Nortel 1535 startup scripts
Actually, I've changed the way I do startup quite a bit since I last posted about it. You can find my lastest startup scripts
here. I've modified the way I start the network. In the case of starting OpenVPN, I start the network in the scripts, rather than running the phone application once to start the network and again with OpenVPN. So you will need to configure your network parameters in the rc.ovpn script before starting with OpenVPN. This version of the script does work with both ethernet and wireless networking.
A couple of comments about the OpenVPN config: 1) I recommend removing the lzo-comp line from your config. RTP packets are compressed already due to the codecs used, and so removing the OpenVPN compression actually increases VoIP network performance significantly. 2) The PXA270 processor in the phone just doesn't have the horsepower to run a full 128 bit key with the Blowfish cipher (default OpenVPN cipher). So I've reduced the keysize by adding the lines:
cipher BF-CBC
keysize 48
to my client.conf (and server.conf) file. This is obviously a compromise for the security of the vpn, but I don't think a bad one. OpenVPN discards the cipher key hourly. The only known attack against the Blowfish cipher is brute force, and so far as anyone knows, no one can crack a 48 bit key in one hour using brute force. I haven't exhaustively tested what keysizes give acceptable network performance - it is certainly possible that larger key sizes will work on the phone. It would be good to hear of people's experiments in this area. Blowfish keys can range in size from 32 bits to 448 bits in steps of 8 bits.
Lastly, I've significantly optimized the openvpn binary included in the above tarball. I would recommend replacing the original binary (size 1892887 bytes) with the new one (size 1407216 bytes). This new binary is about 20% faster than the old one.
Dave