Ulisses Féres | Abratel Telecom & Info

Archive for Ulisses Féres

Brother printers: how to install them in Linux Mint

/ 4 de julho de 2018 / No comments
Linux_Mint_modified_Logo

A Brother printer is nowadays easily installable in Linux Mint. You can apply this how-to:

1. Connect your printer to your computer by means of a USB cable (even when you intend to use it as a network printer later on: for initial installation a USB cable is often needed). Then turn on your printer.

2. Sometimes it’s necessary to add a printer or scanner to the system yourself, by means of the application Printers. In that case the application Printers already contains the driver for your printer, but you have to “indicate” the printer first.

So launch the application Printers. You can use the search box in your menu to find it; it’s present by default in all editions of Linux Mint.

In Printers, click the button Add (with the + sign) and follow the steps it offers you.

But in some cases this driver doesn’t work well: the printed characters are deformed. Or if you have a multifunctional printer, this doesn’t get the scanner part operational: you can only print. Or your printer might simply be too new for the database in your version of Linux Mint. In either of those cases, proceed with step 3:

3. Installing the driver manually isn’t very difficult either, because Brother has issued a generic install script for that: the Driver Install Tool.

With that, you can install not only the printer driver, but also (for a multifunctional printer) the scanner driver.

You can use it as follows:

4. First remove any existing instance of the Brother printer in the application Printers.

5. Go to the download section of the Brother website and look up your printer model.

For “OS Family” you choose Linux.
For “OS Version” you select Linux (deb).
Click the Search button.

Then click the Driver Install Tool and download linux-brprinter-installer.

Save the downloaded file in the folder Downloads. Don’t extract the zipped file, but leave it there just as it is. Note: don’t use the installation how-to on the Brother website, but use the installation how-to on my website instead (see below)!

6. Launch a terminal linux.

d. Now copy/paste the following command into the terminal, in order to unzip the downloaded file (it’s one line):

cd ~/Downloads && gunzip -v ~/Downloads/linux-brprinter*

Press Enter.

7. Use copy/paste to transfer the following line to the terminal:

sudo bash ~/Downloads/linux-brprinter*

Press Enter. Type your password when prompted; this will remain entirely invisible, not even asterisks will show, which is normal.

8. Follow the steps that the installer script presents you. When asked for the printer model name, type it and press Enter.

An example is best: for a Brother DCP-1610W you type:

DCP-1610W

Note: is there at the end of the model name a letter between brackets? Then you probably have to omit that last letter (including the brackets).

Example: for the Brother MFC-L9550CDW(T) it becomes:

MFC-L9550CDW

At the question about the Device URI, you answer N for a USB printer and Y for a network printer.

For a network printer, you select in the next question the last option:
(A): Auto. For that, you type the number of that option and you press Enter.

9. Reboot your computer.

10. Now you may have to solve a problem with the scanner. In 64-bit Linux Mint 19 the location for the supporting library files has changed, and the driver for the scanner feature doesn’t always take that into account. The Brother driver then puts them in /usr/lib64, whereas your operating system expects them in /usr/lib.

So for a 64-bit system, you now need to execute the following three commands in order to make your scanner work well (use copy/paste to transfer them one by one to the terminal, and press Enter after each command):

sudo ln -sf /usr/lib64/libbrscandec*.so* /usr/lib

sudo mkdir -p /usr/lib/sane

sudo ln -sf /usr/lib64/sane/libsane-brother*.so* /usr/lib/sane

11. Then add yourself to the scanner user group. You can use a click-click-click graphical system tool for that, but this varies amongst editions. The terminal works in all editions….

An example is easiest. If your name is Johnny, your username is johnny (no caps), so the terminal command would be:

sudo usermod -a -G scanner johnny

Press Enter.

12.Now open a settings file with Xed, using the following command (use copy/paste to transfer it to the terminal):

xed admin:///lib/udev/rules.d/60-libsane1.rules

(The three consecutive dashes are intentional)

Press Enter.

