Vpn

From MyWiki
Jump to: navigation, search

SoftEtherVPN

SoftEtherVPN

install from sources

debain/ubuntu/raspi packages

How to Setup a Multi-Protocol VPN Server Using SoftEther

SumoVPN setup guide

How to set up Softehter VPN Client under Linux: Via vpngate.net

L2TP/IPsec Setup Guide for SoftEther VPN Server

11. Troubleshooting and Supplemental Guide

Install SoftEther VPN Server in CentOS

Install SoftEther client in CentOS

from serverfault.com

SoftEtherVPN user forum

install SoftEtherVPN (server, client, bridge,...)

sudo apt install build-essential libreadline-dev libncurses-dev libssl-dev
 libz-dev cmake
cd ~
git clone git://github.com/SoftEtherVPN/SoftEtherVPN.git
cd ~/SoftEtherVPN
./configure

You should see:

---------------------------------------------------------------------
SoftEther VPN for Unix

Copyright (c) SoftEther VPN Project at University of Tsukuba, Japan.
Copyright (c) Daiyuu Nobori. All Rights Reserved.

This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
version 2 as published by the Free Software Foundation.

Read and understand README.TXT, LICENSE.TXT and WARNING.TXT before use.
---------------------------------------------------------------------

Welcome to the corner-cutting configure script !

Select your operating system below:
 1: Linux
 2: FreeBSD
 3: Solaris
 4: Mac OS X
 5: OpenBSD

Which is your operating system (1 - 5) ? : 1

Select your CPU bits below:
 1: 32-bit
 2: 64-bit

Which is the type of your CPU (1 - 2) ? : 2

The Makefile is generated. Run 'make' to build SoftEther VPN.
make
sudo make install

You should see:

cp bin/vpnserver/hamcore.se2 /usr/vpnserver/hamcore.se2
cp bin/vpnserver/vpnserver /usr/vpnserver/vpnserver
echo "#!/bin/sh" > /usr/bin/vpnserver
echo /usr/vpnserver/vpnserver '"$@"' >> /usr/bin/vpnserver
echo 'exit $?' >> /usr/bin/vpnserver
chmod 755 /usr/bin/vpnserver
cp bin/vpnbridge/hamcore.se2 /usr/vpnbridge/hamcore.se2
cp bin/vpnbridge/vpnbridge /usr/vpnbridge/vpnbridge
echo "#!/bin/sh" > /usr/bin/vpnbridge
echo /usr/vpnbridge/vpnbridge '"$@"' >> /usr/bin/vpnbridge
echo 'exit $?' >> /usr/bin/vpnbridge
chmod 755 /usr/bin/vpnbridge
cp bin/vpnclient/hamcore.se2 /usr/vpnclient/hamcore.se2
cp bin/vpnclient/vpnclient /usr/vpnclient/vpnclient
echo "#!/bin/sh" > /usr/bin/vpnclient
echo /usr/vpnclient/vpnclient '"$@"' >> /usr/bin/vpnclient
echo 'exit $?' >> /usr/bin/vpnclient
chmod 755 /usr/bin/vpnclient
cp bin/vpncmd/hamcore.se2 /usr/vpncmd/hamcore.se2
cp bin/vpncmd/vpncmd /usr/vpncmd/vpncmd
echo "#!/bin/sh" > /usr/bin/vpncmd
echo /usr/vpncmd/vpncmd '"$@"' >> /usr/bin/vpncmd
echo 'exit $?' >> /usr/bin/vpncmd
chmod 755 /usr/bin/vpncmd

--------------------------------------------------------------------
Installation completed successfully.

Execute 'vpnserver start' to run the SoftEther VPN Server background service.
Execute 'vpnbridge start' to run the SoftEther VPN Bridge background service.
Execute 'vpnclient start' to run the SoftEther VPN Client background service.
Execute 'vpncmd' to run SoftEther VPN Command-Line Utility to configure VPN Server, VPN Bridge or VPN Client.
--------------------------------------------------------------------

let's try SoftEtherVPN (without startup scripts)

sudo ./vpnserver start

You should see:

The SoftEther VPN Server service has been started.
sudo ./vpnbridge start

You should see:

The SoftEther VPN Bridge service has been started.
sudo ./vpnclient start

You should see:

The SoftEther VPN Client service has been started.

some config

sudo service nginx stop
sudo ./vpncmd

You should see:

vpncmd command - SoftEther VPN Command Line Management Utility
SoftEther VPN Command Line Management Utility (vpncmd command)
Version 4.12 Build 9514   (English)
Compiled 2014/11/17 21:41:16 by yagi at pc25
Copyright (c) SoftEther VPN Project. All Rights Reserved.

