Dejan/TeamviewerVpn-s7SiemensPLC-guide
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Upload files to "/"

Browse source
This commit is contained in:
Dejan 2026-02-16 19:36:31 +00:00
parent ba8b3e88b5
commit 2a3e738138
3 changed files with 1028 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

374
teamviewer-gateway-setup-linux.sh Normal file
View file

@ -0,0 +1,374 @@
#!/bin/bash
#========================================
# TeamViewer VPN Gateway Setup Script
# For Remote PC (Gateway) - Linux
#========================================
set -e
# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color
echo ""
echo "========================================"
echo "TeamViewer VPN Gateway Setup"
echo "Remote PC Configuration"
echo "========================================"
echo ""
# Check if running as root
if [[ $EUID -ne 0 ]]; then
echo -e "${RED}ERROR: This script must be run as root (use sudo)${NC}"
exit 1
fi
#========================================
# Configuration Variables
#========================================
echo "Enter your configuration details:"
echo ""
read -p "Enter PLC Network (e.g., 192.168.10.0/24): " PLC_NETWORK
read -p "Enter PLC IP to test (e.g., 192.168.10.100): " PLC_IP
read -p "Enter local network interface connected to PLC (e.g., eth0, enp3s0): " LOCAL_INTERFACE
echo ""
echo "Configuration Summary:"
echo "----------------------"
echo "PLC Network: $PLC_NETWORK"
echo "PLC IP: $PLC_IP"
echo "Local Interface: $LOCAL_INTERFACE"
echo ""
read -p "Is this correct? (y/n): " CONFIRM
if [[ ! "$CONFIRM" =~ ^[Yy]$ ]]; then
echo "Setup cancelled."
exit 0
fi
#========================================
# Step 1: Install Required Packages
#========================================
echo ""
echo -e "${BLUE}[Step 1/8] Installing required packages...${NC}"
if [ -f /etc/debian_version ]; then
# Debian/Ubuntu
echo "Detected Debian/Ubuntu system"
apt-get update
apt-get install -y iptables iptables-persistent net-tools iputils-ping netcat
elif [ -f /etc/redhat-release ]; then
# RHEL/CentOS
echo "Detected RHEL/CentOS system"
yum install -y iptables iptables-services net-tools iputils nc
else
echo -e "${YELLOW}WARNING: Unknown distribution${NC}"
echo "Please ensure iptables and network tools are installed."
fi
echo -e "${GREEN}Required packages installed${NC}"
#========================================
# Step 2: Check TeamViewer Installation
#========================================
echo ""
echo -e "${BLUE}[Step 2/8] Checking TeamViewer installation...${NC}"
if command -v teamviewer &> /dev/null; then
echo -e "${GREEN}TeamViewer found: $(teamviewer --version)${NC}"
else
echo -e "${YELLOW}TeamViewer not found${NC}"
read -p "Do you want to install TeamViewer now? (y/n): " INSTALL_TV
if [[ "$INSTALL_TV" =~ ^[Yy]$ ]]; then
if [ -f /etc/debian_version ]; then
wget https://download.teamviewer.com/download/linux/teamviewer_amd64.deb -O /tmp/teamviewer.deb
dpkg -i /tmp/teamviewer.deb || apt-get install -f -y
rm /tmp/teamviewer.deb
elif [ -f /etc/redhat-release ]; then
wget https://download.teamviewer.com/download/linux/teamviewer.x86_64.rpm -O /tmp/teamviewer.rpm
yum install -y /tmp/teamviewer.rpm
rm /tmp/teamviewer.rpm
fi
echo -e "${GREEN}TeamViewer installed${NC}"
fi
fi
# Enable and start TeamViewer daemon
if ! systemctl is-active --quiet teamviewerd; then
systemctl enable teamviewerd
systemctl start teamviewerd
echo -e "${GREEN}TeamViewer daemon started${NC}"
fi
#========================================
# Step 3: Configure Unattended Access
#========================================
echo ""
echo -e "${BLUE}[Step 3/8] Configuring TeamViewer for unattended access...${NC}"
echo ""
echo "IMPORTANT: You need to configure TeamViewer manually:"
echo "1. Open TeamViewer application"
echo "2. Go to Extras → Options"
echo "3. Set a strong password for unattended access"
echo "4. Enable 'Start TeamViewer with system'"
echo "5. Note your TeamViewer ID for future connections"
echo ""
if command -v teamviewer &> /dev/null; then
teamviewer info | grep "TeamViewer ID" || echo "TeamViewer ID not available yet - open TeamViewer GUI to activate"
fi
read -p "Press Enter when you've configured TeamViewer..."
