DAI vpn

Tubit vpn: see /data/mydirectory/mywork/dailabor/05infra/tubitvpn/*
- from console
```
openconnect 130.149.5.50 --script /etc/vpnc/vpnc-script
```
- the script is available after vpnc is installed.
- Connect from HU:
  - connect to HU-VPN wlan.
  - clear firewall iptables -F or define a new rules
  - connect to tubit vpn.

DAI Open vpn

Download config file:

https://wiki.dai-labor.de/images/6/68/OpenVPN-DAI-User.ovpn

remote openvpn.dai-labor.de 443 udp
remote openvpn.dai-labor.de 443 tcp

client
verb 1
connect-retry-max 5
resolv-retry 60
dev tun
auth-user-pass
comp-lzo
nobind
remote-cert-tls server
cipher BF-CBC
persist-tun
persist-remote-ip
key-direction 1
<ca>
-----BEGIN CERTIFICATE-----
MIIExjCCA66gAwIBAgIJAP1gg2v3Nw4KMA0GCSqGSIb3DQEBBQUAMIGIMQswCQYD
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMRIwEAYDVQQKEwlEQUktTGFib3IxFzAV
BgNVBAsTDkFkbWluaXN0cmF0aW9uMRcwFQYDVQQDEw5EQUkgT3BlblZQTiBDQTEi
MCAGCSqGSIb3DQEJARYTYWRtaW5zQGRhaS1sYWJvci5kZTAeFw0wODA3MjMxNTQ5
MzVaFw0xODA3MjExNTQ5MzVaMIGIMQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVy
bGluMRIwEAYDVQQKEwlEQUktTGFib3IxFzAVBgNVBAsTDkFkbWluaXN0cmF0aW9u
MRcwFQYDVQQDEw5EQUkgT3BlblZQTiBDQTEiMCAGCSqGSIb3DQEJARYTYWRtaW5z
QGRhaS1sYWJvci5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKnZ
7NotpE043LU/E/8pKX6h7EAmLfvPDcKU3/O+4vw0R+8GN7lUxACDQa734/Ykky6S
dq4rsKtnpBvk7uM/BqgSNY3muOcChp8mzDjnYx30hQVYv92V6o7LoG9V+LybGVrI
9IbL0K4Rpd0sYuXt607QGxwV+y686wwIngMu42hBGkJodnjWa0h/7WWOSfSmg7W4
XxNkBzjY+ey7A6pO30FNDdFjADeCgVrfm50ZVKGJBGSTQ4fv9jReGp+7GBUnmdho
g86su/72WtjDii7X0Cwexmd24vKlClDNcOzwNF+C8XdFPpHWSLNVOX7Np/rI5Bb5
VBbOx7ipSMftb4a2DbkCAwEAAaOCAS8wggErMB0GA1UdDgQWBBTw6Yu8QnWLJ4oV
NgSt/DIWMvhhFTCBvQYDVR0jBIG1MIGygBTw6Yu8QnWLJ4oVNgSt/DIWMvhhFaGB
jqSBizCBiDELMAkGA1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjESMBAGA1UEChMJ
REFJLUxhYm9yMRcwFQYDVQQLEw5BZG1pbmlzdHJhdGlvbjEXMBUGA1UEAxMOREFJ
IE9wZW5WUE4gQ0ExIjAgBgkqhkiG9w0BCQEWE2FkbWluc0BkYWktbGFib3IuZGWC
CQD9YINr9zcOCjAMBgNVHRMEBTADAQH/MDwGCWCGSAGG+EIBBAQvFi1odHRwOi8v
aW50ZXJuLmRhaS1sYWJvci5kZS9jYS9vcGVudnBuLWNybC5wZW0wDQYJKoZIhvcN
AQEFBQADggEBAEcvD0WJ8LIwPalNS6MEZjcyWt9366ZbgqwjbPr6GVa0TA1oLQx5
