From 2a3e7381380c7451386010b17cfb2eadd63445f3 Mon Sep 17 00:00:00 2001 From: Dejan Date: Mon, 16 Feb 2026 19:36:31 +0000 Subject: [PATCH] Upload files to "/" --- teamviewer-gateway-setup-linux.sh | 374 ++++++++++++++++++++++++++++++ teamviewer-troubleshoot.sh | 357 ++++++++++++++++++++++++++++ teamviewer-vpn-setup-linux.sh | 297 ++++++++++++++++++++++++ 3 files changed, 1028 insertions(+) create mode 100644 teamviewer-gateway-setup-linux.sh create mode 100644 teamviewer-troubleshoot.sh create mode 100644 teamviewer-vpn-setup-linux.sh diff --git a/teamviewer-gateway-setup-linux.sh b/teamviewer-gateway-setup-linux.sh new file mode 100644 index 0000000..98cba65 --- /dev/null +++ b/teamviewer-gateway-setup-linux.sh @@ -0,0 +1,374 @@ +#!/bin/bash + +#======================================== +# TeamViewer VPN Gateway Setup Script +# For Remote PC (Gateway) - Linux +#======================================== + +set -e + +# Colors for output +RED='\033[0;31m' +GREEN='\033[0;32m' +YELLOW='\033[1;33m' +BLUE='\033[0;34m' +NC='\033[0m' # No Color + +echo "" +echo "========================================" +echo "TeamViewer VPN Gateway Setup" +echo "Remote PC Configuration" +echo "========================================" +echo "" + +# Check if running as root +if [[ $EUID -ne 0 ]]; then + echo -e "${RED}ERROR: This script must be run as root (use sudo)${NC}" + exit 1 +fi + +#======================================== +# Configuration Variables +#======================================== + +echo "Enter your configuration details:" +echo "" + +read -p "Enter PLC Network (e.g., 192.168.10.0/24): " PLC_NETWORK +read -p "Enter PLC IP to test (e.g., 192.168.10.100): " PLC_IP +read -p "Enter local network interface connected to PLC (e.g., eth0, enp3s0): " LOCAL_INTERFACE + +echo "" +echo "Configuration Summary:" +echo "----------------------" +echo "PLC Network: $PLC_NETWORK" +echo "PLC IP: $PLC_IP" +echo "Local Interface: $LOCAL_INTERFACE" +echo "" + +read -p "Is this correct? (y/n): " CONFIRM +if [[ ! "$CONFIRM" =~ ^[Yy]$ ]]; then + echo "Setup cancelled." + exit 0 +fi + +#======================================== +# Step 1: Install Required Packages +#======================================== + +echo "" +echo -e "${BLUE}[Step 1/8] Installing required packages...${NC}" + +if [ -f /etc/debian_version ]; then + # Debian/Ubuntu + echo "Detected Debian/Ubuntu system" + apt-get update + apt-get install -y iptables iptables-persistent net-tools iputils-ping netcat +elif [ -f /etc/redhat-release ]; then + # RHEL/CentOS + echo "Detected RHEL/CentOS system" + yum install -y iptables iptables-services net-tools iputils nc +else + echo -e "${YELLOW}WARNING: Unknown distribution${NC}" + echo "Please ensure iptables and network tools are installed." +fi + +echo -e "${GREEN}Required packages installed${NC}" + +#======================================== +# Step 2: Check TeamViewer Installation +#======================================== + +echo "" +echo -e "${BLUE}[Step 2/8] Checking TeamViewer installation...