|
@ -3,15 +3,15 @@ The openconnect client expects to be configured using the uci interface. |
|
|
To setup a VPN connection, add the following to /etc/config/network: |
|
|
To setup a VPN connection, add the following to /etc/config/network: |
|
|
|
|
|
|
|
|
config interface 'MYVPN' |
|
|
config interface 'MYVPN' |
|
|
option proto 'openconnect' |
|
|
|
|
|
option interface 'wan' |
|
|
|
|
|
option server 'vpn.example.com' |
|
|
|
|
|
option port '4443' |
|
|
|
|
|
option username 'test' |
|
|
|
|
|
option password 'secret' |
|
|
|
|
|
option serverhash 'AE7FF6A0426F0A0CD0A02EB9EC3C5066FAEB0B25' |
|
|
|
|
|
|
|
|
option proto 'openconnect' |
|
|
|
|
|
option interface 'wan' |
|
|
|
|
|
option server 'vpn.example.com' |
|
|
|
|
|
option port '4443' |
|
|
|
|
|
option username 'test' |
|
|
|
|
|
option password 'secret' |
|
|
|
|
|
option serverhash 'AE7FF6A0426F0A0CD0A02EB9EC3C5066FAEB0B25' |
|
|
option defaultroute '0' |
|
|
option defaultroute '0' |
|
|
option authgroup 'DEFAULT' |
|
|
|
|
|
|
|
|
option authgroup 'DEFAULT' |
|
|
|
|
|
|
|
|
# For second factor auth: |
|
|
# For second factor auth: |
|
|
|
|
|
|
|
@ -19,12 +19,12 @@ config interface 'MYVPN' |
|
|
#option password2 'my-fixed-2fa-password' |
|
|
#option password2 'my-fixed-2fa-password' |
|
|
|
|
|
|
|
|
# RSA tokens, must be built with stoken support |
|
|
# RSA tokens, must be built with stoken support |
|
|
#option token_mode 'rsa' |
|
|
|
|
|
#option token_secret 'secret' |
|
|
|
|
|
|
|
|
#option token_mode 'rsa' |
|
|
|
|
|
#option token_secret 'secret' |
|
|
|
|
|
|
|
|
# HOTP/TOTP tokens |
|
|
# HOTP/TOTP tokens |
|
|
#option token_mode 'hotp' |
|
|
|
|
|
#option token_secret '00' |
|
|
|
|
|
|
|
|
#option token_mode 'hotp' |
|
|
|
|
|
#option token_secret '00' |
|
|
|
|
|
|
|
|
# tokens from script |
|
|
# tokens from script |
|
|
#option token_mode 'script' |
|
|
#option token_mode 'script' |
|
@ -45,6 +45,5 @@ deinitialize it using ifdown. You may also use the luci web interface |
|
|
Note that you need to configure the firewall to allow communication between |
|
|
Note that you need to configure the firewall to allow communication between |
|
|
the MYVPN interface and lan. |
|
|
the MYVPN interface and lan. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
There is a luci plugin to allow configuring an openconnect interface from |
|
|
There is a luci plugin to allow configuring an openconnect interface from |
|
|
the web environment; see the luci-proto-openconnect package. |
|
|
the web environment; see the luci-proto-openconnect package. |