====== Motorizzazione ======

Motorizzazione uses cisco anyconnect VPN, available in linux with openconnect.
===== credenziali =====

Credenziali VPN:
For Municipalities (Local Police) username begins: COM.xxxxxxxxxxxx
For Police, the State Police and other police forces VPN credentials are not provided. Therefore we must try to request them to CED Interagency Ministry.


Credenziali patmot e infomot:
PATMOT are those relating to driving license in points and are used for the deduction points driving license (no fee credentials).
INFOMOT are those relating to the business profile of the vehicle number plates (for some type Municipality bodies are payable).

Credentials characteristics (MCTC):
For the Police and Police patmot or infomot State are equal and begin with MCTC followed by numbers
(Eg MCTC123456 infomot and patmot credentials)
For Local Police patmot or infomot are different and begin with CM then the province code and other numbers
(Eg: infomot CMTO111111 = - = patmot CMTOP12345)

===== openconnect =====

==== package ====

<code bash>
sudo apt install openconnect
</code>

==== from source ====

<code>
sudo apt-get install curl vpnc-scripts build-essential libssl-dev libxml2-dev liblz4-dev gettext
wget ftp://ftp.infradead.org/pub/openconnect/openconnect-8.02.tar.gz
tar xzf openconnect-8.02.tar.gz
cd openconnect-8.02
./configure --without-gnutls --with-vpnc-script=/usr/share/vpnc-scripts/vpnc-script --without-openssl-version-check
make
sudo make install-strip
sudo ldconfig /usr/local/lib
</code>

==== configuration ====

test credentials with browser on https://anyvpn.ilportaledellautomobilista.it

get server fingerprint with
<code>
openconnect --authenticate https://anyvpn.ilportaledellautomobilista.it
</code>

<file txt /etc/openconnect/motorizzazione.env>
user=COMxxx
password=yyy
url=https://anyvpn.ilportaledellautomobilista.it/utentiMCTC
servercert=sha256:f3cab3bff048bf7f68e0c1c019cc31c8a0e70d81194bb20fdfba595a2d7ceb38
</file>

make first connection to accept invalid certificate
<code bash>
. /etc/openconnect/motorizzazione.env
openconnect -u $user -b $url
</code>

test if resolve with 10.x.x.x
<code bash>
ping www.ilportaledellautomobilista.it
</code>

===== systemd =====

<file ini /etc/systemd/system/openconnect.service>
[Unit]
Description=Motorizzazione Cisco anyconnect
After=network.target

[Service]
#Type=oneshot
#RemainAfterExit=yes

Type=simple
Restart=always
RestartSec=3

EnvironmentFile=/etc/openconnect/motorizzazione.env
#ExecStart=/bin/bash -c "/usr/sbin/openconnect -u $user --servercert "$servercert" -b $url <<< $password"
ExecStart=/bin/bash -c "/usr/sbin/openconnect -u $user --servercert "$servercert" $url <<< $password"

[Install]
WantedBy=multi-user.target
</file>