Line 1: |
Line 1: |
| + | <p style="color:red">The information in this page is updated in accordance with firmware version [https://wiki.teltonika-networks.com/view/FW_%26_SDK_Downloads'''07.02.7'''].</p> |
| | | |
| ==Introduction== | | ==Introduction== |
− | This article provides a guide on how to configure stunnel and use telnet protocol for devices to interact with each other securely. These configurations can be implemented on RUT9xx and RUTX series. | + | This article provides a guide on how to configure stunnel and use telnet protocol for devices to interact with each other securely. These configurations can be implemented on RUT, RUTX and TRB series devices. |
| | | |
| * First you want to make sure that you have '''ADVANCED mode''' enabled. This will allow you to choose from a larger variety of settings. | | * First you want to make sure that you have '''ADVANCED mode''' enabled. This will allow you to choose from a larger variety of settings. |
Line 52: |
Line 53: |
| | | |
| * You will be directed to stunnel configuration, | | * You will be directed to stunnel configuration, |
− | Do following configuration:
| + | |
| 1. '''Enable''' Stunnel | | 1. '''Enable''' Stunnel |
| + | |
| 2. Select Operating mode '''(Server)''' | | 2. Select Operating mode '''(Server)''' |
| + | |
| 3. Listen IP '''(0.0.0.0)''' | | 3. Listen IP '''(0.0.0.0)''' |
| + | |
| 4. Select Listen Port '''(2030)''' | | 4. Select Listen Port '''(2030)''' |
| + | |
| 5. Connect IP'S '''(127.0.0.1:23)''' | | 5. Connect IP'S '''(127.0.0.1:23)''' |
| + | |
| 6. TLS Cipher '''(Secure)''' | | 6. TLS Cipher '''(Secure)''' |
| + | |
| 7. Insert Certificate File '''(server.cert.pem and server.key.pem)''' | | 7. Insert Certificate File '''(server.cert.pem and server.key.pem)''' |
| + | |
| | | |
| [[File:Networking Rut955 WebUI VPN stunnel config v1.bmp|border]] | | [[File:Networking Rut955 WebUI VPN stunnel config v1.bmp|border]] |
Line 78: |
Line 86: |
| | | |
| '''For Windows:''' | | '''For Windows:''' |
| + | |
| Download Stunnel from [https://www.stunnel.org/downloads.html stunnel download]. | | Download Stunnel from [https://www.stunnel.org/downloads.html stunnel download]. |
| Choose the latest win64 installer.exe and install. | | Choose the latest win64 installer.exe and install. |
Line 83: |
Line 92: |
| [[File:Networking Rut955 manual VPN stunnel install v1.png|border]] | | [[File:Networking Rut955 manual VPN stunnel install v1.png|border]] |
| | | |
− | * Install only Stunnel.exe deamon, you can skip openssl.exe. | + | * Install only '''Stunnel.exe''' deamon, you can skip '''openssl.exe'''. |
| Once the application is installed, open stunnel, go to configuration and select edit configuration. Remove all the content and paste as below: | | Once the application is installed, open stunnel, go to configuration and select edit configuration. Remove all the content and paste as below: |
| | | |
Line 95: |
Line 104: |
| Connect IP depends on your configuration and write them accordingly. Here in this example, it is as above. | | Connect IP depends on your configuration and write them accordingly. Here in this example, it is as above. |
| | | |
− | * Navigate to C:\Program files (x86)\Stunnel\config and create new file ca-cert1.pem. | + | * Navigate to '''C:\Program files (x86)\Stunnel\config''' and create new file ''ca-cert1.pem''. |
− | * Copy and paste client.cert.pem and client.key.pem to it and save the file. ('''Note:''' Download the client certificate from your Web-UI, '''System → Administration → certificate''') | + | * Copy and paste ''client.cert.pem'' and ''client.key.pem'' to it and save the file. ('''Note:''' Download the client certificate from your Web-UI, '''System → Administration → certificate''') |
