{"id":186530,"date":"2013-07-13T21:12:04","date_gmt":"2013-07-13T17:12:04","guid":{"rendered":"http:\/\/savepearlharbor.com\/?p=186530"},"modified":"-0001-11-30T00:00:00","modified_gmt":"-0001-11-29T21:00:00","slug":"","status":"publish","type":"post","link":"https:\/\/savepearlharbor.com\/?p=186530","title":{"rendered":"\u0417\u0430\u0449\u0438\u0442\u0430 \u043e\u0442 \u043f\u0440\u043e\u0441\u043b\u0443\u0448\u0438\u0432\u0430\u043d\u0438\u044f SIP c \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u2014 TLS + SRTPS + \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0442\u0443\u043d\u0435\u043b\u044c \u0438 \u0442\u0435\u043b\u0435\u0444\u043e\u043d\u0430 Yealink t26p<\/span>"},"content":{"rendered":"
\t\"image\"\/
\u0423 \u0432\u0430\u0441 \u043f\u0430\u0440\u0430\u043d\u043e\u044f? \u0412\u0430\u043c \u043a\u0430\u0436\u0435\u0442\u0441\u044f \u0447\u0442\u043e \u0432\u0430\u0441 \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e \u0445\u043e\u0442\u044f\u0442 \u043f\u043e\u0434\u0441\u043b\u0443\u0448\u0430\u0442\u044c? \u0412\u0435\u0434\u0435\u0442\u0435 \u0432\u0430\u0436\u043d\u044b\u0435 \u043f\u0435\u0440\u0435\u0433\u043e\u0432\u043e\u0440\u044b? \u0422\u043e\u0433\u0434\u0430 \u0432\u0430\u043c \u0441\u044e\u0434\u0430!
\u0412 \u044d\u0442\u043e\u0439 \u0437\u0430\u043c\u0435\u0442\u043a\u0435 \u044f \u0440\u0430\u0441\u0441\u043a\u0430\u0436\u0443 \u043e\u0431 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0445 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u044f\u0445 \u043f\u0440\u0438 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u0442\u0435\u043b\u0435\u0444\u043e\u043d\u0430 Yealink t26p.
\u0414\u043b\u044f \u043d\u0430\u0447\u0430\u043b\u0430 \u043c\u044b \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u043c \u0442\u0435\u043b\u0435\u0444\u043e\u043d \u043f\u043e\u0434\u043d\u044f\u0442\u044c \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0442\u0443\u043d\u0435\u043b\u044c \u0441 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u0430\u043c\u0438 \u0434\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 OpenVPN, \u0430 \u043f\u043e\u0442\u043e\u043c \u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0432\u043d\u0443\u0442\u0440\u0438 \u0442\u0443\u043d\u0435\u043b\u044f SIP \u0441 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0447\u0435\u0440\u0435\u0437 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u044b \u0441\u0438\u0433\u043d\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0435\u0439 \u0438 \u0433\u043e\u043b\u043e\u0441\u043e\u043c! (TLS + SRTP).
\u041a\u043e\u043c\u0443 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e \u043f\u0440\u043e\u0448\u0443 \u043f\u043e\u0434 \u043a\u0430\u0442.
<\/a><\/p>\n

\u0414\u043b\u044f \u043d\u0430\u0447\u0430\u043b\u0430 \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u044e \u043e\u0437\u043d\u0430\u043a\u043e\u043c\u0438\u0442\u0441\u044f \u0441\u043e \u0441\u0445\u0435\u043c\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b.
\"image\"\/
\u0421\u043c\u044b\u0441\u043b \u0440\u0430\u0431\u043e\u0442\u044b \u0432 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u043c \u2014 \u0442\u0435\u043b\u0435\u0444\u043e\u043d\u044b \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u044b \u0438\u0437 \u043b\u044e\u0431\u043e\u0439 \u0442\u043e\u0447\u043a\u0438 \u0447\u0435\u0440\u0435\u0437 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442. \u041e\u043d\u0438 \u043f\u043e\u0434\u043d\u0438\u043c\u0430\u044e\u0442 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043a\u0430\u043d\u0430\u043b \u0434\u043e \u0435\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0433\u043e \u0442\u043e\u0440\u0447\u0430\u0449\u0435\u0433\u043e \u0432 \u043c\u0438\u0440 \u043f\u043e\u0440\u0442\u0430 OpenVPN \u0441\u0435\u0440\u0432\u0435\u0440\u0430. \u0410 \u0434\u0430\u043b\u0435\u0435 \u0441 \u044d\u0442\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0442\u0435\u043b\u0435\u0444\u043e\u043d\u0438\u044f \u0438\u0434\u0435\u0442 \u0432 \u043d\u0435\u0434\u0440\u044b \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u0441\u0435\u0442\u0438, \u043a \u0441\u043f\u0440\u044f\u0442\u0430\u043d\u043d\u043e\u043c\u0443 \u0442\u0430\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0443 Asterisk. \u041d\u043e \u043a\u0430\u043a \u0432\u044b \u043c\u043e\u0436\u0435\u0442\u0435 \u0437\u0430\u043c\u0435\u0442\u0438\u0442\u044c, \u043a\u0430\u043d\u0430\u043b \u0434\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 OpenVPN \u0443 \u043d\u0430\u0441 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439, \u0430 \u0432\u043e\u0442 \u0432\u043d\u0443\u0442\u0440\u0438 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u0441\u0435\u0442\u0438 \u0433\u0434\u0435 \u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u044e\u0449\u0435\u0433\u043e \u043f\u0435\u0440\u0441\u043e\u043d\u0430\u043b\u0430, \u043c\u043e\u0436\u043d\u043e \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u0442\u0440\u0430\u0444\u0438\u043a SIP \u043d\u0430 \u043a\u0430\u043a\u043e\u043c \u043d\u0438\u0431\u0443\u0434\u044c \u0438\u0437 \u0448\u043b\u044e\u0437\u043e\u0432 \u0438 \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0438 \u0440\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u0442\u044c, \u0438 \u0443\u0437\u043d\u0430\u0442\u044c \u043e \u0447\u0435\u043c \u0431\u044b\u043b \u0440\u0430\u0437\u0433\u043e\u0432\u043e\u0440! \u042d\u0442\u043e\u0442 \u043a\u0443\u0441\u043e\u0447\u0435\u043a \u0441\u0435\u0442\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u043c\u0435\u0442\u0438\u043b \u043a\u0440\u0430\u0441\u043d\u043e\u0439 \u043b\u0438\u043d\u0438\u0435\u0439. \u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u043c\u044b \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u043c \u043d\u0430 \u0430\u0441\u0442\u0435\u0440\u0438\u0441\u043a\u0435 SRTP + TLS \u0438 \u0431\u0443\u0434\u0435\u043c \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u0442\u044c \u0435\u0449\u0435 \u0438 \u0442\u0440\u0430\u0444\u0438\u043a \u0432\u043d\u0443\u0442\u0440\u0438 \u0441\u0435\u0442\u0438 \u2014 \u0447\u0442\u043e\u0431\u044b \u043e\u043d \u0431\u044b\u043b \u0437\u0430\u0449\u0438\u0449\u0435\u043d \u043e\u0442 \u043d\u0435\u0434\u043e\u0431\u0440\u043e\u0441\u043e\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u0440\u0430\u0431\u043e\u0442\u043d\u0438\u043a\u043e\u0432 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438. \u0422\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u043a\u0440\u0443\u0433 \u043b\u0438\u0446 \u0438\u043c\u0435\u044e\u0449\u0438\u0445 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0440\u0430\u0437\u0433\u043e\u0432\u043e\u0440\u0430\u043c, \u043e\u0447\u0435\u043d\u044c \u0441\u0438\u043b\u044c\u043d\u043e \u0441\u0443\u0436\u0430\u0435\u0442\u0441\u044f.<\/p>\n

\u0414\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 OpenVPN \u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b dvd \u043e\u0431\u0440\u0430\u0437 Centos 6.4. \u041d\u0430 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 \u043e\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c\u0441\u044f \u043d\u0435 \u0431\u0443\u0434\u0443- \u0432\u0441\u0435 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u043e. <\/h4>\n

\u0427\u0438\u043d\u0438\u043c \u0441\u0440\u0430\u0437\u0443 \u0433\u043b\u044e\u043a \u043b\u043e\u043a\u0430\u043b\u0438. <\/p>\n

export LC_CTYPE=en_US.UTF-8 <\/code><\/pre>\n
  \u0412\u043a\u043b\u044e\u0447\u0430\u0435\u043c \u0444\u043e\u0440\u0432\u0430\u0440\u0434\u0438\u043d\u0433 \u043d\u0430 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430\u0445.  <\/p>\n
nano \/etc\/sysctl.conf #\u041d\u0430\u0439\u0442\u0438 \u0438 \u0437\u0430\u043c\u0435\u043d\u0438\u0442\u044c net.ipv4.ip_forward = 1 <\/code><\/pre>\n
  \u0412\u043a\u043b\u044e\u0447\u0430\u0435\u043c \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 \u043f\u0440\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0435.  <\/p>\n
nano \/etc\/sysconfig\/network-scripts\/ifcfg-eth0 #\u041d\u0430\u0439\u0442\u0438 \u0438 \u0437\u0430\u043c\u0435\u043d\u0438\u0442\u044c. ONBOOT=yes <\/code><\/pre>\n
  \u041e\u0431\u043d\u043e\u0432\u043b\u044f\u0435\u043c CentOS.  <\/p>\n
cd \/usr\/src\/ yum update -y <\/code><\/pre>\n
  \u0414\u043e\u0431\u0430\u0432\u043b\u044f\u0435\u043c \u043d\u0443\u0436\u043d\u044b\u0439 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0439.  <\/p>\n
wget http:\/\/fedora.ip-connect.vn.ua\/fedora-epel\/6\/i386\/epel-release-6-8.noarch.rpm rpm -Uvh epel-release-6-8.noarch.rpm <\/code><\/pre>\n
  \u0421\u0442\u0430\u0432\u0438\u043c \u0442\u0440\u0435\u0431\u0443\u0435\u043c\u044b\u0435 \u043f\u0430\u043a\u0435\u0442\u044b.  <\/p>\n
yum install openvpn git bridge-utils -y <\/code><\/pre>\n
  EasyRSA \u0442\u0435\u043f\u0435\u0440 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e \u0438 \u043d\u0430 \u0433\u0438\u0442\u0445\u0430\u0431\u0435 \u2014 \u043f\u043e\u044d\u0442\u043e\u043c\u0443:  <\/p>\n
git clone https:\/\/github.com\/OpenVPN\/easy-rsa.git cp -r \/usr\/src\/easy-rsa\/easy-rsa \/etc\/openvpn\/ <\/code><\/pre>\n
