Difference between revisions of "Logging in remotely over the network"
Martin Cupak (talk | contribs) m (→Linux) |
Martin Cupak (talk | contribs) m |
||
Line 1: | Line 1: | ||
In order to log in remotely over the network you need to use our [[wikipedia:Virtual_private_network|VPN]]. | In order to log in remotely over the network you need to use our [[wikipedia:Virtual_private_network|VPN]]. | ||
− | = Configuring your VPN connection = | + | = Configuring your VPN connection in your laptop/desktop = |
== How VPN works? == | == How VPN works? == |
Revision as of 07:33, 7 March 2023
In order to log in remotely over the network you need to use our VPN.
Contents
- 1 Configuring your VPN connection in your laptop/desktop
- 1.1 How VPN works?
- 1.2 Getting a VPN Certificate
- 1.3 Installing and OpenVPN Client
- 1.3.1 Linux
- 1.3.1.1 Debian <=7 & Ubuntu earlier versions with system V init:
- 1.3.1.2 Debian 8+ & Ubuntu later versions (16.04+ ?) with systemd:
- 1.3.1.3 CentOS 6, RHEL 6 & Fedora 14 (and earlier versions) with system V init
- 1.3.1.4 CentOS 7, RHEL 7 & Fedora 17 (and later versions) with systemd
- 1.3.1.5 OpenSuse 13.1 (and later versions) with systemd
- 1.3.2 Mac OS X
- 1.3.3 Windows
- 1.3.4 Android
- 1.3.1 Linux
- 2 Logging In via the Terminal
- 3 Logging in via the Web Interface
Configuring your VPN connection in your laptop/desktop
How VPN works?
Getting a VPN Certificate
Installing and OpenVPN Client
You will then need to install and configure an OpenVPN client that supports your platform.
Linux
Debian <=7 & Ubuntu earlier versions with system V init:
Install OpenVPN by running the command:
apt-get install openvpn
Then, place your certificate in /etc/openvpn
(extract if from the archive if required). You can now connect to the VPN by running the command:
sudo service openvpn start
To enable OpenVPN so that it starts on boot, run the command:
sudo update-rc.d openvpn enable
Debian 8+ & Ubuntu later versions (16.04+ ?) with systemd:
Install OpenVPN by running the command:
apt-get install openvpn
Then in NetworkManager frontend (the network interfaces icon in task panel) in VPN connections, add new VPN, select OpenVPN, open the provided .ovpn file.
... or:
Manually place your certificate in /etc/openvpn
(extract if from the .tgz archive if required). You can now connect to the VPN by running the command:
sudo systemctl start openvpn@ALIAS.service
To enable OpenVPN so that it starts on boot, run the command: (replacing ALIAS
as required with the config file name without extension)
sudo systemctl enable openvpn@ALIAS.service
CentOS 6, RHEL 6 & Fedora 14 (and earlier versions) with system V init
Install OpenVPN by running the command:
yum install openvpn
Then, place your certificate in /etc/openvpn
(extract if from the .tgz archive if required). You can now connect to the VPN by running the command:
sudo service openvpn start
To enable OpenVPN so that it starts on boot, run the command:
chkconfig --level 345 openvpn on
CentOS 7, RHEL 7 & Fedora 17 (and later versions) with systemd
Install OpenVPN by running the command:
yum install openvpn
or
dnf install openvpn
Then you can either use NetworkManager or set up the certificetes/keys manually.
NetworkManager way
EPEL repository has NetworkManager-openvpn and NetworkManager-openvpn-gnome which should integrate into the graphical network management.
dnf install NetworkManager-openvpn NetworkManager-openvpn-gnome
Then in NetworkManager frontend (the network interfaces icon in task panel) in VPN connections, add new VPN, select OpenVPN, open the provided .ovpn file.
Manual way
Place your certificate in /etc/openvpn
(extract if from the .tgz archive if required). You can now connect to the VPN by running the command:
sudo systemctl start openvpn@ALIAS.service
To enable OpenVPN so that it starts on boot, run the command: (replacing ALIAS
as required with the config file name without extension)
sudo systemctl enable openvpn@ALIAS.service
Note: Later versions like RHEL8 & clones have 'server' and 'client' subfolders in /etc/openvpn
, to make things more tidy and better organised. It is more 'proper' to put the provided keys/certs into the 'client' subfolder. The systemd service name is the slightly different: "
sudo systemctl start openvpn-client@ALIAS.service sudo systemctl enable openvpn-client@ALIAS.service
OpenSuse 13.1 (and later versions) with systemd
Install OpenVPN by running the command:
zypper in openvpn
Then, place your certificate in /etc/openvpn
(extract if from the .tgz archive if required). Note the ALIAS
you have. You can now connect to the VPN by running the command: (replacing ALIAS
as required)
sudo systemctl start openvpn@ALIAS.service
To enable OpenVPN so that it starts on boot, run the command: (replacing ALIAS
as required with the config file name without extension)
sudo systemctl enable openvpn@ALIAS.service
Mac OS X
We recommend Tunnelblick OpenVPN client.
Install Tunnelblick from here and then configure it using the .opvpn file provided by DFN camera help by following the instructions here (Creating and Installing a Tunnelblick VPN Configuration section).
Windows
- Install OpenVPN (bottom row of the first table)
- Place your .opvpn file containing your certificate, key and config options into
Program Files/OpenVPN/config
. - To connect to the VPN, run OpenVPN from the start menu, and double click on the new OpenVPN system icon in the taskbar.
- Wait a few seconds; the window will disappear, and the icon will turn mostly green once you're connected
- You can now connect to any camera using its VPN IP address.
Android
Camera maintenance can also be carried out from a phone or tablet. Having one of these devices is a great backup in case your laptop runs out of battery or you can't use it for some other reason. Setting up Android to use the VPN for remote maintenance is also quite simple.
- Install the OpenVPN Connect app.
- Download your .opvpn file onto your phone
- Launch OpenVPN, press "Import" from the three dot menu and find your .opvpn file
- Press Connect to initiate your VPN connection, a persistent notification should appear in the notification bar
An alternative client we have a good experience with is OpenVPN for Android. This one claims it does not contain any adds.
You'll also need an SSH app to connect to the camera (a web based control panel for the cameras will also be available soon). We recommend JuiceSSH.
Logging In via the Terminal
Once you have the certificate installed on your computer and you have connected to the VPN you will be able to connect to the camera as if you had a local Ethernet or WiFi connection (although the response time to commands will be a bit longer). The only difference is that you will need to use the VPN IP address of the camera instead of the local login IP address.
If you are on Linux or Mac OS X open a terminal and log into your observatory using SSH. For example, if you have set up your hosts file for convenience you would into DFNEXT17 by running the command:
ssh root@DFNEXT17
If you have not set up your local hosts file, you would run the command:
ssh root@10.1.23.17
You will then be prompted to unlock your SSH key to log in or enter the root user password if you aren't using an SSH key.
Logging In via the Terminal from Windows
If you're on Windows, you will need to use PuTTY or Microsoft Windows Subsystem for Linux; for more information see: Logging in via Terminal from Windows. You will need to use the relevant VPN IP address instead of the local addresses though.
Logging in via the Web Interface
If you have set up your hosts file, you can now log in via the web interface by entering it in your browser's address bar with the web interface's port number (8080). For example, to log into DFNEXT12 you would enter DFNEXT:8080
.
If you haven't set up your hosts file for convenience then you will need to look up your observatories VPN IP address and enter that instead. For example, to log into DFNEXT12 you would enter 10.1.23.12:8080
.