XyI4vXhRO5PEeB1Wl2lLvwiPHkKoDx90unn9yVvHlLsMTTBDqxXBy7qbRBy3Gv9G
zZILGkILeD7M/PVXkQbnhqzOKol7yb1H/9Es6q6He79V8kyZSr+/XmvFeA2ZBch0
a4LjMCxMZjKgVelNMmVS471w9g3T+1Df5I6ccwg69oYEza3sEj9xZghVPSCeGmIL
CFTmsFVmo4kmSmTUbsm2b7rFCtP3rYsMjA1ISlIAuMdYLuIVO+dywrmbgLQrgVDj
Q80MCY0kFOMiDXYCVKDAIo+asOmLvRfBXec=
-----END CERTIFICATE-----
</ca>
<tls-auth>
-----BEGIN OpenVPN Static key V1-----
8ed75d522c3e5e654920edc7a6222f4a
74a9397603ee7c6d587f69c497627a91
7d657d23c1c33ebc3c1268bd0959f4f8
cb026a7f80d1ba8ff79237996aeb34f1
500fec981a734e9b58d645aec466965e
58d69b6797846d8e7d74ca536e2141b5
e515f1fea69f87e3b5f23b28da71f87b
577555a672b2249db1d2b1e90d7e5bba
557d98e61db2a8f774ed0a6042f0725e
6020804b92adb5f22603a15189cd9a62
68b8cddd99eeaea65d70d82b13af0998
0cfcc10be5ed052bade716ba6a4d7c32
2342e948b4ac54388e3509a24dc1bc4c
56e049fa4cbac654303e15bb44a401f9
eddbd850e099b10a235c68436a22bb9d
5e0ad9d52182947305a35e9a1714cfab
-----END OpenVPN Static key V1-----
</tls-auth>
<cert>
-----BEGIN CERTIFICATE-----
MIIEVDCCAzygAwIBAgIJAP1gg2v3Nw5dMA0GCSqGSIb3DQEBBQUAMIGIMQswCQYD
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMRIwEAYDVQQKEwlEQUktTGFib3IxFzAV
BgNVBAsTDkFkbWluaXN0cmF0aW9uMRcwFQYDVQQDEw5EQUkgT3BlblZQTiBDQTEi
MCAGCSqGSIb3DQEJARYTYWRtaW5zQGRhaS1sYWJvci5kZTAeFw0xMzAzMTYxOTAy
MTlaFw0xODAzMTUxOTAyMTlaMF4xCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJs
aW4xEjAQBgNVBAoTCURBSS1MYWJvcjEXMBUGA1UECxMOQWRtaW5pc3RyYXRpb24x
ETAPBgNVBAMTCGRhaS11c2VyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC5
rB3qy5t6FRQe+NU/xxKP5Gtzo0VDPTYlQ+5vpVDocdWjnkApiqEHCJkrXz0A/iC4
QzS/yMShDY/VcaXgLHerBb3RTjmh7k4bS7UAy51UWhETX7oqTtSFAWsW40BXgU0m
dbWyShdbiB773u8w0GhyjlVTJpnvlBtZwb+Jx9B+JQIDAQABo4IBbDCCAWgwCQYD
VR0TBAIwADARBglghkgBhvhCAQEEBAMCB4AwCwYDVR0PBAQDAgOIMBMGA1UdJQQM
MAoGCCsGAQUFBwMCMB0GA1UdDgQWBBTVe/IHJJYgPA7BOCXSdaYblsXwjzCBvQYD
VR0jBIG1MIGygBTw6Yu8QnWLJ4oVNgSt/DIWMvhhFaGBjqSBizCBiDELMAkGA1UE
BhMCREUxDzANBgNVBAgTBkJlcmxpbjESMBAGA1UEChMJREFJLUxhYm9yMRcwFQYD
VQQLEw5BZG1pbmlzdHJhdGlvbjEXMBUGA1UEAxMOREFJIE9wZW5WUE4gQ0ExIjAg
BgkqhkiG9w0BCQEWE2FkbWluc0BkYWktbGFib3IuZGWCCQD9YINr9zcOCjAJBgNV
HRIEAjAAMDwGCWCGSAGG+EIBBAQvFi1odHRwOi8vaW50ZXJuLmRhaS1sYWJvci5k
ZS9jYS9vcGVudnBuLWNybC5wZW0wDQYJKoZIhvcNAQEFBQADggEBAIZIsX4bEcfD
