Difference between revisions of "MetelVPN Support"

From IPLOG
Jump to: navigation, search
(English corrections)
 
(9 intermediate revisions by the same user not shown)
Line 1: Line 1:
<span style="color: red; font-size: 25px;"><b> Under Construction! </b></span>
+
The purpose of this document is to describe how to enable a VPN connection for METEL s.r.o. support team.
 +
 
 +
== About MetelVPN ==
 +
For the purpose of remote METEL support there was created a program '''metel-support-vpn''' which automatically sets the necessary parameters to enable a connection for the METEL support team via the METEL OpenVPN server.
 +
The OpenVPN client is already installed in all IPLOG devices of default.
 +
 
 +
 
 +
== VPN Configuration ==
 +
Run the program.
 +
{{NotePre
 +
|text=root@iplog:~# metel-support-vpn
 +
}}
 +
 
 +
 
 +
The program automatically starts and in several steps configure the VPN connection.
 +
 
 +
=== 1. Reading the MAC Address from a Device ===
 +
{{NotePre
 +
|text=root@iplog:~# metel-support-vpn
 +
MAC address is: 00:23:36:44:00:06
 +
}}
 +
 
 +
 
 +
=== 2. Checking that a "root" Has a Password ===
 +
 
 +
If the "root" user does not have a password it is possible to create a new one or to confirm an empty password with a warning.
 +
{{NotePre
 +
|text=please set-up password for root [WARNING]
 +
Changing password for root
 +
New password:
 +
Bad password: too short
 +
Retype password:
 +
passwd: password for root changed by root
 +
}}
 +
 
 +
 
 +
=== 3. Checking a Timestamp from vpn.iplog.eu ===
 +
Certification is limited to 14 days, the IPLOG time must be the same as the server time, if it is not accurate, modify the time manually (example '''date -s "2018-01-01 08:30:00"''').
 +
{{NotePre
 +
|text=reading timestamp
 +
checking timestamp...2019-01-15_13:39:12
 +
  % Total    % Received % Xferd  Average Speed  Time    Time    Time  Current
 +
                                Dload  Upload  Total  Spent    Left  Speed
 +
100    21  100    21    0    0    320      0 --:--:-- --:--:-- --:--:--  567
 +
response is...[1;2019-01-15 13:02:46]
 +
server time is 2019-01-15 13:02:46
 +
device time is 2019-01-15_13:39:12
 +
incorrect time [WARNING]
 +
}}
 +
 
 +
 
 +
=== 4. Downloading a .tar file with valid configuration from vpn.iplog.eu ===
 +
{{NotePre
 +
|text=  % Total    % Received % Xferd  Average Speed  Time    Time    Time  Current
 +
                                Dload  Upload  Total  Spent    Left  Speed
 +
100 20480    0 20480    0    0  64586      0 --:--:-- --:--:-- --:--:-- 68956
 +
}}
 +
 
 +
 
 +
=== 5. Extracting a downloaded .tar file in directory /etc/opevnvpn ===
 +
 
 +
root@iplog:~# ls /etc/openvpn/
 +
metel-support-ca.crt
 +
metel-support-ip_10_68_0_6_190116_082306.crt
 +
metel-support-ip_10_68_0_6_190116_082306.key
 +
metel-support.conf
 +
 
 +
 
 +
=== 6. Restarting OpenVPN ===
 +
{{NotePre
 +
|text=Stopping openvpn:.
 +
Starting openvpn: metel-support.
 +
sleeping 5 seconds...
 +
eth0      Link encap:Ethernet  HWaddr 00:23:36:44:00:06
 +
          inet addr:192.168.6.12  Bcast:192.168.6.255  Mask:255.255.255.0
 +
          inet6 addr: fe80::223:36ff:fe44:6/64 Scope:Link
 +
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
 +
          RX packets:584 errors:0 dropped:0 overruns:0 frame:0
 +
          TX packets:95 errors:0 dropped:0 overruns:0 carrier:0
 +
          collisions:0 txqueuelen:1000
 +
          RX bytes:56002 (54.6 KiB)  TX bytes:12483 (12.1 KiB)
 +
          Interrupt:46 Base address:0xc000
 +
 
 +
eth0:0    Link encap:Ethernet  HWaddr 00:23:36:44:00:06
 +
          inet addr:10.68.0.6  Bcast:10.255.255.255  Mask:255.0.0.0
 +
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
 +
          Interrupt:46 Base address:0xc000
 +
 
