After you have created a site in the HOOC ManagementPortal, you can activate it as follows:
docker load < HOOC_CONNECT_DOCKERIMAGE_LINUX_XXXXXX_GENERIC.tar .Loaded image: hooc/connect-generic:0.3.0).docker run --rm -it --cap-add NET_ADMIN --cap-add NET_BIND_SERVICE --network host hooc/connect-generic:0.3.0 hwid to start the embedded gateway that is not activated.The hardware identification code (hwid) is a code with which the hardware can clearly be identified This ensures that a license key can only be used by the respective hardware. Only after the hardware identification code has been confirmed successfully, you can download the HOOC Connect Binary with the VPN access data.
docker load < HOOC_CONNECT_DOCKERIMAGE_LINUX_XXXXXX_12345678901234567890.tar.Loaded image: hooc/connect-12345678901234567890:0.3.0).docker run --rm -it --device /dev/net/tun --cap-add NET_ADMIN --cap-add NET_BIND_SERVICE --network host hooc/connect-12345678901234567890:0.3.0 to start the activated embedded gateway.Now the console output INFO[0000] Successfully connected to VPN... should be visible. The status of the VPN connection is displayed in the HOOC ManagementPortal.
docker run \
--name hooc-connect \
--detach \
--device /dev/net/tun \
--cap-add NET_ADMIN \
--cap-add NET_BIND_SERVICE \
--network host \
--restart unless-stopped \
hooc/connect-12345678901234567890:0.3.0
With the command above, the HOOC embedded gateway can be started as Daemon. Please note that it also starts automatically together with Docker.
Please note that when starting up, the HOOC Connect Docker creates the network interface hooc-tap0. If you wish to activate the same functionality as e.g. with the HOOC Connect H, you will need to set up a bridge between the physical network interface (e.g.; eth0) and the hooc-tap0. In the configuration examples below, you can see that the bridge obtains an IP address via DHCP.
With the command iptables -A FORWARD -j ACCEPT -i br-hooc -o br-hooc, you can ensure
that the bridge forwards packets correctly. You have to execute this command before starting Docker.
It is important to know that the non-persistent configuration will no longer exist after you have restarted the operating system.
Therefore, make sure that the net-tools and bridge-utils packages are installed. Then run the commands below as root user.
# Stop docker daemon
service docker stop
# Create the bridge br-hooc
brctl addbr br-hooc
# Add the physical eth0 to the br-hooc bridge
brctl addif br-hooc eth0
# Remove IP eth0
ifconfig eth0 0.0.0.0
# Bring eth0 up
ifconfig eth0 up
# Obtain IP from local DHCP-Server
dhclient br-hooc
# Start docker daemon
service docker start
# Start the embedded gateway with the bridge parameter
docker run --rm -it --device /dev/net/tun --cap-add NET_ADMIN --cap-add NET_BIND_SERVICE --network host hooc/connect-12345678901234567890:0.3.0 --vpn.linux.bridge=br-hooc
Adapt the network bridge and the physical network interface in the corresponding network configuration file as follows:
iface eth0 inet manual
iface eth0 inet6 manual
auto br-hooc
iface br-hooc inet dhcp
bridge_ports eth0
If you use dhcpcd, you must made the following adjustments in the file /etc/dhcpcd.conf:
denyinterfaces eth0
interface br-hooc
When you restart the device or network interfaces, the persistent configuration will be adopted. In order to start the HOOC embedded gateway as Daemon, you can use the command:
docker run \
--name hooc-connect \
--detach \
--device /dev/net/tun \
--cap-add NET_ADMIN \
--cap-add NET_BIND_SERVICE \
--network host \
--restart unless-stopped \
hooc/connect-12345678901234567890:0.3.0 \
--vpn.linux.bridge=br-hooc
Docker then starts automatically together with the gateway.
Please note that the configuration above is just one example of a possible configuration. Don’t forget that your configuration must be individually adapted to your operating system and the corresponding version.