OpenVPN#

The following table describes the OpenVPN version used by the phone, starting from the given firmware. openvpn-ics is licensed to establish connections.

Firmware	OpenVPN version	openvpn-ics version
2.4A-00000	2.6	0.7.38

This article describes a configuration of a roadwarrior scenario, where a D-200 phone connects to a COMmander 6000 via a OpenVPN VPN Server.

In our example, the D-200 is located in the 192.168.1.0/24 subnet. The pbx is located in the 192.168.21.0/24 subnet.

Info

After configuring your VPN tunnel, you need to specify the interfaceType in your identity configuration

openvpn.xml
<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <network>
    <vpn>
        <active>true</active>
        <vpnType>OpenVPN</vpnType>
        <name>VPN name</name>
        <!-- Optional - depends on the OpenVPN Config parameters -->
        <server>192.168.1.239</server>
        <!-- Optional - depends on the OpenVPN Config parameters -->
        <username>theUserName</username>
        <!-- Optional - depends on the OpenVPN Config parameters -->
        <password>secretVPNCredential</password>
        <openvpnConfig>
          .. here we need the content of an ovpn config ..
          .. ca/cert/key-sections must only contain the
              certificate block without any leading spaces. E.g.:
        client
        dev tun
        proto tcp
        remote myServer.com 443
        verify-x509-name "C=de, L=Earth, O=myCompany.com"
        route remote_host 255.255.255.255 net_gateway
        resolv-retry infinite
        nobind
        persist-key
        persist-tun
        auth-user-pass
        cipher AES-128-CBC
        auth MD5
        comp-lzo
        route-delay 4
        verb 3
        reneg-sec 0
        <ca>
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgIJP6dLQT0qXqzaMA0GCSqGSIb3DQEBCwUAMIGZMQswCQYD
....
6aANTyh=
-----END CERTIFICATE-----
        </ca>
        <cert>
-----BEGIN CERTIFICATE-----
MIID9zCCAt+gAwIBAgIJANTyhT0qXqzTujrACSqGSIb3DQEBCwUAMIGZMQswCQYD
....
MVXSz6fMMA0GSo0=
-----END CERTIFICATE-----
        </cert>
        <key>
-----BEGIN PRIVATE KEY-----
MIIEvwIBADANBgkqhkiG9wuG6bEFAASCBKkwggSlAgEllPIBAQCdmjFj51dd8DMV
....
WkDel40BAQ/LlZgLBmHsgRYVHg==
-----END PRIVATE KEY-----
        </key>
          </openvpnConfig>
    </vpn>
  </network>
    <identities>
      <identity>
        <active>true</active>
        <displayname>COMmander 6000</displayname>
        <username>70</username>
        <host>192.168.21.100</host>
        <password>AccountPassword</password>
        <frameSize>20</frameSize>
        <audiocodecs>
          <audiocodec>G.722</audiocodec>
          <audiocodec>G.711</audiocodec>
        </audiocodecs>
        <clir>displayAnonymous</clir>
        <localmoh>false</localmoh>
        <secureConnection>false</secureConnection>
        <srtp>disabled</srtp>
        <ipVersion>IpV4</ipVersion>
        <checkHostname>true</checkHostname>
        <pickupCode>##06</pickupCode>
        <!-- Important! select vpn here to route calls over the VPN tunnel -->
        <interfaceType>vpn</interfaceType>
      </identity>
      <identity>
        <active>false</active>
      </identity>
      <identity>
        <active>false</active>
      </identity>
      <identity>
        <active>false</active>
      </identity>
      <identity>
        <active>false</active>
      </identity>
      <identity>
        <active>false</active>
      </identity>
    </identities>
</configuration>