 +
lo        Link encap:Local Loopback
 +
          inet addr:127.0.0.1  Mask:255.0.0.0
 +
          inet6 addr: ::1/128 Scope:Host
 +
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
 +
          RX packets:533 errors:0 dropped:0 overruns:0 frame:0
 +
          TX packets:533 errors:0 dropped:0 overruns:0 carrier:0
 +
          collisions:0 txqueuelen:1
 +
          RX bytes:37564 (36.6 KiB)  TX bytes:37564 (36.6 KiB)
 +
 
 +
tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
 +
          inet addr:172.31.0.162  P-t-P:172.31.0.161  Mask:255.255.255.255
 +
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
 +
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
 +
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
 +
          collisions:0 txqueuelen:100
 +
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
 +
}}
 +
 
 +
 
 +
== Reboot ==
 +
After configuration the user must manually restart the IPLOG unit by a command '''reboot'''.
 +
{{NotePre
 +
|text=root@iplog:~# reboot
 +
}}
  
The purpose of this document is to describe how to enable a VPN connection for METEL s.r.o. support team.
 
  
For the purpose of remote METEL support was created a script which automatically set the necessary parameters to permit a connection for METEL support team.
+
== Contact Technical Support ==
 
+
At the end of configuration VPN contacts technical support team, who will try to connect to your device.
OpenVPN client is already installed in all IPLOG devices of default.
+
[[Contact | Link to Contacts]]
  
root@iplog:~# metel-support-vpn
+
{{Tip|TipText=The IPLOG unit must be configured to connect to the internet.}}

Latest revision as of 09:23, 15 February 2019

The purpose of this document is to describe how to enable a VPN connection for METEL s.r.o. support team.

About MetelVPN

For the purpose of remote METEL support there was created a program metel-support-vpn which automatically sets the necessary parameters to enable a connection for the METEL support team via the METEL OpenVPN server. The OpenVPN client is already installed in all IPLOG devices of default.


VPN Configuration

Run the program.

root@iplog:~# metel-support-vpn


The program automatically starts and in several steps configure the VPN connection.

1. Reading the MAC Address from a Device

root@iplog:~# metel-support-vpn
MAC address is: 00:23:36:44:00:06


2. Checking that a "root" Has a Password

If the "root" user does not have a password it is possible to create a new one or to confirm an empty password with a warning.

please set-up password for root [WARNING]
Changing password for root
New password:
Bad password: too short
Retype password:
passwd: password for root changed by root


3. Checking a Timestamp from vpn.iplog.eu

Certification is limited to 14 days, the IPLOG time must be the same as the server time, if it is not accurate, modify the time manually (example date -s "2018-01-01 08:30:00").

reading timestamp
checking timestamp...2019-01-15_13:39:12
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100    21  100    21    0     0    320      0 --:--:-- --:--:-- --:--:--   567
response is...[1;2019-01-15 13:02:46]
server time is 2019-01-15 13:02:46
device time is 2019-01-15_13:39:12
incorrect time [WARNING]


4. Downloading a .tar file with valid configuration from vpn.iplog.eu

% Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 20480    0 20480    0     0  64586      0 --:--:-- --:--:-- --:--:-- 68956


5. Extracting a downloaded .tar file in directory /etc/opevnvpn

root@iplog:~# ls /etc/openvpn/
metel-support-ca.crt
metel-support-ip_10_68_0_6_190116_082306.crt
metel-support-ip_10_68_0_6_190116_082306.key
metel-support.conf


6. Restarting OpenVPN

Stopping openvpn:.
Starting openvpn: metel-support.
sleeping 5 seconds...
eth0      Link encap:Ethernet  HWaddr 00:23:36:44:00:06
          inet addr:192.168.6.12  Bcast:192.168.6.255  Mask:255.255.255.0
          inet6 addr: fe80::223:36ff:fe44:6/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:584 errors:0 dropped:0 overruns:0 frame:0
          TX packets:95 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:56002 (54.6 KiB)  TX bytes:12483 (12.1 KiB)
          Interrupt:46 Base address:0xc000

eth0:0    Link encap:Ethernet  HWaddr 00:23:36:44:00:06
          inet addr:10.68.0.6  Bcast:10.255.255.255  Mask:255.0.0.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:46 Base address:0xc000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:533 errors:0 dropped:0 overruns:0 frame:0
          TX packets:533 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1
          RX bytes:37564 (36.6 KiB)  TX bytes:37564 (36.6 KiB)

tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:172.31.0.162  P-t-P:172.31.0.161  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)


Reboot

After configuration the user must manually restart the IPLOG unit by a command reboot.

root@iplog:~# reboot


Contact Technical Support

At the end of configuration VPN contacts technical support team, who will try to connect to your device. Link to Contacts

Tip: The IPLOG unit must be configured to connect to the internet.