On 19 February 2015 at 14:51, Chuck Mariotti <cmario...@xunity.com> wrote:
> >That's definitely the cable modem's NAT getting confused. If you can get > the phones to randomize their source ports on their OpenVPN traffic, that > might resolve. I'm not sure if that's possible on those phones. In stock > OpenVPN, specifying "lport 0" >in the config will make it choose a random > port. I'm not sure if that's configurable for the Yealink phones though. We > disable that automatically in our OpenVPN client export for Yealink because > they didn't support it at least up until recently. > > >If you can change the modem to bridge mode to pass through the public IP > to a router of some sort that will properly handle that circumstance, it'll > resolve that. That might be hit or miss with consumer-grade routers. A > completely default pfSense >config will work fine in that circumstance, as > it'll randomize the source ports on its own so the phones don't have to. > > I'm not sure installing a pfSense box is an option at the moment... will a > consumer grade (Asus RT-AC68U as an example) be useful? Unless there is a > "Just as good / same price pfSense with wifi AC). > I have one ASUS pulled from an installation... I guess another approach > could be to use the consumer router to build the OpenVPN tunnel instead of > the phones. Not sure if that's better or worse... will have to think that > through... it's nice to see the phones popup on pfSense. > > I would build the tunnel using other devices and just let the phones communicate. It's a lot easier that way. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 "I can't hear you -- I'm using the scrambler."
_______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
