| Anchor | ||||
|---|---|---|---|---|
|
| Include Page | ||||
|---|---|---|---|---|
|
...
The key-pair is (optionally) created and then assigned to the Charon cloud instance at first launch. If a new key-pair is created, the private key can be downloaded during creation.
Make sure to store the private key in a safe place. If it is lost, access to the instance may be permanently lost.
| Div | ||
|---|---|---|
| ||
Adapting the SSH Daemon Configuration of the Charon Host System
...
Creating a VPN Bridge Manually
Please note: should you plan to manage this bridge later using the Charon Manager, you must adhere to the Charon-SSP naming conventions for virtual bridges:
- Bridge name: br_<name-of-bridge>
- TAP name: tapX_<name-of-bridge> (where X stands for an integer identifying the tap interface)
To create a bridge for the VPN tunnel manually, use commands similar to the following:
...
To make the configuration permanent, you can use ifcfg-files, nmcli commands, or a custom startup script - depending on your requirements and your host operating system version.
| Linux version | network-scripts method (ifcfg-files) | NetworkManager (nmcli) |
|---|---|---|
| 7.x | Installed by default. NM_CONTROLLED=no forces ifcfg-file use | Installed by default. |
| 8.x | Deprecated but available; | Preferred configuration method. Used by the Charon-SSP Manager starting with Linux 8 |
| 9.x | No longer available. For interface types supported by the ifcfg-rh plugin, ifcfg-files can be used. | Only method with full functionality. Must be used for TAP interfaces. |
Sample ifcfg-files for CentOS/RHEL 7:
...