MetelVPN Support

From IPLOG
Revision as of 09:58, 16 January 2019 by Z013 (talk | contribs)
Jump to: navigation, search

Under Construction!

The purpose of this document is to describe how to enable a VPN connection for METEL s.r.o. support team.

About MetelVPN

For the purpose of remote METEL support was created a program metel-support-vpn which automatically sets the necessary parameters to enable a connection for METEL support team via METEL OpenVPN server. OpenVPN client is already installed in all IPLOG devices of default.


VPN Configuration

Run the program.

root@iplog:~# metel-support-vpn


The program automatically starts in several steps configure the VPN connection.

1. Reading the MAC address from a device

root@iplog:~# metel-support-vpn
MAC address is: 00:23:36:44:00:06


2. Checking that a "root" has a password

If the "root" user does not have a password is possible create a new one or confirm empty password with warning.

please set-up password for root [WARNING]
Changing password for root
New password:
Bad password: too short
Retype password:
passwd: password for root changed by root


3. Checking a timestamp from vpn.iplog.eu

Certification is limited to 14 days, time of the IPLOG must be the same as the server time. If it is not true, modify time manually (example date -s "2018-01-01 08:30:00").

reading timestamp
checking timestamp...2019-01-15_13:39:12
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100    21  100    21    0     0    320      0 --:--:-- --:--:-- --:--:--   567
response is...[1;2019-01-15 13:02:46]
server time is 2019-01-15 13:02:46
device time is 2019-01-15_13:39:12
incorrect time [WARNING]


4. Downloading a .tar file with valid configuration from vpn.iplog.eu

% Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 20480    0 20480    0     0  64586      0 --:--:-- --:--:-- --:--:-- 68956


5. Extracting a downloaded .tar file in directory /etc/opevnvpn

root@iplog:~# ls /etc/openvpn/
metel-support-ca.crt
metel-support-ip_10_68_0_6_190116_082306.crt
metel-support-ip_10_68_0_6_190116_082306.key
metel-support.conf


6. Restarting OpenVPN

Stopping openvpn:.
Starting openvpn: metel-support.
sleeping 5 seconds...
eth0      Link encap:Ethernet  HWaddr 00:23:36:44:00:06
          inet addr:192.168.6.12  Bcast:192.168.6.255  Mask:255.255.255.0
          inet6 addr: fe80::223:36ff:fe44:6/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:584 errors:0 dropped:0 overruns:0 frame:0
          TX packets:95 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:56002 (54.6 KiB)  TX bytes:12483 (12.1 KiB)
          Interrupt:46 Base address:0xc000

eth0:0    Link encap:Ethernet  HWaddr 00:23:36:44:00:06
          inet addr:10.68.0.6  Bcast:10.255.255.255  Mask:255.0.0.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:46 Base address:0xc000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:533 errors:0 dropped:0 overruns:0 frame:0
          TX packets:533 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1
          RX bytes:37564 (36.6 KiB)  TX bytes:37564 (36.6 KiB)

tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:172.31.0.162  P-t-P:172.31.0.161  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)


Reboot

After configuration user must manually restart IPLOG unit by command reboot.

root@iplog:~# reboot


Contact Technical Support

At the and of configuration VPN contact technical support team, they will try to connect to your device. Link to Contacts