MetelVPN Support

From IPLOG
Revision as of 09:52, 16 January 2019 by Z013 (talk | contribs)
Jump to: navigation, search

Under Construction!

The purpose of this document is to describe how to enable a VPN connection for METEL s.r.o. support team.

About MetelVPN

For the purpose of remote METEL support was created a program metel-support-vpn which automatically sets the necessary parameters to enable a connection for METEL support team via METEL OpenVPN server. OpenVPN client is already installed in all IPLOG devices of default.

VPN Configuration

Run the program.

root@iplog:~# metel-support-vpn


The program automatically starts in several steps configure the VPN connection.

1. Reading the MAC address from a device

root@iplog:~# metel-support-vpn
MAC address is: 00:23:36:44:00:06


2. Checking that a "root" has a password

If the "root" user does not have a password is possible create a new one or confirm empty password with warning.

please set-up password for root [WARNING]
Changing password for root
New password:
Bad password: too short
Retype password:
passwd: password for root changed by root


3. Checking a timestamp from vpn.iplog.eu

Certification is limited to 14 days, time of the IPLOG must be the same as the server time. If it is not true, modify time manually (date -s "2018-01-01 08:30:00").

reading timestamp
checking timestamp...2019-01-15_13:39:12
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100    21  100    21    0     0    320      0 --:--:-- --:--:-- --:--:--   567
response is...[1;2019-01-15 13:02:46]
server time is 2019-01-15 13:02:46
device time is 2019-01-15_13:39:12
incorrect time [WARNING]


4. Downloading a .tar file with valid configuration from vpn.iplog.eu

% Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 20480    0 20480    0     0  64586      0 --:--:-- --:--:-- --:--:-- 68956


5. Extracting a downloaded .tar file in directory /etc/opevnvpn

root@iplog:~# ls /etc/openvpn/
metel-support-ca.crt
metel-support-ip_10_68_0_6_190116_082306.crt
metel-support-ip_10_68_0_6_190116_082306.key
metel-support.conf


6. Restarting OpenVPN

Stopping openvpn:.
Starting openvpn: metel-support.
sleeping 5 seconds...
eth0      Link encap:Ethernet  HWaddr 00:23:36:44:00:06
          inet addr:192.168.6.12  Bcast:192.168.6.255  Mask:255.255.255.0
          inet6 addr: fe80::223:36ff:fe44:6/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:584 errors:0 dropped:0 overruns:0 frame:0
          TX packets:95 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:56002 (54.6 KiB)  TX bytes:12483 (12.1 KiB)
          Interrupt:46 Base address:0xc000

eth0:0    Link encap:Ethernet  HWaddr 00:23:36:44:00:06
          inet addr:10.68.0.6  Bcast:10.255.255.255  Mask:255.0.0.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:46 Base address:0xc000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:533 errors:0 dropped:0 overruns:0 frame:0
          TX packets:533 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1
          RX bytes:37564 (36.6 KiB)  TX bytes:37564 (36.6 KiB)

tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:172.31.0.162  P-t-P:172.31.0.161  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

Reboot

After configuration user must manually restart IPLOG unit by command reboot.

root@iplog:~# reboot

Contact Technical Support

At the and of configuration VPN contact technical support team, they will try to connect to your device.