Describe connecting meshes

b713a93d · Bob Mottram · 73800927 · b713a93d · b713a93d · b713a93d
Commit b713a93d authored 7 years ago by Bob Mottram
--- a/doc/EN/app_vpn.org
+++ b/doc/EN/app_vpn.org
@@ -50,7 +50,7 @@ scp -P 2222 myusername@mydomainname:/home/myusername/stunnel* .
 You will need to ensure that the /openvpn/ and /stunnel/ packages are installed. On an Arch based system:

 #+begin_src bash
-sudp pacman -S openvpn stunnel4
+sudo pacman -S openvpn stunnel4
 #+end_src

 Or on a Debian based system:

--- a/doc/EN/mesh.org
+++ b/doc/EN/mesh.org
@@ -232,6 +232,37 @@ When you are finished close the window and then select the /Network Restart/ des
 If you need to be able to access the internet from the mesh then connect one of the peers to an internet router using an ethernet cable, then reboot it. Other peers in the mesh, including any attached mobile devices, will then be able to access the internet using the ethernet attached peer as a gateway. [[https://en.wikipedia.org/wiki/Freifunk][Freifunk]] works in a similar way.

 After connecting one peer to the internet you may need to reboot other peers in order to update their network configurations.
+
+If for legal reasons you need to connect to the internet via a VPN then openvpn is preinstalled and you can run the command:
+
+#+begin_src bash
+sudo openvpn myclient.ovpn
+#+end_src
+
+Where /myclient.ovpn/ comes from your VPN provider and with the password "/freedombone/".
+** Connecting two meshes over the internet via a VPN tunnel
+Maybe the internet exists, but you don't care about getting any content from it and just want to use it as a way to connect mesh networks from different geographical locations together. VPN configuration, pem and stunnel files exist within the home directory. Edit the configuration with:
+
+#+begin_src bash
+nano ~/client.ovpn
+#+end_src
+
+Edit the IP address or domain for the mesh that you wish to connect to within the /route/ command:
+
+#+begin_src bash
+route [mesh IP or domain] 255.255.255.255 net_gateway
+#+end_src
+
+Then you can connect to the other mesh with:
+
+#+begin_src bash
+cd /home/fbone
+sudo stunnel stunnel-client.conf
+sudo openvpn client.ovpn
+#+end_src
+
+Using the password "/freedombone/". From a deep packet inspection point of view the traffic going over the internet will just look like any other TLS connection to a server.
+
 ** Mobile devices (phones, etc)
 To allow mobile devices to connect to the mesh you will need a second wifi adapter connected to your laptop/netbook/SBC. Plug in a second wifi adapter then reboot the system. The second adaptor will then create a wifi hotspot which mobile devices can connect to. The hotspot name also contains its local IP address (eg. "/mesh-192.168.1.83/").


--- a/src/freedombone-image-mesh
+++ b/src/freedombone-image-mesh
@@ -773,6 +773,8 @@ function mesh_setup_vpn {

    generate_stunnel_keys

+    sed -i 's|tun-mtu .*|tun-mtu 1532|g' /home/$MY_USERNAME/client.ovpn
+
    systemctl restart openvpn
 }