It's just come to my attention that newer phones from both Snom and Grandstream support OpenVPN. Is this a new trend or something? Since OpenVPN, in one swell foop, deals with both NAT issues and securing communications, I'd be very interested in hearing if other phone vendors were embracing OpenVPN as well. (Other VPN solutions are all well and good, but I really like the flexibility that OpenVPN offers.) Thanks! -Ken -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
----- "Ken D'Ambrosio" <ken at jots.org> wrote:> It's just come to my attention that newer phones from both Snom and > Grandstream support OpenVPN. Is this a new trend or something? > Since > OpenVPN, in one swell foop, deals with both NAT issues and securing > communications, I'd be very interested in hearing if other phone > vendors > were embracing OpenVPN as well. (Other VPN solutions are all well > and > good, but I really like the flexibility that OpenVPN offers.) > > Thanks! > > -KenJust taken delivery of a Snom 870 and one thing that did disappointment is that you have to install a beta firmware to enable OpenVPN ... Hmmmm ... -- Thanks, Phil
Ken D'Ambrosio wrote:> It's just come to my attention that newer phones from both Snom and > Grandstream support OpenVPN. Is this a new trend or something? Since >Excellent! I'm glad you mentioned it. Now, I'm going to have to buy a snom phone! http://blog.voipsupply.com/using-openvpn-with-snom-ip-phones Doug
> Anyway - is there someone out there that know the behaviour of OpenVPN in regards of retransmits and such? A VPN that retransmits will at some point hurt you if you transmit media over it, especially if you scale it up.OpenVPN is well-behaved in that way. It uses SSL over TCP for its "administrative" communications between peers - authentication and key exchange and other protocol negotiations. The VPN traffic itself - the payload - isn't sent over TCP. Instead, the incoming packets are tagged, encrypted, and transmitted via UDP, on the usual best-efforts basis. OpenVPN will not, itself, retransmit those payload packets. It's up to the endpoint protocols to do so, if they so choose. I've had quite good luck carrying SIP traffic over OpenVPN... used it between a hotel in Norway, and my home in California, a couple of weeks ago, Even with the hotel end of the connection being over WiFi, I didn't notice any significant packet loss problems.