How To setup Asterisk VoIP server over OpenVPN in Tor hidden service.

Support
4

UPDATE

Generate encryption keys with OpenSSL.

OpenVPN server openvpn.conf configuration file:

mode server
tls-server
dev tun
proto tcp-server
port 1194

server 10.8.0.0 255.255.0.0
 
ca /vpn/ca.crt
cert /vpn/server.crt
key /vpn/server.key
dh /vpn/dh2048.pem
tls-crypt /vpn/ta.key
 
cipher AES-256-CBC
auth SHA3-512
 
log /var/log/openvpn.log
status /var/log/openvpn-status.log
 
user nobody
group nobody
persist-key
persist-tun
chroot /usr/local/etc/openvpn/jail
auth-nocache

# If you want to allow clients to communicate between themselves e.g. start own services like UnrealIRCd Servers.
client-to-client
client-config-dir /ccd

OpenVPN clients client.conf configuration file:

tls-client
remote-cert-tls server
dev tun

<connection>
remote youroniondomain.onion 1194 tcp-client
socks-proxy 127.0.0.1 9050
</connection>

cipher AES-256-CBC
auth SHA3-512
  
user nobody
group nogroup
persist-key
persist-tun
chroot /etc/openvpn/jail
auth-nocache
 
log /var/log/openvpn/openvpn.log
status /var/log/openvpn/openvpn-status.log
 
<ca>
</ca>
  
<cert>
</cert>
  
<key>
</key>

<tls-crypt>
</tls-crypt>

Tor Hidden Service torrc configuration file:

HiddenServiceDir /usr/local/torhs/szczybelski/
HiddenServicePort 1194 127.0.0.1:1194

Tor clients torrc configuration file:

SOCKSPort 9050

Asterisk sip.conf configuration file:

[general]
transport=udp
port=5060
bindaddr=10.8.0.1
disallow=all
allow=ulaw
allow=alaw
allow=gsm
directmedia=no
nat=yes
localnet=10.8.0.0/255.255.0.0
 
[friends_internal](!)
type=friend
host=dynamic
context=from-internal
disallow=all
allow=ulaw
allow=alaw
allow=gsm
 
[demo-alice](friends_internal)
secret=password
 
[demo-bob](friends_internal)
secret=password
 
[demo-norbert](friends_internal)
secret=password

Asterisk extensions.conf configuration file:

[from-internal]
exten=>6001,1,Dial(SIP/demo-alice,20)
exten=>6002,1,Dial(SIP/demo-bob,20)
exten=>6003,1,Dial(SIP/demo-norbert,20)

That’s all!
It’s working with 1 s delay.

Enjoy!

3 Likes