diff options
Diffstat (limited to 'network/ocserv/README')
-rw-r--r-- | network/ocserv/README | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/network/ocserv/README b/network/ocserv/README new file mode 100644 index 0000000000..82510b0a05 --- /dev/null +++ b/network/ocserv/README @@ -0,0 +1,39 @@ +The OpenConnect VPN server (ocserv) is an open source Linux SSL VPN +server designed for organizations that require a remote access VPN with +enterprise user management and control. It follows the openconnect +protocol and is the counterpart of the openconnect VPN client. It is +also compatible with CISCO's AnyConnect SSL VPN. + +The OpenConnect VPN is less vulnerable to detection than OpenVPN, IPSec, +and WireGuard because it looks like a normal https connection (if udp is +not used). + +The program consists of: + +1. ocserv, the main server application +2. occtl, the server's control tool. A tool which allows one to query + the server for information. +3. ocpasswd, a tool to administer simple password files. + +A user and group "ocserv" must exist prior to running this script. +To create them run as root: + groupadd -g 382 ocserv + useradd -u 382 -g 382 -s /sbin/nologin -M ocserv + + +In order to start ocserv at boot and stop it properly at shutdown, +make sure rc.local and rc.local_shutdown contain the following lines: + + /etc/rc.d/rc.local + ================== + # Start ocserv + if [ -x /etc/rc.d/rc.ocserv ]; then + /etc/rc.d/rc.ocserv start + fi + + /etc/rc.d/rc.local_shutdown + =========================== + # Stop ocserv + if [ -x /etc/rc.d/rc.ocserv ]; then + /etc/rc.d/rc.ocserv stop + fi |