This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
user_guide:openvpn_bridges_prep_coova [2016/09/26 08:46] – admin | user_guide:openvpn_bridges_prep_coova [2016/10/06 06:18] (current) – [Making things permanent] admin | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== OpenVPN Bridges => Prepare Coova Chilli ====== | + | ====== OpenVPN Bridges ====== |
+ | ===== | ||
+ | |||
===== Building and Installing Coova Chilli ===== | ===== Building and Installing Coova Chilli ===== | ||
* Download the latest release of Coova Chilli. (Version 1.3.1.4 at the time of this writing) | * Download the latest release of Coova Chilli. (Version 1.3.1.4 at the time of this writing) | ||
Line 22: | Line 24: | ||
sudo apt install devscripts debhelper gengetopt libtool automake | sudo apt install devscripts debhelper gengetopt libtool automake | ||
</ | </ | ||
- | * Build the package: | + | * Build and install |
<code bash> | <code bash> | ||
cd coova-chilli-1.3.1.4/ | cd coova-chilli-1.3.1.4/ | ||
Line 48: | Line 50: | ||
==== Create the main config file ==== | ==== Create the main config file ==== | ||
* Create a file called **/ | * Create a file called **/ | ||
- | <code bash> | + | <file bash / |
HS_WANIF=eth1 | HS_WANIF=eth1 | ||
HS_DNS1=4.4.4.4 | HS_DNS1=4.4.4.4 | ||
Line 67: | Line 69: | ||
HS_PROVIDER_LINK=http:// | HS_PROVIDER_LINK=http:// | ||
HS_LOC_NAME=" | HS_LOC_NAME=" | ||
- | </code> | + | </file> |
* Create the VLAN config directories | * Create the VLAN config directories | ||
<code bash> | <code bash> | ||
Line 75: | Line 77: | ||
./ | ./ | ||
./ | ./ | ||
- | </bash> | + | </code> |
* Create the three VLAN configs | * Create the three VLAN configs | ||
- | * / | ||
<file bash / | <file bash / | ||
HS_LANIF=br0.101 | HS_LANIF=br0.101 | ||
Line 88: | Line 89: | ||
HS_DYNIP=10.101.1.1 | HS_DYNIP=10.101.1.1 | ||
HS_DYNIP_MASK=255.255.0.0 | HS_DYNIP_MASK=255.255.0.0 | ||
- | HS_STATIP=10.101.0.2 | + | HS_STATIP=10.101.0.1 |
- | HS_STATIP_MASK=255.255.0.0 | + | HS_STATIP_MASK=255.255.255.0 |
# HS_DNS_DOMAIN= | # HS_DNS_DOMAIN= | ||
Line 96: | Line 97: | ||
</ | </ | ||
- | * / | + | -------------------- |
<file bash / | <file bash / | ||
Line 108: | Line 109: | ||
HS_DYNIP=10.102.1.1 | HS_DYNIP=10.102.1.1 | ||
HS_DYNIP_MASK=255.255.0.0 | HS_DYNIP_MASK=255.255.0.0 | ||
- | HS_STATIP=10.102.0.2 | + | HS_STATIP=10.102.0.1 |
- | HS_STATIP_MASK=255.255.0.0 | + | HS_STATIP_MASK=255.255.255.0 |
# HS_DNS_DOMAIN= | # HS_DNS_DOMAIN= | ||
Line 116: | Line 117: | ||
</ | </ | ||
- | * / | + | |
+ | --------------- | ||
<file bash / | <file bash / | ||
Line 128: | Line 130: | ||
HS_DYNIP=10.103.1.1 | HS_DYNIP=10.103.1.1 | ||
HS_DYNIP_MASK=255.255.0.0 | HS_DYNIP_MASK=255.255.0.0 | ||
- | HS_STATIP=10.103.0.2 | + | HS_STATIP=10.103.0.1 |
- | HS_STATIP_MASK=255.255.0.0 | + | HS_STATIP_MASK=255.255.255.0 |
# HS_DNS_DOMAIN= | # HS_DNS_DOMAIN= | ||
Line 136: | Line 138: | ||
</ | </ | ||
+ | |||
+ | -------------------- | ||
+ | |||
+ | ===== Add NAT Support ===== | ||
+ | * By default CoovaChilli does not do NAT between the two interfaces. We have to add NAT support during start-up in order to have a working system. | ||
+ | <WRAP center round alert 90%> | ||
+ | Failing to do this step will leave you with a broken system. | ||
+ | </ | ||
+ | * Edit the **/ | ||
+ | <code bash> | ||
+ | test ${HS_ADMINTERVAL: | ||
+ | (crontab -l 2>&- | grep -v $0 | ||
+ | echo " | ||
+ | ) | crontab - 2>&- | ||
+ | } | ||
+ | |||
+ | #NAT mod | ||
+ | iptables -F POSTROUTING -t nat | ||
+ | iptables -I POSTROUTING -t nat -o $HS_WANIF -j MASQUERADE | ||
+ | #END NAT mod | ||
+ | |||
+ | ifconfig $HS_LANIF 0.0.0.0 | ||
+ | </ | ||
+ | |||
+ | ------------ | ||
+ | |||
+ | ===== Test it out ===== | ||
+ | * Restart CoovaChilli for the latest changes to be effected. | ||
+ | <code bash> | ||
+ | sudo / | ||
+ | sudo / | ||
+ | </ | ||
+ | |||
+ | ------ | ||
+ | |||
+ | ===== Making things permanent ===== | ||
+ | * Ensure that CoovaChilli will start up after reboots. | ||
+ | * If your server only has one interface card, add this line to the **/ | ||
+ | <code bash> | ||
+ | #Add the startup of OpenVPN | ||
+ | / | ||
+ | |||
+ | #Start up Chill | ||
+ | / | ||
+ | |||
+ | exit 0 | ||
+ | |||
+ | </ | ||
+ | * If your server has two interface cards, issue the following command: | ||
+ | <code bash> | ||
+ | sudo update-rc.d chilli start 99 2 3 4 5 . stop 20 0 1 6 . | ||
+ | </ | ||
+ | * Reboot the system and make sure CoovaChilli started up fine | ||
+ | |||
+ | |||