Alternatives to OpenVPN for FreePBX on cell phone...
-
@manxam said in Alternatives to OpenVPN for VoiP on cell phone...:
From Sangoma a year ago. Still no progress made on this it seems...
The problem is after your phone registers is slamming the server with packets before the firewall is picked up it was registered as their is a delay so after 10 packets which happen really fast for some reason on your client it gets blacklisted.
To solve this we need to move the checking for registration to watch the AMI so we see it real-time instead of checking every 15 seconds like we do now as your client is slamming the server with packets before we see it registered./sigh - so they know the problem - and still haven't solved it.
I know it could mean 1000 or 100,000 more hits, but if the lengthen the time before the ban wouldn't that solve it? What's the chance of hitting a correct password when randomly guessing 100,000 times versus (what is it today?)?
-
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@manxam said in Alternatives to OpenVPN for VoiP on cell phone...:
From Sangoma a year ago. Still no progress made on this it seems...
The problem is after your phone registers is slamming the server with packets before the firewall is picked up it was registered as their is a delay so after 10 packets which happen really fast for some reason on your client it gets blacklisted.
To solve this we need to move the checking for registration to watch the AMI so we see it real-time instead of checking every 15 seconds like we do now as your client is slamming the server with packets before we see it registered./sigh - so they know the problem - and still haven't solved it.
I know it could mean 1000 or 100,000 more hits, but if the lengthen the time before the ban wouldn't that solve it? What's the chance of hitting a correct password when randomly guessing 100,000 times versus (what is it today?)?
It would certainly help. But just fixing the mechanism is the better approach.
-
@scottalanmiller said in Alternatives to OpenVPN for VoiP on cell phone...:
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@manxam said in Alternatives to OpenVPN for VoiP on cell phone...:
From Sangoma a year ago. Still no progress made on this it seems...
The problem is after your phone registers is slamming the server with packets before the firewall is picked up it was registered as their is a delay so after 10 packets which happen really fast for some reason on your client it gets blacklisted.
To solve this we need to move the checking for registration to watch the AMI so we see it real-time instead of checking every 15 seconds like we do now as your client is slamming the server with packets before we see it registered./sigh - so they know the problem - and still haven't solved it.
I know it could mean 1000 or 100,000 more hits, but if the lengthen the time before the ban wouldn't that solve it? What's the chance of hitting a correct password when randomly guessing 100,000 times versus (what is it today?)?
It would certainly help. But just fixing the mechanism is the better approach.
which mechanism? you mean the approach to look at the registration in real time, instead of every 15 seconds? I suppose - I have no idea what kind of load that would put on the system?
-
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@scottalanmiller said in Alternatives to OpenVPN for VoiP on cell phone...:
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@manxam said in Alternatives to OpenVPN for VoiP on cell phone...:
From Sangoma a year ago. Still no progress made on this it seems...
The problem is after your phone registers is slamming the server with packets before the firewall is picked up it was registered as their is a delay so after 10 packets which happen really fast for some reason on your client it gets blacklisted.
To solve this we need to move the checking for registration to watch the AMI so we see it real-time instead of checking every 15 seconds like we do now as your client is slamming the server with packets before we see it registered./sigh - so they know the problem - and still haven't solved it.
I know it could mean 1000 or 100,000 more hits, but if the lengthen the time before the ban wouldn't that solve it? What's the chance of hitting a correct password when randomly guessing 100,000 times versus (what is it today?)?
It would certainly help. But just fixing the mechanism is the better approach.
which mechanism? you mean the approach to look at the registration in real time, instead of every 15 seconds? I suppose - I have no idea what kind of load that would put on the system?
Right, that when there is a change it triggers a new registration which checks authentication. There are proposals for how to do it, but nothing done about it.
Trivial load, way, way, way less than running a VPN.
-
@scottalanmiller said in Alternatives to OpenVPN for VoiP on cell phone...:
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@scottalanmiller said in Alternatives to OpenVPN for VoiP on cell phone...:
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@manxam said in Alternatives to OpenVPN for VoiP on cell phone...:
From Sangoma a year ago. Still no progress made on this it seems...
The problem is after your phone registers is slamming the server with packets before the firewall is picked up it was registered as their is a delay so after 10 packets which happen really fast for some reason on your client it gets blacklisted.
To solve this we need to move the checking for registration to watch the AMI so we see it real-time instead of checking every 15 seconds like we do now as your client is slamming the server with packets before we see it registered./sigh - so they know the problem - and still haven't solved it.