  \u0421\u043e\u0432\u0435\u0442\u0443\u044e \u0434\u043b\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0438 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0439 \u0441\u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043e\u0440\u0438\u0433\u0438\u043d\u0430\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u043d\u0444\u0438\u0433 VPN \u0438 \u0437\u0430\u043a\u043e\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0442\u0430\u043c \u0432\u0441\u0435 \u0441\u0442\u0440\u043e\u043a\u0438, \u043f\u043e\u0442\u043e\u043c \u0431\u0443\u0434\u0435\u0442 \u0443\u0434\u043e\u0431\u043d\u043e \u0438\u0441\u043a\u0430\u0442\u044c \u043d\u0443\u0436\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0434\u043b\u044f \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u0438\u0445 \u0441\u0438\u043d\u0442\u0430\u043a\u0441\u0438\u0441.  <\/p>\n
cp \/usr\/share\/doc\/openvpn-2.3.1\/sample\/sample-config-files\/server.conf \/etc\/openvpn\/ nano \/etc\/openvpn\/server.conf   #\u0417\u0430\u043a\u043e\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0432\u0441\u0435 \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0435 \u0438 \u043e\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0434\u043b\u044f \u043d\u0430\u0433\u043b\u044f\u0434\u043d\u043e\u0441\u0442\u0438, \u043f\u043e\u0442\u043e\u043c \u0432\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u043c :  port 1194 proto udp dev tun0 ca \/etc\/openvpn\/easy-rsa\/2.0\/keys\/ca.crt cert \/etc\/openvpn\/easy-rsa\/2.0\/keys\/server.crt key \/etc\/openvpn\/easy-rsa\/2.0\/keys\/server.key dh \/etc\/openvpn\/easy-rsa\/2.0\/keys\/dh1024.pem server 172.19.7.0 255.255.255.0 ifconfig-pool-persist ipp.txt push "route 172.19.7.0 255.255.255.0" client-to-client keepalive 10 120 user root group root persist-key persist-tun status openvpn-status.log log \/var\/log\/openvpn.log verb 3 mute 20 <\/code><\/pre>\n
  \u041c\u0435\u043d\u044f\u0435\u043c \u043c\u0435\u0442\u043e\u0434 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0441 sha256 \u043d\u0430 MD5 \u0442.\u043a. \u0442\u0435\u043b\u0435\u0444\u043e\u043d \u043d\u0435 \u043f\u043e\u043d\u0438\u043c\u0430\u0435\u0442 \u043f\u0435\u0440\u0432\u044b\u0439 \u043c\u0435\u0442\u043e\u0434. \u0412 \u0441\u0431\u043e\u0440\u043a\u0435 easy-rsa \u0435\u0441\u0442\u044c 3 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u0430 \u0444\u0430\u0439\u043b\u0430 openssl, \u043c\u0435\u043d\u044f\u0442\u044c \u0431\u0443\u0434\u0435\u043c \u0432\u043e \u0432\u0441\u0435\u0445 \u0441\u0440\u0430\u0437\u0443 \u0447\u0442\u043e\u0431\u044b \u043d\u0435 \u0432\u044b\u044f\u0441\u043d\u044f\u0442\u044c \u043a\u0430\u043a\u043e\u0439 \u0431\u0443\u0434\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u043f\u0440\u0438 \u0433\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u0438 \u043a\u043b\u044e\u0447\u0435\u0439 \u0438 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0432.  <\/p>\n
cp \/etc\/openvpn\/easy-rsa\/2.0\/openssl-0.9.6.cnf \/etc\/openvpn\/easy-rsa\/2.0\/openssl-0.9.6.cnf.orig && sed -e 's\/default_md.*=.*sha256\/default_md = md5 \/g' \/etc\/openvpn\/easy-rsa\/2.0\/openssl-0.9.6.cnf.orig > \/etc\/openvpn\/easy-rsa\/2.0\/openssl-0.9.6.cnf  cp \/etc\/openvpn\/easy-rsa\/2.0\/openssl-0.9.8.cnf \/etc\/openvpn\/easy-rsa\/2.0\/openssl-0.9.8.cnf.orig && sed -e 's\/default_md.*=.*sha256\/default_md = md5 \/g' \/etc\/openvpn\/easy-rsa\/2.0\/openssl-0.9.8.cnf.orig > \/etc\/openvpn\/easy-rsa\/2.0\/openssl-0.9.8.cnf  cp \/etc\/openvpn\/easy-rsa\/2.0\/openssl-1.0.0.cnf \/etc\/openvpn\/easy-rsa\/2.0\/openssl-1.0.0.cnf.orig && sed -e 's\/default_md.*=.*sha256\/default_md = md5 \/g' \/etc\/openvpn\/easy-rsa\/2.0\/openssl-1.0.0.cnf.orig > \/etc\/openvpn\/easy-rsa\/2.0\/openssl-1.0.0.cnf <\/code><\/pre>\n
  \u0414\u0430\u043b\u0435\u0435 \u043c\u0435\u043d\u044f\u0435\u043c \u0434\u0435\u0444\u043e\u043b\u0442\u043d\u044b\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f   <\/p>\n
nano \/etc\/openvpn\/easy-rsa\/2.0\/vars export KEY_SIZE=1024 export KEY_COUNTRY="RU" export KEY_PROVINCE="CA" export KEY_CITY="Moscow" export KEY_ORG="YOURCOMPANY" export KEY_EMAIL="info@YOURCOMPANY.ru" export KEY_OU="MY" <\/code><\/pre>\n
\u041c\u043e\u0436\u043d\u043e \u043f\u0440\u0438\u0441\u0442\u0443\u043f\u0430\u0442\u044c \u043a \u0433\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u0438 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0432:<\/h4>\n
  \u041f\u0435\u0440\u0435\u0439\u0434\u0435\u043c \u0432 \u043d\u0443\u0436\u043d\u0443\u044e \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u044e, \u0433\u0434\u0435 \u0431\u0443\u0434\u0435\u043c \u0433\u0435\u043d\u0435\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043a\u043b\u044e\u0447\u0438 \u0438 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u044b  <\/p>\n
