How to setup IP phone with OpenVPN to connect remotely to an internal network
 

The plan was to connect an ip phone on the switch of the client's local network, pass the voice thought the client's vpn tunnel to access to the PABX where the VOIP card is and is also behind the openvpn server.

I am attempting to run the openvpn client on the laptop and use a USB2.0 ethernet device to pass the connection to a switch and then connect the IP phone to the switch but I am guessing this will not work.

Apart from buying a WRT box (will look into this if it is cheap and easy to configure), what other way can the IP phone connect to a OpenVPN connection? (Other than the scenario I tried to test above)

I take it will involve IP routing as you said and maybe changes to the client/server.conf also?

That's a perfectly valid method, you do need to configure the phone to use the correct router, possibly the Laptop or OpenVPN server, unless the network is bridged. You may need to do this via DHCP.

Yes but if you have setup a phone like this yourself, can you explain how you did this.
Plus after some research, the IP phone needs to be routed with a WTR router with a static DHCP and cannot use a netbook/PC to connect to the openvpn as it needs a dedicated WTR router with an openvpn client to do so.

If anyone has experience setting this up, please share.

Where did you this idea from? And what is a "WTR router"? Any device that can't use a PC as a router is not worthy of the name "IP phone".

The popular ISC DHCP server is available in all major Linux distributions, or you could a DHCP relay to forward requests to a remote DHCP server which will need the configured with knowledge of the subnet the phone is on.

If the VPN is OpenVPN tap mode and bridged at both ends then there is no other VPN specific configuration.

We can not give you specific advice unless you describe the network.
How is OpenVPN configured?
What operating systems are the OpenVPN server and client running?
How is DHCP provided to the other phones?
What traffic must/must not travel over the VPN?
Are we dealing with IPv4, IPv6 or both?

From DD-WRT.com:
"DD-WRT is a Linux based alternative OpenSource firmware suitable for a great variety of WLAN routers and embedded systems. The main emphasis lies on providing the easiest possible handling while at the same time supporting a great number of functionalities within the framework of the respective hardware platform used."

You essentially either flash your existing router with this software or add it to a compatible DD-WRT list of routers.

Network setup:
IP Phone (192.168.100.30) (local address so I guess will need something like 10.8.0.3)
l
l
Netbook openvpn client (10.8.0.2)
l
l
Openvpn server (10.8.0.1)
l
l
VOIP Card (192.168.100.5) (local address)

The IP Keyphone has to be configured with an IP Address, Subnet Mask, Default Gateway and the address of the Aspire NTCPU.

This IP information can be supplied by DHCP or can be manually configured on the IP Keyphone. Ideally a static IP to negotiate it with the PABX server.

Attempted to to run the openvpn client on the laptop with Linux Ubuntu and use a USB2.0 ethernet device to pass the connection to a fast ethernet switch and then connect the IP phone to the switch to route the traffic. This does not work as the IP phone has 2 specific ports:

1. For a LAN connection to connect on the internal network of company

2. The phone needs to be connected directly to a router/switch with a VPN running on it then from the phone the PC is connected. The PC (X) port on the phone is used for feeding connection to a pc and will not work the other way (feeding connection from pc to phone).

Dealing with IPv4 for the moment.

The OpenVPN in client.conf is for dev tun in the bridge settings.

Other phone handsets are standard non VOIP/IP phone handsets so not relevant.

Your the mention of 10.8.0.1, 10.8.0.2 and "dev tun" suggests you are running OpenVPN in routed mode. However you if using the default netmask of 255.255.255.0 you have two subnets numbered 192.168.100.0/24; this will not work and you should select a different subnet eg 192.168.101.0/24.

I'll assume OpenVPN is already working.

At the default routers in the server's network create a route for 192.168.101.0/24 via the IP address of the OpenVPN server in that network.

To the OpenVPN server config add (if not present) add:In some_directory create a file named after the common name in the laptops certificate containing:On the laptop enable IP routing on interface connected to the phone and the tunnel interface only, this can be done by adding to /etc/sysctl.conf something like:Configure the USB Ethernet interface with a suitable static IP address, eg 192.168.101.1 and a netmask of 255.255.255.0.

Reboot or run as root:The laptop is now a router, connect it to the router/switch port on the phone (via the USB Ethernet adapter) either via a crossover cable or a switch.

Manually configure the phone with the correct IP addresses, the default gateway will be the IP address of the laptop - 192.168.101.1. Alternatively install and configure a DHCP server on the laptop.