I have a OpenVPN AS setup and it works fine on my android device connecting in when not at home.
One thing I want to get working is a SIP softphone connecting to my home PBX from my Android device.
Currently the softphone registers fine with my PBX and can make/receive calls.
The problem I am having is only one way audio - The home PBX can hear the Android softphone, but the Android softphone can't hear them.
After reading/searching I've read this is to do with SIP not playing well with NAT.
Under 'VPN Settings> Routing' I have changed 'Yes, using NAT' to Yes, using routing (advanced), I haven't changed anything else.
Now the VPN connects fine but does not work, I don't have internet access or access to the any devices on the local home network.
My local network is 192.168.0.xxx
I have attached a couple of screenshots of my VPN settings.
Any help is appreciated - Note: I'm a network/VPN newbie.
Below is the OpenVPN log with NAT (this works/connects fine except the one way SIP audio)
Code: Select all
Thu May 26 12:00:58 2016 OpenVPN 2.3.8 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Aug 4 2015
Thu May 26 12:00:58 2016 library versions: OpenSSL 1.0.1p 9 Jul 2015, LZO 2.08
Enter Management Password:
Thu May 26 12:00:58 2016 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25344
Thu May 26 12:00:58 2016 Need hold release from management interface, waiting...
Thu May 26 12:00:58 2016 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25344
Thu May 26 12:00:58 2016 MANAGEMENT: CMD 'state on'
Thu May 26 12:00:58 2016 MANAGEMENT: CMD 'log all on'
Thu May 26 12:00:58 2016 MANAGEMENT: CMD 'hold off'
Thu May 26 12:00:58 2016 MANAGEMENT: CMD 'hold release'
Thu May 26 12:01:04 2016 MANAGEMENT: CMD 'username "Auth" "admin"'
Thu May 26 12:01:04 2016 MANAGEMENT: CMD 'password [...]'
Thu May 26 12:01:04 2016 Control Channel Authentication: tls-auth using INLINE static key file
Thu May 26 12:01:04 2016 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu May 26 12:01:04 2016 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu May 26 12:01:04 2016 Socket Buffers: R=[8192->100000] S=[8192->100000]
Thu May 26 12:01:04 2016 UDPv4 link local: [undef]
Thu May 26 12:01:04 2016 UDPv4 link remote: [AF_INET]XXX.XXX.XXX.XXX:1194
Thu May 26 12:01:04 2016 MANAGEMENT: >STATE:1464260464,WAIT,,,
Thu May 26 12:01:04 2016 MANAGEMENT: >STATE:1464260464,AUTH,,,
Thu May 26 12:01:04 2016 TLS: Initial packet from [AF_INET]XXX.XXX.XXX.XXX:1194, sid=80f63dad 59122785
Thu May 26 12:01:04 2016 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Thu May 26 12:01:05 2016 VERIFY OK: depth=1, CN=OpenVPN CA
Thu May 26 12:01:05 2016 VERIFY OK: nsCertType=SERVER
Thu May 26 12:01:05 2016 VERIFY OK: depth=0, CN=OpenVPN Server
Thu May 26 12:01:06 2016 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu May 26 12:01:06 2016 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu May 26 12:01:06 2016 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu May 26 12:01:06 2016 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu May 26 12:01:06 2016 Control Channel: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
Thu May 26 12:01:06 2016 [OpenVPN Server] Peer Connection Initiated with [AF_INET]XXX.XXX.XXX.XXX:1194
Thu May 26 12:01:07 2016 MANAGEMENT: >STATE:1464260467,GET_CONFIG,,,
Thu May 26 12:01:08 2016 SENT CONTROL [OpenVPN Server]: 'PUSH_REQUEST' (status=1)
Thu May 26 12:01:08 2016 PUSH: Received control message: 'PUSH_REPLY,explicit-exit-notify,topology subnet,route-delay 5 30,dhcp-pre-release,dhcp-renew,dhcp-release,route-metric 101,ping 12,ping-restart 50,auth-token SESS_ID,comp-lzo yes,redirect-gateway def1,redirect-gateway bypass-dhcp,redirect-gateway autolocal,route-gateway 172.17.0.145,dhcp-option DNS 192.168.0.1,register-dns,block-ipv6,ifconfig 172.17.0.146 255.255.255.248'
Thu May 26 12:01:08 2016 Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:18: block-ipv6 (2.3.8)
Thu May 26 12:01:08 2016 OPTIONS IMPORT: timers and/or timeouts modified
Thu May 26 12:01:08 2016 OPTIONS IMPORT: explicit notify parm(s) modified
Thu May 26 12:01:08 2016 OPTIONS IMPORT: LZO parms modified
Thu May 26 12:01:08 2016 OPTIONS IMPORT: --ifconfig/up options modified
Thu May 26 12:01:08 2016 OPTIONS IMPORT: route options modified
