![Moxa UC-8416-T-LX [44/90] Openvpn](/img/pdf.png)
Moxa UC-8416-T-LX [44/90] Openvpn
![Moxa UC-8416-T-LX [44/90] Openvpn](/views2/1199789/page44/bg2c.png)
UC-8410/8416/8418/8430 Managing Communication
4-17
OpenVPN
OpenVPN provides two types of tunnels for users to implement VPNS: Routed IP Tunnels and Bridged
Ethernet Tunnels. To begin with, check to make sure that the system has a virtual device /dev/net/tun. If
not, issue the following command:
# mknod /dev/net/tun c 10 200
An Ethernet bridge is used to connect different Ethernet networks together. The Ethernets are bundled into one
bigger, “logical” Ethernet. Each Ethernet corresponds to one physical interface (or port) that is connected to the
bridge.
On each OpenVPN machine, you should generate a working directory, such as /etc/openvpn, where script
files and key files reside. Once established, all operations will be performed in that directory.
Setup 1: Ethernet Bridging for Private Networks on Different Subnets
1. Set up four machines, as shown in the following diagram.
Host A (B) represents one of the machines that belongs to OpenVPN A (B). The two remote subnets are
configured for a different range of IP addresses. When this setup is moved to a public network, the external
interfaces of the OpenVPN machines should be configured for static IPs, or connect to another device (such
as a firewall or DSL box) first.
# openvpn --genkey --secret secrouter.key
Copy the file that is generated to the OpenVPN machine.
2. The openvpn-bridge script file located at “/etc/openvpn/” reconfigures the interface “eth1” as IP-less,
creates logical bridge(s) and TAP interfaces, loads modules, and enables IP forwarding.
#---------------------------------Start-----------------------------
#!/bin/sh
iface=eth1 # defines the internal interface
maxtap=`expr 1` # defines the number of tap devices. I.e., # of tunnels
IPADDR=
NETMASK=
BROADCAST=
# it is not a great idea but this system doesn’t support
# /etc/sysconfig/network-scripts/ifcfg-eth1
ifcfg_vpn()
Содержание
- Sixth edition june 2011 1
- Uc 8410 8416 8418 8430 lx user s manual 1
- Www moxa com product 1
- Copyright notice 2
- Disclaimer 2
- Technical support contact information 2
- Trademarks 2
- Uc 8410 8416 8418 8430 lx user s manual 2
- Www moxa com support 2
- Table of contents 3
- Introduction 5
- Overview 6
- Software architecture 6
- Uc 8410 8416 8418 8430 introduction 6
- Additional information about jffs2 is available on the following websites 7
- Journaling flash file system jffs2 7
- Software features 7
- Uc 8410 8416 8418 8430 introduction 7
- Uc 8410 8416 8418 8430 introduction 8
- Getting started 9
- Attention 10
- Connecting the uc 8410 8416 8418 8430 8430 to a pc 10
- Powering on the uc 8410 8416 8418 8430 10
- Serial console 10
- Telnet console 10
- Uc 8410 8416 8418 8430 getting started 10
- Attention 11
- Ssh console 11
- Uc 8410 8416 8418 8430 getting started 11
- Windows users 11
- Configuring the ethernet interface 12
- Linux users 12
- Modifying network settings with the serial console 12
- Root bee_notebook root ssh 192 68 27 the authenticity of host 192 68 27 192 68 27 can t be established rsa key fingerprint is 8b ee ff 84 41 25 fc cd 2a f2 92 8f cb 1f 6b 2f are you sure you want to continue connection yes no yes_ 12
- Root moxa cd etc network root moxa etc network 12
- Ssh 192 68 27 12
- Uc 8410 8416 8418 8430 getting started 12
- Attention 13
- Auto eth0 eth1 lo iface lo inet loopback iface eth0 inet dhcp iface eth1 inet dhcp 13
- Etc init d networking restart 13
- Uc 8410 8416 8418 8430 getting started 13
