MBIT Logo

Setting up Secure VPN for your Elastix PBX

MBIT allows you to connect your PBX to our VoIP service via VPN because SIP can be quite insecure. There is many hackers out there trying to hack your PBX and having ports open on your router is dangerous. The VPN solution solves this issue. An outbound connection is made from your elastix PBX to our VPN server and all calls can run via this path.

To do this first login to the console of your Elastix machine and type “yum install openvpn”



After openvpn has been installed on your PBX you will need to contact MBIT on mail@mbit.com.au for your openvpn configuration. You will be emailed a tar file that needs to be uncompressed in the /etc/openvpn directory. To copy the file to my Elastix machine I will use a program called WinSCP. You can use anything you like.

In WinSCP I have logged into my Elastix PBX and gone into the /etc/openvpn directory and I can drag and drop my file from MBIT in there.




In WinSCP you can now right click on the file and go to custom commands then Untar/Gzip. Then press ok to untar it in the directory. You should then see all the files in the directory for your VPN.




Now you just need to start the openvpn. Go back to your console and type in “service openvpn start”



You will now be connected to the openvpn network.

The openvpn service doesn’t start on boot so you need to have it start on boot. Type “chkconfig openvpn on”



Here is an example SIP Trunk under openvpn, the details should remain the same when using HPBX, but now the traffic will be router via openvpn due to the additional routes added by the client config file.

Peer Details

host=103.253.118.8
fromdomain=103.253.118.8
dtmfmode=inband
username=telephoneline - change this to your telephone line
secret=telephonepassword - change this to your telephone password
type=peer


User Context

telephoneline – change this to your telephone line

User Details

secret=telephonepassword - change this to your telephone password
type=user
context=from-trunk

Registration

telephoneline:
telephonepassword@103.253.118.8