#========================================
# Step 4: Test PLC Network Access
#========================================
echo ""
echo -e "${BLUE}[Step 4/8] Testing PLC network access...${NC}"
# Check if interface exists and is up
if ip link show $LOCAL_INTERFACE &> /dev/null; then
echo -e "${GREEN}Interface $LOCAL_INTERFACE exists${NC}"
# Show interface IP
IP_ADDR=$(ip addr show $LOCAL_INTERFACE | grep "inet " | awk '{print $2}')
echo "Interface IP: $IP_ADDR"
else
echo -e "${RED}ERROR: Interface $LOCAL_INTERFACE not found!${NC}"
echo "Available interfaces:"
ip link show
exit 1
fi
# Test ping to PLC
echo ""
echo "Testing connectivity to PLC ($PLC_IP)..."
if ping -c 4 $PLC_IP &> /dev/null; then
echo -e "${GREEN}PLC is reachable from this gateway!${NC}"
else
echo -e "${RED}WARNING: Cannot ping PLC!${NC}"
echo "Please verify:"
echo " - PLC IP is correct: $PLC_IP"
echo " - PLC is powered on and connected"
echo " - Network cable is connected"
echo " - This PC is on the same network as PLC"
read -p "Continue anyway? (y/n): " CONTINUE
if [[ ! "$CONTINUE" =~ ^[Yy]$ ]]; then
exit 1
fi
fi
# Test S7 communication port
echo ""
echo "Testing S7 communication port (TCP 102)..."
if nc -zv $PLC_IP 102 2>&1 | grep -q "succeeded"; then
echo -e "${GREEN}Port 102 is accessible!${NC}"
else
echo -e "${YELLOW}WARNING: Port 102 not accessible${NC}"
echo "This may be normal if PLC is not configured for remote access yet."
fi
#========================================
# Step 5: Enable IP Forwarding
#========================================
echo ""
echo -e "${BLUE}[Step 5/8] Enabling IP forwarding...${NC}"
# Check current setting
IP_FORWARD=$(cat /proc/sys/net/ipv4/ip_forward)
if [ "$IP_FORWARD" == "1" ]; then
echo -e "${GREEN}IP forwarding already enabled${NC}"
else
echo "Enabling IP forwarding..."
sysctl -w net.ipv4.ip_forward=1
# Make persistent
if ! grep -q "net.ipv4.ip_forward=1" /etc/sysctl.conf; then
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
fi
sysctl -p
echo -e "${GREEN}IP forwarding enabled${NC}"
fi
#========================================
# Step 6: Configure Firewall Rules
#========================================
echo ""
echo -e "${BLUE}[Step 6/8] Configuring firewall rules...${NC}"
# Detect TeamViewer VPN interface (will be created when VPN connects)
echo "TeamViewer VPN interface will be created when VPN connection is established"
echo "Typically named: teamviewer0 or similar"
echo ""
read -p "Enter TeamViewer VPN interface name (or press Enter for 'teamviewer0'): " TV_INTERFACE
TV_INTERFACE=${TV_INTERFACE:-teamviewer0}
echo ""
echo "Configuring iptables rules for:"
echo " TeamViewer VPN Interface: $TV_INTERFACE"
echo " Local PLC Interface: $LOCAL_INTERFACE"
# Check if firewalld is running
if systemctl is-active --quiet firewalld; then
echo ""
echo "Detected firewalld. Configuring firewalld rules..."
# Add TeamViewer interface to trusted zone
firewall-cmd --zone=trusted --add-interface=$TV_INTERFACE --permanent 2>/dev/null || echo "Interface will be added when it exists"
firewall-cmd --zone=trusted --add-interface=$LOCAL_INTERFACE --permanent
# Enable masquerading
firewall-cmd --zone=public --add-masquerade --permanent
# Reload firewall
firewall-cmd --reload
echo -e "${GREEN}firewalld rules configured${NC}"
else
echo ""
echo "Configuring iptables rules..."
