Sown-auth2 Server Replacement
Sown-auth2 is no longer running an old operating system and has been upgraded to Ubuntu 14.04 LTS. However, there are a lot of services running on Sown-auth2, ideally we should try to migrate these to two different servers to spread the load a bit. Sown-radius2 and Sown-vpn2 are currently unused and could be used for this purpose.
There are quite a lot of tasks required to realise this project:
- Reinstall Sown-vpn2 with Ubuntu 16.04. (Done)
- Reinstall Sown-radius2 with Ubuntu 16.04. (Done)
- Install and configure FreeRadius version 3 on Sown-radius2. (Done)
- Test Radius authentication using Sown-radius2. (Done)
- Allow admin site to specify the Radius server a node should used for authentication and accounting. (Done)
- Test Radius accounting using Sown-radius2. (Done)
- Peer Sown-Radius2 with Janet Roaming Service as a test server. (Done)
- Get an ECS DMZ IPv4 address setup for Sown-vpn2. (Done, using sown-auth's old IP)
- Install and configure OpenVPN on Sown-vpn2. (Done, may need some changes since we added IPv6 to OpenVPN on sown-auth2)
- Add Sown-vpn2 to the list of VPN servers on admin site. (Done)
- Setup and test a VPN connection between Sown-vpn2 an a test SOWN node. (Done but we had to proxy via sown-auth2, we need to get firewall holes setup with iSolutions at some point. For now it may be worth just using this OpenVPN server for development nodes).