tips:vpn:motorizzazione

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
tips:vpn:motorizzazione [2017/06/11 16:59] – [openconnect] scipiotips:vpn:motorizzazione [2019/03/19 15:52] (current) – [configuration] scipio
Line 1: Line 1:
 ====== Motorizzazione ====== ====== Motorizzazione ======
  
 +Motorizzazione uses cisco anyconnect VPN, available in linux with openconnect.
 ===== credenziali ===== ===== credenziali =====
  
Line 19: Line 20:
  
 ===== openconnect ===== ===== openconnect =====
 +
 +==== package ====
  
 <code bash> <code bash>
 sudo apt install openconnect sudo apt install openconnect
 +</code>
 +
 +==== from source ====
 +
 +<code>
 +sudo apt-get install curl vpnc-scripts build-essential libssl-dev libxml2-dev liblz4-dev gettext
 +wget ftp://ftp.infradead.org/pub/openconnect/openconnect-8.02.tar.gz
 +tar xzf openconnect-8.02.tar.gz
 +cd openconnect-8.02
 +./configure --without-gnutls --with-vpnc-script=/usr/share/vpnc-scripts/vpnc-script --without-openssl-version-check
 +make
 +sudo make install-strip
 +sudo ldconfig /usr/local/lib
 +</code>
 +
 +==== configuration ====
 +
 +test credentials with browser on https://anyvpn.ilportaledellautomobilista.it
 +
 +get server fingerprint with
 +<code>
 +openconnect --authenticate https://anyvpn.ilportaledellautomobilista.it
 </code> </code>
  
Line 27: Line 52:
 user=COMxxx user=COMxxx
 password=yyy password=yyy
-url=https://195.45.108.66/utentiMCTC+url=https://anyvpn.ilportaledellautomobilista.it/utentiMCTC
 servercert=sha256:f3cab3bff048bf7f68e0c1c019cc31c8a0e70d81194bb20fdfba595a2d7ceb38 servercert=sha256:f3cab3bff048bf7f68e0c1c019cc31c8a0e70d81194bb20fdfba595a2d7ceb38
 +</file>
 +
 +make first connection to accept invalid certificate
 +<code bash>
 +. /etc/openconnect/motorizzazione.env
 +openconnect -u $user -b $url
 +</code>
 +
 +test if resolve with 10.x.x.x
 +<code bash>
 +ping www.ilportaledellautomobilista.it
 +</code>
 +
 +===== systemd =====
 +
 +<file ini /etc/systemd/system/openconnect.service>
 +[Unit]
 +Description=Motorizzazione Cisco anyconnect
 +After=network.target
 +
 +[Service]
 +#Type=oneshot
 +#RemainAfterExit=yes
 +
 +Type=simple
 +Restart=always
 +RestartSec=3
 +
 +EnvironmentFile=/etc/openconnect/motorizzazione.env
 +#ExecStart=/bin/bash -c "/usr/sbin/openconnect -u $user --servercert "$servercert" -b $url <<< $password"
 +ExecStart=/bin/bash -c "/usr/sbin/openconnect -u $user --servercert "$servercert" $url <<< $password"
 +
 +[Install]
 +WantedBy=multi-user.target
 </file> </file>
  • tips/vpn/motorizzazione.1497193188.txt.gz
  • Last modified: 2017/06/11 16:59
  • by scipio