# Allow forwarding between TeamViewer VPN and local network
iptables -A FORWARD -i $TV_INTERFACE -o $LOCAL_INTERFACE -j ACCEPT 2>/dev/null || echo "Rule will apply when interface exists"
iptables -A FORWARD -i $LOCAL_INTERFACE -o $TV_INTERFACE -m state --state RELATED,ESTABLISHED -j ACCEPT
# Save iptables rules
if [ -f /etc/debian_version ]; then
# Save for iptables-persistent
iptables-save > /etc/iptables/rules.v4
elif [ -f /etc/redhat-release ]; then
# Save for iptables-services
service iptables save
fi
echo -e "${GREEN}iptables rules configured${NC}"
fi
#========================================
# Step 7: Create Startup Script
#========================================
echo ""
echo -e "${BLUE}[Step 7/8] Creating startup script...${NC}"
cat > /usr/local/bin/teamviewer-gateway-setup.sh <<'EOFSCRIPT'
#!/bin/bash
# TeamViewer Gateway - Network Setup Script
# This script runs at startup to ensure proper routing
# Configuration (will be replaced during setup)
TV_INTERFACE="__TV_INTERFACE__"
LOCAL_INTERFACE="__LOCAL_INTERFACE__"
# Wait for TeamViewer VPN interface to be available
for i in {1..30}; do
if ip link show $TV_INTERFACE &> /dev/null; then
echo "TeamViewer VPN interface found"
break
fi
echo "Waiting for TeamViewer VPN interface... ($i/30)"
sleep 2
done
# Ensure IP forwarding is enabled
sysctl -w net.ipv4.ip_forward=1
# Add firewall rules if not using firewalld
if ! systemctl is-active --quiet firewalld; then
iptables -A FORWARD -i $TV_INTERFACE -o $LOCAL_INTERFACE -j ACCEPT 2>/dev/null
iptables -A FORWARD -i $LOCAL_INTERFACE -o $TV_INTERFACE -m state --state RELATED,ESTABLISHED -j ACCEPT 2>/dev/null
fi
echo "TeamViewer gateway setup complete"
EOFSCRIPT
# Replace placeholders
sed -i "s/__TV_INTERFACE__/$TV_INTERFACE/" /usr/local/bin/teamviewer-gateway-setup.sh
sed -i "s/__LOCAL_INTERFACE__/$LOCAL_INTERFACE/" /usr/local/bin/teamviewer-gateway-setup.sh
chmod +x /usr/local/bin/teamviewer-gateway-setup.sh
# Create systemd service
cat > /etc/systemd/system/teamviewer-gateway.service <<EOF
[Unit]
Description=TeamViewer VPN Gateway Setup
After=network-online.target teamviewerd.service
Wants=network-online.target
[Service]
Type=oneshot
ExecStart=/usr/local/bin/teamviewer-gateway-setup.sh
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl enable teamviewer-gateway.service
echo -e "${GREEN}Startup script created and enabled${NC}"
#========================================
# Step 8: Summary and Next Steps
#========================================
echo ""
echo "========================================"
echo -e "${GREEN}Gateway Setup Complete!${NC}"
echo "========================================"
echo ""
echo "Configuration Summary:"
echo "----------------------"
echo "TeamViewer ID: $(teamviewer info 2>/dev/null | grep "TeamViewer ID" || echo "Check TeamViewer GUI")"
echo "Local Interface: $LOCAL_INTERFACE"
echo "Local IP: $(ip addr show $LOCAL_INTERFACE | grep "inet " | awk '{print $2}')"
echo "PLC Network: $PLC_NETWORK"
echo "PLC IP: $PLC_IP"
echo "TeamViewer VPN Interface: $TV_INTERFACE (created when VPN connects)"
echo ""
echo "Services Status:"
echo "----------------"
systemctl status teamviewerd --no-pager -l || echo "TeamViewer: Not running"
echo ""
echo "Next Steps:"
echo "-----------"
echo "1. Keep this PC running and connected to internet"
echo "2. From your remote computer:"
echo " - Open TeamViewer"
echo " - Connect to this PC's TeamViewer ID via VPN"
echo " - Add static route to PLC network"
echo ""
echo "3. Test connectivity from remote computer:"
echo " ping <remote_gateway_vpn_ip>"
echo " ping $PLC_IP"
echo ""
echo "4. Open TIA Portal and connect to PLC"
echo ""
echo "Useful Commands:"
echo "----------------"
echo "Check TeamViewer status: systemctl status teamviewerd"
echo "View TeamViewer ID: teamviewer info"
echo "Check firewall rules: iptables -L -n -v"
echo "Check IP forwarding: cat /proc/sys/net/ipv4/ip_forward"
echo "Test PLC connectivity: ping $PLC_IP"
echo ""
read -p "Press Enter to finish..."

