Line 1: |
Line 1: |
| + | <p style="color:red">The information in this page is updated in accordance with firmware version [https://wiki.teltonika-networks.com/view/FW_%26_SDK_Downloads'''07.02.7'''].</p> |
| | | |
| ==Introduction== | | ==Introduction== |
− | This article provides a guide on how to configure stunnel and use telnet protocol for devices to interact with each other securely. These configurations can be implemented on RUT9xx and RUTX series. | + | This article provides a guide on how to configure stunnel and use telnet protocol for devices to interact with each other securely. These configurations can be implemented on RUT, RUTX and TRB series devices. |
| | | |
| * First you want to make sure that you have '''ADVANCED mode''' enabled. This will allow you to choose from a larger variety of settings. | | * First you want to make sure that you have '''ADVANCED mode''' enabled. This will allow you to choose from a larger variety of settings. |
Line 91: |
Line 92: |
| [[File:Networking Rut955 manual VPN stunnel install v1.png|border]] | | [[File:Networking Rut955 manual VPN stunnel install v1.png|border]] |
| | | |
− | * Install only Stunnel.exe deamon, you can skip openssl.exe. | + | * Install only '''Stunnel.exe''' deamon, you can skip '''openssl.exe'''. |
| Once the application is installed, open stunnel, go to configuration and select edit configuration. Remove all the content and paste as below: | | Once the application is installed, open stunnel, go to configuration and select edit configuration. Remove all the content and paste as below: |
| | | |
Line 103: |
Line 104: |
| Connect IP depends on your configuration and write them accordingly. Here in this example, it is as above. | | Connect IP depends on your configuration and write them accordingly. Here in this example, it is as above. |
| | | |
− | * Navigate to C:\Program files (x86)\Stunnel\config and create new file ca-cert1.pem. | + | * Navigate to '''C:\Program files (x86)\Stunnel\config''' and create new file ''ca-cert1.pem''. |
− | * Copy and paste client.cert.pem and client.key.pem to it and save the file. ('''Note:''' Download the client certificate from your Web-UI, '''System → Administration → certificate''') | + | * Copy and paste ''client.cert.pem'' and ''client.key.pem'' to it and save the file. ('''Note:''' Download the client certificate from your Web-UI, '''System → Administration → certificate''') |
| * For example: | | * For example: |
| | | |
| [[File:Networking Rut955 manual stunnel clientcert v1.png|border]] | | [[File:Networking Rut955 manual stunnel clientcert v1.png|border]] |
| | | |
− | Once saved, go back to stunnel > configuration, and reload configuration. | + | Once saved, go back to '''stunnel → configuration''', and reload configuration. |
| | | |
| [[File:Networking Rut955 manual stunnel config v1.bmp|border]] | | [[File:Networking Rut955 manual stunnel config v1.bmp|border]] |
Line 122: |
Line 123: |
| | | |
| Using these commands update your Ubuntu's package list and also upgrade the existing packages to the latest version: | | Using these commands update your Ubuntu's package list and also upgrade the existing packages to the latest version: |
− | * ''apt-get update''
| + | |
− | * ''apt-get upgrade''
| + | ''apt-get update'' |
| + | ''apt-get upgrade'' |
| | | |
| | | |
Line 129: |
Line 131: |
| | | |
| Install Stunnel package using the code below: | | Install Stunnel package using the code below: |
− | * ''apt-get install stunnel4 -y''
| + | |
| + | ''apt-get install stunnel4 -y'' |
| | | |
| | | |
Line 136: |
Line 139: |
| Stunnel configures itself using a file named '''stunnel.conf''' which by default is located in '''/etc/stunnel'''. | | Stunnel configures itself using a file named '''stunnel.conf''' which by default is located in '''/etc/stunnel'''. |
| Create a '''stunnel.conf''' file in the /etc/stunnel directory. | | Create a '''stunnel.conf''' file in the /etc/stunnel directory. |
− | * ''nano /etc/stunnel/stunnel.conf''
| + | |
| + | ''nano /etc/stunnel/stunnel.conf'' |
| | | |
| Next, specify a service for use with stunnel. Here, it will work as client so file should look like this: | | Next, specify a service for use with stunnel. Here, it will work as client so file should look like this: |
Line 154: |
Line 158: |
| Stunnel uses SSL certificate to secure its connections, which you can easily create using the commands: | | Stunnel uses SSL certificate to secure its connections, which you can easily create using the commands: |
| | | |
− | *''openssl genrsa -out key.pem 2048''
| + | ''openssl genrsa -out key.pem 2048'' |
− | *''openssl req -new -x509 -key key.pem -out cert.pem -days 1095''
| + | ''openssl req -new -x509 -key key.pem -out cert.pem -days 1095'' |
| | | |
| | | |
| and then create file stunnel.pem | | and then create file stunnel.pem |
− | * ''nano /etc/stunnel/stunnel.pem''
| + | |
| + | ''nano /etc/stunnel/stunnel.pem'' |
| | | |
| | | |
− | copy the certificates to stunnel.pem file: | + | copy the certificates to stunnel.pem file: |
− | * cat key.pem cert.pem >> /etc/stunnel/stunnel.pem
| + | cat key.pem cert.pem >> /etc/stunnel/stunnel.pem |
| | | |
| | | |
Line 170: |
Line 175: |
| * Restart stunnel | | * Restart stunnel |
| | | |
− | restart the stunnel configuration using the command: | + | restart the stunnel configuration using the command: |
− | * ''/etc/init.d/stunnel4 restart''
| + | |
| + | ''/etc/init.d/stunnel4 restart'' |
| | | |
| | | |