13. At the very end of the text in that long text file, you see this line:

# LABEL="libsane_rules_end".

Now add the following two lines right above that line: (use copy/paste to transfer them):

# Brother scanners

ATTRS{idVendor}=="04f9", ENV{libsane_matched}="yes"

14. Reboot your computer.

15. Printers with wifi: for wireless setup, it’s necessary to configure your printer to connect to your wireless network automatically. If your printer has a small display of its own, you should be able to set this up by means of that little display (see your manual).

If your printer doesn’t have a display of its own, you might need to boot Windows for this. One time only, because you only need to configure the printer to connect to your wireless network automatically when you turn it on. Reboot into Linux, launch the application Printers, and you should be able to select your network printer wirelessly.

16. You’re done! Your printer should work fine now, including the scanner part (when present).

Category: Linux /

Regras firewall para openvpn

/ 16 de março de 2018 / No comments

Regras para passar trafego pelo iptables:

Exemplo:

tun0 – interface openvpn
eth0 – lan

# vpn
iptables -A INPUT -i tun0 -j ACCEPT

# openvpn
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

iptables -A FORWARD -i tun0 -j ACCEPT
iptables -A FORWARD -i tun0 -o eth0 -m state –state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth0 -o tun0 -m state –state RELATED,ESTABLISHED -j ACCEPT

# aceitar a openvpn
iptables -A INPUT -p udp –dport 1195 -j ACCEPT

Category: Linux /

RSSI para dBm

/ 16 de março de 2018 / No comments

Fonte: clubedohardware.com.br

A maioria dos fabricantes de radios usa dBm – potencia em decibéis – (abbreviation for the power ratio in decibels (dB)) como medida de potencia de sinal.

Alguns poucos usam RSSI -potencia em porcentagem (received signal strength indication (RSSI)) como forma de medir a potencia do sinal.

Neste site você encontra a forma de calcular e comparar as duas formas de medir a potencia dos rádios

http://www.wildpackets.com/elements/whitepapers/Converting_Signal_Strength.pdf

Veja a tabela comparativa RSSI x dBm

Conversion for Cisco

Cisco has the most granular dBm lookup table.

RSSI_Max = 100

Convert % to RSSI and lookup the result in the following table. The RSSI is on the left,

and the corresponding dBm value (a negative number) is on the right.

0 = -113

1 = -112

2 = -111

3 = -110

4 = -109

5 = -108

6 = -107

7 = -106

8 = -105

9 = -104

10 = -103

11 = -102

12 = -101

13 = -99

14 = -98

15 = -97

16 = -96

17 = -95

18 = -94

19 = -93

20 = -92

21 = -91

22 = -90

23 = -89

24 = -88

25 = -87

26 = -86

27 = -85

28 = -84

29 = -83

30 = -82

31 = -81

32 = -80

33 = -79

34 = -78

35 = -77

36 = -75

37 = -74

38 = -73

39 = -72

40 = -70

41 = -69

42 = -68

43 = -67

44 = -65

45 = -64

46 = -63

47 = -62

48 = -60

49 = -59

50 = -58

51 = -56

52 = -55

53 = -53

54 = -52

55 = -50

56 = -50

57 = -49

58 = -48

59 = -48

60 = -47

61 = -46

62 = -45

63 = -44

64 = -44

65 = -43

66 = -42

67 = -42

68 = -41

69 = -40

70 = -39

71 = -38

72 = -37

73 = -35

74 = -34

75 = -33

76 = -32

77 = -30

78 = -29

79 = -28

80 = -27

81 = -25

82 = -24

83 = -23

84 = -22

85 = -20

86 = -19

87 = -18

88 = -17

89 = -16

90 = -15

91 = -14

92 = -13

93 = -12

94 = -10

95 = -10

96 = -10

97 = -10

98 = -10

99 = -10

100 = -10

Notice that this gives a range of –10dBm to –113dBm. Bearing in mind that a Cisco card

will have a Receive Sensitivity of –96dBm at its lowest, it is impossible to obtain an RSSI

value of less than 16. Note, also, that all RSSI values greater than 93 are assigned

–10dBm, and that there are multiple places in the table where two adjacent RSSI values

are assigned the same dBm value.