357
teamviewer-troubleshoot.sh Normal file
View file

@ -0,0 +1,357 @@
#!/bin/bash
#========================================
# TeamViewer VPN - Troubleshooting Script
# Diagnoses common connectivity issues
#========================================
# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color
echo ""
echo "========================================"
echo "TeamViewer VPN - Troubleshooting Tool"
echo "========================================"
echo ""
# Function to check status
check_status() {
if [ $1 -eq 0 ]; then
echo -e "${GREEN}✓ PASS${NC}"
return 0
else
echo -e "${RED}✗ FAIL${NC}"
return 1
fi
}
# Counter for issues
ISSUES=0
#========================================
# Test 1: TeamViewer Installation
#========================================
echo -e "${BLUE}[Test 1/12] TeamViewer Installation${NC}"
echo -n " Checking if TeamViewer is installed... "
if command -v teamviewer &> /dev/null; then
check_status 0
VERSION=$(teamviewer --version 2>/dev/null || echo "Unknown")
echo " Version: $VERSION"
else
check_status 1
ISSUES=$((ISSUES + 1))
echo -e " ${YELLOW}Solution: Install TeamViewer from https://www.teamviewer.com${NC}"
fi
#========================================
# Test 2: TeamViewer Service
#========================================
echo ""
echo -e "${BLUE}[Test 2/12] TeamViewer Service Status${NC}"
echo -n " Checking if TeamViewer daemon is running... "
if systemctl is-active --quiet teamviewerd 2>/dev/null; then
check_status 0
elif pgrep -x "TeamViewer" > /dev/null 2>&1; then
check_status 0
echo " Note: Running as user process"
else
check_status 1
ISSUES=$((ISSUES + 1))
echo -e " ${YELLOW}Solution: Start TeamViewer with: sudo systemctl start teamviewerd${NC}"
fi
#========================================
# Test 3: Internet Connectivity
#========================================
echo ""
echo -e "${BLUE}[Test 3/12] Internet Connectivity${NC}"
echo -n " Checking internet connection... "
if ping -c 1 -W 2 8.8.8.8 &> /dev/null; then
check_status 0
else
check_status 1
ISSUES=$((ISSUES + 1))
echo -e " ${YELLOW}Solution: Check your internet connection${NC}"
fi
#========================================
# Test 4: TeamViewer VPN Adapter
#========================================
echo ""
echo -e "${BLUE}[Test 4/12] TeamViewer VPN Adapter${NC}"
echo -n " Checking for TeamViewer VPN interface... "
TV_INTERFACE=$(ip link show | grep -oP "teamviewer\w+" | head -n1)
if [ -n "$TV_INTERFACE" ]; then
check_status 0
echo " Interface found: $TV_INTERFACE"
# Get VPN IP
VPN_IP=$(ip addr show $TV_INTERFACE 2>/dev/null | grep "inet " | awk '{print $2}' | cut -d'/' -f1)
if [ -n "$VPN_IP" ]; then
echo " VPN IP: $VPN_IP"
fi
else
check_status 1
ISSUES=$((ISSUES + 1))
echo -e " ${YELLOW}Solution: Establish TeamViewer VPN connection first${NC}"
echo " 1. Open TeamViewer"
echo " 2. Enter remote PC's TeamViewer ID"
echo " 3. Select 'VPN' instead of 'Remote Control'"
fi
#========================================
# Test 5: VPN Connection
#========================================
echo ""
echo -e "${BLUE}[Test 5/12] VPN Connection Test${NC}"
if [ -n "$VPN_IP" ]; then
read -p " Enter remote gateway VPN IP (or press Enter to skip): " REMOTE_VPN_IP
if [ -n "$REMOTE_VPN_IP" ]; then
echo -n " Pinging remote VPN gateway ($REMOTE_VPN_IP)... "
if ping -c 2 -W 2 $REMOTE_VPN_IP &> /dev/null; then
check_status 0
else
