OpenVPN Client
Here is a brief description on the installation of the OpenVPN standalone client on a Cisco IR910.
Prerequisites
Installation files
Find the installation package here attached.
User certificate
The VPN server administrator (most cases azeti) must create a user certificate and provide it for the particular installation. Certificate file is named client.ovpn
.
Installation
- Copy the following files to the router (for example using WinSCP)
- openvpn-armv5tel.tar Binay files of the OpenVPN cliente compiled for the Cisco IR910
S21openvpn_cisco Startup script for the OpenVPN client
client.ovpn Autologin user certificate from the OpenVPN server. The file can have any name as long as it ends in .ovpn. In this guide the name client.ovpn will be used for clarity purposes.
Make sure it is the AutoLogin Certificate as otherwise, on every start the openvpn client would ask for user and password.
Go into the folder where you've uploaded the installation files otherwise the below commands won't extract everything properly
Decompress the openvpn-armv5tel.tar file on the / directory
# tar -xv -C / -f openvpn-armv5tel.tar mnt/apps/bin/openvpn mnt/apps/lib/libcrypto.so mnt/apps/lib/libcrypto.so.1.0.0 mnt/apps/lib/liblzo2.so mnt/apps/lib/liblzo2.so.2 mnt/apps/lib/liblzo2.so.2.0.0 mnt/apps/lib/libssl.so mnt/apps/lib/libssl.so.1.0.0
If you din't see aboves output, you are probably not in the location where the openvpn-armv5tel.tar resides.
Make a directory named /mnt/data/openvpn and move the client.ovpn there
# mkdir /mnt/data/openvpn # mv client.ovpn /mnt/data/openvpn # ls /mnt/data/openvpn client.ovpn
Move the S23openvpn_cisco file to the /mnt/apps/etc/init.d/ directory and make it executable
# mv S21openvpn_cisco /mnt/apps/etc/init.d/ # chmod +x /mnt/apps/etc/init.d/S21openvpn_cisco
Start the client manually, it will be started upon every boot automatically due to the init.d Script
# /mnt/apps/etc/init.d/S21openvpn_cisco start
Testing the connection
Look into the logfile to make sure the connection succeeded.
openvpn start...▒ # tail -f /tmp/openvpn.log Fri Mar 20 11:09:58 2015 ROUTE remote_host is NOT LOCAL Fri Mar 20 11:09:58 2015 /sbin/route add -net 54.93.195.156 netmask 255.255.255.255 gw 192.168.97.1 Fri Mar 20 11:09:58 2015 ERROR: Linux route add command failed: external program exited with error status: 1 Fri Mar 20 11:09:58 2015 /sbin/route add -net 172.27.224.0 netmask 255.255.224.0 metric 101 gw 172.27.240.1 Fri Mar 20 11:09:58 2015 /sbin/route add -net 10.1.0.0 netmask 255.255.0.0 metric 101 gw 172.27.240.1 Fri Mar 20 11:09:58 2015 Initialization Sequence Completed
And verify the ip address that was configured previously.
ifconfig tun0 tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:172.27.240.31 P-t-P:172.27.240.31 Mask:255.255.240.0 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Related articles