Sorry I meant what if I put 10.8.0.1/255.0.0.0 ?
Or rather since I have only one softphone peer connected through OpenVPN, why not put the localnet as 10.8.0.1/255.255.255.0 ?
The softphone IP when I connect is 10.8.0.6, so shouldn’t 10.8.0.1/255.255.255.0 work fine ?
Ok that covers outgoing what what about incoming. For example when the ITSP sends packets back to Asterisk, how does Asterisk know which peer to forward it to ?
Does it take the information from the connection ?
You would need 10.8.0.1/255.255.255.255
I used both
localnet = 10.8.0.1/255.0.0.0
and
localnet = 10.8.0.1/255.255.255.0
They both worked perfectly. Don’t know what is the logic behind selecting the correct subnet. If you could shed some light on that then it would be great.
But my Asterisk is working fine behind OpenVPN and I have audio.
Thanks everyone.
BTW if anyone is interested in learninghow to configure OpenVPN Hak5 has a great tutorial on youtube that I used in this case https://www.youtube.com/watch?v=XcsQdtsCS1U
Also my sip.conf now contains the following configuration-:
externip=54.X.X.X
localnet=172.X.X.X/255.255.X.X
localnet= 10.8.0.1/255.255.255.0 ; This is for OpenVPN peersAsterisk does not forward SIP traffic itself to another peer, it acts on the messages which have a defined method in the SIP specification for determining what constitutes a call. For media the information is negotiated so it knows that media arriving on port ‘X’ is for call ‘Y’.
The logic behind choosing the subnetwork is that ask the person who configured the networks. We can’t tell you exactly what you need. (You can specify less than the official subnetwork if covers all addresses actually used on that subnetwork.)
I suspect your 10… network is actually classless and is really 10.8.0/24, but only the system admin would really know, although you should be able to tell by looking at the subnetwork mask on the Linux interface.
Hello
I have also an issue with Asterisk setup over OpenVPN:
My setup is:
OpenVPN an Asterisk Server:
DHCP LAN: 10.10.1.0/24
VPN tunnel: 10.0.1.0/24
WAN: 10.10.10.10
Modem: 10.10.10.1
OpenVPN Client2:
DHCP LAN: 10.10.2.0/24
VPN tunnel: 10.0.1.2
WAN: 10.10.20.10
Modem: 10.10.20.1
OpenVPN Client3:
DHCP LAN: 10.10.3.0/24
VPN tunnel: 10.0.1.3
WAN: 10.10.30.10
Modem: 10.10.30.1
Note:
The OpenVPN is configued that all clients can see each other e.g.
10.10.2.x can ping 10.10.1.x or 10.10.2.x or 10.10.3.x or vice versa.
The WAN IP and Modem have a local IP since the modem is a second router (router cascade) to the internet
First I want simply to connect two SIP clients connected LAN on OpenVPN client2 e.g.
10.10.2.3 and 10.10.2.4. I can establisch a connection over the SIP server 10.10.1.1 but
if I set directmedia=yes then it is working well and I have audio but I want to get them directly connected for RTP since they already can ping each other.
What do I have to set?
I have set localnet=10.10.0.0/255.255.0.0 but this seems no sufficient.
Please don’t hijack other people’s threads.
It is a case of what you should not do, specifically, you should not do anything that requires Asterisk to see the media (including DTMF) during the call, and you should not have any (unoptimised) local channels in the path.
Provided the peers support re-invites, directmedia will result in direct RTP, if if is safe to use that.
Hi david551
ok I will open a new thread with the same topic.
I thought it would be more effective to use this one.
Is there a way you can help me with a OPENVPN/Vicidial implementation. We tried on our local net and DigitalOcean. As soon as we get to 10 users. Port 80 gets blocked somehow.
Sorry if that sounds unhelpful. While there may be Vicidial and OpenVPN experts here, the focus on this forum is ‘plain text file configured Asterisk.’
Also, consider why ports may be blocked and the repercussions of ‘going around’ these restrictions may have consequences – cough, cough China/North Korea/Iran/etc.