${NC}" + +if command -v teamviewer &> /dev/null; then + echo -e "${GREEN}TeamViewer found: $(teamviewer --version)${NC}" +else + echo -e "${YELLOW}TeamViewer not found${NC}" + read -p "Do you want to install TeamViewer now? (y/n): " INSTALL_TV + + if [[ "$INSTALL_TV" =~ ^[Yy]$ ]]; then + if [ -f /etc/debian_version ]; then + wget https://download.teamviewer.com/download/linux/teamviewer_amd64.deb -O /tmp/teamviewer.deb + dpkg -i /tmp/teamviewer.deb || apt-get install -f -y + rm /tmp/teamviewer.deb + elif [ -f /etc/redhat-release ]; then + wget https://download.teamviewer.com/download/linux/teamviewer.x86_64.rpm -O /tmp/teamviewer.rpm + yum install -y /tmp/teamviewer.rpm + rm /tmp/teamviewer.rpm + fi + echo -e "${GREEN}TeamViewer installed${NC}" + fi +fi + +# Enable and start TeamViewer daemon +if ! systemctl is-active --quiet teamviewerd; then + systemctl enable teamviewerd + systemctl start teamviewerd + echo -e "${GREEN}TeamViewer daemon started${NC}" +fi + +#======================================== +# Step 3: Configure Unattended Access +#======================================== + +echo "" +echo -e "${BLUE}[Step 3/8] Configuring TeamViewer for unattended access...${NC}" + +echo "" +echo "IMPORTANT: You need to configure TeamViewer manually:" +echo "1. Open TeamViewer application" +echo "2. Go to Extras → Options" +echo "3. Set a strong password for unattended access" +echo "4. Enable 'Start TeamViewer with system'" +echo "5. Note your TeamViewer ID for future connections" +echo "" + +if command -v teamviewer &> /dev/null; then + teamviewer info | grep "TeamViewer ID" || echo "TeamViewer ID not available yet - open TeamViewer GUI to activate" +fi + +read -p "Press Enter when you've configured TeamViewer..." + +#======================================== +# Step 4: Test PLC Network Access +#======================================== + +echo "" +echo -e "${BLUE}[Step 4/8] Testing PLC network access...${NC}" + +# Check if interface exists and is up +if ip link show $LOCAL_INTERFACE &> /dev/null; then + echo -e "${GREEN}Interface $LOCAL_INTERFACE exists${NC}" + + # Show interface IP + IP_ADDR=$(ip addr show $LOCAL_INTERFACE | grep "inet " | awk '{print $2}') + echo "Interface IP: $IP_ADDR" +else + echo -e "${RED}ERROR: Interface $LOCAL_INTERFACE not found!${NC}" + echo "Available interfaces:" + ip link show + exit 1 +fi + +# Test ping to PLC +echo "" +echo "Testing connectivity to PLC ($PLC_IP)..." +if ping -c 4 $PLC_IP &> /dev/null; then + echo -e "${GREEN}PLC is reachable from this gateway!${NC}" +else + echo -e "${RED}WARNING: Cannot ping PLC!${NC}" + echo "Please verify:" + echo " - PLC IP is correct: $PLC_IP" + echo " - PLC is powered on and connected" + echo " - Network cable is connected" + echo " - This PC is on the same network as PLC" + read -p "Continue anyway? (y/n): " CONTINUE + if [[ ! "$CONTINUE" =~ ^[Yy]$ ]]; then + exit 1 + fi +fi + +# Test S7 communication port +echo "" +echo "Testing S7 communication port (TCP 102)..." +if nc -zv $PLC_IP 102 2>&1 | grep -q "succeeded"; then + echo -e "${GREEN}Port 102 is accessible!${NC}" +else + echo -e "${YELLOW}WARNING: Port 102 not accessible${NC}" + echo "This may be normal if PLC is not configured for remote access yet." +fi + +#======================================== +# Step 5: Enable IP Forwarding +#======================================== + +echo "" +echo -e "${BLUE}[Step 5/8] Enabling IP forwarding...${NC}" + +# Check current setting +IP_FORWARD=$(cat /proc/sys/net/ipv4/ip_forward) +if [ "$IP_FORWARD" == "1" ]; then + echo -e "${GREEN}IP forwarding already enabled${NC}" +else + echo "Enabling IP forwarding..." + sysctl -w net.ipv4.ip_forward=1 + + # Make persistent + if ! grep -q "net.ipv4.ip_forward=1" /etc/sysctl.conf; then + echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf + fi + + sysctl -p + echo -e "${GREEN}IP forwarding enabled${NC}" +fi + +#======================================== +# Step 6: Configure Firewall Rules +#======================================== + +echo "" +echo -e "${BLUE}[Step 6/8] Configuring firewall rules...