- We always want the loopback interface auto eth0 eth1 eth2 lo iface lo inet loopback embedded ethernet lan1 iface eth0 inet static address 192 68 27 network 192 68 netmask 255 55 55 broadcast 192 68 55 embedded ethernet lan2 iface eth1 inet static address 192 68 27 network 192 68 netmask 255 55 55 broadcast 192 68 55 embedded ethernet lan3 iface eth2 inet static address 192 68 27 network 192 68 13
- Installing the tool chain linux 14
- Modifying network settings over the network 14
- Mount dev cdrom mnt cdrom mnt cdrom tool chain linux arm linux_2 sh 14
- Mount dev cdrom mnt cdrom mnt cdrom tool chain linux arm linux_3 _build_yymmddhh sh 14
- Path usr local arm linux 4 bin path 14
- Path usr local arm linux bin path 14
- Root moxa ifconfig eth0 192 68 root moxa etc network 14
- Test program developing hello c 14
- Uc 8410 8416 8418 8430 getting started 14
- Attention 15
- Cd example hello make 15
- Cd tmp mkdir example cp r mnt cdrom example tmp example 15
- Checking the flash memory space 15
- Compiling hello c 15
- Root moxa df h filesystem size used available use mounted on rootfs 13 m 9 m 3 m 74 dev root 13 m 9 m 3 m 74 dev ram15 1 m 19 k 1 m 1 dev dev ram0 499 k 18 k 456 k 4 var dev mtdblock4 32 m 1 m 30 m 6 tmp dev mtdblock4 32 m 1 m 30 m 6 home dev mtdblock4 32 m 1 m 30 m 6 etc tmpfs 252 m 0 252 m 0 dev shm dev sdb1 483 m 57 m 425 m 12 var sdb root moxa 15
- Uc 8410 8416 8418 8430 getting started 15
- Attention 16
- Chmod x home hello release home hello release 16
- Ftp 192 68 27 16
- Put hello release 16
- Root localhost hello make xscale linux gcc o hello release hello c xscale linux strip s hello release xscale linux gcc ggdb o hello debug hello c root localhost hello _ 16
- Root moxa home hello release hello 16
- Uc 8410 8416 8418 8430 getting started 16
- Uploading and running the hello program 16
- Managing embedded linux 17
- 68 27 putty 18
- Attention 18
- Firmware upgrade 18
- Kversion 18
- Root moxa df h filesystem size used available use mounted on rootfs 13 m 9 m 3 m 74 dev root 13 m 9 m 3 m 74 dev ram15 1 m 19 k 1 m 1 dev dev ram0 499 k 18 k 456 k 4 var dev mtdblock4 32 m 1 m 30 m 6 tmp dev mtdblock4 32 m 1 m 30 m 6 home dev mtdblock4 32 m 1 m 30 m 6 etc tmpfs 252 m 0 252 m 0 dev shm dev sdb1 483 m 57 m 425 m 12 var sdb root moxa dev s 18
- Root moxa kversion uc 8410 8416 8418 8430 version 1 root moxa root moxa kversion a uc 8410 8416 8418 8430 version 1 build 08091716 root moxa 18
- System version information 18
- Uc 8410 8416 8418 8430 managing embedded linux 18
- Upgrading the firmware 18
- Loading factory defaults 20
- 68 27 putty 21
- Attention 21
- Enabling and disabling daemons 21
- Root moxa cd etc root moxa etc ps pid user vsz stat command 1 root 1316 s init 3 2 root 0 sw kthreadd 3 root 0 sw ksoftirqd 0 4 root 0 sw events 0 5 root 0 sw khelper 30 root 0 sw kblockd 0 33 root 0 sw kseriod 52 root 0 sw pdflush 53 root 0 sw pdflush 54 root 0 sw kswapd0 55 root 0 sw aio 0 613 root 0 sw mtdblockd 652 root 0 sw ixp400_eth time 655 root 0 sw ixp400_eth time 657 root 0 dw ethmac recovery 667 root 0 sw rpciod 0 728 root 0 sw khubd 773 root 0 sw scsi_eh_0 774 root 0 sw usb storage 788 root 0 swn jffs2_gcd_mtd4 814 root 0 sw ixp400 eth0 820 root 0 sw ixp400 eth1 834 root 1360 s bin inetd 858 root 12536 s usr bin httpd k start d etc apache 861 bin 1300 s bin portmap 867 root 2412 s bin sh login 872 root 1360 s bin snmpd c public 878 root 3508 s bin sshd f etc ssh sshd_config 21
- Uc 8410 8416 8418 8430 managing embedded linux 21
- Setting the run level 23
- Adjusting the system time 24
- Date mmddhhmmyyyy 24
- Etc timezone 24
- Hwclock 24
- Hwclock w 24
- Rm f etc rc d rc3 d s60tcps2 24
- Setting the system time 24
- Setting the time manually 24
