bridge contribs. Would just like to thank the guys for those, saved hours of messing around.
As I say it all came down the the way the Snom accepted the config file. As soon as I have the server back up and running, I will paste the config here.

Regards P

[Irksome]

I just thought I'd jump on this one as I've been banging my head against the various walls involved in getting the Snom working with OpenVPN and SARK/SAIL.  The Snom client config misses out one parameter that tends to feature in all the server configs that exist on the net - from memory I think its missing comp-lzo, but the basic rule of thumb is that if it features in the server config it must also feature in the client config.

With respect to the Snom vpn logging ... its not there and so I recommend testing your client config with the OpenVPN client - just change the config extension and it will work (I use the 'doze client for ease) / show you why its not working.