Skip to content

WattageGuy/edgerouter-vpn-switch

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
Linux
Linux
 
 
pictures
pictures
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
vpnedgeakt.applescript
vpnedgeakt.applescript
 
 
vpnedgeinakt.applescript
vpnedgeinakt.applescript
 
 

Repository files navigation

edgerouter-vpn-switch

Applescript/Shell script that enable/disable vpn on edgerouter via ssh. The script can then be exported as an app to be used even more widely (mac) or be used as shell script.

Explanation

The script should not be used without ssh key if possible. You can keystroke password in applescript but this is not recommend do to security. The script outputs commands to the edgerouters CLI to enable/disable vpn firewall rules so use your correct rule name. This script relies on errors and therefor not exiting to early. But after 10 tries it closes to not make it run infinity if any other errors occurs (mac). You can export this file to a program or shell script. Every time you run it you will enable/disable your firewall. Se bottom of page for more....

Setup

You have to configure firewall rules manually first time according to pictures below. Change the rule numbers in the script so that they correspond to the numbers on your firewall rules. This script only blocks VPN connections via firewall. First you need to configure and setup your vpn solution. I recommend using l2tp over iPsec. You can find tutorial about setting up a vpn on youtube especially for the edgerouter series.

--

You can activate/inactivate rules by adding/deleting this line in the script:

activate: do script ("delete firewall name WAN_LOCAL rule <your_firewall_rulenumber> disable") in currentTab

inactivate: do script ("set firewall name WAN_LOCAL rule <your_firewall_rulenumber> disable") in currentTab

Here are pictures of the GUI firewall rules:

(I use default action drop) interface

ex of where to find rule name:

rulenumber

rules

SSH key Mac and Edgerouter

  1. In mac terminal: ssh-keygen -t rsa (You might need to input size for exampel -b 2048)
  2. To save the key to mac type: ssh-add
  3. ssh key saved in .ssh/id_rsa.pub give chmod 600.
  4. To show ssh key in terminal: cat .ssh/id_rsa.pub (load this text into edgerouter) OBS! include ex "ssh-rsa" and "[email protected]". Tutorial video: https://www.youtube.com/watch?v=E8-CfvumJBo
  • Use loadkey to add key to edgrouter from a .pub file in edgrouters directory.
  1. cd into .ssh
  2. make a .pub file
  3. paste your ssh key and write, quit (:w!, :q!) ESC to ensure no mispressed keys.
  4. loadkey (.pub file) For more about edgerouter shh key: https://youtu.be/rpAOl8UgfXM

SSH Key Linux and Edgerouter

Guide here: https://thehomeofthefuture.com/how-to/use-an-ssh-key-with-an-ubiquiti-edgerouter/

Examples

Homebridge with plugin Applescript makes a switch in the HomeKit app to turn on/off the VPN easily. Use "do shell script '' open /path''" to run your .app. On Linux you can use any homebridge plugin that does command line or execute shell script.

About

Script that enable/disable vpn on edgerouter via ssh.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 2

Linux v1.1 Latest
May 25, 2022
+ 1 release

Packages

No packages published

Languages