I know it could mean 1000 or 100,000 more hits, but if the lengthen the time before the ban wouldn't that solve it? What's the chance of hitting a correct password when randomly guessing 100,000 times versus (what is it today?)?
It would certainly help. But just fixing the mechanism is the better approach.
which mechanism? you mean the approach to look at the registration in real time, instead of every 15 seconds? I suppose - I have no idea what kind of load that would put on the system?
Right, that when there is a change it triggers a new registration which checks authentication. There are proposals for how to do it, but nothing done about it.
Trivial load, way, way, way less than running a VPN.
Yet, we still haven't seen a solution to this. thoughts as to why? No one is really using it? I find that hard to believe - perhaps people try and just give up instead of complaining/reporting it.
-
@Dashrender : From reading their forum and reddit, it appears that most people give up and go the VPN route.
There's never been a clear and concise answer from Sangoma.There were a few mentions of Zulu as an alternative, but Zulu 3 is the only supported version currently and both iOS and Android in beta for (~6 months with only one-or-two updates each in that time) The android beta does not get notification of calls unless it's currently sitting open on the device.
-
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@scottalanmiller said in Alternatives to OpenVPN for VoiP on cell phone...:
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@scottalanmiller said in Alternatives to OpenVPN for VoiP on cell phone...:
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@manxam said in Alternatives to OpenVPN for VoiP on cell phone...:
From Sangoma a year ago. Still no progress made on this it seems...
The problem is after your phone registers is slamming the server with packets before the firewall is picked up it was registered as their is a delay so after 10 packets which happen really fast for some reason on your client it gets blacklisted.
To solve this we need to move the checking for registration to watch the AMI so we see it real-time instead of checking every 15 seconds like we do now as your client is slamming the server with packets before we see it registered./sigh - so they know the problem - and still haven't solved it.
I know it could mean 1000 or 100,000 more hits, but if the lengthen the time before the ban wouldn't that solve it? What's the chance of hitting a correct password when randomly guessing 100,000 times versus (what is it today?)?
It would certainly help. But just fixing the mechanism is the better approach.
which mechanism? you mean the approach to look at the registration in real time, instead of every 15 seconds? I suppose - I have no idea what kind of load that would put on the system?
Right, that when there is a change it triggers a new registration which checks authentication. There are proposals for how to do it, but nothing done about it.
Trivial load, way, way, way less than running a VPN.
Yet, we still haven't seen a solution to this. thoughts as to why? No one is really using it? I find that hard to believe - perhaps people try and just give up instead of complaining/reporting it.
I don't think that it really affects all that many people.
-
@manxam said in Alternatives to OpenVPN for VoiP on cell phone...:
@Dashrender : From reading their forum and reddit, it appears that most people give up and go the VPN route.
There's never been a clear and concise answer from Sangoma.There were a few mentions of Zulu as an alternative, but Zulu 3 is the only supported version currently and both iOS and Android in beta for (~6 months with only one-or-two updates each in that time) The android beta does not get notification of calls unless it's currently sitting open on the device.
Maybe they are pushing Zulu?
-
@scottalanmiller said in Alternatives to OpenVPN for VoiP on cell phone...:
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@scottalanmiller said in Alternatives to OpenVPN for VoiP on cell phone...:
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@scottalanmiller said in Alternatives to OpenVPN for VoiP on cell phone...:
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@manxam said in Alternatives to OpenVPN for VoiP on cell phone...:
From Sangoma a year ago. Still no progress made on this it seems...
The problem is after your phone registers is slamming the server with packets before the firewall is picked up it was registered as their is a delay so after 10 packets which happen really fast for some reason on your client it gets blacklisted.
To solve this we need to move the checking for registration to watch the AMI so we see it real-time instead of checking every 15 seconds like we do now as your client is slamming the server with packets before we see it registered./sigh - so they know the problem - and still haven't solved it.
I know it could mean 1000 or 100,000 more hits, but if the lengthen the time before the ban wouldn't that solve it? What's the chance of hitting a correct password when randomly guessing 100,000 times versus (what is it today?)?
It would certainly help. But just fixing the mechanism is the better approach.
which mechanism? you mean the approach to look at the registration in real time, instead of every 15 seconds? I suppose - I have no idea what kind of load that would put on the system?
Right, that when there is a change it triggers a new registration which checks authentication. There are proposals for how to do it, but nothing done about it.
Trivial load, way, way, way less than running a VPN.
