Komodo / ad2mt-site-install

Download as
Browse Code ยป

Commit 9a89a5b2cb4c4cbcb92f63f4c2b5590a0efd56b4

Authored by Adhidarma Hadiwinoto
1 parent a7ded0e8de
Exists in master

disable override dns on vpnc client

Showing 1 changed file with 2 additions and 0 deletions Inline Diff

1 #!/bin/bash 1 #!/bin/bash
2 2
3 echo 3 echo
4 echo ================ 4 echo ================
5 echo Tektrans - Finnet AD2MT VPNC configurator 5 echo Tektrans - Finnet AD2MT VPNC configurator
6 echo ================ 6 echo ================
7 echo 7 echo
8 8
9 read -p 'VPNC username: ' vpncuser < /dev/tty 9 read -p 'VPNC username: ' vpncuser < /dev/tty
10 if [ -z "$vpncuser" ]; then 10 if [ -z "$vpncuser" ]; then
11 echo "Invalid vpnc user"; 11 echo "Invalid vpnc user";
12 exit 12 exit
13 fi 13 fi
14 14
15 read -p 'VPNC password: ' vpncpass < /dev/tty 15 read -p 'VPNC password: ' vpncpass < /dev/tty
16 if [ -z "$vpncpass" ]; then 16 if [ -z "$vpncpass" ]; then
17 echo "Invalid vpnc password"; 17 echo "Invalid vpnc password";
18 exit 18 exit
19 fi 19 fi
20 20
21 read -p 'IPSEC secret: ' ipsecsecret < /dev/tty 21 read -p 'IPSEC secret: ' ipsecsecret < /dev/tty
22 if [ -z "$ipsecsecret" ]; then 22 if [ -z "$ipsecsecret" ]; then
23 echo "Invalid ipssec secret"; 23 echo "Invalid ipssec secret";
24 exit 24 exit
25 fi 25 fi
26 26
27 27
28 set -x 28 set -x
29 29
30 sudo yum -y install vpnc 30 sudo yum -y install vpnc
31 sed 2iINTERNAL_IP4_DNS= /etc/vpnc/vpnc-script | sudo tee /etc/vpnc-script.patched
32 sudo mv /etc/vpnc/vpnc-script.patched /etc/vpnc/vpnc-script
31 33
32 sudo tee /etc/systemd/system/vpnc@.service << EOF 34 sudo tee /etc/systemd/system/vpnc@.service << EOF
33 [Unit] 35 [Unit]
34 Description=VPNC Client %i 36 Description=VPNC Client %i
35 After=syslog.target network.target 37 After=syslog.target network.target
36 StartLimitIntervalSec=0 38 StartLimitIntervalSec=0
37 39
38 [Service] 40 [Service]
39 Type=simple 41 Type=simple
40 ExecStart=/usr/sbin/vpnc --no-detach --ifname tun-%i %i 42 ExecStart=/usr/sbin/vpnc --no-detach --ifname tun-%i %i
41 Restart=always 43 Restart=always
42 User=root 44 User=root
43 Group=root 45 Group=root
44 RestartSec=2 46 RestartSec=2
45 47
46 [Install] 48 [Install]
47 WantedBy=multi-user.target 49 WantedBy=multi-user.target
48 EOF 50 EOF
49 51
50 sudo tee /etc/vpnc/ad2mt.conf << EOF 52 sudo tee /etc/vpnc/ad2mt.conf << EOF
51 IPSec gateway vpn.finnet.co.id 53 IPSec gateway vpn.finnet.co.id
52 IPSec ID ad2mt 54 IPSec ID ad2mt
53 Domain WORKGROUP 55 Domain WORKGROUP
54 Vendor cisco 56 Vendor cisco
55 NAT Traversal Mode natt 57 NAT Traversal Mode natt
56 IKE DH Group dh2 58 IKE DH Group dh2
57 Perfect Forward Secrecy server 59 Perfect Forward Secrecy server
58 Local Addr 0.0.0.0 60 Local Addr 0.0.0.0
59 Local Port 500 61 Local Port 500
60 Cisco UDP Encapsulation Port 10000 62 Cisco UDP Encapsulation Port 10000
61 DPD idle timeout (our side) 300 63 DPD idle timeout (our side) 300
62 IKE Authmode psk 64 IKE Authmode psk
63 IPSEC target network 0.0.0.0/0.0.0.0 65 IPSEC target network 0.0.0.0/0.0.0.0
64 EOF 66 EOF
65 67
66 echo Xauth username $vpncuser | sudo tee -a /etc/vpnc/ad2mt.conf 68 echo Xauth username $vpncuser | sudo tee -a /etc/vpnc/ad2mt.conf
67 echo Xauth password $vpncpass | sudo tee -a /etc/vpnc/ad2mt.conf 69 echo Xauth password $vpncpass | sudo tee -a /etc/vpnc/ad2mt.conf
68 echo IPSec secret $ipsecsecret | sudo tee -a /etc/vpnc/ad2mt.conf 70 echo IPSec secret $ipsecsecret | sudo tee -a /etc/vpnc/ad2mt.conf
69 71
70 sudo systemctl daemon-reload 72 sudo systemctl daemon-reload
71 sudo systemctl enable vpnc@ad2mt 73 sudo systemctl enable vpnc@ad2mt
72 sudo systemctl restart vpnc@ad2mt 74 sudo systemctl restart vpnc@ad2mt
73 75
74 echo 76 echo
75 cat /etc/vpnc/ad2mt.conf 77 cat /etc/vpnc/ad2mt.conf
76 78