VPN Client
Used VPN client is OpenVPN. For inclusion in work it is necessary to load files of keys and certificates, to adjust the client VPN, to adjust work of Watchdog Ping.
Wathdog Ping provides a network availability check and, if it fails, responds by reconnecting the VPN client.
The following URIs are used to load key files:
- upload-vpn-crt.htm - client certificate;
- upload-vpn-ca.htm - CA certificate;
- upload-vpn-key.htm - client key;
- upload-tls-auth.htm - key TLS.
To configure the VPN client, use a query with querytype = setvpn, with fields:
enable - enabling / disabling the client;
- vpn_debug - enable openvpn debug log, if the field is absent, then debugging is not enabled;
gateway - name or address of the VPN server;
port - port of the VPN server, numeric value;
- auth_type - type of client authorization on the server, can be the following (currently only PASS_TLS is supported):
- TLS -Â certificates (TLS);
- PASS - password;
- PASS_TLS -Â password and certificates (TLS).
- user - username, can be empty;
- pass - user password, may be empty;
- ta_enable - enable authorization using TLS key;
- complzo - use LZO compression;
- watchdog_enable - enable Watchdog Ping;
- watchdog_host - ping address;
- watchdog_interval - ping interval, in seconds;
- watchdog_timeout - ping timeout, in seconds, after which the VPN will be reconnected.
To read the VPN client settings, use the query with querytype = getvpn, the response contains the following fields:
- status - characterizes the current state of the client;
- connect_time - time in UnixTimeStamp format showing the moment of connection, "0" if there is no data;
- vpn_debug - enable or disabled openvpn debug log;
- ipaddr - client address in VPN network;
- enable - enabled or disabled client;
- gateway - name or address of the VPN server;
- port - port of the VPN server, numeric value;
- auth_type - type of client authorization on the server;
- user - username, can be empty;
- pass - user password, may be empty;
- ta_enable - enable authorization using TLS key;
- complzo -Â use LZO compression;
- file_ca - CA certificate file name, empty if no file;
- file_cert - client certificate file name, empty if no file;
- file_key - client key file name, empty if no file;
- file_ta - TLS authorization key file name, empty if no file;
- watchdog_enable - enable Watchdog Ping;
- watchdog_host - ping address;
- watchdog_interval - ping interval, in seconds;
- watchdog_timeout - ping timeout, in seconds, after which the VPN will be reconnected.
To download the debug log file, use the address "/download-vpn-log.htm".