cd  \/etc\/openvpn\/easy-rsa\/2.0 [root@test 2.0]# source .\/vars NOTE: If you run .\/clean-all, I will be doing a rm -rf on \/etc\/openvpn\/easy-rsa\/2.0\/keys [root@test 2.0]# .\/clean-all #\u0421\u043e\u0437\u0434\u0430\u0435\u043c \u0441\u0430\u043c\u043e\u043f\u043e\u0434\u043f\u0438\u0441\u043d\u043e\u0439 \u043a\u043e\u0440\u043d\u0435\u0432\u043e\u0439 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442 \u0438 \u043a\u043b\u044e\u0447, \u0432\u0441\u0435 \u043e\u0442\u0432\u0435\u0442\u044b \u043c\u043e\u0436\u043d\u043e \u043e\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e, \u043a\u0440\u043e\u043c\u0435 Common Name [root@test 2.0]# .\/build-ca Generating a 1024 bit RSA private key .........++++++ .......................++++++ writing new private key to 'ca.key' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [RU]: State or Province Name (full name) [CA]: Locality Name (eg, city) [Moscow]: Organization Name (eg, company) [YOURCOMPANY]: Organizational Unit Name (eg, section) [changeme]: Common Name (eg, your name or your server's hostname) [changeme]:test Name [changeme]: Email Address [mail@host.domain]: <\/code><\/pre>\n
  \u0421\u043e\u0437\u0434\u0430\u0435\u043c \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442 \u0438 \u043a\u043b\u044e\u0447 \u0434\u043b\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u0430
  \u0412\u0441\u0435 \u043e\u0442\u0432\u0435\u0442\u044b \u043c\u043e\u0436\u043d\u043e \u043e\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e  <\/p>\n
[root@test 2.0]# .\/build-key-server server Generating a 1024 bit RSA private key .........................++++++ .............................++++++ writing new private key to 'server.key' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [RU]: State or Province Name (full name) [MOSCOW]: Locality Name (eg, city) [MOSCOW]: Organization Name (eg, company) [YOURCOMPANY]: Organizational Unit Name (eg, section) [changeme]: Common Name (eg, your name or your server's hostname) [server]: Name [changeme]: Email Address [mail@host.domain]: Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []: Using configuration from \/etc\/openvpn\/easy-rsa\/2.0\/openssl-0.9.8.cnf Check that the request matches the signature Signature ok The Subject's Distinguished Name is as follows countryName           :PRINTABLE:'RU' stateOrProvinceName   :PRINTABLE:'MOSCOW' localityName          :PRINTABLE:'MOSCOW' organizationName      :PRINTABLE:'YOURCOMPANY' organizationalUnitName:PRINTABLE:'changeme' commonName            :PRINTABLE:'server' name                  :PRINTABLE:'changeme' emailAddress          :IA5STRING:'mail@host.domain' Certificate is to be certified until Mar 20 06:56:48 2023 GMT (3650 days) Sign the certificate? [y\/n]:y 1 out of 1 certificate requests certified, commit? [y\/n]y Write out database with 1 new entries Data Base Updated <\/code><\/pre>\n
  \u0413\u0435\u043d\u0438\u0440\u0438\u0440\u0443\u0435\u043c \u043a\u043b\u044e\u0447 \u0414\u0438\u0444\u0444\u0438-\u0425\u0435\u043b\u043c\u0430\u043d\u0430  <\/p>\n
[root@test 2.0]# .\/build-dh Generating DH parameters, 1024 bit long safe prime, generator 2 This is going to take a long time ...................................................+.................................................................+...................+..+.........................................................................................................................................+...........+.......................................................+....+..................................................................................................+......................................................................+.................................................................................................+............................+.....................................................................+.............++*++*++* <\/code><\/pre>\n
  \u0413\u0435\u043d\u0435\u0440\u0438\u0440\u0443\u0435\u043c \u043a\u043b\u0438\u0435\u043d\u0442\u0441\u043a\u0438\u0439 \u043a\u043b\u044e\u0447 (\u0434\u043b\u044f \u043a\u0430\u0436\u0434\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b \u0438\u043b\u0438 \u0442\u0435\u043b\u0435\u0444\u043e\u043d\u0430 \u043e\u043d \u0434\u043e\u043b\u0436\u0435\u043d \u0431\u044b\u0442\u044c \u0441\u0432\u043e\u0439)
  \u0412\u0441\u0435 \u043e\u0442\u0432\u0435\u0442\u044b \u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u043c \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e  <\/p>\n