Yet, we still haven't seen a solution to this. thoughts as to why? No one is really using it? I find that hard to believe - perhaps people try and just give up instead of complaining/reporting it.
I don't think that it really affects all that many people.
This just seems crazy to me. I would anticipate it to be highly desirable. For sales people and bench techs. My Docs would love to make calls as if coming from the office to protect their cellphone numbers, etc..
-
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@scottalanmiller said in Alternatives to OpenVPN for VoiP on cell phone...:
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@scottalanmiller said in Alternatives to OpenVPN for VoiP on cell phone...:
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@scottalanmiller said in Alternatives to OpenVPN for VoiP on cell phone...:
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@manxam said in Alternatives to OpenVPN for VoiP on cell phone...:
From Sangoma a year ago. Still no progress made on this it seems...
The problem is after your phone registers is slamming the server with packets before the firewall is picked up it was registered as their is a delay so after 10 packets which happen really fast for some reason on your client it gets blacklisted.
To solve this we need to move the checking for registration to watch the AMI so we see it real-time instead of checking every 15 seconds like we do now as your client is slamming the server with packets before we see it registered./sigh - so they know the problem - and still haven't solved it.
I know it could mean 1000 or 100,000 more hits, but if the lengthen the time before the ban wouldn't that solve it? What's the chance of hitting a correct password when randomly guessing 100,000 times versus (what is it today?)?
It would certainly help. But just fixing the mechanism is the better approach.
which mechanism? you mean the approach to look at the registration in real time, instead of every 15 seconds? I suppose - I have no idea what kind of load that would put on the system?
Right, that when there is a change it triggers a new registration which checks authentication. There are proposals for how to do it, but nothing done about it.
Trivial load, way, way, way less than running a VPN.
Yet, we still haven't seen a solution to this. thoughts as to why? No one is really using it? I find that hard to believe - perhaps people try and just give up instead of complaining/reporting it.
I don't think that it really affects all that many people.
This just seems crazy to me. I would anticipate it to be highly desirable. For sales people and bench techs. My Docs would love to make calls as if coming from the office to protect their cellphone numbers, etc..
Yeah, but in many cases those aren't affected. We do all of that and don't have this issue. We have a massive customer doing the same thing, no issues. It's not a universal issue.
-
@scottalanmiller said in Alternatives to OpenVPN for VoiP on cell phone...:
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@scottalanmiller said in Alternatives to OpenVPN for VoiP on cell phone...:
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@scottalanmiller said in Alternatives to OpenVPN for VoiP on cell phone...:
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@scottalanmiller said in Alternatives to OpenVPN for VoiP on cell phone...:
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@manxam said in Alternatives to OpenVPN for VoiP on cell phone...:
From Sangoma a year ago. Still no progress made on this it seems...
The problem is after your phone registers is slamming the server with packets before the firewall is picked up it was registered as their is a delay so after 10 packets which happen really fast for some reason on your client it gets blacklisted.
To solve this we need to move the checking for registration to watch the AMI so we see it real-time instead of checking every 15 seconds like we do now as your client is slamming the server with packets before we see it registered./sigh - so they know the problem - and still haven't solved it.
I know it could mean 1000 or 100,000 more hits, but if the lengthen the time before the ban wouldn't that solve it? What's the chance of hitting a correct password when randomly guessing 100,000 times versus (what is it today?)?
It would certainly help. But just fixing the mechanism is the better approach.
which mechanism? you mean the approach to look at the registration in real time, instead of every 15 seconds? I suppose - I have no idea what kind of load that would put on the system?
Right, that when there is a change it triggers a new registration which checks authentication. There are proposals for how to do it, but nothing done about it.
Trivial load, way, way, way less than running a VPN.
Yet, we still haven't seen a solution to this. thoughts as to why? No one is really using it? I find that hard to believe - perhaps people try and just give up instead of complaining/reporting it.
I don't think that it really affects all that many people.
This just seems crazy to me. I would anticipate it to be highly desirable. For sales people and bench techs. My Docs would love to make calls as if coming from the office to protect their cellphone numbers, etc..
Yeah, but in many cases those aren't affected. We do all of that and don't have this issue. We have a massive customer doing the same thing, no issues. It's not a universal issue.
What VOIP mobile client are they using?
