Open main menu

DFN Wiki β

Reconfigure VPN

DFNEXT systems

These instructions are for system DFNEXT099, please replace with a corresponding number for your camera system.

Login to the camera system...

...either locally using ethernet wire or WiFi or just use screen and keyboard (HDMI, screen needs to be connected before powering up the camera box).

Disable and remove the old VPN config

 cd /etc/openvpn
 systemctl stop openvpn@DFNEXT099.service
 systemctl disable openvpn@DFNEXT099.service
 systemctl mask openvpn@DFNEXT099.service
 rm -rf DFNEXT099.conf DFNEXT099.tgz keys

Transfer the file provided by the DFN team to /etc/openvpn on the camera (scp/winscp/sftp/rsync or so)

Unzip the configuration, password protected for security reasons

Note: the password (hint) will arrive in a separate e-mail message, not with the VPN config file.

 cd /etc/openvpn

... that creates file DFNEXT099.tar.gz

Install and activate the new config - on the camera system as root connected using local IP

 root@DFNEXT099:/etc/openvpn# tar -xvzf DFNEXT099.tar.gz
 systemctl start openvpn-client@DFNEXT099.service
 systemctl enable openvpn-client@DFNEXT099.service

Verify that it is running

 root@DFNEXT099:/etc/openvpn# systemctl status openvpn-client@DFNEXT099.service
 ● openvpn-client@DFNEXT099.service - OpenVPN tunnel for DFNEXT099
   Loaded: loaded (/lib/systemd/system/openvpn-client@.service; enabled; vendor preset: enabled)
   Active: active (running) since Sun 2023-01-29 03:11:35 MST; 2 weeks 3 days ago
   Docs: man:openvpn(8)
 Main PID: 15223 (openvpn)
   Status: "Initialization Sequence Completed"
   CGroup: /system.slice/system-openvpn\x2dclient.slice/openvpn-client@DFNEXT099.service
           └─15223 /usr/sbin/openvpn --suppress-timestamps --nobind --config DFNEXT099.conf
 root@DFNEXT099:/etc/openvpn# ip a | grep tun
 15: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 100
    inet brd scope global tun0
 root@DFNEXT099:/etc/openvpn# ping -c 3 dfn_vpn
 PING dfnserver_vpn ( 56(84) bytes of data.
 64 bytes from dfnserver_vpn ( icmp_seq=1 ttl=64 time=213 ms
 64 bytes from dfnserver_vpn ( icmp_seq=2 ttl=64 time=211 ms
 64 bytes from dfnserver_vpn ( icmp_seq=3 ttl=64 time=220 ms
 --- dfnserver_vpn ping statistics ---
 3 packets transmitted, 3 received, 0% packet loss, time 2002ms
 rtt min/avg/max/mdev = 211.841/215.206/220.417/3.755 ms