Category: Outras /

Raspberry Monitor de 7 polegadas, arrumando a resolução

/ 7 de fevereiro de 2018 / No comments

Peguei o sdcard e coloquei no meu notebook.
Fui no diretório e procurei pelo arquivo config.txt
Adicionei os seguintes itens:


max_usb_current=1
hmdi_group=2
hdmi_mode=1
hdmi_mode87
hdmi_cvt 800 480 60 6 0 0 0
Category: Linux, Outras /

OpenVpn CentOS 7 – Client Mikrotik and Yealink Phone

/ 27 de janeiro de 2018 / No comments

Yealink T20P

Versao do firmware 9.73.0.40
Versao do hardware 7.0.0.54

Existe um bug que se colocar o nome dns do servidor de destino openvpn, o telefone não funciona. Sendo necessário desativar a VPN pelo painel frontal e posterior mudar o arquivo de conf do cliente para o número do ip do servidor.

<strong>[root@ipbx ~]# openvpn --version</strong>
OpenVPN 2.4.4 x86_64-redhat-linux-gnu [Fedora EPEL patched] [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 26 2017

[root@ipbx ]# uname -a
Linux ipbx.localdomain 3.10.0-693.5.2.el7.x86_64 #1 SMP Fri Oct 20 20:32:50 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

CENTOS 7

Step 1 — Installing OpenVPN

yum install openvpn easy-rsa -y

cp /usr/share/doc/openvpn-*/sample/sample-config-files/server.conf /etc/openvpn

mkdir /var/log/openvpn
touch/var/log/openvpn/openvpn.log

Let’s create a directory for the keys to go in.

mkdir -p /etc/openvpn/easy-rsa/keys
# We also need to copy the key and certificate generation scripts into the directory.

cp -rf /usr/share/easy-rsa/2.0/* /etc/openvpn/easy-rsa
# or download in git. I install version 2.2

To make life easier for ourselves we’re going to edit the default values the script
uses so we don’t have to type our information in each time. This information is stored
in the vars file so let’s open this for editing.

vi /etc/openvpn/easy-rsa/vars

We’re going to be changing the values that start with KEY_. Update the following values to be accurate for your organization.

The ones that matter the most are:

KEY_NAME: You should enter server here; you could enter something else, but then you would also have to update the configuration files that reference server.key and server.crt
KEY_CN: Enter the domain or subdomain that resolves to your server
For the other values, you can enter information for your organization based on the variable name.


# These are the default values for fields
# which will be placed in the certificate.
# Don't leave any of these fields blank.
export KEY_COUNTRY="BR"
export KEY_PROVINCE="RJ"
export KEY_CITY="RiodeJaneiro"
export KEY_ORG="Abratel"
export KEY_EMAIL="sammy@abratel.com"
export KEY_OU="AbratelTelecom" here i put same the name server

We’re also going to remove the chance of our OpenSSL configuration not loading due to the version being undetectable. We’re going to do this by copying the required configuration file and removing the version number.

Certificate:

openssl-1.0.0.cnf
easy-rsa release 2.2

I need change for SHA1 (because Yealink and Mikrotik clients)

[root@ipbx easy-rsa]# cat /etc/openvpn/easy-rsa/openssl.cnf 

default_days    = 3650                  # how long to certify for
default_crl_days= 30                    # how long before next CRL
default_md      = SHA1          # use public key default MD
preserve        = no 

[ req ]
default_bits            = $ENV::KEY_SIZE
default_keyfile         = privkey.pem
default_md              = SHA1


cp /etc/openvpn/easy-rsa/openssl-1.0.0.cnf /etc/openvpn/easy-rsa/openssl.cnf

To start generating our keys and certificates we need to move into our easy-rsa directory and source in our new variables.

cd /etc/openvpn/easy-rsa
source ./vars

Then we will clean up any keys and certificates which may already be in this folder and generate our certificate authority.