- Tz variable 24
- Uc 8410 8416 8418 8430 managing embedded linux 24
- Attention 25
- Ntp client 25
- Updating the time automatically 25
- 8 root home fixtime sh 26
- Bin sh ntpdate time nist gov hwclock w exit 0 26
- Chmod 755 fixtime sh 26
- Cron daemon to execute scheduled commands 26
- Etc init d cron start 26
- Etc resolv conf file hwclock w sleep 100 updates every 100 seconds the min time is 100 seconds change 100 to a larger number to update rtc less often 26
- Ntp 2345 respawn etc init d fixtime 26
- Uc 8410 8416 8418 8430 managing embedded linux 26
- Attention 27
- Cf mass storage 27
- Connecting peripherals 27
- Uc 8410 8416 8418 8430 managing embedded linux 27
- Usb mass storage 27
- Managing communication 28
- 68 27 putty 29
- Discard dgram udp wait root bin discard discard stream tcp nowait root bin discard telnet stream tcp nowait root bin telnetd ftp stream tcp nowait root bin ftpd l 29
- Etc hosts 29
- Etc nsswitch conf 29
- Etc resolv conf 29
- Nameserver 168 5 29
- Root moxa etc cat resolv conf resolv conf this file is the resolver configuration file see resolver 5 nameserver 192 68 6 nameserver 168 5 nameserver 140 15 1 nameserver 140 15 36 0 root moxa etc 29
- Telnet ftp 29
- Uc 8410 8416 8418 8430 managing communication 29
- Home httpd cgi bin 30
- Home httpd htdocs 30
- Uc 8410 8416 8418 8430 managing communication 30
- Web service apache 30
- 68 27 putty 31
- Attention 31
- Drwxr xr x 5 root root 0 nov 5 16 16 31
- Iptables 31
- Root moxa usr www cgi bin 31
- Root moxa usr www cgi bin ls al drwxr xr x 2 root root 0 aug 24 1999 31
- Rwxr xr x 1 root root 268 dec 19 2002 printenv 31
- Rwxr xr x 1 root root 757 aug 24 1999 test cgi 31
- Uc 8410 8416 8418 8430 managing communication 31
- Uc 8410 8416 8418 8430 managing communication 32
- Iptables t tables l n 33
- Lsmod modprobe ip_tables modprobe iptable_filter 33
- Modprobe iptable_filter 33
- Observe and erase chain rules 33
- Uc 8410 8416 8418 8430 managing communication 33
- Append or delete rules 34
- Define policy for chain rules 34
- Iptables f iptables x iptables z 34
- Iptables l n 34
- Iptables p input drop iptables p output accept iptables p forward accept modprobe iptable_nat iptables t nat p prerouting accept iptables t nat p output accept iptables t nat p postrouting accept 34
- Iptables t table ai input output forward io interface p tcp udp icmp all s ip network sport ports d ip network dport ports j accept drop 34
- Iptables t tables fxz 34
- Iptables t tables p input output forward prerouting output postrouting accept drop 34
- Uc 8410 8416 8418 8430 managing communication 34
- Iptables a input i eth0 p tcp dport 25 j log 35
- Iptables a input i eth0 p tcp s 192 68 24 j accept 35
- Iptables a input i eth0 p tcp s 192 68 4 dport 137 139 j accept 35
- Iptables a input i eth0 p tcp s 192 68 5 j drop 35
- Iptables a input i eth0 p tcp s 192 68 j accept 35
- Iptables a input i lo j accept 35
- Modprobe xt_mac iptables a input i eth0 p all m mac mac source 01 02 03 04 05 06 j drop 35
- Modprobe xt_tcpudp iptables a input i eth0 p tcp dport 21 j drop 35
- Uc 8410 8416 8418 8430 managing communication 35
- Enabling nat at bootup 36
- Nat example 36
- Connect chat etc 37
- Connection 37
- Dial up service ppp 37
- Example 1 connecting to a ppp server over a simple dial up 37
- Pppd connect chat v atdt5551212 connect ogin username word password dev ttym0 115200 debug crtscts modem defaultroute 37
- Pppd connect chat v atdt5551212 connect user username password password dev ttym0 115200 crtscts modem 37