Thu May 26 12:01:08 2016 OPTIONS IMPORT: route-related options modified
Thu May 26 12:01:08 2016 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Thu May 26 12:01:08 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Thu May 26 12:01:08 2016 MANAGEMENT: >STATE:1464260468,ASSIGN_IP,,172.17.0.146,
Thu May 26 12:01:08 2016 open_tun, tt->ipv6=0
Thu May 26 12:01:08 2016 TAP-WIN32 device [Local Area Connection 2] opened: \\.\Global\{09899D1B-589D-47CB-A3AB-2463078A3D3B}.tap
Thu May 26 12:01:08 2016 TAP-Windows Driver Version 9.21
Thu May 26 12:01:08 2016 Set TAP-Windows TUN subnet mode network/local/netmask = 172.17.0.144/172.17.0.146/255.255.255.248 [SUCCEEDED]
Thu May 26 12:01:08 2016 Notified TAP-Windows driver to set a DHCP IP/netmask of 172.17.0.146/255.255.255.248 on interface {09899D1B-589D-47CB-A3AB-2463078A3D3B} [DHCP-serv: 172.17.0.150, lease-time: 31536000]
Thu May 26 12:01:08 2016 Successful ARP Flush on interface [15] {09899D1B-589D-47CB-A3AB-2463078A3D3B}
Thu May 26 12:01:08 2016 TAP: DHCP address released
Thu May 26 12:01:12 2016 TAP: DHCP address renewal succeeded
Thu May 26 12:01:17 2016 TEST ROUTES: 1/1 succeeded len=0 ret=1 a=0 u/d=up
Thu May 26 12:01:17 2016 C:\Windows\system32\route.exe ADD XXX.XXX.XXX.XXX MASK 255.255.255.255 192.168.43.1
Thu May 26 12:01:17 2016 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=25 and dwForwardType=4
Thu May 26 12:01:17 2016 Route addition via IPAPI succeeded [adaptive]
Thu May 26 12:01:17 2016 C:\Windows\system32\route.exe ADD 192.168.43.1 MASK 255.255.255.255 192.168.43.1 IF 16
Thu May 26 12:01:17 2016 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=25 and dwForwardType=4
Thu May 26 12:01:17 2016 Route addition via IPAPI succeeded [adaptive]
Thu May 26 12:01:17 2016 C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 172.17.0.145
Thu May 26 12:01:17 2016 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
Thu May 26 12:01:17 2016 Route addition via IPAPI succeeded [adaptive]
Thu May 26 12:01:17 2016 C:\Windows\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 172.17.0.145
Thu May 26 12:01:17 2016 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
Thu May 26 12:01:17 2016 Route addition via IPAPI succeeded [adaptive]
Thu May 26 12:01:17 2016 Initialization Sequence Completed
Thu May 26 12:01:17 2016 MANAGEMENT: >STATE:1464260477,CONNECTED,SUCCESS,172.17.0.146,XXX.XXX.XXX.XXX
Thu May 26 12:01:17 2016 Start net commands...
Thu May 26 12:01:17 2016 C:\Windows\system32\net.exe stop dnscache
Thu May 26 12:01:19 2016 C:\Windows\system32\net.exe start dnscache
Thu May 26 12:01:21 2016 C:\Windows\system32\ipconfig.exe /flushdns
Thu May 26 12:01:21 2016 C:\Windows\system32\ipconfig.exe /registerdns
Thu May 26 12:01:24 2016 End net commands...
Thu May 26 12:02:44 2016 SIGTERM received, sending exit notification to peer
Thu May 26 12:02:45 2016 C:\Windows\system32\route.exe DELETE XXX.XXX.XXX.XXX MASK 255.255.255.255 192.168.43.1
Thu May 26 12:02:45 2016 Route deletion via IPAPI succeeded [adaptive]
Thu May 26 12:02:45 2016 C:\Windows\system32\route.exe DELETE 192.168.43.1 MASK 255.255.255.255 192.168.43.1
Thu May 26 12:02:45 2016 Route deletion via IPAPI succeeded [adaptive]
Thu May 26 12:02:45 2016 C:\Windows\system32\route.exe DELETE 0.0.0.0 MASK 128.0.0.0 172.17.0.145
Thu May 26 12:02:45 2016 Route deletion via IPAPI succeeded [adaptive]
Thu May 26 12:02:45 2016 C:\Windows\system32\route.exe DELETE 128.0.0.0 MASK 128.0.0.0 172.17.0.145
Thu May 26 12:02:45 2016 Route deletion via IPAPI succeeded [adaptive]
Thu May 26 12:02:45 2016 Closing TUN/TAP interface
Thu May 26 12:02:45 2016 TAP: DHCP address released
Thu May 26 12:02:45 2016 SIGTERM[soft,exit-with-notification] received, process exiting
Thu May 26 12:02:45 2016 MANAGEMENT: >STATE:1464260565,EXITING,exit-with-notification,,
Code: Select all
Thu May 26 12:35:24 2016 OpenVPN 2.3.8 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Aug 4 2015
Thu May 26 12:35:24 2016 library versions: OpenSSL 1.0.1p 9 Jul 2015, LZO 2.08
Enter Management Password:
Thu May 26 12:35:24 2016 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25344
Thu May 26 12:35:24 2016 Need hold release from management interface, waiting...
