OpenVPN Client

Here is a brief description on the installation of the OpenVPN standalone client on a Cisco IR910.

Prerequisites

Installation files

Find the installation package here attached.

  File Modified

Text File openvpn-armv5tel.tar OpenVPN Package

Jul 19, 2016 by Carsten Fenneker

Text File S21openvpn_cisco

Jul 19, 2016 by Carsten Fenneker

User certificate

The VPN server administrator (most cases azeti) must create a user certificate and provide it for the particular installation. Certificate file is named client.ovpn.

Installation

  1. Copy the following files to the router (for example using WinSCP)
      • openvpn-armv5tel.tar Binay files of the OpenVPN cliente compiled for the Cisco IR910
      • S21openvpn_cisco Startup script for the OpenVPN client

      • client.ovpn Autologin user certificate from the OpenVPN server. The file can have any name as long as it ends in .ovpn. In this guide the name client.ovpn will be used for clarity purposes.

    Make sure it is the AutoLogin Certificate as otherwise, on every start the openvpn client would ask for user and password.

  2. Go into the folder where you've uploaded the installation files otherwise the below commands won't extract everything properly

  3. Decompress the openvpn-armv5tel.tar file on the / directory

    # tar -xv -C / -f openvpn-armv5tel.tar
    mnt/apps/bin/openvpn
    mnt/apps/lib/libcrypto.so
    mnt/apps/lib/libcrypto.so.1.0.0
    mnt/apps/lib/liblzo2.so
    mnt/apps/lib/liblzo2.so.2
    mnt/apps/lib/liblzo2.so.2.0.0
    mnt/apps/lib/libssl.so
    mnt/apps/lib/libssl.so.1.0.0

    If you din't see aboves output, you are probably not in the location where the openvpn-armv5tel.tar resides.

  4. Make a directory named /mnt/data/openvpn and move the client.ovpn there

    # mkdir /mnt/data/openvpn
    # mv client.ovpn /mnt/data/openvpn
    # ls /mnt/data/openvpn
    client.ovpn
  5. Move the S23openvpn_cisco file to the /mnt/apps/etc/init.d/ directory and make it executable

    # mv S21openvpn_cisco /mnt/apps/etc/init.d/
    # chmod +x /mnt/apps/etc/init.d/S21openvpn_cisco
  6. Start the client manually, it will be started upon every boot automatically due to the init.d Script

    # /mnt/apps/etc/init.d/S21openvpn_cisco start

Testing the connection

Look into the logfile to make sure the connection succeeded.

openvpn start...▒
# tail -f /tmp/openvpn.log
Fri Mar 20 11:09:58 2015 ROUTE remote_host is NOT LOCAL
Fri Mar 20 11:09:58 2015 /sbin/route add -net 54.93.195.156 netmask 255.255.255.255 gw 192.168.97.1
Fri Mar 20 11:09:58 2015 ERROR: Linux route add command failed: external program exited with error status: 1
Fri Mar 20 11:09:58 2015 /sbin/route add -net 172.27.224.0 netmask 255.255.224.0 metric 101 gw 172.27.240.1
Fri Mar 20 11:09:58 2015 /sbin/route add -net 10.1.0.0 netmask 255.255.0.0 metric 101 gw 172.27.240.1
Fri Mar 20 11:09:58 2015 Initialization Sequence Completed

And verify the ip address that was configured previously.

ifconfig tun0
tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          inet addr:172.27.240.31  P-t-P:172.27.240.31  Mask:255.255.240.0
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

 

Filter by label

There are no items with the selected labels at this time.

IOT-62 - Getting issue details... STATUS