- Proc sys net ipv4 ip_forward sbin iptables f sbin iptables x sbin iptables z sbin iptables f t nat sbin iptables x t nat sbin iptables z t nat sbin iptables p input accept sbin iptables p output accept sbin iptables p forward accept sbin iptables t nat p prerouting accept sbin iptables t nat p postrouting accept sbin iptables t nat p output accept step 3 enable ip masquerade 37
- Uc 8410 8416 8418 8430 managing communication 37
- Atdt5551212 38
- Connect 38
- Crtscts 38
- Defaultroute 38
- Example 2 connecting to a ppp server over a hard wired link 38
- Ogin username word password 38
- Pppd connect chat v noipdefault dev ttym0 19200 crtscts 38
- Pppd connect chat v user root password root noipdefault dev ttym0 19200 crtscts 38
- Uc 8410 8416 8418 8430 managing communication 38
- How to check the connection 39
- Netstat nr 39
- Ping z z z z 39
- Sbin ifconfig 39
- Uc 8410 8416 8418 8430 managing communication 39
- 68 27 putty 40
- Pppd dev ttym0 115200 crtscts modem 192 68 6 192 68 6 40
- Pppd dev ttym0 115200 crtscts modem 192 68 6 192 68 6 login auth 40
- Secrets for authentication using chap client server secret ip addresses pppoe example if you want to use it you need to unmark it and modify it username hinet net password 40
- Setting up a machine for incoming ppp connections 40
- Support hostname stats hostname outbound connections attention the definitions here can allow users to login without a package already provides this option make sure you don t change that inbound connections every regular user can use ppp and has to use passwords from etc passwd hostname username hinet net password pppoe user example if you want to use it you need to unmark it and modify it username hinet net password userids that cannot use ppp at all check your etc passwd and add any 40
- Uc 8410 8416 8418 8430 managing communication 40
- Username hinet net password 40
- 68 27 putty 41
- Load the pppoe plugin plugin lib rp pppoe so 41
- Name username hinet net mtu 1492 mru 1492 defaultroute noipdefault 41
- Other accounts that should not be able to use pppd guest hostname master hostname root hostname support hostname stats hostname 41
- Plugin pppoe 41
- Uc 8410 8416 8418 8430 managing communication 41
- Client 42
- Nfs network file system client 42
- Setting up the uc 8410 8416 8418 8430 8430 as an nfs 42
- Setting up the uc 8410 8416 8418 8430 8430 as an nfs client 42
- Steps 1 mkdir p home nfs public step 2 mount t nfs nfs_server ip directory mount point example mount t nfs 192 68 00 home public home nfs public 42
- Uc 8410 8416 8418 8430 managing communication 42
- Smtpclient s test f sender company com s ip_address receiver company com mail body message 43
- Uc 8410 8416 8418 8430 managing communication 43
- Mknod dev net tun c 10 200 44
- Openvpn 44
- Openvpn genkey secret secrouter key 44
- Setup 1 ethernet bridging for private networks on different subnets 44
- Start bin sh iface eth1 defines the internal interface maxtap expr 1 defines the number of tap devices i e of tunnels ipaddr netmask broadcast it is not a great idea but this system doesn t support etc sysconfig network scripts ifcfg eth1 ifcfg_vpn 44
- Uc 8410 8416 8418 8430 managing communication 44
- Etc openvpn openvpn bridge start 48
- Ln s etc openvpn openvpn bridge etc rc d rc3 d s32vpn br ln s etc openvpn openvpn bridge etc rc d rc6 d k32vpn br 48
- Openvpn config etc openvpn tap0 br conf 48
- Openvpn show ciphers openvpn show auths 48
- Ping 192 68 74 48
- Route add net 192 68 netmask 255 55 55 dev eth0 48
- Secret etc openvpn secrouter key cipher des ede3 cbc auth md5 tun mtu 1500 tun mtu extra 64 ping 40 up etc openvpn tap0 br sh 48
- Start bin sh etc openvpn tap0 br sh value after net is the subnet behind the remote peer route add net 192 68 netmask 255 55 55 dev br0 end 48
