Difference between revisions of "MetelVPN Support"

From IPLOG
Jump to: navigation, search
Line 3: Line 3:
 
The purpose of this document is to describe how to enable a VPN connection for METEL s.r.o. support team.
 
The purpose of this document is to describe how to enable a VPN connection for METEL s.r.o. support team.
  
= OpenVPN =
+
== About MetelVPN ==
For the purpose of remote METEL support was created a program '''metel-support-vpn''' which automatically set the necessary parameters to enable a connection for METEL support team via METEL server.
+
For the purpose of remote METEL support was created a program '''metel-support-vpn''' which automatically sets the necessary parameters to enable a connection for METEL support team via METEL OpenVPN server.
 
OpenVPN client is already installed in all IPLOG devices of default.
 
OpenVPN client is already installed in all IPLOG devices of default.
  
Line 13: Line 13:
 
}}
 
}}
  
The program configures the connection.
 
  
 +
The program automatically starts in several steps configure the VPN connection.
 +
 +
=== 1. Reading the MAC address from a device ===
 
{{NotePre
 
{{NotePre
 
|text=root@iplog:~# metel-support-vpn
 
|text=root@iplog:~# metel-support-vpn
 
MAC address is: 00:23:36:44:00:06
 
MAC address is: 00:23:36:44:00:06
please set-up password for root [WARNING]
+
}}
 +
 
 +
 
 +
=== 2. Checking that a "root" has a password ===
 +
 
 +
If the "root" user does not have a password is possible create a new one or confirm empty password with warning.
 +
{{NotePre
 +
|text=please set-up password for root [WARNING]
 
Changing password for root
 
Changing password for root
 
New password:
 
New password:
Line 24: Line 33:
 
Retype password:
 
Retype password:
 
passwd: password for root changed by root
 
passwd: password for root changed by root
reading timestamp
+
}}
 +
 
 +
 
 +
=== 3. Checking a timestamp from vpn.iplog.eu ===
 +
Certification is limited to 14 days, time of the IPLOG must be the same as the server time. If it is not true, modify time manually ('''date -s "2018-01-01 08:30:00"''').
 +
{{NotePre
 +
|text=reading timestamp
 
checking timestamp...2019-01-15_13:39:12
 
checking timestamp...2019-01-15_13:39:12
 
   % Total    % Received % Xferd  Average Speed  Time    Time    Time  Current
 
   % Total    % Received % Xferd  Average Speed  Time    Time    Time  Current
Line 33: Line 48:
 
device time is 2019-01-15_13:39:12
 
device time is 2019-01-15_13:39:12
 
incorrect time [WARNING]
 
incorrect time [WARNING]
  % Total    % Received % Xferd  Average Speed  Time    Time    Time  Current
+
}}
 +
 
 +
 
 +
=== 4. Downloading a .tar file with valid configuration from vpn.iplog.eu ===
 +
{{NotePre
 +
|text=  % Total    % Received % Xferd  Average Speed  Time    Time    Time  Current
 
                                 Dload  Upload  Total  Spent    Left  Speed
 
                                 Dload  Upload  Total  Spent    Left  Speed
 
100 20480    0 20480    0    0  64586      0 --:--:-- --:--:-- --:--:-- 68956
 
100 20480    0 20480    0    0  64586      0 --:--:-- --:--:-- --:--:-- 68956
Stopping openvpn:.
+
}}
 +
 
 +
 
 +
=== 5. Extracting a downloaded .tar file in directory /etc/opevnvpn ===
 +
 
 +
root@iplog:~# ls /etc/openvpn/
 +
metel-support-ca.crt
 +
metel-support-ip_10_68_0_6_190116_082306.crt
 +
metel-support-ip_10_68_0_6_190116_082306.key
 +
metel-support.conf
 +
 
 +
 
 +
=== 6. Restarting OpenVPN ===
 +
{{NotePre
 +
|text=Stopping openvpn:.
 
Starting openvpn: metel-support.
 
Starting openvpn: metel-support.
 
sleeping 5 seconds...
 
sleeping 5 seconds...
Line 70: Line 104:
 
           collisions:0 txqueuelen:100
 
           collisions:0 txqueuelen:100
 
           RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
 
           RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
 +
}}
  
 +
== Reboot ==
 +
After configuration user must manually restart IPLOG unit by command '''reboot'''.
 +
{{NotePre
 +
|text=root@iplog:~# reboot
 
}}
 
}}
 +
 +
== Contact Technical Support ==
 +
At the and of configuration VPN contact technical support team, they will try to connect to your device.

Revision as of 09:52, 16 January 2019

Under Construction!

The purpose of this document is to describe how to enable a VPN connection for METEL s.r.o. support team.

About MetelVPN

For the purpose of remote METEL support was created a program metel-support-vpn which automatically sets the necessary parameters to enable a connection for METEL support team via METEL OpenVPN server. OpenVPN client is already installed in all IPLOG devices of default.

VPN Configuration

Run the program.

root@iplog:~# metel-support-vpn


The program automatically starts in several steps configure the VPN connection.

1. Reading the MAC address from a device

root@iplog:~# metel-support-vpn
MAC address is: 00:23:36:44:00:06


2. Checking that a "root" has a password

If the "root" user does not have a password is possible create a new one or confirm empty password with warning.

please set-up password for root [WARNING]
Changing password for root
New password:
Bad password: too short
Retype password:
passwd: password for root changed by root


3. Checking a timestamp from vpn.iplog.eu

Certification is limited to 14 days, time of the IPLOG must be the same as the server time. If it is not true, modify time manually (date -s "2018-01-01 08:30:00").

reading timestamp
checking timestamp...2019-01-15_13:39:12
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100    21  100    21    0     0    320      0 --:--:-- --:--:-- --:--:--   567
response is...[1;2019-01-15 13:02:46]
server time is 2019-01-15 13:02:46
device time is 2019-01-15_13:39:12
incorrect time [WARNING]


4. Downloading a .tar file with valid configuration from vpn.iplog.eu

% Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 20480    0 20480    0     0  64586      0 --:--:-- --:--:-- --:--:-- 68956


5. Extracting a downloaded .tar file in directory /etc/opevnvpn

root@iplog:~# ls /etc/openvpn/
metel-support-ca.crt
metel-support-ip_10_68_0_6_190116_082306.crt
metel-support-ip_10_68_0_6_190116_082306.key
metel-support.conf


6. Restarting OpenVPN

Stopping openvpn:.
Starting openvpn: metel-support.
sleeping 5 seconds...
eth0      Link encap:Ethernet  HWaddr 00:23:36:44:00:06
          inet addr:192.168.6.12  Bcast:192.168.6.255  Mask:255.255.255.0
          inet6 addr: fe80::223:36ff:fe44:6/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:584 errors:0 dropped:0 overruns:0 frame:0
          TX packets:95 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:56002 (54.6 KiB)  TX bytes:12483 (12.1 KiB)
          Interrupt:46 Base address:0xc000

eth0:0    Link encap:Ethernet  HWaddr 00:23:36:44:00:06
          inet addr:10.68.0.6  Bcast:10.255.255.255  Mask:255.0.0.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:46 Base address:0xc000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:533 errors:0 dropped:0 overruns:0 frame:0
          TX packets:533 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1
          RX bytes:37564 (36.6 KiB)  TX bytes:37564 (36.6 KiB)

tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:172.31.0.162  P-t-P:172.31.0.161  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

Reboot

After configuration user must manually restart IPLOG unit by command reboot.

root@iplog:~# reboot

Contact Technical Support

At the and of configuration VPN contact technical support team, they will try to connect to your device.