Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision | ||
| docs:guide-user:services:vpn:openconnect:extras [2023/11/05 07:35] – [IPv6 gateway] vgaetera | docs:guide-user:services:vpn:openconnect:extras [2024/10/16 20:06] – [Default gateway] andrewz | ||
|---|---|---|---|
| Line 16: | Line 16: | ||
| ==== Web interface ==== | ==== Web interface ==== | ||
| - | If you want to manage VPN settings using web interface. | + | If you want to manage VPN server |
| - | Install the necessary packages. | + | |
| <code bash> | <code bash> | ||
| Line 27: | Line 26: | ||
| Navigate to **LuCI -> VPN -> OpenConnect VPN** to configure OpenConnect server. | Navigate to **LuCI -> VPN -> OpenConnect VPN** to configure OpenConnect server. | ||
| + | |||
| + | If you want to configure VPN client using web interface: | ||
| <code bash> | <code bash> | ||
| Line 36: | Line 37: | ||
| Navigate to **LuCI -> Network -> Interfaces** to configure OpenConnect client. | Navigate to **LuCI -> Network -> Interfaces** to configure OpenConnect client. | ||
| + | |||
| + | ==== Commercial provider ==== | ||
| + | Fetch server certificate from remote VPN server. | ||
| + | Beware of possible MITM. | ||
| + | |||
| + | <code bash> | ||
| + | openssl s_client -showcerts -connect ${VPN_SERV}: | ||
| + | < /dev/null > server-cert.pem | ||
| + | </ | ||
| + | |||
| ==== Dynamic connection ==== | ==== Dynamic connection ==== | ||
| Line 41: | Line 52: | ||
| ==== Default gateway ==== | ==== Default gateway ==== | ||
| - | If you do not need to route all traffic | + | Disable gateway redirection in the client if you don' |
| - | Disable gateway redirection on VPN client. | + | |
| <code bash> | <code bash> | ||