Configure AT&T Global Network Client on Linux Firewall
From Nearline Storage
- Install agnclient and agnclient-compat RPMs from internal repository at work (saved on my file server)
- Note: The agnclient-compat RPM would not install on my Fedora 10 firewall. It requires a more recent version of rpm, I think. So I installed it on my Fedora 11 box and copied the files over. Its pre and post scripts simply run "ldconfig".
- Add the agnclientd and agnLogd services with chkconfig, and start them up.
- Add these lines to my firewall script, in the appropriate places:
- $IPTABLES -t nat -A POSTROUTING -o tun2 -j MASQUERADE
- $IPTABLES -A INPUT -i tun+ -j ACCEPT
- $IPTABLES -A FORWARD -i tun+ -j ACCEPT
- $IPTABLES -A FORWARD -o tun+ -j ACCEPT
- Build an agncGetState program to ask the agnclientd deamon for the current status of the connection (source on firewall in /root/src/agnc-tools)
- (See the how_to_compile file in the source dir, there were some soft links that had to be added to get linking to work)
- Write an agns.sh script for my serviceCheck monitor that checks the status of the link and restarts it when it is down