Switch full screen of Terminal server client in ubuntu on VMWare Workstation/Player/server

A stupid thing but could be frustrating:
When you want to switch out of fullscreen in ubuntu’s terminal server client you have to enter:
CTRL-ALT-ENTER

but doing this in an ubuntu VM will result in full screen switching of vmware(the vm) and thus not the terminal server client running in the ubuntu vm.

to solve this enter
CTRL-ALT-SPACE this will passthrough all key combinations to the vm instead of applying them to vmware ws/server/player.

after this you can enter ctrl-alt-enter to switch full screen in TS client.

How to configure OpenVPN on Yealink T38G

I finally got the vpn funcionality to work on the Yealink T38G and thought I’d write a decent post about it once. There are a few other tutorials out there, but none are complete imho.

This tutorial will show you how to setup an OpenVPN server on Ubuntu, and how to configure the Yealink to use VPN.

Please note:

  • I’m using a TUNNEL(routed) connection for the OpenVPN , so if you need a bridged one, DON’T follow this guide (for the OpenVPN setup that is)
  • This has been done with a Yealink T38 running FW 38.70.23.9 (although others should work as well)
  • The procedure to do this with a Yealink T26/T28 is the same, except for the location of the certificates; more on that later on.

So let’s start with the Ubuntu & OpenVPN setup.

1)Let’s make sure everything is up-to-date

  • apt-get update && apt-get upgrade

Update

2)Download the OpenVPN packages

  • apt-get install openvpn udev

installopenvpn

3)Copy everything to another location and make sure they don’t get overwritten by updates

  • cp -R /usr/share/doc/openvpn/examples/easy-rsa/ /etc/openvpn

4)Configure the vars file (it’s located in the easy-rsa/2.0/ folder you just moved) to include all the info to generate certficates, Edit the following lines to match you country etc…

  • export KEY_COUNTRY=”COUNTRY”
    export KEY_PROVINCE=”STATE”
    export KEY_CITY=”CITY”
    export KEY_ORG=”ORGANIZATION NAME”
    export KEY_EMAIL=”YOUR EMAIL”

Editfile

5)change directory to the etc/openvpn/easy-rsa/2.0 folder, and run the following:

  • . /etc/openvpn/easy-rsa/2.0/vars
    Note: in case you get an error about openssl.conf being the wrong version,issue the following: cp openssl.1.0.0.conf openssl.conf

sourcevars

  • source ./varsNow to clean up
  • . /etc/openvpn/easy-rsa/2.0/clean-all

clean

Now we must build the CA , so run:

  • . /etc/openvpn/easy-rsa/2.0/build-ca
    Note: it will ask several questions/settings but they should be good since it will use the vars file you created earlier. When done it will ask to build and write, so enter y

buildCA

6)Now we need to build the certificate and key for the server itself.

  • . /etc/openvpn/easy-rsa/2.0/build-key-server <yourchosenname>

buildcert

7) Now we need to generate the client certificate & key file.

  • . /etc/openvpn/easy-rsa/2.0/build-dh

9)So we have the required files, let’s put them somewhere safe for further configuration.
Make a directory somewhere. e.g mkdir /tmp/yealink, now go to the directory witht the client files (/easy-rsa/2.0/keys)

  • cp ca.crt <yourchosenname>.crt <yourchosenname>.key /tmp/yealink

cpcerts

10)Now we must move the files to a location where the OpenVPN service can find them. So in the /keys directory:

  • cp ca.crt ca.key dh1024.pem <yourchosenname>.crt <yourchosenname>.key /etc/openvpn

cpfiles

11) So now we have to modify the OpenVPN server config file to match our needs, there are lots of documents describing different setups/configs, so it should be a breeze for different setups from this.

  • cd /usr/share/doc/openvpn/examples/sample-config-files
  • gunzip -d server.conf.gz
  • mv server.conf /etc/openvpn/yourchosenname.conf

openvpn10  openvpn11openvpn12

12)Now edit the copied file using an editor,

  • nano /etc/openvpn/OPENVPN.conf¬† and uncomment the following lines
  • push “redirect-gateway def1″
    push “dhcp-option DNS 10.8.0.1″
    Note:You can edit more settings like port and protocol should you need it.

13)Now we need to setup the vpn server to forward traffic from the VPN client.

  • Edit the sysctl.cof file (/etc/sysctl.conf)
  • net.ipv4.ip_forward=1

fwd

14)Let’s punch a hole in IPTables to allow the traffic

  • iptables -A FORWARD -m state –state RELATED,ESTABLISHED -j ACCEPT
  • iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT

openvpn14 tmpiptables

That’s it for the server side, now let’s move on to the yealink :)

15) change directory to the folder where you stored a copy of the client files in step 9, here you need to create a config file (vpn.cnf) for the phone to use. To make your life easy I’ve created one and you can just copy/paste it. Note that you need to modify some settings like protocol/port etc… to match your config.

  • client
    ;dev tap
    dev tun
    ;dev-node MyTap
    ;proto tcp
    proto udp
    remote >YOURSERVERWANIP OR HOSTNAME< >YOURPORT<
    ;remote-random
    resolv-retry infinite
    nobind
    ;user nobody
    ;group nogroup
    .
    persist-key
    persist-tun
    ;http-proxy-retry # retry on connection failures
    ;http-proxy [proxy server] [proxy port #]
    ;mute-replay-warnings
    ca /phone/config/openvpn/keys/ca.crt
    cert /phone/config/openvpn/keys/client.crt
    key /phone/config/openvpn/keys/client.key
    ns-cert-type server
    ;cipher x
    comp-lzo
    verb 6
    ;mute 20

configfile

16)Now if you’re still with me you should have 4 files in your dir as seen below. if so, let’s continue if not review the previous steps. So now we need to make another dir in the folder where the files are called “keys” and then move all file there except the vpn.cnf

dircheck

  • mkdir /tmp/yealink/keys
    mv ca.crt <yourchosenname>.key <yourchosenname>.crt /tmp/yealink/keys

mvcheck

17)Almost there, now we must make a tarball for the yealink to use. Yealink expects a very strange folderstructure for the tarball with the topfolder being named “.” Now the way I found to do this is while in the directory issue the following:

  • tar -cf client.tar .
    Note: it will probably pass an error, but the tar will still be created as shown.

tarcheck

Now you need to move the tarball to somewhere you can access from the yealink phones webinterface.

18) Now log into the webinterface of your Yealink phone and navigate to the “Network” tab and then click “advanced” on the left.

openvpn20

19) You will see the VPN section, but don’t enable just yet. You should first upload your tar. To do so, click browse and then “Import” , when that’s done you can enable the VPN and the phone will reboot.

openvpn21

Now if all went well the phone reboots and connects to your VPN server and then you can configure the PBX settings, or if there were previously configured it should just work given. The phone will show a small “V” icon on the screen to show it’s connected to the VPN server.

Now as a side note: The config file for the Yealink uses a structure like : /phone/config… This is only for the T3x series, if you are trying to setup VPN for the 2x series you should use /yealink/config…
All other steps should remain the same.

If you still don’t get it going then drop me a line and i’ll try and help.