[root@test 2.0]# .\/build-key client1 Generating a 1024 bit RSA private key .++++++ ......++++++ writing new private key to 'client1.key' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [RU]: State or Province Name (full name) [CA]: Locality Name (eg, city) [Moscow]: Organization Name (eg, company) [YOURCOMPANY]: Organizational Unit Name (eg, section) [changeme]: Common Name (eg, your name or your server's hostname) [client1]: Name [changeme]: Email Address [mail@host.domain]: Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []: Using configuration from \/etc\/openvpn\/easy-rsa\/2.0\/openssl-0.9.8.cnf Check that the request matches the signature Signature ok The Subject's Distinguished Name is as follows countryName           :PRINTABLE:'RU' stateOrProvinceName   :PRINTABLE:'CA' localityName          :PRINTABLE:'Moscow' organizationName      :PRINTABLE:'YOURCOMPANY' organizationalUnitName:PRINTABLE:'changeme' commonName            :PRINTABLE:'client1' name                  :PRINTABLE:'changeme' emailAddress          :IA5STRING:'mail@host.domain' Certificate is to be certified until Mar 20 07:01:46 2023 GMT (3650 days) Sign the certificate? [y\/n]:y 1 out of 1 certificate requests certified, commit? [y\/n]y Write out database with 1 new entries Data Base Updated <\/code><\/pre>\n
\u041f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043a\u0430 \u0444\u0430\u0439\u043b\u0430 \u0434\u043b\u044f \u043f\u043e\u0434\u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f \u0442\u0435\u043b\u0435\u0444\u043e\u043d\u0430:<\/h4>\n
  \u0421\u043e\u0437\u0434\u0430\u0435\u043c \u043f\u0430\u043f\u043a\u0443 \u2014 \u0432\u043d\u0443\u0442\u0440\u0438 \u0434\u043e\u043b\u0436\u043d\u0430 \u043b\u0435\u0436\u0430\u0442\u044c \u043f\u0430\u043f\u043a\u0430 keys \u0438 \u0444\u0430\u0439\u043b vpn.cnf. 
  \u041f\u0440\u0438\u043c\u0435\u0440 vpn.cnf \u2014 \u0432\u043c\u0435\u0441\u0442\u043e XXX \u0435\u0441\u0442\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0432\u0430\u0448 \u0430\u0434\u0440\u0435\u0441 \u0441\u0435\u0440\u0432\u0435\u0440\u0430:  <\/p>\n
client dev tun proto udp remote XXX.XXX.XXX.XXX 1194 resolv-retry infinite nobind ca \/yealink\/config\/openvpn\/keys\/ca.crt cert \/yealink\/config\/openvpn\/keys\/client1.crt key \/yealink\/config\/openvpn\/keys\/client1.key verb 3 mute 20 <\/code><\/pre>\n
  \u0412\u043d\u0443\u0442\u0440\u0438 \u043f\u0430\u043f\u043a\u0438 keys \u0434\u043e\u043b\u0436\u043d\u044b \u043b\u0435\u0436\u0430\u0442\u044c \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0442\u0440\u0438 \u0444\u0430\u0439\u043b\u0430 \u2014 ca.crt, client1.crt, client1.key. \u0418\u043c\u0435\u043d\u0430 \u0444\u0430\u0439\u043b\u043e\u0432 \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0435 \u0438 \u0432 \u043f\u0430\u043f\u043a\u0435 \u0434\u043e\u043b\u0436\u043d\u044b \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c. \u0424\u0430\u0439\u043b\u044b \u0432\u044b\u0442\u0430\u0441\u043a\u0438\u0432\u0430\u0442\u044c \u0441 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u043f\u043e\u0441\u043b\u0435 \u0433\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u0438 \u043b\u044e\u0431\u044b\u043c \u0443\u0434\u043e\u0431\u043d\u044b\u043c \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u043c.
  \u041f\u043e\u0441\u043b\u0435 \u044d\u0442\u043e\u0433\u043e \u0441\u0442\u0430\u0432\u0438\u043c 7zip \u0438 \u0430\u0440\u0445\u0438\u0432\u0438\u0440\u0443\u0435\u043c \u0444\u0430\u0439\u043b vpn.cnf \u0438 \u043f\u0430\u043f\u043a\u0443 keys \u0432 tar \u0430\u0440\u0445\u0438\u0432 \u0431\u0435\u0437 \u0441\u0436\u0430\u0442\u0438\u044f. \u041b\u0438\u0431\u043e \u043c\u043e\u0436\u0435\u0442\u0435 \u043d\u0430 \u043b\u0438\u043d\u0443\u043a\u0441\u0435 \u0438\u0437 \u043f\u0430\u043f\u043a\u0438 \u0441 \u0444\u0430\u0439\u043b\u043e\u043c vpn.cnf \u0438 \u043f\u0430\u043f\u043a\u043e\u0439 keys \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c:  <\/p>\n
tar cvf connect.tar .\/vpn.cnf .\/keys <\/code><\/pre>\n
  \u0417\u0430\u0445\u043e\u0434\u0438\u043c \u0432 \u0432\u0435\u0431 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u0442\u0435\u043b\u0435\u0444\u043e\u043d\u0430. \u0418\u0434\u0435\u043c \u043d\u0430 \u0432\u043a\u043b\u0430\u0434\u043a\u0443 Network > Advanced > Vpn. \u0421\u0442\u0430\u0432\u0438\u043c active = enabled, \u0438\u043c\u043f\u043e\u0440\u0442\u0438\u0440\u0443\u0435\u043c \u0444\u0430\u0439\u043b \u0438 \u043d\u0430\u0436\u0438\u043c\u0430\u0435\u043c \u0432\u043d\u0438\u0437\u0443 submit.