check_status 1
ISSUES=$((ISSUES + 1))
echo -e " ${YELLOW}Solution: Check VPN connection and firewall on remote PC${NC}"
fi
else
echo " Skipped"
fi
else
echo " Skipped (no VPN adapter found)"
fi
#========================================
# Test 6: IP Forwarding
#========================================
echo ""
echo -e "${BLUE}[Test 6/12] IP Forwarding (Gateway only)${NC}"
read -p " Is this PC acting as a gateway? (y/n): " IS_GATEWAY
if [[ "$IS_GATEWAY" =~ ^[Yy]$ ]]; then
echo -n " Checking IP forwarding... "
IP_FORWARD=$(cat /proc/sys/net/ipv4/ip_forward 2>/dev/null)
if [ "$IP_FORWARD" == "1" ]; then
check_status 0
else
check_status 1
ISSUES=$((ISSUES + 1))
echo -e " ${YELLOW}Solution: Enable with: sudo sysctl -w net.ipv4.ip_forward=1${NC}"
fi
else
echo " Skipped (not a gateway)"
fi
#========================================
# Test 7: Routing Table
#========================================
echo ""
echo -e "${BLUE}[Test 7/12] Routing Table${NC}"
read -p " Enter PLC network to check (e.g., 192.168.10.0/24) or press Enter to skip: " PLC_NETWORK
if [ -n "$PLC_NETWORK" ]; then
echo -n " Checking route to $PLC_NETWORK... "
if ip route show | grep -q "$PLC_NETWORK"; then
check_status 0
echo " Route found:"
ip route show | grep "$PLC_NETWORK"
else
check_status 1
ISSUES=$((ISSUES + 1))
echo -e " ${YELLOW}Solution: Add route with: sudo ip route add $PLC_NETWORK via <remote_vpn_ip>${NC}"
fi
else
echo " Skipped"
fi
#========================================
# Test 8: PLC Connectivity
#========================================
echo ""
echo -e "${BLUE}[Test 8/12] PLC Network Connectivity${NC}"
read -p " Enter PLC IP to test (or press Enter to skip): " PLC_IP
if [ -n "$PLC_IP" ]; then
echo -n " Pinging PLC ($PLC_IP)... "
if ping -c 2 -W 2 $PLC_IP &> /dev/null; then
check_status 0
else
check_status 1
ISSUES=$((ISSUES + 1))
echo -e " ${YELLOW}Possible causes:${NC}"
echo " - Route not configured correctly"
echo " - PLC is offline or not at this IP"
echo " - Firewall blocking traffic on gateway"
fi
else
echo " Skipped"
fi
#========================================
# Test 9: S7 Communication Port
#========================================
echo ""
echo -e "${BLUE}[Test 9/12] S7 Communication Port (TCP 102)${NC}"
if [ -n "$PLC_IP" ]; then
echo -n " Checking port 102 on $PLC_IP... "
if command -v nc &> /dev/null; then
if nc -zv -w 2 $PLC_IP 102 2>&1 | grep -q "succeeded\|open"; then
check_status 0
else
check_status 1
ISSUES=$((ISSUES + 1))
echo -e " ${YELLOW}Possible causes:${NC}"
echo " - PLC not configured for remote access"
echo " - PLC firewall settings"
echo " - Wrong IP address"
fi
else
echo "Skipped (netcat not installed)"
fi
else
echo " Skipped (no PLC IP provided)"
fi
#========================================
# Test 10: Firewall Rules (Gateway)
#========================================
echo ""
echo -e "${BLUE}[Test 10/12] Firewall Rules (Gateway only)${NC}"
if [[ "$IS_GATEWAY" =~ ^[Yy]$ ]]; then
echo -n " Checking iptables FORWARD rules... "
if sudo iptables -L FORWARD -n | grep -q "ACCEPT"; then
check_status 0
echo " Current FORWARD chain:"
sudo iptables -L FORWARD -n | head -10
else
check_status 1
ISSUES=$((ISSUES + 1))
echo -e " ${YELLOW}Solution: Add FORWARD rules for TeamViewer VPN interface${NC}"
fi
else
echo " Skipped (not a gateway)"
fi
#========================================