oqn9UO1HWNgF6kxgSWaA2UjjY9Y0/kfVsDgkBL4DPxg3ukYZbj64bfWeS8iZjlhO
PHUBTdhyORAVtWcrIWflJAZ8tnvFiHHqeT8Zn8sDrZOHNlJtnS97hi00VbUIUXIG
CL8BwAweP87KAbtTT+fdImfA9fvUr0FMIfSEsuBUW52VSWjEsUY7qN7O01TIWu4J
mUE/ZXMZLXJEJ78Wdvr05dBXYQWIDUJ2o31+jaSaXd7fa5yjqdU9J3OCxo+0bwE8
KGc4wklSB5aP//kGuR6ZmjXVjn5wsmsT6H4LR2fZjAsa60Hegr3g+dL7ljaXQ8QW
E7/Z5G1Y1wI=
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBALmsHerLm3oVFB74
1T/HEo/ka3OjRUM9NiVD7m+lUOhx1aOeQCmKoQcImStfPQD+ILhDNL/IxKENj9Vx
peAsd6sFvdFOOaHuThtLtQDLnVRaERNfuipO1IUBaxbjQFeBTSZ1tbJKF1uIHvve
7zDQaHKOVVMmme+UG1nBv4nH0H4lAgMBAAECgYBUUkFH923FlLsNkc4u57abWI4f
9x8meS8U33Pyii5jUgdHBkB3XTjiG9qL4vWudLrhU8wp6QC7b5BJzBIb67XwU/5Y
tTBKlNpDSmov/9hFx3PKVq33Yg0ck0AUkYWWwDskEVW4oDcfB83J9X3W+/C+HCho
XvB1Lb3sKbbSK8PhhQJBAOhlMKZtpt7uiMjrJNSVI/MnZUTRg7yDECs0hLRE4XSB
br7V9PqYb4rWtAcKLg6bAcmRYwwea+Go+B73Eq7gHxMCQQDMiAXwh32b7aE/ZuXd
YXBw4HYZHfpkEsycGOXt1bUvWRpbvsVnpn6FgJ7/a1DS/X7VI0UdlJYPH/BcLxIo
BDznAkBVhO9LP2y5+wOhFE8gX6W0FBpDIeqdk4l+rLvs7rAcxIixd2DIWxIpAGuN
b6SVQVt+Bp9xVTyT9S8hjgB1FAq7AkB26fLCGJRQDwW8DgBBCQDNr8MZ8VL90exC
KTutXp3b7GslwjGVhLh0uAY5LFSuhxGxq7LoctYX7xLZFcjxmR0rAkEAvExjGv0R
YYsZGZGrrud0swhTVAV7aZIKF34kLuebkLF5/s5wrMPyUdK4G3WkbO3vbjRjB69m
QLNCRELT51OT1A==
-----END PRIVATE KEY-----
</key>

Gnome-network manager

 dnf install openvpn...
 cut paste the keys above to the key files crt, ca, tls...
 ls data/mywork/05_infra/

Step 1:

gateway: openvpn.dai-labor.de
ca certificate: ca.crt

Advance:

General

gateway port: 443
use lzo

Security

TLS Auth

use additional tls
keyfile tls.key
direction: 1

Run openvpn * working

sudo openvpn --config OpenVPN-DAI-User.ovpn

Set DNS server

  [root@localhost vm00]# vim /etc/resolv.conf 
  # Generated by NetworkManager
  nameserver 130.149.154.102
  nameserver 130.149.154.96

Connect to samba dafis

Dafis has IP smb:130.149.154.111/projects/GT-ARC/IMA Open nautilus, location smb:130.149.154.111/projects/GT-ARC/IMA

  user dang
  domain DAI
  pwd

Trace: • pjs_ideas • ivtv • vpn

Table of Contents

DAI vpn

DAI Open vpn

Download config file:

Gnome-network manager

Run openvpn * working

Set DNS server

Connect to samba dafis

Navigation

Search

Toolbox