Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision | ||
| docs:guide-user:services:vpn:openconnect:client [2024/10/16 18:28] – Luci section added andrewz | docs:guide-user:services:vpn:openconnect:client [2024/10/17 17:46] – [2. Key management] andrewz | ||
|---|---|---|---|
| Line 28: | Line 28: | ||
| ==== 2. Key management ==== | ==== 2. Key management ==== | ||
| - | Transfer | + | Run the code below directly on the VPN server |
| - | Generate certificate | + | |
| <code bash> | <code bash> | ||
| # Generate certificate hash | # Generate certificate hash | ||
| Line 40: | Line 38: | ||
| </ | </ | ||
| - | Fetch [[docs:guide-user:services:vpn:openconnect:extras# | + | Alternatively, |
| + | |||
| + | < | ||
| + | daemon.notice netifd: vpn (3443): Certificate from VPN server "vpn.example.com" | ||
| + | daemon.notice netifd: vpn (3443): Reason: unable to get local issuer | ||
| + | daemon.notice netifd: vpn (3443): To trust this server in future, perhaps add this to your command line: | ||
| + | daemon.notice netifd: vpn (3443): | ||
| + | daemon.notice netifd: vpn (3443): SSL connection failure | ||
| + | </ | ||
| + | |||
| + | Copy the complete string shown __after__ '' | ||
| ==== 3. Firewall ==== | ==== 3. Firewall ==== | ||
| Line 64: | Line 72: | ||
| See all available OpenConnect protocol options [[docs: | See all available OpenConnect protocol options [[docs: | ||
| - | Configure | + | Disable |
| ===== Web-based configuration ===== | ===== Web-based configuration ===== | ||
| Web-based configuration is available through [[: | Web-based configuration is available through [[: | ||
| + | |||
| + | <code bash> | ||
| + | # Install packages | ||
| + | opkg update | ||
| + | opkg install luci-proto-openconnect | ||
| + | service rpcd restart | ||
| + | </ | ||
| + | |||
| + | Navigate to **LuCI -> Network -> Interfaces** to configure OpenConnect client. | ||
| Currently not all the options can be set through Luci, so manual changes in ''/ | Currently not all the options can be set through Luci, so manual changes in ''/ | ||