# Test 11: DNS Resolution
#========================================
echo ""
echo -e "${BLUE}[Test 11/12] DNS Resolution${NC}"
echo -n " Checking DNS... "
if host google.com &> /dev/null || nslookup google.com &> /dev/null; then
check_status 0
else
check_status 1
ISSUES=$((ISSUES + 1))
echo -e " ${YELLOW}Solution: Check DNS settings in /etc/resolv.conf${NC}"
fi
#========================================
# Test 12: TUN/TAP Module (Linux)
#========================================
echo ""
echo -e "${BLUE}[Test 12/12] TUN/TAP Kernel Module${NC}"
echo -n " Checking if tun module is loaded... "
if lsmod | grep -q "^tun"; then
check_status 0
else
check_status 1
ISSUES=$((ISSUES + 1))
echo -e " ${YELLOW}Solution: Load module with: sudo modprobe tun${NC}"
fi
#========================================
# Summary
#========================================
echo ""
echo "========================================"
echo "Troubleshooting Summary"
echo "========================================"
echo ""
if [ $ISSUES -eq 0 ]; then
echo -e "${GREEN}✓ All tests passed!${NC}"
echo "Your TeamViewer VPN setup appears to be working correctly."
else
echo -e "${RED}✗ Found $ISSUES issue(s)${NC}"
echo "Please review the solutions above and fix the issues."
fi
echo ""
echo "Additional Information:"
echo "-----------------------"
# Show all network interfaces
echo ""
echo "Network Interfaces:"
ip addr show | grep -E "^[0-9]+:|inet "
# Show routing table
echo ""
echo "Routing Table:"
ip route show
# Show iptables if gateway
if [[ "$IS_GATEWAY" =~ ^[Yy]$ ]]; then
echo ""
echo "Firewall NAT Rules:"
sudo iptables -t nat -L POSTROUTING -n -v | head -20
echo ""
echo "Firewall FORWARD Rules:"
sudo iptables -L FORWARD -n -v | head -20
fi
# TeamViewer info
echo ""
echo "TeamViewer Information:"
if command -v teamviewer &> /dev/null; then
teamviewer info 2>/dev/null || echo "TeamViewer not running or info unavailable"
fi
echo ""
echo "========================================"
echo "Troubleshooting Complete"
echo "========================================"
echo ""
echo "For more help, see:"
echo " - TeamViewer documentation: https://www.teamviewer.com/en/documents/"
echo " - README guide: teamviewer-vpn-plc-access-guide.md"
echo ""

297
teamviewer-vpn-setup-linux.sh Normal file
View file

@ -0,0 +1,297 @@
#!/bin/bash
#========================================
# TeamViewer VPN - PLC Access Setup Script
# For Linux
#========================================
set -e
# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color
echo ""
echo "========================================"
echo "TeamViewer VPN - PLC Access Setup"
echo "========================================"
echo ""
# Check if running as root
if [[ $EUID -ne 0 ]]; then
echo -e "${RED}ERROR: This script must be run as root (use sudo)${NC}"
exit 1
fi
#========================================
# Configuration Variables - CUSTOMIZE THESE
#========================================
echo "Enter your configuration details:"
echo ""
read -p "Enter PLC Network (e.g., 192.168.10.0/24): " PLC_NETWORK
read -p "Enter Remote Gateway VPN IP (e.g., 7.254.0.2): " REMOTE_VPN_IP
echo ""
echo "Configuration Summary:"
echo "----------------------"
echo "PLC Network: $PLC_NETWORK"
echo "Remote VPN IP: $REMOTE_VPN_IP"
echo ""
read -p "Is this correct? (y/n): " CONFIRM
if [[ ! "$CONFIRM" =~ ^[Yy]$ ]]; then
echo "Setup cancelled."
