Upgrade the OpenVPN Version

Why Need Upgrade the OpenVPN Version

In Yeastar U-Series and VoIP Gateways, the OpenVPN version is 2.0.5. If the OpenVPN server uses TUN mode / Subnet Topology, then the Yeastar client side can't connect it unless upgrade the version to the latest one 2.4.3.

 

 

For Gateways (except for TGv3/TAv3)

How to Upgrade the OpenVPN Version

STEP 1. Follow this guide to login the device via FTP: https://support.yeastar.com/hc/en-us/articles/217380628-How-to-Access-MyPBX-FTP-Folder.

STEP 2. Copy these three files: openvpn, libpam.tar, add.sh to the path /persistent as the below figure shown.

or the persistent folder contains the "imageupdate" sub-folder which would be like this:

filepath.png

 

STEP 3. Reboot the device to make it take effect.

 

For TGv3

Please try to upgrade the firmware to this version: http://download.yeastar.com/YeastarSupport/image/91.3.0.21.4.bin

 

For S-Series

v2-based pbx with firmware 30.x.x.x, please download the attachment openvpn246.tar, and upload it to the App Center to upgrade the OpenVPN version.

v4-based pbx with firmware 65.x.x.x, please download open264v4.tar

mceclip0.png

Have more questions? Submit a request

19 Comments

  • 2
    Avatar

    Is this only for PBX? or can be used to the voip gateway ta810 ?

  • 1
    Avatar

    Thanks for this instruction. Updated OpenVPN version from 2.0.5 to 2.4.3 on TG100 gateway.
    So this instruction can be used for gateways too, not only for PBX.

    Thanks!

  • 0
    Avatar

    I tried to use it on TG800 the new version, but there is no ( persistent ) folder, 

    is there another way to use it for 

    David

    Can you elaborate pls

     

    thank you

  • 0
    Avatar

    Hi!

    I just updated OpenVPN on my TG100. Unfortunately I did not use TG800 model.

    You can write a support request, sent them a screenshot of FTP connection, if there is not "persistent" folder.

  • 0
    Avatar

    David

     

    Thanks for your quick response, 

    i opened a ticket and waiting for their response

     

    Thanks

  • 0
    Avatar

    hello dear and thanks for your kind support , is there any way to update openvpn client to be 2.4.7 or to update openssl library as i'm facing the following error : 

    OpenSSL: error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match

    Failed to set restricted TLS cipher list: ECDHE-ECDSA-AES128-GCM-SHA256

  • 0
    Avatar

    no cipher match"

  • 0
    Avatar

    "no cipher match" - looks like you have different ciphers on server and client
    Try to add this line to both configs (server config and client config):
    cipher AES-128CBC

  • 0
    Avatar

    thanks for your kind reply David, 

    that's how my server config look like, please do i have to change all cipher types or just the main one

    thanks and regards 

  • 0
    Avatar

    Try to remove this line "tls-cipher TLS-ECDHE..." from server config. (if it present in client config, also remove it from client config)

    and then try to connect

    if it does not help, remove line "ncp-cipher from client config"
    also after that you can try to set "cipher AES-128-CBC" instead of "cipher AES-128-GCM"
    I am not sure yeastar VPN support GCM encryption.

    Just play with these options.

    But looks like you only need to remove line "tls-cipher TLS-ECDHE..."
    try this first.

  • 0
    Avatar

    many thanks dear David ,it has worked successfully..

     

     

     

     

  • 0
    Avatar

    Hi, i download the openvpn246.tar from here and uploaded in app center but the openvpn version didint changed, i have S20 PBX, is the tar file correct ? coz when i chk the file it says the file is damaged.

  • 0
    Avatar

    dears under TG400 there is no persistent folder so how can i update openvpn client on it 

     

    thanks in advance . 

  • 0
    Avatar

    Which version do you have, the new one or the old one?

    If you have the old one ( which the login page looks like the image below, then put the files on the first page when you open the ftp ( the page with all the folders ) then reboot the device and it will work

     

     

    But if You have the new version, which the login page looks like the image below, then you will not be able to update it by yourself because you don't have the root access, i did it by opening a ticket on yeastar tickets portal here https://support.yeastar.com/hc/en-us/requests/new

    then they will help you within a day or two

     

  • 0
    Avatar

    thanks for your kind reply dear Engr Mohmmd 

    I've the new one, ok i will open a ticket with them, hope that they will response soon. 

    thanks and regards. 

  • 0
    Avatar

    Dear Engr Mohmmd
    After opening a ticket with the support team they redirected me to this solution, please can you help with how you made it on your gateway ??

    Thanks and regards

  • 0
    Avatar

    For anyone having an issue with the VPN upgrade in TG gateways ( The New Version TGv3 ), you can use the following firmware

     

    http://help.yeastar.com/download/support/91.3.0.21.4.bin 

  • 0
    Avatar

    Hi

    I have tg100, but I got Segmentation fault ...

  • 0
    Avatar

    I have exactly the same problem "Segmentation fault" and I think I found its cause.
    After copying the files with the new version "openvpnlibpam.taradd.sh" to the "persistent" directory, the vpn works fine, but if you restart the device several times on power, the files get corrupted, my size of each file is 6 bytes. When this happens, you need to delete three files from "persistent" directory and copy them again, after copying, you must correctly reboot the device.
    I think this is a bug of the device itself, it is possible that the files are overwritten by the operating system itself.

     

     

    Edited by Alex Ilya
Please sign in to leave a comment.