Материал из for iRidium developers
Перейти к: навигация, поиск
Эта страница является переводом страницы VPNConnection. Перевод выполнен на 100%.

Other languages:
English • ‎русский

Use of VPN in i3 pro

Starting with 1.1.7 version i3 pro supports VPN connection. To use VPN connection you must generate security certificates and modify your project. This article describes how to generate certificates and set a project.

VPN principle of work

You can read what VPN is and how it works here

Certificate generation

Before setting VPN in your project generate security certificates. To do it, download on the Windows-based PC the following software OpenVPN .

Attention! When you install the software put all ticks.

Then go to C:\Program files\OpenVPN\easy-rsa launch init-config.bat. There appears vars.bat.sample, open it in notepad and edit the following strings:

set KEY_COUNTRY=RU
set KEY_PROVINCE=MoscowRegion
set KEY_CITY=Moscow
set KEY_ORG=OpenVPN
set KEY_EMAIL=mybox@voxlink.ru
set KEY_CN=server
set KEY_NAME=server
set KEY_OU=voxlink

Fill in all strings but for “Key_CN” and “Key_NAME” as you see suitable. Save th file as vars.bat on the desktop and then move it to C:\Program files\OpenVPN\easy-rsa. Now open openssl-1.0.0.cnf and check the parameter. default_days=3650 (it's a period of certificate valdity -3650 days = 10 years)
Open the command string as an adminstrator and write:

cd C:\Program Files\OpenVPN\easy-rsa
vars
clean-all

If you see a message «Copied files:1», the procedure was successful. Enter in the same window:

build-dh (Creating Diffie-Hellman key)
build-ca (creating the main certificate)

Press Enter to all questions till you see the path
C:\Program files\OpenVPN\easy-rsa Then enter:

build-key-server server

Press Enter to all questions but for «Sign the certificate?» and «1 out of 1 certificate requests certified, commit?». Press Y to these questions. Then create a client certificate: build-key client Enter client to Common Name question (eg, your name or your server's hostname). Enter Y twice at the end. Take: ca.crt, server.crt, server.key from the following folder C:\Program Files\OpenVPN\easy-rsa\keys

Use in i3 pro

To use VPN in i3 pro project, add to the project a special script where generated keys are indicated. Create a new script file and add a script to it

var g_Name = "OpenVPN"; //Do not change configuration name
var g_Config = //VPN configuration
"proto tcp-client                                                \n" +
"# enter Internet address in this string                 \n" +
"remote 217.114.30.30                                            \n" +   
"dev tun                                                         \n" +
"                                                                \n" +
"nobind                                                          \n" +
"persist-key                                                     \n" +
"                                                                \n" +
"tls-client                                                      \n" +
"#enter the name of the public CA cetificate                      \n" +
"#ca ca.crt                                                      \n" +
"# client's public certificate                                \n" +
"#cert client.crt                                                \n" +
"# and his private key                                           \n" +
"#key client.key                                                 \n" +
"                                                                \n" +
"verb 3   									                     \n" +
"       												         \n" +
"                                                                \n" +
"ns-cert-type server                                             \n" +
"cipher AES-256-CBC                                              \n" +
"auth SHA1                                                       \n" +
"pull                                                            \n" +
"tls-cipher TLS-RSA-WITH-AES-256-CBC-SHA                         \n" +
"                                                                \n" +
"<ca>                                                            \n" +
"-----BEGIN CERTIFICATE-----                                     \n" +
"/n"+//Enter public certificate
"-----END CERTIFICATE-----                                       \n" +
"</ca>                                                           \n" +
"<cert>                                                          \n" +
"-----BEGIN CERTIFICATE-----                                     \n" +
"\n" +//Enter client's public certificate
"-----END CERTIFICATE-----                                       \n" +
"</cert>                                                         \n" +
"<key>                                                           \n" +
"-----BEGIN PRIVATE KEY-----                                     \n" +
"\n" +//Enter private key
"-----END PRIVATE KEY-----                                       \n" +
"</key>                                                          \n";
 
var g_oPage;
var g_oStatusItem;
var g_iStatusInterval = 0; //flag of VPN configuration request
 
function VPNLog(name, event, result, msg)
{
   IR.Log("name: " + name);
   IR.Log("event: " + event);
   IR.Log("result: " + result);
   IR.Log("msg: " + msg);
}
 
function activateConfiguration()
{
   IR.ActivateVPNConfiguration(//Function of activating VPN
      g_Name,
      {
         type: "OpenVPN",
         username: "ovpn_user3",
         password: "user3",
         NotUseDefaulRoute: 0,
         ovpn: g_Config//,
 
         //iridium_debug: true,
         //iridium_debug_level: 7,
         //iridium_debug_host: "192.168.0.89",
         //iridium_debug_port: 514,
      },
      VPNLog
   );
}
 
function startConfiguration()//Function of the start of VPN connection where a timer of configuration update is created, if the flag is g_iStatusInterval=1
{
   if(!g_iStatusInterval)
   {
      g_iStatusInterval = IR.SetInterval(1000, function(){
         getConfigurationStatus();
      });
    }
 
   IR.StartVPNConfiguration(
      g_Name,
      VPNLog
   );
}
 
function stopConfiguration()//Function of the end of VPN connection
{
   if(!g_iStatusInterval)
   {
      g_iStatusInterval = IR.SetInterval(1000, function(){
         getConfigurationStatus();
      });
    }
 
   IR.StopVPNConfiguration(
     g_Name,
     VPNLog
   );
} 
 
function getConfigurationStatus()//Function of the update of VPN configuration
{
   if(!g_oPage)
      g_oPage = IR.GetPage("Page 1");
 
   if(g_oPage && !g_oStatusItem)
      g_oStatusItem = g_oPage.GetItem("Item 5");
 
   IR.GetVPNConfigurationStatus(
      g_Name,
      function (name, event, result, msg)
      {
         IR.Log("name: " + name);
         IR.Log("event: " + event);
         IR.Log("result: " + result);
         IR.Log("msg: " + msg);
 
         g_oStatusItem.Value = result;
 
         if(g_iStatusInterval && result <= 4)
         {
            IR.ClearInterval(g_iStatusInterval);
            g_iStatusInterval = 0;
         }               
      }
   );
}
 
IR.AddListener(IR.EVENT_START,0,function()//Launch of getting configuration at project start.
{
   if(!g_iStatusInterval)
   {
      g_iStatusInterval = IR.SetInterval(1000, function(){
         getConfigurationStatus();
      });
    }
});