-
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@scottalanmiller said in Alternatives to OpenVPN for VoiP on cell phone...:
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@scottalanmiller said in Alternatives to OpenVPN for VoiP on cell phone...:
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@scottalanmiller said in Alternatives to OpenVPN for VoiP on cell phone...:
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@scottalanmiller said in Alternatives to OpenVPN for VoiP on cell phone...:
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@manxam said in Alternatives to OpenVPN for VoiP on cell phone...:
From Sangoma a year ago. Still no progress made on this it seems...
The problem is after your phone registers is slamming the server with packets before the firewall is picked up it was registered as their is a delay so after 10 packets which happen really fast for some reason on your client it gets blacklisted.
To solve this we need to move the checking for registration to watch the AMI so we see it real-time instead of checking every 15 seconds like we do now as your client is slamming the server with packets before we see it registered./sigh - so they know the problem - and still haven't solved it.
I know it could mean 1000 or 100,000 more hits, but if the lengthen the time before the ban wouldn't that solve it? What's the chance of hitting a correct password when randomly guessing 100,000 times versus (what is it today?)?
It would certainly help. But just fixing the mechanism is the better approach.
which mechanism? you mean the approach to look at the registration in real time, instead of every 15 seconds? I suppose - I have no idea what kind of load that would put on the system?
Right, that when there is a change it triggers a new registration which checks authentication. There are proposals for how to do it, but nothing done about it.
Trivial load, way, way, way less than running a VPN.
Yet, we still haven't seen a solution to this. thoughts as to why? No one is really using it? I find that hard to believe - perhaps people try and just give up instead of complaining/reporting it.
I don't think that it really affects all that many people.
This just seems crazy to me. I would anticipate it to be highly desirable. For sales people and bench techs. My Docs would love to make calls as if coming from the office to protect their cellphone numbers, etc..
Yeah, but in many cases those aren't affected. We do all of that and don't have this issue. We have a massive customer doing the same thing, no issues. It's not a universal issue.
What VOIP mobile client are they using?
Zoiper, Linphone and MicroSIP. Linphone mostly. MicroSIP is laptop, not mobile devices.
-
@scottalanmiller said in Alternatives to OpenVPN for VoiP on cell phone...:
@manxam said in Alternatives to OpenVPN for VoiP on cell phone...:
@Dashrender : From reading their forum and reddit, it appears that most people give up and go the VPN route.
There's never been a clear and concise answer from Sangoma.There were a few mentions of Zulu as an alternative, but Zulu 3 is the only supported version currently and both iOS and Android in beta for (~6 months with only one-or-two updates each in that time) The android beta does not get notification of calls unless it's currently sitting open on the device.
Maybe they are pushing Zulu?
They are for certain. It makes money.
-
@scottalanmiller said in Alternatives to OpenVPN for VoiP on cell phone...:
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@scottalanmiller said in Alternatives to OpenVPN for VoiP on cell phone...:
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@scottalanmiller said in Alternatives to OpenVPN for VoiP on cell phone...:
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@scottalanmiller said in Alternatives to OpenVPN for VoiP on cell phone...:
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@scottalanmiller said in Alternatives to OpenVPN for VoiP on cell phone...:
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@manxam said in Alternatives to OpenVPN for VoiP on cell phone...:
From Sangoma a year ago. Still no progress made on this it seems...
The problem is after your phone registers is slamming the server with packets before the firewall is picked up it was registered as their is a delay so after 10 packets which happen really fast for some reason on your client it gets blacklisted.
To solve this we need to move the checking for registration to watch the AMI so we see it real-time instead of checking every 15 seconds like we do now as your client is slamming the server with packets before we see it registered./sigh - so they know the problem - and still haven't solved it.
I know it could mean 1000 or 100,000 more hits, but if the lengthen the time before the ban wouldn't that solve it? What's the chance of hitting a correct password when randomly guessing 100,000 times versus (what is it today?)?
It would certainly help. But just fixing the mechanism is the better approach.
which mechanism? you mean the approach to look at the registration in real time, instead of every 15 seconds? I suppose - I have no idea what kind of load that would put on the system?
Right, that when there is a change it triggers a new registration which checks authentication. There are proposals for how to do it, but nothing done about it.
Trivial load, way, way, way less than running a VPN.
Yet, we still haven't seen a solution to this. thoughts as to why? No one is really using it? I find that hard to believe - perhaps people try and just give up instead of complaining/reporting it.
I don't think that it really affects all that many people.
This just seems crazy to me. I would anticipate it to be highly desirable. For sales people and bench techs. My Docs would love to make calls as if coming from the office to protect their cellphone numbers, etc..
