openconnect: Added README file

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
2014-06-08 11:00:22 +02:00 · 2014-06-08 11:00:22 +02:00 · 4175b68a17
commit 4175b68a17
parent 53f33536c0
1 changed files with 30 additions and 0 deletions
--- a/net/openconnect/README
+++ b/net/openconnect/README
@ -0,0 +1,30 @@
+The openconnect client expects to be configured using the uci interface.
+
+To setup a VPN connection, add the following to /etc/config/network:
+
+config interface 'MYVPN'
+        option _orig_ifname 'vpnc'
+        option _orig_bridge 'false'
+        option proto 'openconnect'
+        option server 'vpn.example.com'
+        option port '4443'
+        option username 'test'
+        option password 'secret'
+        option serverhash 'AE7FF6A0426F0A0CD0A02EB9EC3C5066FAEB0B25'
+
+The additional files are also used:
+/etc/openconnect/user-cert-vpn-MYVPN.pem: The user certificate
+/etc/openconnect/user-key-vpn-MYVPN.pem: The user private key
+/etc/openconnect/ca-cert-vpn-MYVPN.pem: The CA certificate (instead of serverhash)
+
+After these are setup you can initiate the VPN using "ifup MYVPN", and
+deinitialize it using ifdown. You may also use the luci web interface
+(Network -> Interfaces -> AVPN Connect).
+
+Note that you need to configure the firewall to allow communication between
+the MYVPN interface and lan.
+
+
+There is a luci plugin to allow configuring an openconnect interface from
+the web environment, available as patch over luci at
+https://github.com/nmav/luci-openconnect/tree/openconnect