Komodo / ad2mt-site-install

Download as
Browse Code ยป

Commit df180cab31aae0536656f4d557b65945928a7f76

Authored by Adhidarma Hadiwinoto
1 parent 582a48bf6f
Exists in master

vpnc-script: chmod

Showing 1 changed file with 1 additions and 0 deletions Inline Diff

1 #!/bin/bash 1 #!/bin/bash
2 2
3 echo 3 echo
4 echo ================ 4 echo ================
5 echo Tektrans - Finnet AD2MT VPNC configurator 5 echo Tektrans - Finnet AD2MT VPNC configurator
6 echo ================ 6 echo ================
7 echo 7 echo
8 8
9 read -p 'VPNC username: ' vpncuser < /dev/tty 9 read -p 'VPNC username: ' vpncuser < /dev/tty
10 if [ -z "$vpncuser" ]; then 10 if [ -z "$vpncuser" ]; then
11 echo "Invalid vpnc user"; 11 echo "Invalid vpnc user";
12 exit 12 exit
13 fi 13 fi
14 14
15 read -p 'VPNC password: ' vpncpass < /dev/tty 15 read -p 'VPNC password: ' vpncpass < /dev/tty
16 if [ -z "$vpncpass" ]; then 16 if [ -z "$vpncpass" ]; then
17 echo "Invalid vpnc password"; 17 echo "Invalid vpnc password";
18 exit 18 exit
19 fi 19 fi
20 20
21 read -p 'IPSEC secret: ' ipsecsecret < /dev/tty 21 read -p 'IPSEC secret: ' ipsecsecret < /dev/tty
22 if [ -z "$ipsecsecret" ]; then 22 if [ -z "$ipsecsecret" ]; then
23 echo "Invalid ipssec secret"; 23 echo "Invalid ipssec secret";
24 exit 24 exit
25 fi 25 fi
26 26
27 27
28 set -x 28 set -x
29 29
30 sudo yum -y install vpnc 30 sudo yum -y install vpnc
31 sed 2iINTERNAL_IP4_DNS= /etc/vpnc/vpnc-script | sudo tee /etc/vpnc/vpnc-script.patched 31 sed 2iINTERNAL_IP4_DNS= /etc/vpnc/vpnc-script | sudo tee /etc/vpnc/vpnc-script.patched
32 sudo mv /etc/vpnc/vpnc-script.patched /etc/vpnc/vpnc-script 32 sudo mv /etc/vpnc/vpnc-script.patched /etc/vpnc/vpnc-script
33 sudo chmod +x /etc/vpnc/vpnc-script
33 34
34 sudo tee /etc/systemd/system/vpnc@.service << EOF 35 sudo tee /etc/systemd/system/vpnc@.service << EOF
35 [Unit] 36 [Unit]
36 Description=VPNC Client %i 37 Description=VPNC Client %i
37 After=syslog.target network.target 38 After=syslog.target network.target
38 StartLimitIntervalSec=0 39 StartLimitIntervalSec=0
39 40
40 [Service] 41 [Service]
41 Type=simple 42 Type=simple
42 ExecStart=/usr/sbin/vpnc --no-detach --ifname tun-%i %i 43 ExecStart=/usr/sbin/vpnc --no-detach --ifname tun-%i %i
43 Restart=always 44 Restart=always
44 User=root 45 User=root
45 Group=root 46 Group=root
46 RestartSec=2 47 RestartSec=2
47 48
48 [Install] 49 [Install]
49 WantedBy=multi-user.target 50 WantedBy=multi-user.target
50 EOF 51 EOF
51 52
52 sudo tee /etc/vpnc/ad2mt.conf << EOF 53 sudo tee /etc/vpnc/ad2mt.conf << EOF
53 IPSec gateway vpn.finnet.co.id 54 IPSec gateway vpn.finnet.co.id
54 IPSec ID ad2mt 55 IPSec ID ad2mt
55 Domain WORKGROUP 56 Domain WORKGROUP
56 Vendor cisco 57 Vendor cisco
57 NAT Traversal Mode natt 58 NAT Traversal Mode natt
58 IKE DH Group dh2 59 IKE DH Group dh2
59 Perfect Forward Secrecy server 60 Perfect Forward Secrecy server
60 Local Addr 0.0.0.0 61 Local Addr 0.0.0.0
61 Local Port 500 62 Local Port 500
62 Cisco UDP Encapsulation Port 10000 63 Cisco UDP Encapsulation Port 10000
63 DPD idle timeout (our side) 300 64 DPD idle timeout (our side) 300
64 IKE Authmode psk 65 IKE Authmode psk
65 IPSEC target network 0.0.0.0/0.0.0.0 66 IPSEC target network 0.0.0.0/0.0.0.0
66 EOF 67 EOF
67 68
68 echo Xauth username $vpncuser | sudo tee -a /etc/vpnc/ad2mt.conf 69 echo Xauth username $vpncuser | sudo tee -a /etc/vpnc/ad2mt.conf
69 echo Xauth password $vpncpass | sudo tee -a /etc/vpnc/ad2mt.conf 70 echo Xauth password $vpncpass | sudo tee -a /etc/vpnc/ad2mt.conf
70 echo IPSec secret $ipsecsecret | sudo tee -a /etc/vpnc/ad2mt.conf 71 echo IPSec secret $ipsecsecret | sudo tee -a /etc/vpnc/ad2mt.conf
71 72
72 sudo systemctl daemon-reload 73 sudo systemctl daemon-reload
73 sudo systemctl enable vpnc@ad2mt 74 sudo systemctl enable vpnc@ad2mt
74 sudo systemctl restart vpnc@ad2mt 75 sudo systemctl restart vpnc@ad2mt
75 76
76 echo 77 echo
77 cat /etc/vpnc/ad2mt.conf 78 cat /etc/vpnc/ad2mt.conf
78 79