Configure AT&T Global Network Client on Linux Firewall

From Nearline Storage
Jump to: navigation, search
  1. Install agnclient and agnclient-compat RPMs from internal repository at work (saved on my file server)
    Note: The agnclient-compat RPM would not install on my Fedora 10 firewall. It requires a more recent version of rpm, I think. So I installed it on my Fedora 11 box and copied the files over. Its pre and post scripts simply run "ldconfig".
  2. Add the agnclientd and agnLogd services with chkconfig, and start them up.
  3. Add these lines to my firewall script, in the appropriate places:
    $IPTABLES -t nat -A POSTROUTING -o tun2 -j MASQUERADE
    $IPTABLES -A INPUT -i tun+ -j ACCEPT
    $IPTABLES -A FORWARD -i tun+ -j ACCEPT
    $IPTABLES -A FORWARD -o tun+ -j ACCEPT
  4. Build an agncGetState program to ask the agnclientd deamon for the current status of the connection (source on firewall in /root/src/agnc-tools)
    (See the how_to_compile file in the source dir, there were some soft links that had to be added to get linking to work)
  5. Write an agns.sh script for my serviceCheck monitor that checks the status of the link and restarts it when it is down