- Uc 8410 8416 8418 8430 managing communication 48
- Etc openvpn openvpn bridge stop 49
- Setup 2 ethernet bridging for private networks on the same subnet 49
- Setup 3 routed ip 49
- Uc 8410 8416 8418 8430 managing communication 49
- Point to the peer remote 192 68 74 dev tun secret etc openvpn secrouter key cipher des ede3 cbc auth md5 tun mtu 1500 tun mtu extra 64 ping 40 ifconfig 192 68 73 192 68 74 up etc openvpn tun sh 50
- Remote 192 68 73 dev tun secret etc openvpn secrouter key cipher des ede3 cbc auth md5 tun mtu 1500 tun mtu extra 64 ping 40 ifconfig 192 68 74 192 68 73 up etc openvpn tun sh 50
- Start bin sh value after net is the subnet behind the remote peer route add net 192 68 netmask 255 55 55 gw 5 end 50
- Uc 8410 8416 8418 8430 managing communication 50
- Audio playing and recording 51
- Install an ipk package via an ipk file 51
- List the installed packages 51
- Package management ipkg 51
- Remove a package 51
- Volume control 51
- Playing a wave file 52
- Recording a wave file 52
- Root moxa root vplay tmp test wav playing wave 16 bit speed 44100 hz 16 bits stereo root moxa root 52
- Root moxa root vrec t 10 w s 22050 b 16 dev shm 22050_16_mono wav recording wave 16 bit speed 22050 hz 16 bits mono root moxa root 52
- Uc 8410 8416 8418 8430 managing communication 52
- Programmer s guide 53
- Export path usr local arm linux bin path export manpath usr local arm linux man manpath 54
- Flash memory map 54
- Linux tool chain introduction 54
- Mount dev cdrom mnt cdrom sh mnt cdrom tool chain linux arm linux_2 _build_yymmddhh sh 54
- Mount dev cdrom mnt cdrom sh mnt cdrom tool chain linux arm linux_3 _build_yymmddhh sh 54
- Uc 8410 8416 8418 8430 programmer s guide 54
- Cross compiling applications and libraries 55
- Debugging with gdb 55
- Export path usr local arm linux 4 bin path export manpath usr local arm linux 4 man manpath 55
- Gdbserver 192 68 42 2000 hello debug 55
- Man arm linux gcc 55
- Obtaining help 55
- Tools available in the host environment 55
- Uc 8410 8416 8418 8430 programmer s guide 55
- Xscale linux gcc o example wall g o2 example c xscale linux strip s example xscale linux gcc ggdb o example debug example c 55
- Cd my_work_directory myfilesystem testprograms 56
- Ddd debugger xscale linux gdb hello debug 56
- Device api 56
- Int ioctl fd rtc_rd_time struct rtc_time time 56
- Int ioctl fd rtc_set_time struct rtc_time time 56
- Int ioctl int d int request input int d open device node return file handle int request argument in or out 56
- Man ioctl 56
- Process hello debug created pid 38 56
- Remote debugging using 192 68 9 2000 56
- Rtc real time clock 56
- Target remote 192 68 9 2000 56
- Uc 8410 8416 8418 8430 programmer s guide 56
- All xscale linux gcc o xxxx xxxx c lmoxalib 57
- Buzzer 57
- Include moxadevic 57
- Int swtd_enable int fd unsigned long time 57
- Int swtd_open void 57
- Ioctl fd kdmktone unsigned int arg 57
- Link libmoxalib 57
- Uc 8410 8416 8418 8430 programmer s guide 57
- Wdt watch dog timer 57
- Int swtd_ack int fd 58
- Int swtd_close int fd 58
- Int swtd_disable int fd 58
- Int swtd_get int fd int mode unsigned long time 58
- Uc 8410 8416 8418 8430 programmer s guide 58
- Application programming interface 60
- Digital i o 60
- Define dio_error_duration 4 the value of duration is not 0 or not in the range 40 duration 3600000 milliseconds 1 hour define dio_error_duration_20ms 5 the value of duration must be a multiple of 20 ms define dio_ok 0 61
- Define dio_high 1 define dio_low 0 int set_dout_state int doport int state 61
- Din_event_clear 61
- Din_event_high_to_lo 61
- Din_event_low_to_high 61