exit 0
fi
#========================================
# Step 1: Check TeamViewer Installation
#========================================
echo ""
echo -e "${BLUE}[Step 1/6] Checking TeamViewer installation...${NC}"
if command -v teamviewer &> /dev/null; then
echo -e "${GREEN}TeamViewer found: $(teamviewer --version)${NC}"
else
echo -e "${YELLOW}WARNING: TeamViewer not found in PATH${NC}"
echo "TeamViewer may not be installed or not in PATH."
echo ""
read -p "Do you want to install TeamViewer now? (y/n): " INSTALL_TV
if [[ "$INSTALL_TV" =~ ^[Yy]$ ]]; then
echo "Installing TeamViewer..."
# Detect distribution
if [ -f /etc/debian_version ]; then
# Debian/Ubuntu
echo "Detected Debian/Ubuntu system"
wget https://download.teamviewer.com/download/linux/teamviewer_amd64.deb -O /tmp/teamviewer.deb
dpkg -i /tmp/teamviewer.deb || apt-get install -f -y
rm /tmp/teamviewer.deb
elif [ -f /etc/redhat-release ]; then
# RHEL/CentOS
echo "Detected RHEL/CentOS system"
wget https://download.teamviewer.com/download/linux/teamviewer.x86_64.rpm -O /tmp/teamviewer.rpm
yum install -y /tmp/teamviewer.rpm
rm /tmp/teamviewer.rpm
else
echo -e "${RED}ERROR: Unsupported distribution${NC}"
echo "Please install TeamViewer manually from: https://www.teamviewer.com"
exit 1
fi
echo -e "${GREEN}TeamViewer installed successfully!${NC}"
else
echo "Skipping TeamViewer installation."
echo "Please install manually if needed."
fi
fi
# Check if TeamViewer daemon is running
if systemctl is-active --quiet teamviewerd; then
echo -e "${GREEN}TeamViewer daemon is running${NC}"
else
echo -e "${YELLOW}TeamViewer daemon is not running${NC}"
read -p "Do you want to start TeamViewer daemon? (y/n): " START_TV
if [[ "$START_TV" =~ ^[Yy]$ ]]; then
systemctl start teamviewerd
systemctl enable teamviewerd
echo -e "${GREEN}TeamViewer daemon started${NC}"
fi
fi
#========================================
# Step 2: Check Network Connectivity
#========================================
echo ""
echo -e "${BLUE}[Step 2/6] Checking network connectivity...${NC}"
echo "Testing internet connection..."
if ping -c 1 8.8.8.8 &> /dev/null; then
echo -e "${GREEN}Internet connection: OK${NC}"
else
echo -e "${RED}WARNING: No internet connection detected!${NC}"
echo "TeamViewer requires internet to establish VPN."
fi
#========================================
# Step 3: Check IP Forwarding
#========================================
echo ""
echo -e "${BLUE}[Step 3/6] Checking IP forwarding...${NC}"
IP_FORWARD=$(cat /proc/sys/net/ipv4/ip_forward)
if [ "$IP_FORWARD" == "1" ]; then
echo -e "${GREEN}IP forwarding is already enabled${NC}"
else
echo -e "${YELLOW}IP forwarding is disabled${NC}"
read -p "Do you want to enable IP forwarding? (y/n): " ENABLE_FORWARD
if [[ "$ENABLE_FORWARD" =~ ^[Yy]$ ]]; then
echo "Enabling IP forwarding..."
sysctl -w net.ipv4.ip_forward=1
# Make persistent
if ! grep -q "net.ipv4.ip_forward=1" /etc/sysctl.conf; then
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
echo -e "${GREEN}IP forwarding enabled and made persistent${NC}"
fi
fi
fi
#========================================
# Step 4: Display Current Routes
#========================================
echo ""
echo -e "${BLUE}[Step 4/6] Current network routes:${NC}"
echo ""
ip route show | grep -E "192\.168\.|10\.|172\."
echo ""
#========================================
# Step 5: Add Static Route to PLC Network
#========================================
echo ""
echo -e "${BLUE}[Step 5/6] Adding static route to PLC network...${NC}"
# Check if route already exists
if ip route show | grep -q "$PLC_NETWORK"; then
echo -e "${YELLOW}WARNING: Route to $PLC_NETWORK already exists!${NC}"
echo ""
ip route show | grep "$PLC_NETWORK"
echo ""
read -p "Do you want to delete existing route and recreate? (y/n): " DELETE_ROUTE
if [[ "$DELETE_ROUTE" =~ ^[Yy]$ ]]; then
echo "Deleting existing route..."
ip route del $PLC_NETWORK
sleep 1
else
echo "Keeping existing route. Skipping route creation."