./clean-all

When you build the certificate authority, you will be asked to enter all the information we put into the vars file, but you will see that your options are already set as the defaults. So, you can just press ENTER for each one.

./build-ca

The next things we need to generate will are the key and certificate for the server. Again you can just go through the questions and press ENTER for each one to use your defaults. At the end, answer Y (yes) to commit the changes.

./build-key-server server

We also need to generate a Diffie-Hellman key exchange file. This command will take a minute or two to complete:

./build-dh

That’s it for our server keys and certificates. Copy them all into our OpenVPN directory.

cd /etc/openvpn/easy-rsa/keys
cp dh2048.pem ca.crt server.crt server.key /etc/openvpn

All of our clients will also need certificates to be able to authenticate. These keys and certificates will be shared with your clients, and it’s best to generate separate keys and certificates for each client you intend on connecting.

Make sure that if you do this you give them descriptive names, but for now we’re going to have one client so we’ll just call it client.

cd /etc/openvpn/easy-rsa
./build-key client

That’s it for keys and certificates.

YEALINK CLIENT:

vpn.cnf

client
remote A.B.C.D
nobind
persist-key
persist-tun
port 1195
proto tcp
dev tun
verb 4

ca /yealink/config/openvpn/keys/ca.crt
cert /yealink/config/openvpn/keys/client4.crt
key /yealink/config/openvpn/keys/client4.key

Todos os arquivos ca.crt, client4.crt e client5.key devem conter dentro do diretório keys
No windows pode-se utilizar o compactar 7zip para criar o tar.

vpn.cnf
|–> keys/ca.crt
|–> keys/client4.crt
|–> keys/client4.key

  tar -cf openvpn.tar vpn.cnf keys/

Os nomes devem ser respeitador (openvpn.tar, vpn.cnf)

[root@ipbx easy-rsa]# tail -f /var/log/openvpn/openvpn.log

ROUTING TABLE
Virtual Address,Common Name,Real Address,Last Ref

GLOBAL STATS
Max bcast/mcast queue length,1
END
Sat Jan 27 21:25:13 2018 TCP connection established with [AF_INET]C.C.C.C:2864
Sat Jan 27 21:25:14 2018 C.C.C.C:2864 TLS: Initial packet from [AF_INET]C.C.C.C:2864, sid=0777373e dc508015
tail: /var/log/openvpn/openvpn.log: file truncated
Sat Jan 27 21:25:26 2018 C.C.C.C:2864 VERIFY OK: depth=1, C=BR, ST=RJ, L=RiodeJaneiro, O=Abratel, OU=ipbx, CN=ipbx.intranet, name=EasyRSA, emailAddress=xxxx@xxxx.com
Sat Jan 27 21:25:26 2018 C.C.C.C:2864 VERIFY OK: depth=0, C=BR, ST=RJ, L=RiodeJaneiro, O=Abratel, OU=ipbx, CN=client4, name=EasyRSA, emailAddress=xxxxx@xxxxx.com
Sat Jan 27 21:25:26 2018 C.C.C.C:2864 Outgoing Data Channel: Cipher 'BF-CBC' initialized with 128 bit key
Sat Jan 27 21:25:26 2018 C.C.C.C:2864 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Sat Jan 27 21:25:26 2018 C.C.C.C:2864 Outgoing Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Jan 27 21:25:26 2018 C.C.C.C:2864 Incoming Data Channel: Cipher 'BF-CBC' initialized with 128 bit key
Sat Jan 27 21:25:26 2018 C.C.C.C:2864 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Sat Jan 27 21:25:26 2018 C.C.C.C:2864 Incoming Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Jan 27 21:25:26 2018 C.C.C.C:2864 WARNING: cipher with small block size in use, reducing reneg-bytes to 64MB to mitigate SWEET32 attacks.
Sat Jan 27 21:25:26 2018 C.C.C.C:2864 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Sat Jan 27 21:25:26 2018 C.C.C.C:2864 [client4] Peer Connection Initiated with [AF_INET]C.C.C.C:2864
Sat Jan 27 21:25:26 2018 MULTI: new connection by client 'client4' will cause previous active sessions by this client to be dropped.  Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Sat Jan 27 21:25:26 2018 MULTI_sva: pool returned IPv4=10.8.0.14, IPv6=(Not enabled)
Sat Jan 27 21:25:26 2018 MULTI: Learn: 10.8.0.14 -> client4/C.C.C.C:2864
Sat Jan 27 21:25:26 2018 MULTI: primary virtual IP for client4/C.C.C.C:2864: 10.8.0.14
Sat Jan 27 21:25:29 2018 client4/C.C.C.C:2864 PUSH: Received control message: 'PUSH_REQUEST'
Sat Jan 27 21:25:29 2018 client4/C.C.C.C:2864 SENT CONTROL [client4]: 'PUSH_REPLY,route 192.168.1.0 255.255.255.0,route 10.8.0.1,topology net30,ifconfig 10.8.0.14 10.8.0.13' (status=1)
tail: /var/log/openvpn/openvpn.log: file truncated