- Int get_din_state int diport int state 61
- Int get_dout_state int doport int state 61
- Int mode din_event_high_to_low 61
- Int set_din_event int diport void func int diport int mode long int duration 61
- Uc 8410 8416 8418 8430 programmer s guide 61
- Example 1 62
- Examples 62
- Special note 62
- Dio program make file example 64
- Define rs232_mode 0 define rs485_2wire_mode 1 define rs422_mode 2 define rs485_4wire_mode 3 65
- Int ioctl fd moxa_get_op_mode mode 65
- Int ioctl fd moxa_set_op_mode mode 65
- Setinterface 65
- Uc 8410 8416 8418 8430 programmer s guide 65
- Baudrate inaccuracy 66
- Example for getting the baudrate 66
- Example for setting the baudrate 66
- Special note 66
- Make file example 68
- Introduction 69
- Moxa can programming guide 69
- Programming guide 69
- Software lock 71
- Cross compiling 72
- Qt embedded 72
- Qt program testing x86 72
- Qt programming 72
- Qt programming development flow chart 72
- Upload to target and 72
- Compile and test the qt program on an x86 machine 73
- Cross compile the qt application and run with dual display 73
- Set up qt development 73
- Debian make 74
- Root moxa tmp export qws_mouse_proto intellimouse dev input mouse0 root moxa tmp hello qws geometry 1024x768 display voyagerlib dev fb0 74
- Root moxa tmp export qws_mouse_proto intellimouse dev input mouse1 root moxa tmp hello2 qws geometry 1024x768 display voyagerlib dev fb1 74
- Uc 8410 8416 8418 8430 programmer s guide 74
- Upload the binary to target and run it with following command 74
- A configure hyperterminal for the console port 75
- A firmware upgrade procedure 75
- Firmware upgrade procedure 75
- Uc 8410 8416 8418 8430 firmware upgrade procedure 76
- Uc 8410 8416 8418 8430 firmware upgrade procedure 77
- B download and installation of the tftp program 78
- Uc 8410 8416 8418 8430 firmware upgrade procedure 78
- C download and upgrade the firmware through hyperterminal 79
- Uc 8410 8416 8418 8430 firmware upgrade procedure 79
- Uc 8410 8416 8418 8430 firmware upgrade procedure 80
- Uc 8410 8416 8418 8430 firmware upgrade procedure 81
- Uc 8410 8416 8418 8430 firmware upgrade procedure 82
- Uc 8410 8416 8418 8430 firmware upgrade procedure 83
- Uc 8410 8416 8418 8430 firmware upgrade procedure 84
- Uc 8410 8416 8418 8430 firmware upgrade procedure 85
- Uc 8410 8416 8418 8430 firmware upgrade procedure 86
- Uc 8410 8416 8418 8430 firmware upgrade procedure 87
- B system commands 88
- Editor 88
- File manager 88
- Linux normal command utility collection 88
- System commands 88
- Modules 89
- Network 89
- Process 89
- Uc 8410 8416 8418 8430 system commands 89
- Special moxa utilities 90
- Uc 8410 8416 8418 8430 system commands 90
Похожие устройства
- Moxa UC-8416-T-LX Руководство по аппаратной части
- Moxa UC-8416-T-LX Руководство по быстрой установке
- Moxa UC-8416-T-LX Технические характеристики
- Moxa UC-8416-T-LX Руководство по работе с утилитой Moxa Device Manager
- Moxa UC-8418-CE Инструкция по эксплуатации
- Moxa UC-8418-CE Технические характеристики
- Moxa UC-8418-CE Руководство по аппаратной части
- Moxa UC-8418-CE Руководство по быстрой установке
- Moxa UC-8418-CE Руководство по работе с утилитой Moxa Device Manager
- Moxa UC-8418-T-CE Инструкция по эксплуатации
- Osminog W 12000 mAh Инструкция пользователя
- Moxa UC-8418-T-CE Руководство по аппаратной части
- Кулон 12t Инструкция пользователя
- Кулон 12/6t Инструкция пользователя
- Кулон 12/6sd Инструкция пользователя
- Кулон 12ns Инструкция пользователя
- Кулон 2ns Инструкция по эксплуатации
- Кулон 12/6p Инструкция по эксплуатации
- Moxa UC-8418-T-CE Руководство по быстрой установке
- Moxa UC-8418-T-CE Технические характеристики