Thu May 26 12:35:25 2016 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25344
Thu May 26 12:35:25 2016 MANAGEMENT: CMD 'state on'
Thu May 26 12:35:25 2016 MANAGEMENT: CMD 'log all on'
Thu May 26 12:35:25 2016 MANAGEMENT: CMD 'hold off'
Thu May 26 12:35:25 2016 MANAGEMENT: CMD 'hold release'
Thu May 26 12:35:39 2016 MANAGEMENT: CMD 'username "Auth" "admin"'
Thu May 26 12:35:39 2016 MANAGEMENT: CMD 'password [...]'
Thu May 26 12:35:39 2016 Control Channel Authentication: tls-auth using INLINE static key file
Thu May 26 12:35:39 2016 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu May 26 12:35:39 2016 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu May 26 12:35:39 2016 Socket Buffers: R=[8192->100000] S=[8192->100000]
Thu May 26 12:35:39 2016 UDPv4 link local: [undef]
Thu May 26 12:35:39 2016 UDPv4 link remote: [AF_INET]XXX.XXX.XXX.XXX:1194
Thu May 26 12:35:39 2016 MANAGEMENT: >STATE:1464262539,WAIT,,,
Thu May 26 12:35:39 2016 MANAGEMENT: >STATE:1464262539,AUTH,,,
Thu May 26 12:35:39 2016 TLS: Initial packet from [AF_INET]XXX.XXX.XXX.XXX:1194, sid=2610837b a2566a9b
Thu May 26 12:35:39 2016 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Thu May 26 12:35:39 2016 VERIFY OK: depth=1, CN=OpenVPN CA
Thu May 26 12:35:39 2016 VERIFY OK: nsCertType=SERVER
Thu May 26 12:35:39 2016 VERIFY OK: depth=0, CN=OpenVPN Server
Thu May 26 12:35:43 2016 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu May 26 12:35:43 2016 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu May 26 12:35:43 2016 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu May 26 12:35:43 2016 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu May 26 12:35:43 2016 Control Channel: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
Thu May 26 12:35:43 2016 [OpenVPN Server] Peer Connection Initiated with [AF_INET]XXX.XXX.XXX.XXX:1194
Thu May 26 12:35:44 2016 MANAGEMENT: >STATE:1464262544,GET_CONFIG,,,
Thu May 26 12:35:46 2016 SENT CONTROL [OpenVPN Server]: 'PUSH_REQUEST' (status=1)
Thu May 26 12:35:46 2016 PUSH: Received control message: 'PUSH_REPLY,explicit-exit-notify,topology subnet,route-delay 5 30,dhcp-pre-release,dhcp-renew,dhcp-release,route-metric 101,ping 12,ping-restart 50,auth-token SESS_ID,comp-lzo yes,redirect-gateway def1,redirect-gateway bypass-dhcp,redirect-gateway autolocal,route-gateway 172.17.0.145,dhcp-option DNS 192.168.0.1,register-dns,block-ipv6,ifconfig 172.17.0.146 255.255.255.248'
Thu May 26 12:35:46 2016 Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:18: block-ipv6 (2.3.8)
Thu May 26 12:35:46 2016 OPTIONS IMPORT: timers and/or timeouts modified
Thu May 26 12:35:46 2016 OPTIONS IMPORT: explicit notify parm(s) modified
Thu May 26 12:35:46 2016 OPTIONS IMPORT: LZO parms modified
Thu May 26 12:35:46 2016 OPTIONS IMPORT: --ifconfig/up options modified
Thu May 26 12:35:46 2016 OPTIONS IMPORT: route options modified
Thu May 26 12:35:46 2016 OPTIONS IMPORT: route-related options modified
Thu May 26 12:35:46 2016 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Thu May 26 12:35:46 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Thu May 26 12:35:46 2016 MANAGEMENT: >STATE:1464262546,ASSIGN_IP,,172.17.0.146,
Thu May 26 12:35:46 2016 open_tun, tt->ipv6=0
Thu May 26 12:35:46 2016 TAP-WIN32 device [Local Area Connection 2] opened: \\.\Global\{09899D1B-589D-47CB-A3AB-2463078A3D3B}.tap