${NC}" + +# Detect TeamViewer VPN interface (will be created when VPN connects) +echo "TeamViewer VPN interface will be created when VPN connection is established" +echo "Typically named: teamviewer0 or similar" +echo "" + +read -p "Enter TeamViewer VPN interface name (or press Enter for 'teamviewer0'): " TV_INTERFACE +TV_INTERFACE=${TV_INTERFACE:-teamviewer0} + +echo "" +echo "Configuring iptables rules for:" +echo " TeamViewer VPN Interface: $TV_INTERFACE" +echo " Local PLC Interface: $LOCAL_INTERFACE" + +# Check if firewalld is running +if systemctl is-active --quiet firewalld; then + echo "" + echo "Detected firewalld. Configuring firewalld rules..." + + # Add TeamViewer interface to trusted zone + firewall-cmd --zone=trusted --add-interface=$TV_INTERFACE --permanent 2>/dev/null || echo "Interface will be added when it exists" + firewall-cmd --zone=trusted --add-interface=$LOCAL_INTERFACE --permanent + + # Enable masquerading + firewall-cmd --zone=public --add-masquerade --permanent + + # Reload firewall + firewall-cmd --reload + + echo -e "${GREEN}firewalld rules configured${NC}" +else + echo "" + echo "Configuring iptables rules..." + + # Allow forwarding between TeamViewer VPN and local network + iptables -A FORWARD -i $TV_INTERFACE -o $LOCAL_INTERFACE -j ACCEPT 2>/dev/null || echo "Rule will apply when interface exists" + iptables -A FORWARD -i $LOCAL_INTERFACE -o $TV_INTERFACE -m state --state RELATED,ESTABLISHED -j ACCEPT + + # Save iptables rules + if [ -f /etc/debian_version ]; then + # Save for iptables-persistent + iptables-save > /etc/iptables/rules.v4 + elif [ -f /etc/redhat-release ]; then + # Save for iptables-services + service iptables save + fi + + echo -e "${GREEN}iptables rules configured${NC}" +fi + +#======================================== +# Step 7: Create Startup Script +#======================================== + +echo "" +echo -e "${BLUE}[Step 7/8] Creating startup script...${NC}" + +cat > /usr/local/bin/teamviewer-gateway-setup.sh <<'EOFSCRIPT' +#!/bin/bash + +# TeamViewer Gateway - Network Setup Script +# This script runs at startup to ensure proper routing + +# Configuration (will be replaced during setup) +TV_INTERFACE="__TV_INTERFACE__" +LOCAL_INTERFACE="__LOCAL_INTERFACE__" + +# Wait for TeamViewer VPN interface to be available +for i in {1..30}; do + if ip link show $TV_INTERFACE &> /dev/null; then + echo "TeamViewer VPN interface found" + break + fi + echo "Waiting for TeamViewer VPN interface... ($i/30)" + sleep 2 +done + +# Ensure IP forwarding is enabled +sysctl -w net.ipv4.ip_forward=1 + +# Add firewall rules if not using firewalld +if ! systemctl is-active --quiet firewalld; then + iptables -A FORWARD -i $TV_INTERFACE -o $LOCAL_INTERFACE -j ACCEPT 2>/dev/null + iptables -A FORWARD -i $LOCAL_INTERFACE -o $TV_INTERFACE -m state --state RELATED,ESTABLISHED -j ACCEPT 2>/dev/null +fi + +echo "TeamViewer gateway setup complete" +EOFSCRIPT + +# Replace placeholders +sed -i "s/__TV_INTERFACE__/$TV_INTERFACE/" /usr/local/bin/teamviewer-gateway-setup.sh +sed -i "s/__LOCAL_INTERFACE__/$LOCAL_INTERFACE/" /usr/local/bin/teamviewer-gateway-setup.sh + +chmod +x /usr/local/bin/teamviewer-gateway-setup.sh + +# Create systemd service +cat > /etc/systemd/system/teamviewer-gateway.service </dev/null | grep "TeamViewer ID" || echo "Check TeamViewer GUI")" +echo "Local Interface: $LOCAL_INTERFACE" +echo "Local IP: $(ip addr show $LOCAL_INTERFACE | grep "inet " | awk '{print $2}')" +echo "PLC Network: $PLC_NETWORK" +echo "PLC IP: $PLC_IP" +echo "TeamViewer VPN Interface: $TV_INTERFACE (created when VPN connects)" +echo "" +echo "Services Status:" +echo "----------------" +systemctl status teamviewerd --no-pager -l || echo "TeamViewer: Not running" +echo "" +echo "Next Steps:" +echo "-----------" +echo "1. Keep this PC running and connected to internet" +echo "2. From your remote computer:" +echo " - Open TeamViewer" +echo " - Connect to this PC's TeamViewer ID via VPN" +echo " - Add static route to PLC network" +echo "" +echo "3. Test connectivity from remote computer:" +echo " ping " +echo " ping $PLC_IP" +echo "" +echo "4. Open TIA Portal and connect to PLC" +echo "" +echo "Useful Commands:" +echo "----------------" +echo "Check TeamViewer status: systemctl status teamviewerd" +echo "View TeamViewer ID: teamviewer info" +echo "Check firewall rules: iptables -L -n -v" +echo "Check IP forwarding: cat /proc/sys/net/ipv4/ip_forward" +echo "Test PLC connectivity: ping $PLC_IP" +echo "" + +read -p "Press Enter to finish..." diff --git a/teamviewer-troubleshoot.sh b/teamviewer-troubleshoot.sh new file mode 100644 index 0000000..3242bd4 --- /dev/null +++ b/teamviewer-troubleshoot.sh @@ -0,0 +1,357 @@ +#!/bin/bash + +#======================================== +# TeamViewer VPN - Troubleshooting Script +# Diagnoses common connectivity issues +#======================================== + +# Colors for output +RED='\033[0;31m' +GREEN='\033[0;32m' +YELLOW='\033[1;33m' +BLUE='\033[0;34m' +NC='\033[0m' # No Color + +echo "" +echo "========================================" +echo "TeamViewer VPN - Troubleshooting Tool" +echo "========================================" +echo "" + +# Function to check status +check_status() { + if [ $1 -eq 0 ]; then + echo -e "${GREEN}✓ PASS${NC}" + return 0 + else + echo -e "${RED}✗ FAIL${NC}" + return 1 + fi +} + +# Counter for issues +ISSUES=0 + +#======================================== +# Test 1: TeamViewer Installation +#======================================== + +echo -e "${BLUE}[Test 1/12] TeamViewer Installation${NC}" +echo -n " Checking if TeamViewer is installed... " + +if command -v teamviewer &> /dev/null; then + check_status 0 + VERSION=$(teamviewer --version 2>/dev/null || echo "Unknown") + echo " Version: $VERSION" +else + check_status 1 + ISSUES=$((ISSUES + 1)) + echo -e " ${YELLOW}Solution: Install TeamViewer from https://www.teamviewer.com${NC}" +fi + +#======================================== +# Test 2: TeamViewer Service +#======================================== + +echo "" +echo -e "${BLUE}[Test 2/12] TeamViewer Service Status${NC}" +echo -n " Checking if TeamViewer daemon is running... " + +if systemctl is-active --quiet teamviewerd 2>/dev/null; then + check_status 0 +elif pgrep -x "TeamViewer" > /dev/null 2>&1; then + check_status 0 + echo " Note: Running as user process" +else + check_status 1 + ISSUES=$((ISSUES + 1)) + echo -e " ${YELLOW}Solution: Start TeamViewer with: sudo systemctl start teamviewerd${NC}" +fi + +#======================================== +# Test 3: Internet Connectivity +#======================================== + +echo "" +echo -e "${BLUE}[Test 3/12] Internet Connectivity${NC}" +echo -n " Checking internet connection... " + +if ping -c 1 -W 2 8.8.8.8 &> /dev/null; then + check_status 0 +else + check_status 1 + ISSUES=$((ISSUES + 1)) + echo -e " ${YELLOW}Solution: Check your internet connection${NC}" +fi + +#======================================== +# Test 4: TeamViewer VPN Adapter +#======================================== + +echo "" +echo -e "${BLUE}[Test 4/12] TeamViewer VPN Adapter${NC}" +echo -n " Checking for