  \"image\"\/<\/p>\n
  \u0415\u0441\u043b\u0438 \u0442\u0435\u043b\u0435\u0444\u043e\u043d \u043d\u0435 \u0441\u0445\u0430\u0432\u0430\u043b \u0444\u0430\u0439\u043b\u0438\u043a \u043c\u043e\u0436\u0435\u0442\u0435 \u0435\u0433\u043e \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c. \u0423\u0432\u0438\u0434\u0435\u0442\u044c \u0447\u0442\u043e \u043e\u043d \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u043b\u0441\u044f \u043a \u043d\u0430\u0448\u0435\u043c\u0443 \u0441\u0435\u0440\u0432\u0435\u0440\u0443 \u2014 \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0432 \u043b\u043e\u0433\u0438:  <\/p>\n
tail -n100 -f \/var\/log\/openvpn.log <\/code><\/pre>\n
 \u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 TLS + SRTP \u043d\u0430 Asterisk. <\/h4>\n
  \u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0443 \u0441 \u043d\u0443\u043b\u044f \u043f\u0438\u0441\u0430\u0442\u044c \u043d\u0435 \u0431\u0443\u0434\u0443 \u0438\u0431\u043e \u0441\u0442\u0430\u0442\u0435\u0439 \u043c\u043e\u0440\u0435, \u0438 \u043c\u043e\u0438 \u0442\u043e\u0436\u0435 \u0435\u0441\u0442\u044c. \u0420\u0430\u0441\u0441\u043a\u0430\u0436\u0443 \u043a\u0430\u043a \u0436\u0435 \u0441\u0434\u0435\u043b\u0430\u0442\u044c \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u044b, \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0438 \u0432\u043f\u0438\u0445\u043d\u0443\u0442\u044c \u0432\u0441\u0435 \u044d\u0442\u043e \u0432 \u0442\u0435\u043b\u0435\u0444\u043e\u043d.
  \u0418\u0442\u0430\u043a \u043d\u0430 \u0430\u0441\u0442\u0435\u0440\u0435 \u043d\u0430\u0434\u043e \u0441\u0434\u0435\u043b\u0430\u0442\u044c Certificate Authority.  <\/p>\n
mkdir \/etc\/cert cd \/etc\/cert\/ root@server-sip1:\/etc\/cert# openssl genrsa -des3 -out ca.key 4096  Generating RSA private key, 4096 bit long modulus .......................++ ...............................++ e is 65537 (0x10001) Enter pass phrase for ca.key: Verifying - Enter pass phrase for ca.key: root@server-sip1:\/etc\/cert# root@server-sip1:\/etc\/cert# root@server-sip1:\/etc\/cert# openssl req -new -x509 -days 365 -key ca.key -out ca.crt Enter pass phrase for ca.key: You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:RU State or Province Name (full name) [Some-State]:MOSCOW Locality Name (eg, city) []:MOSCOW Organization Name (eg, company) [Internet Widgits Pty Ltd]:YOURCOMPANY Organizational Unit Name (eg, section) []:VoIP Common Name (eg, YOUR name) []:YUORCOMPANY CA Email Address []:INFO@YOURCOMPANY.RU root@server-sip1:\/etc\/cert# root@server-sip1:\/etc\/cert# root@server-sip1:\/etc\/cert# ls ca.crt  ca.key root@server-sip1:\/etc\/cert# <\/code><\/pre>\n
  CA \u0441\u043e\u0437\u0434\u0430\u043b\u0438 \u2014 \u0434\u0430\u043b\u0435\u0435 \u043d\u0443\u0436\u043d\u043e \u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u0432 \u0442\u0435\u043b\u0435\u0444\u043e\u043d \u0444\u0430\u0439\u043b ca.crt \u0447\u0442\u043e\u0431\u044b \u043e\u043d \u0437\u043d\u0430\u043b \u0447\u0442\u043e \u0434\u0430\u043d\u043d\u043e\u043c\u0443 \u0421\u0410 \u043c\u043e\u0434\u043d\u043e \u0434\u043e\u0432\u0435\u0440\u044f\u0442\u044c \u2014 \u0437\u0430\u043a\u043b\u0430\u0434\u043a\u0430 Security > Trusted Certificates.