| * For example: | | * For example: |
| | | |
| [[File:Networking Rut955 manual stunnel clientcert v1.png|border]] | | [[File:Networking Rut955 manual stunnel clientcert v1.png|border]] |
| | | |
− | Once saved, go back to stunnel > configuration, and reload configuration. | + | Once saved, go back to '''stunnel → configuration''', and reload configuration. |
| | | |
| [[File:Networking Rut955 manual stunnel config v1.bmp|border]] | | [[File:Networking Rut955 manual stunnel config v1.bmp|border]] |
Line 111: |
Line 120: |
| Similarly, for Linux machines follow the below commands. | | Similarly, for Linux machines follow the below commands. |
| | | |
− | '''* update and upgrade Ubuntu'''
| + | * Update and upgrade Ubuntu |
| | | |
| Using these commands update your Ubuntu's package list and also upgrade the existing packages to the latest version: | | Using these commands update your Ubuntu's package list and also upgrade the existing packages to the latest version: |
− | * apt-get update
| |
− | *apt-get upgrade
| |
| | | |
− | '''* Install Stunnel''' | + | ''apt-get update'' |
| + | ''apt-get upgrade'' |
| + | |
| + | |
| + | * Install Stunnel |
| | | |
| Install Stunnel package using the code below: | | Install Stunnel package using the code below: |
− | * apt-get install stunnel4 -y
| + | |
| + | ''apt-get install stunnel4 -y'' |
| + | |
| | | |
− | '''* Configure Stunnel'''
| + | * Configure Stunnel |
| | | |
| Stunnel configures itself using a file named '''stunnel.conf''' which by default is located in '''/etc/stunnel'''. | | Stunnel configures itself using a file named '''stunnel.conf''' which by default is located in '''/etc/stunnel'''. |
| Create a '''stunnel.conf''' file in the /etc/stunnel directory. | | Create a '''stunnel.conf''' file in the /etc/stunnel directory. |
− | * nano /etc/stunnel/stunnel.conf
| + | |
| + | ''nano /etc/stunnel/stunnel.conf'' |
| | | |
| Next, specify a service for use with stunnel. Here, it will work as client so file should look like this: | | Next, specify a service for use with stunnel. Here, it will work as client so file should look like this: |
Line 139: |
Line 153: |
| [[File:Networking Rut955 manual stunnel config ubuntu v1.bmp|border]] | | [[File:Networking Rut955 manual stunnel config ubuntu v1.bmp|border]] |
| | | |
− | '''* Create certificates'''
| + | |
| + | * Create certificates |
| | | |
| Stunnel uses SSL certificate to secure its connections, which you can easily create using the commands: | | Stunnel uses SSL certificate to secure its connections, which you can easily create using the commands: |
| | | |
− | *openssl genrsa -out key.pem 2048
| + | ''openssl genrsa -out key.pem 2048'' |
− | *openssl req -new -x509 -key key.pem -out cert.pem -days 1095
| + | ''openssl req -new -x509 -key key.pem -out cert.pem -days 1095'' |
| | | |
| | | |
| and then create file stunnel.pem | | and then create file stunnel.pem |
− | * nano /etc/stunnel/stunnel.pem
| + | |
| + | ''nano /etc/stunnel/stunnel.pem'' |
| | | |
| | | |
− | copy the certificates to stunnel.pem file: | + | copy the certificates to stunnel.pem file: |
− | * cat key.pem cert.pem >> /etc/stunnel/stunnel.pem
| + | cat key.pem cert.pem >> /etc/stunnel/stunnel.pem |
| | | |
| | | |
| [[File:Networking Rut955 manual stunnel certificates ubuntu v1.bmp|border]] | | [[File:Networking Rut955 manual stunnel certificates ubuntu v1.bmp|border]] |
| | | |
− | '''* Restart stunnel'''
| + | * Restart stunnel |
| | | |
− | restart the stunnel configuration using the command: | + | restart the stunnel configuration using the command: |
− | * /etc/init.d/stunnel4 restart
| + | |
| + | ''/etc/init.d/stunnel4 restart'' |
| | | |
| | | |