TeamViewer VPN interface... " + +TV_INTERFACE=$(ip link show | grep -oP "teamviewer\w+" | head -n1) + +if [ -n "$TV_INTERFACE" ]; then + check_status 0 + echo " Interface found: $TV_INTERFACE" + + # Get VPN IP + VPN_IP=$(ip addr show $TV_INTERFACE 2>/dev/null | grep "inet " | awk '{print $2}' | cut -d'/' -f1) + if [ -n "$VPN_IP" ]; then + echo " VPN IP: $VPN_IP" + fi +else + check_status 1 + ISSUES=$((ISSUES + 1)) + echo -e " ${YELLOW}Solution: Establish TeamViewer VPN connection first${NC}" + echo " 1. Open TeamViewer" + echo " 2. Enter remote PC's TeamViewer ID" + echo " 3. Select 'VPN' instead of 'Remote Control'" +fi + +#======================================== +# Test 5: VPN Connection +#======================================== + +echo "" +echo -e "${BLUE}[Test 5/12] VPN Connection Test${NC}" + +if [ -n "$VPN_IP" ]; then + read -p " Enter remote gateway VPN IP (or press Enter to skip): " REMOTE_VPN_IP + + if [ -n "$REMOTE_VPN_IP" ]; then + echo -n " Pinging remote VPN gateway ($REMOTE_VPN_IP)... " + if ping -c 2 -W 2 $REMOTE_VPN_IP &> /dev/null; then + check_status 0 + else + check_status 1 + ISSUES=$((ISSUES + 1)) + echo -e " ${YELLOW}Solution: Check VPN connection and firewall on remote PC${NC}" + fi + else + echo " Skipped" + fi +else + echo " Skipped (no VPN adapter found)" +fi + +#======================================== +# Test 6: IP Forwarding +#======================================== + +echo "" +echo -e "${BLUE}[Test 6/12] IP Forwarding (Gateway only)${NC}" + +read -p " Is this PC acting as a gateway? (y/n): " IS_GATEWAY + +if [[ "$IS_GATEWAY" =~ ^[Yy]$ ]]; then + echo -n " Checking IP forwarding... " + + IP_FORWARD=$(cat /proc/sys/net/ipv4/ip_forward 2>/dev/null) + if [ "$IP_FORWARD" == "1" ]; then + check_status 0 + else + check_status 1 + ISSUES=$((ISSUES + 1)) + echo -e " ${YELLOW}Solution: Enable with: sudo sysctl -w net.ipv4.ip_forward=1${NC}" + fi +else + echo " Skipped (not a gateway)" +fi + +#======================================== +# Test 7: Routing Table +#======================================== + +echo "" +echo -e "${BLUE}[Test 7/12] Routing Table${NC}" + +read -p " Enter PLC network to check (e.g., 192.168.10.0/24) or press Enter to skip: " PLC_NETWORK + +if [ -n "$PLC_NETWORK" ]; then + echo -n " Checking route to $PLC_NETWORK... " + + if ip route show | grep -q "$PLC_NETWORK"; then + check_status 0 + echo " Route found:" + ip route show | grep "$PLC_NETWORK" + else + check_status 1 + ISSUES=$((ISSUES + 1)) + echo -e " ${YELLOW}Solution: Add route with: sudo ip route add $PLC_NETWORK via ${NC}" + fi +else + echo " Skipped" +fi + +#======================================== +# Test 8: PLC Connectivity +#======================================== + +echo "" +echo -e "${BLUE}[Test 8/12] PLC Network Connectivity${NC}" + +read -p " Enter PLC IP to test (or press Enter to skip): " PLC_IP + +if [ -n "$PLC_IP" ]; then + echo -n " Pinging PLC ($PLC_IP)... " + + if ping -c 2 -W 2 $PLC_IP &> /dev/null; then + check_status 0 + else + check_status 1 + ISSUES=$((ISSUES + 1)) + echo -e " ${YELLOW}Possible causes:${NC}" + echo " - Route not configured correctly" + echo " - PLC is offline or not at this IP" + echo " - Firewall blocking traffic on gateway" + fi +else + echo " Skipped" +fi + +#======================================== +# Test 9: S7 Communication Port +#======================================== + +echo "" +echo -e "${BLUE}[Test 9/12] S7 Communication Port (TCP 102)${NC}" + +if [ -n "$PLC_IP" ]; then + echo -n " Checking port 102 on $PLC_IP... " + + if command -v nc &> /dev/null; then + if nc -zv -w 2 $PLC_IP 102 2>&1 | grep -q "succeeded\|open"; then + check_status 0 + else + check_status 1 + ISSUES=$((ISSUES + 1)) + echo -e " ${YELLOW}Possible causes:${NC}" + echo " - PLC not configured for remote access" + echo " - PLC firewall settings" + echo " - Wrong IP address" + fi + else + echo "Skipped (netcat not installed)" + fi +else + echo " Skipped (no PLC IP provided)" +fi + +#======================================== +# Test 10: Firewall Rules (Gateway) +#======================================== + +echo "" +echo -e "${BLUE}[Test 10/12] Firewall Rules (Gateway only)${NC}" + +if [[ "$IS_GATEWAY" =~ ^[Yy]$ ]]; then + echo -n " Checking iptables FORWARD rules... " + + if sudo iptables -L FORWARD -n | grep -q "ACCEPT"; then + check_status 0 + echo " Current FORWARD chain:" + sudo iptables -L FORWARD -n | head -10 + else + check_status 1 + ISSUES=$((ISSUES + 1)) + echo -e " ${YELLOW}Solution: Add FORWARD rules for TeamViewer VPN interface${NC}" + fi +else + echo " Skipped (not a gateway)" +fi + +#======================================== +# Test 11: DNS Resolution +#======================================== + +echo "" +echo -e "${BLUE}[Test 11/12] DNS Resolution${NC}" +echo -n " Checking DNS... " + +if host google.com &> /dev/null || nslookup google.com &> /dev/null; then + check_status 0 +else + check_status 1 + ISSUES=$((ISSUES + 1)) + echo -e " ${YELLOW}Solution: Check DNS settings in /etc/resolv.conf${NC}" +fi + +#======================================== +# Test 12: TUN/TAP Module (Linux) +#======================================== + +echo "" +echo -e "${BLUE}[Test 12/12] TUN/TAP Kernel Module${NC}" +echo -n " Checking if tun module is loaded... " + +if lsmod | grep -q "^tun"; then + check_status 0 +else + check_status 1 + ISSUES=$((ISSUES + 1)) + echo -e " ${YELLOW}Solution: Load module with: sudo modprobe tun${NC}" +fi + +#======================================== +# Summary +#======================================== + +echo "" +echo "========================================" +echo "Troubleshooting Summary" +echo "========================================" +echo "" + +if [ $ISSUES -eq 0 ]; then + echo -e "${GREEN}✓ All tests passed!${NC}" + echo "Your TeamViewer VPN setup appears to be working correctly." +else + echo -e "${RED}✗ Found $ISSUES issue(s)${NC}" + echo "Please review the solutions above and fix the issues." +fi + +echo "" +echo "Additional Information:" +echo "-----------------------" + +# Show all network interfaces +echo "" +echo "Network Interfaces:" +ip addr show | grep -E "^[0-9]+:|inet " + +# Show routing table +echo "" +echo "Routing Table:" +ip route show + +# Show iptables if gateway +if [[ "$IS_GATEWAY" =~ ^[Yy]$ ]]; then + echo "" + echo "Firewall NAT Rules:" + sudo iptables -t nat -L POSTROUTING -n -v | head -20 + + echo "" + echo "Firewall FORWARD Rules:" + sudo iptables -L FORWARD -n -v | head -20 +fi + +# TeamViewer info +echo "" +echo "TeamViewer Information:" +if command -v teamviewer &> /dev/null; then + teamviewer info 2>/dev/null || echo "TeamViewer not running or info unavailable" +fi + +echo "" +echo "========================================" +echo "Troubleshooting Complete" +echo "========================================" +echo "" +echo "For more help, see:" +echo " - TeamViewer documentation: https://www.teamviewer.com/en/documents/" +echo " - README guide: teamviewer-vpn-plc-access-guide.md" +echo "" diff --git a/teamviewer-vpn-setup-linux.sh b/teamviewer-vpn-setup-linux.sh new file mode 100644 index 0000000..971210b --- /dev/null +++ b/teamviewer-vpn-setup-linux.sh @@ -0,0 +1,297 @@ +#!