  \"image\"\/
  \u0421\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0438 \u043f\u043e\u0434\u043f\u0438\u0441\u044c \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0438 \u0434\u043b\u044f \u0442\u0435\u043b\u0435\u0444\u043e\u043d\u043e\u0432 \u2014 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044e \u0434\u043b\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u0430, \u0430 \u0434\u043b\u044f \u0442\u0435\u043b\u0435\u0444\u043e\u043d\u0430 \u043f\u0440\u043e\u0446\u0435\u0434\u0443\u0440\u0443 \u043f\u043e\u0432\u0442\u043e\u0440\u0438\u0442\u044c.  <\/p>\n
root@server-sip1:\/etc\/cert# openssl genrsa -out key-server.pem 1024 Generating RSA private key, 1024 bit long modulus .....++++++ ...++++++ e is 65537 (0x10001) root@server-sip1:\/etc\/cert# openssl req -new -key key-server.pem -out req-server.csr You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:RU State or Province Name (full name) [Some-State]:MOSCOW Locality Name (eg, city) []:MOSCOW Organization Name (eg, company) [Internet Widgits Pty Ltd]:YOURCOMPANY Organizational Unit Name (eg, section) []:VoIP Common Name (eg, YOUR name) []:server Email Address []:info@yourcompany.ru Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []: root@server-sip1:\/etc\/cert# root@server-sip1:\/etc\/cert# root@server-sip1:\/etc\/cert# root@server-sip1:\/etc\/cert# openssl x509 -req -days 365 -in req-server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out cert-server.crt Signature ok subject=\/C=RU\/ST=MOSCOW\/L=MOSCOW\/O=Yourcompany\/OU=VoIP\/CN=server\/emailAddress=info@yourcompany.ru Getting CA Private Key Enter pass phrase for ca.key: root@server-sip1:\/etc\/cert# <\/code><\/pre>\n
  \u041f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043a\u0430 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u0430 \u0434\u043b\u044f \u0410\u0441\u0442\u0435\u0440\u0438\u0441\u043a\u0430.
  \u0421\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430 \u0444\u0430\u0439\u043b\u0430 \u0434\u043b\u044f \u0430\u0441\u0442\u0435\u0440\u0430 \u0434\u043e\u043b\u0436\u043d\u0430 \u0432\u044b\u0433\u043b\u044f\u0434\u0435\u0442\u044c \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u2014 \u0432\u043d\u0430\u0447\u0430\u043b\u0435 \u0444\u0430\u0439\u043b \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0433\u043e \u0432\u0438\u0434\u0430:  <\/p>\n
-----BEGIN CERTIFICATE----- MIIDvDCCAyWgAwIBAgIJAPMabsMiJJQPMA0GCSqGSIb3DQEBBQUAMIGbMQswCQYD [...] CfITDxcJBZfeXIPZP52+8FSMlm5985uMvao+emlIUGk11rY61Amxr387grDvgOaI -----END CERTIFICATE----- <\/code><\/pre>\n
  \u041f\u043e\u0442\u043e\u043c \u0441\u0440\u0430\u0437\u0443 \u0444\u0430\u0439\u043b \u043a\u043b\u044e\u0447\u0430:  <\/p>\n
-----BEGIN RSA PRIVATE KEY----- MIICXQIBAAKBgQCqRw0jpQFn+f+lnDZiZzCRca9ojgu2brO+Q56jnqorvCIlYFC0 [...] FT65O46u6Vmp1gPbNklOEg7TtZUtfacPY2PyeP4KoHaG -----END RSA PRIVATE KEY----- <\/code><\/pre>\n
  \u0421\u043a\u043e\u043c\u043f\u043e\u043d\u043e\u0432\u0430\u0442\u044c \u043c\u043e\u0436\u043d\u043e \u0447\u0435\u0440\u0435\u0437 cat:  <\/p>\n
root@server-sip1:\/etc\/asterisk\/cert# cat \/etc\/cert\/key.pem > \/etc\/asterisk\/cert\/asterisk.pem root@server-sip1:\/etc\/asterisk\/cert# cat \/etc\/cert\/cert-server.crt >> \/etc\/asterisk\/cert\/asterisk.pem <\/code><\/pre>\n
  \u0422\u0435\u043f\u0435\u0440\u044c \u043f\u0440\u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u043c \u0432 \u0444\u0430\u0439\u043b\u0435 sip.conf (\u0438\u043b\u0438 sip_general_custom.conf \u0435\u0441\u043b\u0438 \u044d\u0442\u043e Elastix \u0438\u043b\u0438 FreePBX)  <\/p>\n
tcpenable=yes tcpbindaddr=0.0.0.0 tlsenable=yes tlsbindaddr=0.0.0.0 tlscertfile=\/etc\/asterisk\/cert\/asterisk.pem tlscafile=\/etc\/cert\/ca.crt <\/code><\/pre>\n
  \u041a\u043e\u0433\u0434\u0430 \u0432\u0441\u0435 \u0433\u043e\u0442\u043e\u0432\u043e \u043d\u0443\u0436\u043d\u043e \u043d\u0430 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e\u043c extension \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u044c TLS \u0438 SRTP. <\/p>\n
  \u0422\u0430\u043a\u0438\u043c \u0436\u0435 \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u0433\u043e\u0442\u043e\u0432\u0438\u043c \u0444\u0430\u0439\u043b \u0434\u043b\u044f \u0442\u0435\u043b\u0435\u0444\u043e\u043d\u0430 \u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u043c \u0435\u0433\u043e \u0432 \u043c\u0435\u043d\u044e Security > Server Certificates
  \"image\"\/<\/p>\n