Yeah, but in many cases those aren't affected. We do all of that and don't have this issue. We have a massive customer doing the same thing, no issues. It's not a universal issue.
What VOIP mobile client are they using?
Zoiper, Linphone and MicroSIP. Linphone mostly. MicroSIP is laptop, not mobile devices.
How often are they roaming off and on cellular? I generally do not have a problem. My boss always does.
-
@JaredBusch said in Alternatives to OpenVPN for VoiP on cell phone...:
@scottalanmiller said in Alternatives to OpenVPN for VoiP on cell phone...:
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@scottalanmiller said in Alternatives to OpenVPN for VoiP on cell phone...:
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@scottalanmiller said in Alternatives to OpenVPN for VoiP on cell phone...:
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@scottalanmiller said in Alternatives to OpenVPN for VoiP on cell phone...:
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@scottalanmiller said in Alternatives to OpenVPN for VoiP on cell phone...:
@Dashrender said in Alternatives to OpenVPN for VoiP on cell phone...:
@manxam said in Alternatives to OpenVPN for VoiP on cell phone...:
From Sangoma a year ago. Still no progress made on this it seems...
The problem is after your phone registers is slamming the server with packets before the firewall is picked up it was registered as their is a delay so after 10 packets which happen really fast for some reason on your client it gets blacklisted.
To solve this we need to move the checking for registration to watch the AMI so we see it real-time instead of checking every 15 seconds like we do now as your client is slamming the server with packets before we see it registered./sigh - so they know the problem - and still haven't solved it.
I know it could mean 1000 or 100,000 more hits, but if the lengthen the time before the ban wouldn't that solve it? What's the chance of hitting a correct password when randomly guessing 100,000 times versus (what is it today?)?
It would certainly help. But just fixing the mechanism is the better approach.
which mechanism? you mean the approach to look at the registration in real time, instead of every 15 seconds? I suppose - I have no idea what kind of load that would put on the system?
Right, that when there is a change it triggers a new registration which checks authentication. There are proposals for how to do it, but nothing done about it.
Trivial load, way, way, way less than running a VPN.
Yet, we still haven't seen a solution to this. thoughts as to why? No one is really using it? I find that hard to believe - perhaps people try and just give up instead of complaining/reporting it.
I don't think that it really affects all that many people.
This just seems crazy to me. I would anticipate it to be highly desirable. For sales people and bench techs. My Docs would love to make calls as if coming from the office to protect their cellphone numbers, etc..
Yeah, but in many cases those aren't affected. We do all of that and don't have this issue. We have a massive customer doing the same thing, no issues. It's not a universal issue.
What VOIP mobile client are they using?
Zoiper, Linphone and MicroSIP. Linphone mostly. MicroSIP is laptop, not mobile devices.
How often are they roaming off and on cellular? I generally do not have a problem. My boss always does.
Very rarely. We've got almost no one internally or with customers that regularly roads on cellular service. Audio quality tends to be bad when doing that so is generally avoided for other reasons.
-
In my case, I have a couple of sales guys and several techs that are in and out of the office frequently (plus myself) so this is "mission critical".
I love the control that we have in FreePBX vs one of our local ISP's offerings, but the latter each have phone apps that "just work"
-
@manxam said in Alternatives to OpenVPN for VoiP on cell phone...:
In my case, I have a couple of sales guys and several techs that are in and out of the office frequently (plus myself) so this is "mission critical".
I love the control that we have in FreePBX vs one of our local ISP's offerings, but the latter each have phone apps that "just work"
So does FreePBX. You just have to pay for it. That's Zulu that we keep mentioning.
-
@scottalanmiller said in Alternatives to OpenVPN for VoiP on cell phone...:
@manxam said in Alternatives to OpenVPN for VoiP on cell phone...:
In my case, I have a couple of sales guys and several techs that are in and out of the office frequently (plus myself) so this is "mission critical".
I love the control that we have in FreePBX vs one of our local ISP's offerings, but the latter each have phone apps that "just work"
So does FreePBX. You just have to pay for it. That's Zulu that we keep mentioning.
Two users for free to test it out.
-
@scottalanmiller : As I stated above. Zulu does not "just work" yet. The iOS app is currently only installable using TestFlight and Android via the Beta Program.
Android suffers from a huge bug (listed right on their page) that notifications for inbound calls do not work unless the app is currently open. -
What the heck is up with Zulu? Theyve been pushing that for a long time.