Log aparelho YEALINK

Jan 27 00:00:17 openvpn[299]: OpenVPN 2.1.3 mipsel-unknown-linux-uclibc [SSL] [LZO2] [EPOLL] built on Sep 30 2013
Jan 27 00:00:17 openvpn[299]: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Jan 27 00:00:17 openvpn[299]: NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Jan 27 00:00:17 openvpn[299]: WARNING: file '/yealink/config/openvpn/keys/client4.key' is group or others accessible
Jan 27 00:00:17 openvpn[299]: Control Channel MTU parms [ L:1543 D:140 EF:40 EB:0 ET:0 EL:0 ]
Jan 27 00:00:17 openvpn[299]: Socket Buffers: R=[43689->131072] S=[16384->131072]
Jan 27 00:00:18 openvpn[299]: Data Channel MTU parms [ L:1543 D:1450 EF:43 EB:4 ET:0 EL:0 ]
Jan 27 00:00:18 openvpn[299]: Local Options String: 'V4,dev-type tun,link-mtu 1543,tun-mtu 1500,proto TCPv4_CLIENT,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Jan 27 00:00:18 openvpn[299]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1543,tun-mtu 1500,proto TCPv4_SERVER,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Jan 27 00:00:18 openvpn[299]: Local Options hash (VER=V4): 'db02a8f8'
Jan 27 00:00:18 openvpn[299]: Expected Remote Options hash (VER=V4): '7e068940'
Jan 27 00:00:18 openvpn[301]: Attempting to establish TCP connection with A.B.C.D:1195 [nonblock]
Jan 27 00:00:18 netS[262]: SRV <3+error > sendto v6 ntp socket err
Jan 27 23:25:14 openvpn[301]: TCP connection established with A.B.C.D:1195
Jan 27 23:25:14 openvpn[301]: TCPv4_CLIENT link local: [undef]
Jan 27 23:25:14 openvpn[301]: TCPv4_CLIENT link remote: A.B.C.D:1195
Jan 27 23:25:14 openvpn[301]: TLS: Initial packet from A.B.C.D:1195, sid=4aba1b0f 2963060c
Jan 27 23:25:14 openvpn[301]: VERIFY OK: depth=1, /C=BR/ST=RJ/L=RiodeJaneiro/O=Abratel/OU=ipbx/CN=ipbx/name=EasyRSA/emailAddress=uxxxx@xxxx.com
Jan 27 23:25:14 openvpn[301]: VERIFY OK: depth=0, /C=BR/ST=RJ/L=RiodeJaneiro/O=Abratel/OU=AbratelTelecom/CN=server/name=EasyRSA/emailAddress=xxxx@xxxx.com
Jan 27 23:25:26 openvpn[301]: Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Jan 27 23:25:26 openvpn[301]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jan 27 23:25:26 openvpn[301]: Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Jan 27 23:25:26 openvpn[301]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jan 27 23:25:26 openvpn[301]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Jan 27 23:25:26 openvpn[301]: [server] Peer Connection Initiated with A.B.C.D:1195