/bin/bash + +#======================================== +# TeamViewer VPN - PLC Access Setup Script +# For Linux +#======================================== + +set -e + +# Colors for output +RED='\033[0;31m' +GREEN='\033[0;32m' +YELLOW='\033[1;33m' +BLUE='\033[0;34m' +NC='\033[0m' # No Color + +echo "" +echo "========================================" +echo "TeamViewer VPN - PLC Access Setup" +echo "========================================" +echo "" + +# Check if running as root +if [[ $EUID -ne 0 ]]; then + echo -e "${RED}ERROR: This script must be run as root (use sudo)${NC}" + exit 1 +fi + +#======================================== +# Configuration Variables - CUSTOMIZE THESE +#======================================== + +echo "Enter your configuration details:" +echo "" + +read -p "Enter PLC Network (e.g., 192.168.10.0/24): " PLC_NETWORK +read -p "Enter Remote Gateway VPN IP (e.g., 7.254.0.2): " REMOTE_VPN_IP + +echo "" +echo "Configuration Summary:" +echo "----------------------" +echo "PLC Network: $PLC_NETWORK" +echo "Remote VPN IP: $REMOTE_VPN_IP" +echo "" + +read -p "Is this correct? (y/n): " CONFIRM +if [[ ! "$CONFIRM" =~ ^[Yy]$ ]]; then + echo "Setup cancelled." + exit 0 +fi + +#======================================== +# Step 1: Check TeamViewer Installation +#======================================== + +echo "" +echo -e "${BLUE}[Step 1/6] Checking TeamViewer installation...${NC}" + +if command -v teamviewer &> /dev/null; then + echo -e "${GREEN}TeamViewer found: $(teamviewer --version)${NC}" +else + echo -e "${YELLOW}WARNING: TeamViewer not found in PATH${NC}" + echo "TeamViewer may not be installed or not in PATH." + echo "" + read -p "Do you want to install TeamViewer now? (y/n): " INSTALL_TV + + if [[ "$INSTALL_TV" =~ ^[Yy]$ ]]; then + echo "Installing TeamViewer..." + + # Detect distribution + if [ -f /etc/debian_version ]; then + # Debian/Ubuntu + echo "Detected Debian/Ubuntu system" + wget https://download.teamviewer.com/download/linux/teamviewer_amd64.deb -O /tmp/teamviewer.deb + dpkg -i /tmp/teamviewer.deb || apt-get install -f -y + rm /tmp/teamviewer.deb + elif [ -f /etc/redhat-release ]; then + # RHEL/CentOS + echo "Detected RHEL/CentOS system" + wget https://download.teamviewer.com/download/linux/teamviewer.x86_64.rpm -O /tmp/teamviewer.rpm + yum install -y /tmp/teamviewer.rpm + rm /tmp/teamviewer.rpm + else + echo -e "${RED}ERROR: Unsupported distribution${NC}" + echo "Please install TeamViewer manually from: https://www.teamviewer.com" + exit 1 + fi + + echo -e "${GREEN}TeamViewer installed successfully!${NC}" + else + echo "Skipping TeamViewer installation." + echo "Please install manually if needed." + fi +fi + +# Check if TeamViewer daemon is running +if systemctl is-active --quiet teamviewerd; then + echo -e "${GREEN}TeamViewer daemon is running${NC}" +else + echo -e "${YELLOW}TeamViewer daemon is not running${NC}" + read -p "Do you want to start TeamViewer daemon? (y/n): " START_TV + if [[ "$START_TV" =~ ^[Yy]$ ]]; then + systemctl start teamviewerd + systemctl enable teamviewerd + echo -e "${GREEN}TeamViewer daemon started${NC}" + fi +fi + +#======================================== +# Step 2: Check Network Connectivity +#======================================== + +echo "" +echo -e "${BLUE}[Step 2/6] Checking network connectivity...${NC}" + +echo "Testing internet connection..." +if ping -c 1 8.8.8.8 &> /dev/null; then + echo -e "${GREEN}Internet connection: OK${NC}" +else + echo -e "${RED}WARNING: No internet connection detected!