SKIP_ROUTE=1
fi
fi
if [ -z "$SKIP_ROUTE" ]; then
echo "Adding route: $PLC_NETWORK via $REMOTE_VPN_IP"
if ip route add $PLC_NETWORK via $REMOTE_VPN_IP; then
echo -e "${GREEN}Route added successfully!${NC}"
echo ""
read -p "Make this route persistent (survive reboot)? (y/n): " MAKE_PERSISTENT
if [[ "$MAKE_PERSISTENT" =~ ^[Yy]$ ]]; then
echo "Creating systemd service for persistent route..."
cat > /etc/systemd/system/teamviewer-plc-route.service <<EOF
[Unit]
Description=TeamViewer VPN Route to PLC Network
After=network-online.target teamviewerd.service
Wants=network-online.target
[Service]
Type=oneshot
ExecStart=/sbin/ip route add $PLC_NETWORK via $REMOTE_VPN_IP
ExecStop=/sbin/ip route del $PLC_NETWORK
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl enable teamviewer-plc-route.service
echo -e "${GREEN}Persistent route service created and enabled${NC}"
echo "Service will start automatically after reboot"
fi
else
echo -e "${RED}ERROR: Failed to add route!${NC}"
echo "This may happen if:"
echo " - TeamViewer VPN is not connected"
echo " - VPN IP is incorrect"
echo " - Insufficient permissions"
fi
fi
#========================================
# Step 6: Verify Configuration
#========================================
echo ""
echo -e "${BLUE}[Step 6/6] Verifying configuration...${NC}"
echo ""
echo "TeamViewer VPN Interface Status:"
ip addr show | grep -A 5 teamviewer || echo -e "${YELLOW}TeamViewer VPN interface not found!${NC}"
echo ""
echo "Current routes to PLC network:"
ip route show | grep "$PLC_NETWORK" || echo -e "${YELLOW}No route found${NC}"
#========================================
# Display Connection Test Instructions
#========================================
echo ""
echo "========================================"
echo -e "${GREEN}Setup Complete!${NC}"
echo "========================================"
echo ""
echo "Next Steps:"
echo "-----------"
echo "1. Ensure TeamViewer VPN connection is active"
echo "2. Test connectivity:"
echo " ping $REMOTE_VPN_IP"
echo " ping <PLC_IP> (e.g., 192.168.10.100)"
echo ""
echo "3. Open TIA Portal (via Wine or Windows VM) and connect to PLC"
echo ""
echo "To remove the route later, run:"
echo " sudo ip route del $PLC_NETWORK"
echo ""
#========================================
# Optional: Test Connectivity Now
#========================================
read -p "Do you want to test connectivity now? (y/n): " TEST_NOW
if [[ "$TEST_NOW" =~ ^[Yy]$ ]]; then
echo ""
echo "Testing connection to remote VPN gateway..."
ping -c 4 $REMOTE_VPN_IP || echo -e "${RED}Ping failed!${NC}"
echo ""
read -p "Enter PLC IP to test (e.g., 192.168.10.100): " PLC_IP
if [ -n "$PLC_IP" ]; then
echo "Testing connection to PLC..."
ping -c 4 $PLC_IP || echo -e "${RED}Ping failed!${NC}"
echo ""
echo "Testing S7 communication port (102)..."
if command -v nc &> /dev/null; then
nc -zv $PLC_IP 102 || echo -e "${RED}Port 102 is not reachable${NC}"
else
echo -e "${YELLOW}netcat (nc) not found. Cannot test port.${NC}"
echo "Install with: apt-get install netcat or yum install nc"
fi
fi
fi
echo ""
echo "========================================"
echo "Script finished!"
echo "========================================"
echo ""