SmartAudio/package/network/vpnc/README

The vpnc client expects to be configured using the uci interface.

To setup a VPN connection, add the following to /etc/config/network:

config interface 'MYVPN'
        option proto 'vpnc'
        option interface 'wan'
        option server 'vpn.example.com'
        option username 'test'
        option password 'secret' # or:
        option hexpasswd 'AE7FF6A0426F0A0CD0A02EB9EC3C5066FAEB0B25'
        option authgroup 'DEFAULT'
        option passgroup 'groupsecret' # or:
        option hexpassgroup '52B0BEAF6605C3CE9BE20A0DC0A0F6240A6FF7EA'
        option domain 'WORKGROUP'
        option vendor 'cisco' # or 'netscreen'
        option natt_mode 'natt' # or 'none' or 'force-natt' or 'cisco-udp'
        option dh_group 'dh2' # or 'dh1' or 'dh5'
        option pfs 'server' # or 'nopfs' or 'dh1' or 'dh2' or 'dh5'
        option enable_single_des '0'
        option enable_no_enc '0' # '1' to enable unencrypted VPN
        option mtu '0'
        option local_addr '0.0.0.0'
        option local_port '500' # '0' to use a random port
        option udp_port '10000' # '0' to use a random port
        option dpd_idle '300'
        option auth_mode 'psk' # or 'hybrid'
        option target_network '0.0.0.0/0.0.0.0' # network/netmask or CIDR

The additional file(s) are also used:
/etc/vpnc/ca-vpn-MYVPN.pem: The server's CA certificate (for auth_mode 'hybrid')

After these are setup you can initiate the VPN using "ifup MYVPN", and
deinitialize it using ifdown. You may also use the luci web interface
(Network -> Interfaces -> MYVPN Connect).

Note that you need to configure the firewall to allow communication between
the MYVPN interface and lan.
init 2018-07-13 01:31:50 +00:00			`The vpnc client expects to be configured using the uci interface.`

			`To setup a VPN connection, add the following to /etc/config/network:`

			`config interface 'MYVPN'`
			`option proto 'vpnc'`
			`option interface 'wan'`
			`option server 'vpn.example.com'`
			`option username 'test'`
			`option password 'secret' # or:`
			`option hexpasswd 'AE7FF6A0426F0A0CD0A02EB9EC3C5066FAEB0B25'`
			`option authgroup 'DEFAULT'`
			`option passgroup 'groupsecret' # or:`
			`option hexpassgroup '52B0BEAF6605C3CE9BE20A0DC0A0F6240A6FF7EA'`
			`option domain 'WORKGROUP'`
			`option vendor 'cisco' # or 'netscreen'`
			`option natt_mode 'natt' # or 'none' or 'force-natt' or 'cisco-udp'`
			`option dh_group 'dh2' # or 'dh1' or 'dh5'`
			`option pfs 'server' # or 'nopfs' or 'dh1' or 'dh2' or 'dh5'`
			`option enable_single_des '0'`
			`option enable_no_enc '0' # '1' to enable unencrypted VPN`
			`option mtu '0'`
			`option local_addr '0.0.0.0'`
			`option local_port '500' # '0' to use a random port`
			`option udp_port '10000' # '0' to use a random port`
			`option dpd_idle '300'`
			`option auth_mode 'psk' # or 'hybrid'`
			`option target_network '0.0.0.0/0.0.0.0' # network/netmask or CIDR`

			`The additional file(s) are also used:`
			`/etc/vpnc/ca-vpn-MYVPN.pem: The server's CA certificate (for auth_mode 'hybrid')`

			`After these are setup you can initiate the VPN using "ifup MYVPN", and`
			`deinitialize it using ifdown. You may also use the luci web interface`
			`(Network -> Interfaces -> MYVPN Connect).`

			`Note that you need to configure the firewall to allow communication between`
			`the MYVPN interface and lan.`