Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - jgould

Pages: 1 2 3 [4]
46
Installation and Upgrades / Re: DHCP and OpenVPN
« on: March 06, 2014, 05:58:32 am »
You are probably in a situation that happens a lot when you aren't responsible for all the parts of the puzzle. I access everything on the lan via openvpn using a tun adapter for instance.

It would be more typical to use a different subnet for the VPN users. The LAN will send responses back to the default gateway (your router or firewall). The software shouldn't even know the difference. One issue could be firewall policies on the PBX itself. I guess what I'm saying is I don't believe what your client is implying.

You might have better luck with L2TP but I think you're going to have to test the program in question to really see. I think I've seen what you are describing configured using it but again have never done it that way because it is not the recommended configuration. The wiki for zentyal L2TP implementation says

Quote
Instead of connecting subnets, like IPSEC default configuration, L2TP configures a LAC (L2TP Access Concentrator) with the IP specified in Tunnel IP, the users connected to this LAC will acquire a valid IP in the local network where the LAC is registered, thus being able to communicate with any other LAN client.

You can configure a range of IP addresses, in similar fashion to DHCP ranges, for the incoming L2TP/IPSEC VPN clients.

47
Installation and Upgrades / Re: DHCP and OpenVPN
« on: March 06, 2014, 03:47:15 am »
Make sure you know why you want to do this. You might want to explain what you want to achieve at a more abstract level. There might be a much easier and simple way to accomplish it.

From what I know, you can't do what you wish using a tun interface. You have to have it setup as a tap/bridging interface. I won't try to explain it all to you, I'd advise you to look at http://openvpn.net/index.php/open-source/documentation/miscellaneous/76-ethernet-bridging.html and read it to understand the underlying workings/setup. Also the info in one of the FAQ's at http://openvpn.net/index.php/open-source/faq/community-software-server/323-i-want-to-set-up-an-ethernet-bridge-on-the-1921681024-subnet-existing-dhcp.html.

I've not setup OpenVPN using Zentyal yet. I don't even know if it allows a setup like mentioned above through the GUI. I've setup OpenVPN on a FreeBSD server but I just hand out what I believe is the default 10.8.0.0/24 IP's and allow all clients to see each other. Then add a static route on the router so that traffic can be routed between your internal LAN subnet and your OpenVPN subnet.

48
Installation and Upgrades / Re: LDAP and printer
« on: March 06, 2014, 03:30:29 am »
Sorry, worked late last night and was to tired to update.
As said above, I had to change the LDAP rule in the firewall to allow.
I had to tell the printer to use port 390 not the default of 389.
The anonymous setup authenticated but nothing showed.
Both the default zentyal and zentyalro accounts worked without a hitch with "simple" authentication.

49
Installation and Upgrades / Re: LDAP and printer
« on: March 04, 2014, 06:02:55 am »
Thanks. I'll give it a try tomorrow and see how it goes!

50
Installation and Upgrades / Re: LDAP and printer
« on: March 04, 2014, 04:40:08 am »
Thanks. So zentyal blocks 390 by default?
Would the zentyal LDAP be browsable anonymously by default? I don't think I ave any reason to require a login from users every time. Is the read only account username supplied on the zentyal LDAP page? Or is something I should already know but don't, lol.

51
Installation and Upgrades / [SOLVED] LDAP and printer
« on: March 04, 2014, 03:32:08 am »
I've never done this before so I'm looking for some help.
I have a Konica Minolta C353 that has LDAP functionality. I'm trying to set it up to use zentyal as the LDAP server. My understanding is that I could use this to add various user and computers as destinations in the C353. For instance I wouldn't have to constantly add user email addresses. Like I said I've never done this before so maybe I'm mistaken.

Anyway I'm not sure how to use the LDAP info in zentyal in the C353. Info for LDAP on this machine can be found at http://www.manualslib.com/manual/257989/Konica-Minolta-Bizhub-C353.html?page=65#manual on pages 63 to 67.

I noticed some mention on the forums that I probably want to use port 390. Search base would be taken from the zentyal LDAP info. For authentication method I wasn't sure but see they mention GSS-SPNEGO for active directory and was thinking maybe I should use that? Then for username and password I'm confused. I see the passwords on the LDAP page of zentyal but they don't have a username. So what am I suppose to use?

Thanks for any help. I'll be able to test some stuff out probably late tomorrow.

52
So, I just wanted to make a comment in regards to the VoIP module.

I've been messing around with Asterisk and various GUI's for it. The most popular being FreePBX and then various tools build around FreePBX like Elastix and PBXinaFlash. I've also used "blue.box" from 2600Hz (built for both Asterisk and FreeSwitch). Granted that FreePBX is extremely powerful as a GUI for Asterisk, however the interface IMO leaves a LOT to be desired. Elastix is probably the best in that regard but honestly the user portal is "eh". I've look at zentyal and IMO the GUI aspects for VoIP seem much cleaner. The built in LDAP/AD integration IMO makes it a much more "natural" process which is missing in other tools. TBH, I'm sad to see this go and I seriously hope someone takes a look at this to see if there might be a better solution. Perhaps something like FreeSwitch (and to some extent blue.box/kazoo) can serve as some inspiration to re-implement some type of VoIP solution within zentyal. I'm not really sure what problems caused the module to be removed but FreeSwitch from my testing is less resource intensive, scales better then Asterisk, is just more lean/mean with the features you NEED. It's also been used in commercial products from Barracuda (Cudatel). And I'm almost positive FreeSwitch has an LDAP/AD integration ability. Maybe someone can look into it if they haven't already?

Oh, and zentyal is an excellent tool and I spread the word about it whenever I can.

Pages: 1 2 3 [4]