Thu May 26 12:35:46 2016 TAP-Windows Driver Version 9.21
Thu May 26 12:35:46 2016 Set TAP-Windows TUN subnet mode network/local/netmask = 172.17.0.144/172.17.0.146/255.255.255.248 [SUCCEEDED]
Thu May 26 12:35:46 2016 Notified TAP-Windows driver to set a DHCP IP/netmask of 172.17.0.146/255.255.255.248 on interface {09899D1B-589D-47CB-A3AB-2463078A3D3B} [DHCP-serv: 172.17.0.150, lease-time: 31536000]
Thu May 26 12:35:46 2016 Successful ARP Flush on interface [15] {09899D1B-589D-47CB-A3AB-2463078A3D3B}
Thu May 26 12:35:46 2016 NOTE: Release of DHCP-assigned IP address lease on TAP-Windows adapter failed: An address has not yet been associated with the network endpoint. (code=1228)
Thu May 26 12:35:49 2016 TAP: DHCP address renewal succeeded
Thu May 26 12:35:54 2016 TEST ROUTES: 1/1 succeeded len=0 ret=1 a=0 u/d=up
Thu May 26 12:35:54 2016 C:\Windows\system32\route.exe ADD XXX.XXX.XXX.XXX MASK 255.255.255.255 192.168.0.1
Thu May 26 12:35:54 2016 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
Thu May 26 12:35:54 2016 Route addition via IPAPI succeeded [adaptive]
Thu May 26 12:35:54 2016 C:\Windows\system32\route.exe ADD 192.168.0.1 MASK 255.255.255.255 192.168.0.1 IF 16
Thu May 26 12:35:54 2016 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
Thu May 26 12:35:54 2016 Route addition via IPAPI succeeded [adaptive]
Thu May 26 12:35:54 2016 C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 172.17.0.145
Thu May 26 12:35:54 2016 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
Thu May 26 12:35:54 2016 Route addition via IPAPI succeeded [adaptive]
Thu May 26 12:35:54 2016 C:\Windows\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 172.17.0.145
Thu May 26 12:35:54 2016 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
Thu May 26 12:35:54 2016 Route addition via IPAPI succeeded [adaptive]
Thu May 26 12:35:54 2016 Initialization Sequence Completed
Thu May 26 12:35:54 2016 MANAGEMENT: >STATE:1464262554,CONNECTED,SUCCESS,172.17.0.146,XXX.XXX.XXX.XXX
Thu May 26 12:35:54 2016 Start net commands...
Thu May 26 12:35:54 2016 C:\Windows\system32\net.exe stop dnscache
Thu May 26 12:35:57 2016 C:\Windows\system32\net.exe start dnscache
Thu May 26 12:35:59 2016 C:\Windows\system32\ipconfig.exe /flushdns
Thu May 26 12:35:59 2016 C:\Windows\system32\ipconfig.exe /registerdns
Thu May 26 12:36:02 2016 End net commands...
Thu May 26 12:36:17 2016 SIGTERM received, sending exit notification to peer
Thu May 26 12:36:18 2016 C:\Windows\system32\route.exe DELETE XXX.XXX.XXX.XXX MASK 255.255.255.255 192.168.0.1
Thu May 26 12:36:18 2016 Route deletion via IPAPI succeeded [adaptive]
Thu May 26 12:36:18 2016 C:\Windows\system32\route.exe DELETE 192.168.0.1 MASK 255.255.255.255 192.168.0.1
Thu May 26 12:36:18 2016 Route deletion via IPAPI succeeded [adaptive]
Thu May 26 12:36:18 2016 C:\Windows\system32\route.exe DELETE 0.0.0.0 MASK 128.0.0.0 172.17.0.145
Thu May 26 12:36:18 2016 Route deletion via IPAPI succeeded [adaptive]
Thu May 26 12:36:18 2016 C:\Windows\system32\route.exe DELETE 128.0.0.0 MASK 128.0.0.0 172.17.0.145
Thu May 26 12:36:18 2016 Route deletion via IPAPI succeeded [adaptive]
Thu May 26 12:36:18 2016 Closing TUN/TAP interface
Thu May 26 12:36:18 2016 TAP: DHCP address released
Thu May 26 12:36:18 2016 SIGTERM[soft,exit-with-notification] received, process exiting
Thu May 26 12:36:18 2016 MANAGEMENT: >STATE:1464262578,EXITING,exit-with-notification,,