It’s possible to run an IAX2 channel over OpenVPN.
Howto:
- Place the following on both ends of your trunk. Switch the IP address on the ifconfig line so the second file is reverse.
[openvpn.conf]
dev tun
float
remote 3.4.5.6
ifconfig 10.0.0.1 10.0.1.1
port 1234
secret /usr/local/etc/openvpn/secret.key
verb 5
daemon
float
remote 3.4.5.6
ifconfig 10.0.0.1 10.0.1.1
port 1234
secret /usr/local/etc/openvpn/secret.key
verb 5
daemon
- Now setup your Trunk on both ends
[iax-vpn]
type=friend
context=from-trunk
username=user
authname=user
auth=rsa
qualify=yes
inkeys=iaxinkey
outkey=iaxoutkey
host=10.0.0.1
disallow=all
;allow=gsm
allow=alaw
allow=ulaw
trunk=yes
notransfer=yes
deny=0.0.0.0/0.0.0.0
permit=10.0.0.1/255.255.255.255
type=friend
context=from-trunk
username=user
authname=user
auth=rsa
qualify=yes
inkeys=iaxinkey
outkey=iaxoutkey
host=10.0.0.1
disallow=all
;allow=gsm
allow=alaw
allow=ulaw
trunk=yes
notransfer=yes
deny=0.0.0.0/0.0.0.0
permit=10.0.0.1/255.255.255.255
This adds some extra security with an rsa key on the IAX trunk
I’ve experienced minor packet loss over but no dropped calls. The trunk will show the following error, “TOO LAGGED,” but quickly report, “now REACHABLE.” The source of this problem is related to running out of bandwidth on my DSL connection. Since I turned on QoS the error report happens less often. Calls can get a bit of jitter when this problem is occurring, but I’m happy to report I haven’t experienced drop calls.
Feb 5 04:51:59 NOTICE[17712]: chan_iax2.c:7238 socket_read: Peer 'sc-trunk' is now TOO LAGGED (2180 ms)!
Feb 5 04:52:09 NOTICE[17712]: chan_iax2.c:7232 socket_read: Peer 'sc-trunk' is now REACHABLE! Time: 97
April 7, 2023
Phone System 