refactor(cistech-tunnel): add IBMI_HOST and test_connection function

- Add hardcoded IBMI_HOST=10.3.1.201 for testing
- Create test_connection() function for reuse
- Use IBMI_HOST for connection tests and keepalive pings
- TARGET_IP still used for routing rules

apps/cistech-tunnel/shared/openconnect-vpn

@@ -20,6 +20,9 @@ TARGET_IP="${TARGET_IP:-10.3.1.0}"
 VPN_INTERFACE="${VPN_INTERFACE:-tun0}"
 CONTAINER_NETWORK="172.30.0.0/24"
 
+# Hardcoded test host (IBM i server)
+IBMI_HOST="10.3.1.201"
+
 # Log directory
 LOG_DIR="/var/log/openconnect-vpn"
 LOG_RETENTION_DAYS=7
@@ -177,6 +180,23 @@ get_totp() {
     oathtool --totp -b "$VPN_TOTP_SECRET"
 }
 
+# Test connection to IBMI_HOST
+test_connection() {
+    if [[ -z "$IBMI_HOST" ]]; then
+        log WARN "IBMI_HOST not set"
+        return 1
+    fi
+
+    log INFO "Testing connection to $IBMI_HOST..."
+    if ping -c 3 -W 3 "$IBMI_HOST" &>/dev/null; then
+        log INFO "Connection test: ${GREEN}SUCCESS${NC}"
+        return 0
+    else
+        log WARN "Connection test: ${RED}FAILED${NC} (may need manual route on host)"
+        return 1
+    fi
+}
+
 show_totp() {
     log INFO "Starting live TOTP display (Ctrl+C to stop)"
     echo ""
@@ -459,15 +479,8 @@ connect_vpn() {
     # Setup forwarding
     setup_forwarding
 
-    # Test connection
+    # Test connection to IBMI host
-    if [[ -n "$TARGET_IP" ]]; then
+    test_connection
-        log INFO "Testing connection to $TARGET_IP..."
-        if ping -c 2 -W 3 "$TARGET_IP" &>/dev/null; then
-            log INFO "Connection test: ${GREEN}SUCCESS${NC}"
-        else
-            log WARN "Connection test: ${RED}FAILED${NC} (may need manual route on host)"
-        fi
-    fi
 
     # Disable screen blanking
     xset s off 2>/dev/null || true
@@ -507,10 +520,10 @@ start_watchdog() {
 
             # Keepalive ping every 5 minutes
             if [ $((now - last_keepalive)) -ge $keepalive_interval ]; then
-                if [[ -n "$TARGET_IP" ]] && ping -c 1 -W 5 "$TARGET_IP" &>/dev/null; then
+                if [[ -n "$IBMI_HOST" ]] && ping -c 1 -W 5 "$IBMI_HOST" &>/dev/null; then
-                    log DEBUG "Keepalive ping to $TARGET_IP successful"
+                    log DEBUG "Keepalive ping to $IBMI_HOST successful"
                 else
-                    log WARN "Keepalive ping to $TARGET_IP failed (VPN may be degraded)"
+                    log WARN "Keepalive ping to $IBMI_HOST failed (VPN may be degraded)"
                 fi
                 last_keepalive=$now
             fi
@@ -537,7 +550,7 @@ main_menu() {
     echo -e "  ${CYAN}2${NC} - Disconnect VPN"
     echo -e "  ${CYAN}3${NC} - Show VPN status"
     echo -e "  ${CYAN}4${NC} - Setup IP forwarding only"
-    echo -e "  ${CYAN}5${NC} - Test connection to $TARGET_IP"
+    echo -e "  ${CYAN}5${NC} - Test connection to $IBMI_HOST"
     echo -e "  ${CYAN}6${NC} - Show network status"
     echo -e "  ${CYAN}7${NC} - Show routing table"
     echo -e "  ${CYAN}8${NC} - Show live TOTP"
@@ -643,12 +656,7 @@ while true; do
         2) disconnect_vpn ;;
         3) check_vpn_status ;;
         4) setup_forwarding ;;
-        5) if [[ -n "$TARGET_IP" ]]; then
+        5) test_connection ;;
-               log INFO "Testing connection to $TARGET_IP..."
-               ping -c 3 "$TARGET_IP" && log INFO "Connection test: ${GREEN}SUCCESS${NC}" || log ERROR "Connection test: ${RED}FAILED${NC}"
-           else
-               log WARN "TARGET_IP not set"
-           fi ;;
         6) show_network_status ;;
         7) show_routes ;;
         8) show_totp ;;