  \u0414\u0430\u043d\u043d\u043e\u0439 \u0441\u0442\u0430\u0442\u044c\u0435\u0439 \u043d\u0438 \u0432 \u043a\u043e\u0435\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u043d\u0435 \u0445\u043e\u0447\u0443 \u043f\u0440\u0435\u0442\u0435\u043d\u0434\u043e\u0432\u0430\u0442\u044c \u043d\u0430 \u043f\u043e\u043b\u043d\u043e\u0442\u0443 \u043c\u0430\u0442\u0435\u0440\u0438\u0430\u043b\u0430. \u041d\u043e \u043e\u0447\u0435\u043d\u044c \u0445\u043e\u0442\u0435\u043b\u043e\u0441\u044c \u0434\u043e\u043d\u0435\u0441\u0442\u0438 \u044d\u0442\u0438 \u0432\u0430\u0436\u043d\u044b\u0435 \u043d\u044e\u0430\u043d\u0441\u044b \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0434\u043b\u044f \u0447\u0435\u043b\u043e\u0432\u0435\u043a\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u0435\u0442 \u0441 \u044d\u0442\u0438\u043c \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0438 \u0441\u0442\u043e\u043b\u043a\u043d\u0443\u0442\u044c\u0441\u044f. \u0423 \u043c\u0435\u043d\u044f \u043d\u0430 \u0432\u044b\u044f\u0441\u043d\u0435\u043d\u0438\u044f \u0432\u0441\u0435\u0445 \u043d\u044e\u0430\u043d\u0441\u043e\u0432 \u0432\u044b\u043f\u0438\u0441\u043a\u0438 \u0438 \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043a\u0438 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0432 \u0434\u043b\u044f \u0442\u0435\u043b\u0435\u0444\u043e\u043d\u0430 \u0438 \u0430\u0441\u0442\u0435\u0440\u0438\u0441\u043a\u0430 \u0443\u0448\u043b\u0430 \u043d\u0435\u0434\u0435\u043b\u044f. \u0415\u0441\u043b\u0438 \u0443 \u0432\u0430\u0441 \u0435\u0441\u0442\u044c \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u0434\u0435\u043b\u0430\u0442\u044c \u2014 \u043b\u0443\u0447\u0448\u0435\\\u0431\u044b\u0441\u0442\u0440\u0435\u0435\\\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u0435\u0435, \u0442\u043e \u0441 \u0443\u0434\u043e\u0432\u043e\u043b\u044c\u0441\u0442\u0432\u0438\u0435\u043c \u043f\u043e\u0447\u0438\u0442\u0430\u044e \u0432 \u043a\u043e\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u044f\u0445!    \t<\/p>\n
<\/div>\n<\/p><\/div>\n
 \u0441\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 \u043e\u0440\u0438\u0433\u0438\u043d\u0430\u043b \u0441\u0442\u0430\u0442\u044c\u0438  http:\/\/habrahabr.ru\/post\/186530\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
   \t\"image\"\/
  \u0423 \u0432\u0430\u0441 \u043f\u0430\u0440\u0430\u043d\u043e\u044f? \u0412\u0430\u043c \u043a\u0430\u0436\u0435\u0442\u0441\u044f \u0447\u0442\u043e \u0432\u0430\u0441 \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e \u0445\u043e\u0442\u044f\u0442 \u043f\u043e\u0434\u0441\u043b\u0443\u0448\u0430\u0442\u044c? \u0412\u0435\u0434\u0435\u0442\u0435 \u0432\u0430\u0436\u043d\u044b\u0435 \u043f\u0435\u0440\u0435\u0433\u043e\u0432\u043e\u0440\u044b? \u0422\u043e\u0433\u0434\u0430 \u0432\u0430\u043c \u0441\u044e\u0434\u0430!
  \u0412 \u044d\u0442\u043e\u0439 \u0437\u0430\u043c\u0435\u0442\u043a\u0435 \u044f \u0440\u0430\u0441\u0441\u043a\u0430\u0436\u0443 \u043e\u0431 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0445 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u044f\u0445 \u043f\u0440\u0438 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u0442\u0435\u043b\u0435\u0444\u043e\u043d\u0430 Yealink t26p.
  \u0414\u043b\u044f \u043d\u0430\u0447\u0430\u043b\u0430 \u043c\u044b \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u043c \u0442\u0435\u043b\u0435\u0444\u043e\u043d \u043f\u043e\u0434\u043d\u044f\u0442\u044c \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0442\u0443\u043d\u0435\u043b\u044c \u0441 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u0430\u043c\u0438 \u0434\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 OpenVPN, \u0430 \u043f\u043e\u0442\u043e\u043c \u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0432\u043d\u0443\u0442\u0440\u0438 \u0442\u0443\u043d\u0435\u043b\u044f SIP \u0441 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0447\u0435\u0440\u0435\u0437 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u044b \u0441\u0438\u0433\u043d\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0435\u0439 \u0438 \u0433\u043e\u043b\u043e\u0441\u043e\u043c! (TLS + SRTP).
  \u041a\u043e\u043c\u0443 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e \u043f\u0440\u043e\u0448\u0443 \u043f\u043e\u0434 \u043a\u0430\u0442.  <\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[],"tags":[],"class_list":["post-186530","post","type-post","status-publish","format-standard","hentry"],"_links":{"self":[{"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/posts\/186530","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=186530"}],"version-history":[{"count":0,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/posts\/186530\/revisions"}],"wp:attachment":[{"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=186530"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=186530"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=186530"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}