Back up to the L2TP Category

Difference between revisions of "L2TP Client: SNOM"

From AAISP Support Site
Jump to navigation Jump to search
[quality revision][quality revision]
(Created page with "__NOTOC__<indicator name="L2TP">link=:Category:L2TP|30px|Back up to the L2TP Category</indicator> Category:Incoming L2TP == Example config files: =...")
 
 
(5 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
__NOTOC__<indicator name="L2TP">[[File:Menu-L2TP.svg|link=:Category:L2TP|30px|Back up to the L2TP Category]]</indicator>
 
__NOTOC__<indicator name="L2TP">[[File:Menu-L2TP.svg|link=:Category:L2TP|30px|Back up to the L2TP Category]]</indicator>
 
[[Category:Incoming L2TP]]
 
[[Category:Incoming L2TP]]
  +
  +
'''NOT RECOMMENDED AT THIS TIME'''
  +
  +
* Some SNOM phones support adding an L2TP firmware patch that gives the phone the ability to connect to a L2TP server.
  +
* This can help bypass firewalls and NAT/CGNAT which can cause problems with VoIP.
  +
* The config files need to be put in a .tar file hosted on a webserver for the SNOM to fetch.
  +
* Further details are on the SNOM website: https://service.snom.com/display/wiki/Install+and+configure+L2TP+on+Snom+Deskphones
   
 
== Example config files: ==
 
== Example config files: ==
  +
Below is config to connect to our L2TP service.
  +
* '''We do not recommend using our normal L2TP service on a SNOM due to the risks involved in having a SNOM on the internet in this way.'''
  +
* Be aware though that this will mean the SNOM is on a public IP address and open to the internet and not behind a firewall. A hacker could gain access to the SNOM by guessing your password and could then run up your telephone bill, or worse.
  +
* If you decide to use this as an option, be sure to have very secure http/admin username/passwords on your phone.
  +
* At some point A&A may offer a service that allows the SNOM to connect to a protected, private, network which only has access to the VoIP servers.
  +
* You may adapt the config to connect to your own L2TP server, eg if you have your own FireBrick.
   
 
xl2tpd.conf
 
xl2tpd.conf
 
<syntaxhighlight lang="shell">
 
<syntaxhighlight lang="shell">
 
[lac l2tp_connection]
 
[lac l2tp_connection]
  +
lns = <L2TP SERVER IP ADDRESS>
lns = 90.155.53.19
 
 
ppp debug = yes
 
ppp debug = yes
 
pppoptfile = /l2tp/options.xl2tpd
 
pppoptfile = /l2tp/options.xl2tpd
Line 28: Line 41:
 
usepeerdns
 
usepeerdns
 
connect-delay 5000
 
connect-delay 5000
name USERNAME@a.X
+
name <USERNAME@a.X>
password PASSWORD
+
password <PASSWORD>
 
</syntaxhighlight>
 
</syntaxhighlight>

Latest revision as of 15:43, 12 November 2021


NOT RECOMMENDED AT THIS TIME

Example config files:

Below is config to connect to our L2TP service.

  • We do not recommend using our normal L2TP service on a SNOM due to the risks involved in having a SNOM on the internet in this way.
  • Be aware though that this will mean the SNOM is on a public IP address and open to the internet and not behind a firewall. A hacker could gain access to the SNOM by guessing your password and could then run up your telephone bill, or worse.
  • If you decide to use this as an option, be sure to have very secure http/admin username/passwords on your phone.
  • At some point A&A may offer a service that allows the SNOM to connect to a protected, private, network which only has access to the VoIP servers.
  • You may adapt the config to connect to your own L2TP server, eg if you have your own FireBrick.

xl2tpd.conf

[lac l2tp_connection]
lns = <L2TP SERVER IP ADDRESS>
ppp debug = yes
pppoptfile = /l2tp/options.xl2tpd
length bit = yes
redial = yes
redial timeout = 30
max redials = 1440

options.xl2tpd

refuse-eap
require-chap
noccp
noauth
mtu 1280
mru 1280
noipdefault
nodefaultroute
usepeerdns
connect-delay 5000
name <USERNAME@a.X>
password <PASSWORD>