${NC}" + echo "TeamViewer requires internet to establish VPN." +fi + +#======================================== +# Step 3: Check IP Forwarding +#======================================== + +echo "" +echo -e "${BLUE}[Step 3/6] Checking IP forwarding...${NC}" + +IP_FORWARD=$(cat /proc/sys/net/ipv4/ip_forward) +if [ "$IP_FORWARD" == "1" ]; then + echo -e "${GREEN}IP forwarding is already enabled${NC}" +else + echo -e "${YELLOW}IP forwarding is disabled${NC}" + read -p "Do you want to enable IP forwarding? (y/n): " ENABLE_FORWARD + + if [[ "$ENABLE_FORWARD" =~ ^[Yy]$ ]]; then + echo "Enabling IP forwarding..." + sysctl -w net.ipv4.ip_forward=1 + + # Make persistent + if ! grep -q "net.ipv4.ip_forward=1" /etc/sysctl.conf; then + echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf + echo -e "${GREEN}IP forwarding enabled and made persistent${NC}" + fi + fi +fi + +#======================================== +# Step 4: Display Current Routes +#======================================== + +echo "" +echo -e "${BLUE}[Step 4/6] Current network routes:${NC}" +echo "" +ip route show | grep -E "192\.168\.|10\.|172\." +echo "" + +#======================================== +# Step 5: Add Static Route to PLC Network +#======================================== + +echo "" +echo -e "${BLUE}[Step 5/6] Adding static route to PLC network...${NC}" + +# Check if route already exists +if ip route show | grep -q "$PLC_NETWORK"; then + echo -e "${YELLOW}WARNING: Route to $PLC_NETWORK already exists!${NC}" + echo "" + ip route show | grep "$PLC_NETWORK" + echo "" + read -p "Do you want to delete existing route and recreate? (y/n): " DELETE_ROUTE + + if [[ "$DELETE_ROUTE" =~ ^[Yy]$ ]]; then + echo "Deleting existing route..." + ip route del $PLC_NETWORK + sleep 1 + else + echo "Keeping existing route. Skipping route creation." + SKIP_ROUTE=1 + fi +fi + +if [ -z "$SKIP_ROUTE" ]; then + echo "Adding route: $PLC_NETWORK via $REMOTE_VPN_IP" + + if ip route add $PLC_NETWORK via $REMOTE_VPN_IP; then + echo -e "${GREEN}Route added successfully!${NC}" + + echo "" + read -p "Make this route persistent (survive reboot)? (y/n): " MAKE_PERSISTENT + + if [[ "$MAKE_PERSISTENT" =~ ^[Yy]$ ]]; then + echo "Creating systemd service for persistent route..." + + cat > /etc/systemd/system/teamviewer-plc-route.service < (e.g., 192.168.10.100)" +echo "" +echo "3. Open TIA Portal (via Wine or Windows VM) and connect to PLC" +echo "" +echo "To remove the route later, run:" +echo " sudo ip route del $PLC_NETWORK" +echo "" + +#======================================== +# Optional: Test Connectivity Now +#======================================== + +read -p "Do you want to test connectivity now? (y/n): " TEST_NOW + +if [[ "$TEST_NOW" =~ ^[Yy]$ ]]; then + echo "" + echo "Testing connection to remote VPN gateway..." + ping -c 4 $REMOTE_VPN_IP || echo -e "${RED}Ping failed!${NC}" + + echo "" + read -p "Enter PLC IP to test (e.g., 192.168.10.100): " PLC_IP + + if [ -n "$PLC_IP" ]; then + echo "Testing connection to PLC..." + ping -c 4 $PLC_IP || echo -e "${RED}Ping failed!${NC}" + + echo "" + echo "Testing S7 communication port (102)..." + if command -v nc &> /dev/null; then + nc -zv $PLC_IP 102 || echo -e "${RED}Port 102 is not reachable${NC}" + else + echo -e "${YELLOW}netcat (nc) not found. Cannot test port.${NC}" + echo "Install with: apt-get install netcat or yum install nc" + fi + fi +fi + +echo "" +echo "========================================" +echo "Script finished!" +echo "========================================" +echo ""