RADIUSdesk

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
user_guide:openvpn_bridges_prep_coova [2016/09/26 08:46] adminuser_guide:openvpn_bridges_prep_coova [2016/10/06 06:18] (current) – [Making things permanent] admin
Line 1: Line 1:
-====== OpenVPN Bridges =Prepare Coova Chilli ======+====== OpenVPN Bridges ====== 
 +=====  Prepare Coova Chilli ===== 
 + 
 ===== Building and Installing Coova Chilli ===== ===== Building and Installing Coova Chilli =====
   * Download the latest release of Coova Chilli. (Version 1.3.1.4 at the time of this writing)   * Download the latest release of Coova Chilli. (Version 1.3.1.4 at the time of this writing)
Line 22: Line 24:
 sudo apt install devscripts debhelper gengetopt libtool automake sudo apt install devscripts debhelper gengetopt libtool automake
 </code> </code>
-  * Build the package:+  * Build and install the package:
 <code bash> <code bash>
 cd coova-chilli-1.3.1.4/ cd coova-chilli-1.3.1.4/
Line 48: Line 50:
 ==== Create the main config file ==== ==== Create the main config file ====
   * Create a file called **/etc/chilli/config** and use the following as reference:   * Create a file called **/etc/chilli/config** and use the following as reference:
-<code bash>+<file bash /etc/chilli/config>
 HS_WANIF=eth1            # WAN Interface toward the Internet HS_WANIF=eth1            # WAN Interface toward the Internet
 HS_DNS1=4.4.4.4 HS_DNS1=4.4.4.4
Line 67: Line 69:
 HS_PROVIDER_LINK=http://coova.github.io/ HS_PROVIDER_LINK=http://coova.github.io/
 HS_LOC_NAME="My HotSpot"           # WISPr Location Name and used in portal HS_LOC_NAME="My HotSpot"           # WISPr Location Name and used in portal
-</code>+</file>
   * Create the VLAN config directories   * Create the VLAN config directories
 <code bash> <code bash>
Line 75: Line 77:
 ./newmulti.sh br0.102 ./newmulti.sh br0.102
 ./newmulti.sh br0.103 ./newmulti.sh br0.103
-</bash>+</code>
   * Create the three VLAN configs   * Create the three VLAN configs
-  * /etc/chilli/br0.101/config 
 <file bash /etc/chilli/br0.101/config> <file bash /etc/chilli/br0.101/config>
 HS_LANIF=br0.101            # WAN Interface toward the Internet HS_LANIF=br0.101            # WAN Interface toward the Internet
Line 88: Line 89:
 HS_DYNIP=10.101.1.1 HS_DYNIP=10.101.1.1
 HS_DYNIP_MASK=255.255.0.0 HS_DYNIP_MASK=255.255.0.0
-HS_STATIP=10.101.0.2 +HS_STATIP=10.101.0.1 
-HS_STATIP_MASK=255.255.0.0+HS_STATIP_MASK=255.255.255.0
 # HS_DNS_DOMAIN= # HS_DNS_DOMAIN=
  
Line 96: Line 97:
 </file> </file>
  
- * /etc/chilli/br0.102/config+--------------------
  
 <file bash /etc/chilli/br0.102/config> <file bash /etc/chilli/br0.102/config>
Line 108: Line 109:
 HS_DYNIP=10.102.1.1 HS_DYNIP=10.102.1.1
 HS_DYNIP_MASK=255.255.0.0 HS_DYNIP_MASK=255.255.0.0
-HS_STATIP=10.102.0.2 +HS_STATIP=10.102.0.1 
-HS_STATIP_MASK=255.255.0.0+HS_STATIP_MASK=255.255.255.0
 # HS_DNS_DOMAIN= # HS_DNS_DOMAIN=
  
Line 116: Line 117:
  
 </file> </file>
-  * /etc/chilli/br0.103/config+ 
 +---------------
  
 <file bash /etc/chilli/br0.103/config> <file bash /etc/chilli/br0.103/config>
Line 128: Line 130:
 HS_DYNIP=10.103.1.1 HS_DYNIP=10.103.1.1
 HS_DYNIP_MASK=255.255.0.0 HS_DYNIP_MASK=255.255.0.0
-HS_STATIP=10.103.0.2 +HS_STATIP=10.103.0.1 
-HS_STATIP_MASK=255.255.0.0+HS_STATIP_MASK=255.255.255.0
 # HS_DNS_DOMAIN= # HS_DNS_DOMAIN=
  
Line 136: Line 138:
  
 </file> </file>
 +
 +--------------------
 +
 +===== Add NAT Support =====
 +  * By default CoovaChilli does not do NAT between the two interfaces. We have to add NAT support during start-up in order to have a working system. 
 +<WRAP center round alert 90%>
 +Failing to do this step will leave you with a broken system. 
 +</WRAP>
 +  * Edit the **/etc/init.d/chilli** file and add the following:
 +<code bash>
 +test ${HS_ADMINTERVAL:-0} -gt 0 && {
 +    (crontab -l 2>&- | grep -v $0
 +        echo "*/$HS_ADMINTERVAL * * * * $0 radconfig"
 +        ) | crontab - 2>&-
 +}
 + 
 +#NAT mod
 +iptables -F POSTROUTING -t nat
 +iptables -I POSTROUTING -t nat -o $HS_WANIF -j MASQUERADE
 +#END NAT mod
 + 
 +ifconfig $HS_LANIF 0.0.0.0
 +</code>
 +
 +------------
 +
 +===== Test it out =====
 +  * Restart CoovaChilli for the latest changes to be effected.
 +<code bash>
 +sudo /etc/init.d/chilli stop
 +sudo /etc/init.d/chilli start
 +</code>
 +
 +------
 +
 +===== Making things permanent =====
 +  * Ensure that CoovaChilli will start up after reboots.
 +  * If your server only has one interface card, add this line to the **/etc/rc.local** file:
 +<code bash>
 +#Add the startup of OpenVPN
 +/usr/sbin/service openvpn start
 +
 +#Start up Chill
 +/etc/init.d/chilli start
 +
 +exit 0
 +
 +</code>
 +  * If your server has two interface cards, issue the following command:
 +<code bash>
 +sudo update-rc.d chilli start 99 2 3 4 5 . stop 20 0 1 6 .
 +</code>
 +  * Reboot the system and make sure CoovaChilli started up fine
 +
 +