MIKROTIK

Para funcionar no mikrotik, no server da openvpn não pode ter:
— Compressão Lzo
— Porta UDP

Alguns ajustes são necessários. Ainda no linux, converter as chaves para RSA:

openssl rsa -in ca.key -text > ca.rsa
openssl rsa -in client2.key -text > client2.rsa

NO MIKROTIK

Importar do linux esses 4 arquivos abaixo e arrasta-los para dentro do mikrotik.
Depois no terminal do mesmo executar

/certificate import file-name=ca.crt (pressione enter até concluir)
/certificate import file-name=ca.rsa (pressione enter até concluir)
/certificate import file-name=client4.crt (pressione enter até concluir)
/certificate import file-name=client4.rsa (pressione enter até concluir)

No MIKROTIK:
INTERFACES –> ADD –> OPENVPN CLIENT

Dialup: A.B.C.D (ip do servidor openvpn)
porta: 1195
mode: ip
user: cliente4 (nome da chave)
pass: vazia
profile: default-encryptation
Certificate: client4.crt_0
Auth: sha1
Cipher: blowfish 128

Após conexão, em IP –> ROUTE eu pude observar que automaticamente criou minha rota para o rede 192.168.1.0/24 saindo pelo openvpn clint.

Criei um masquerad no firewall com: 

SOURCE: rede LAN mikrotik 
OutInterface: openvpncliete criada
Aba Action: Masquerad

Step 4 — Routing – SOMENTE SE NECESSITAR ACESSAR A REDE INTERNA LAN ONDE O SERVIDOR VPN ASTERISK ENCONTRA-SE

To keep things simple we’re going to do our routing directly with iptables rather than the new firewalld.

First, make sure the iptables service is installed and enabled.

yum install iptables-services -y
systemctl mask firewalld
systemctl enable iptables
systemctl stop firewalld
systemctl start iptables
iptables –flush
Next we’ll add a rule to iptables to forward our routing to our OpenVPN subnet, and save this rule.

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
iptables-save > /etc/sysconfig/iptables
Then we must enable IP forwarding in sysctl. Open sysctl.conf for editing.

vi /etc/sysctl.conf
Add the following line at the top of the file:

net.ipv4.ip_forward = 1

Then restart the network service so the IP forwarding will take effect.

systemctl restart network.service

Step 5 — Starting OpenVPN

Now we’re ready to run our OpenVPN service. So lets add it to systemctl:

systemctl -f enable openvpn@server.service
systemctl start openvpn@server.service

Foi criada uma regra de mascaramento:
NAT –> ADD
Chain: srcnat
Src. Address: rede lan (exemplo: 192.168.88.0/24)
Dst. Address: rede lan da vpn do outro lado (192.168.218.0/24)
Out Interface: nome-da-open-vpn-interface
Action: Masquerade

Em MANGLE:
ADD
Chain: Prerouting
Src. Address: rede lan (exemplo: 192.168.88.0/24)
Dst. Address: rede lan da vpn do outro lado (192.168.218.0/24)
Action: Mark routing
New Routing Mark: OpenVpn-NOME
Desmarcar Passthrough


IP –> ROUTES
ADD
Dst. Address: 192.168.218.0/24 (lan do outro lado)
Geteway: openvpn-gw-criado-automaticamente
Routinha Mark: OpenVpn-NOME (dado a regra acima de Mangle)

Obs Final: Não consegui autenticar via UDP no asterisk. Sendo necessário trocar tudo para TCP. Não achei vantajoso a Mikrotik não tem lançado uma versão em UDP ainda para openvpn.

Para funcionar os aparelhos yealink tive que refazer todas as rotas do mikrotik usando ao invés do 192.168.218.0/24 o ip do servidor openvpn 10.8.0.1 … Contrario a isso a voz não passou nos dois canais.

Category: Asterisk, Linux /
« Older Entries