By using vpncmd program, the following can be achieved. 

1. Management of VPN Server or VPN Bridge 
2. Management of VPN Client
3. Use of VPN Tools (certificate creation and Network Traffic Speed Test Tool)

Select 1, 2 or 3: 1

I selected 1

Specify the host name or IP address of the computer that the destination VPN Server or VPN Bridge is operating on. 
By specifying according to the format 'host name:port number', you can also specify the port number. 
(When the port number is unspecified, 443 is used.)
If nothing is input and the Enter key is pressed, the connection will be made to the port number 8888 of localhost (this computer).
Hostname of IP Address of Destination: 

I pressed <enter>

If connecting to the server by Virtual Hub Admin Mode, please input the Virtual Hub name. 
If connecting by server admin mode, please press Enter without inputting anything.
Specify Virtual Hub Name: 

I pressed <enter>

Connection has been established with VPN Server "localhost" (port 443).

You have administrator privileges for the entire VPN Server.

VPN Server> 

set the passwd:

VPN Server>ServerPasswordSet
ServerPasswordSet command - Set VPN Server Administrator Password
Please enter the password. To cancel press the Ctrl+D key.

Password: *******************
Confirm input: *******************


The command completed successfully.

We'll call the passwd <ubuntusrvr14-passwd> from now on.

exit:

VPN Server>exit
sudo vpncmd
 
vpncmd command - SoftEther VPN Command Line Management Utility
SoftEther VPN Command Line Management Utility (vpncmd command)
Version 4.12 Build 9514   (English)
Compiled 2014/11/17 21:41:16 by yagi at pc25
Copyright (c) SoftEther VPN Project. All Rights Reserved.

By using vpncmd program, the following can be achieved. 

1. Management of VPN Server or VPN Bridge 
2. Management of VPN Client
3. Use of VPN Tools (certificate creation and Network Traffic Speed Test Tool)

Select 1, 2 or 3: 3

VPN Tools has been launched. By inputting HELP, you can view a list of the commands that can be used.

VPN Tools>check
Check command - Check whether SoftEther VPN Operation is Possible
---------------------------------------------------
SoftEther VPN Operation Environment Check Tool

Copyright (c) SoftEther VPN Project.
All Rights Reserved.

If this operation environment check tool is run on a system and that system passes, it is most likely that SoftEther VPN software can operate on that system. This check may take a while. Please wait...

Checking 'Kernel System'... 
              Pass
Checking 'Memory Operation System'... 
              Pass
Checking 'ANSI / Unicode string processing system'... 
              Pass
Checking 'File system'... 
              Pass
Checking 'Thread processing system'... 
              Pass
Checking 'Network system'... 
              Pass

All checks passed. It is most likely that SoftEther VPN Server / Bridge can operate normally on this system.

The command completed successfully.

VPN Tools>

Note that what made it work was to return Goggle DNS servers from the NAT/DHCP 8.8.8.8 and 8.8.4.4

install SoftEtherVPN (client only)

sudo apt-get install build-essential libreadline-dev libncurses-dev libssl-dev
cd ~
git clone git://github.com/SoftEtherVPN/SoftEtherVPN.git
cd ~/SoftEtherVPN
./configure

You should see:

---------------------------------------------------------------------
SoftEther VPN for Unix

Copyright (c) SoftEther VPN Project at University of Tsukuba, Japan.
Copyright (c) Daiyuu Nobori. All Rights Reserved.

This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
version 2 as published by the Free Software Foundation.

Read and understand README.TXT, LICENSE.TXT and WARNING.TXT before use.
---------------------------------------------------------------------

Welcome to the corner-cutting configure script !

Select your operating system below:
 1: Linux
 2: FreeBSD
 3: Solaris
 4: Mac OS X
 5: OpenBSD

Which is your operating system (1 - 5) ? : 1

Select your CPU bits below:
 1: 32-bit
 2: 64-bit

Which is the type of your CPU (1 - 2) ? : 2

The Makefile is generated. Run 'make' to build SoftEther VPN.
make
sudo make install

You should see:

cp bin/vpnserver/hamcore.se2 /usr/vpnserver/hamcore.se2
cp bin/vpnserver/vpnserver /usr/vpnserver/vpnserver
echo "#!/bin/sh" > /usr/bin/vpnserver
echo /usr/vpnserver/vpnserver '"$@"' >> /usr/bin/vpnserver
echo 'exit $?' >> /usr/bin/vpnserver
chmod 755 /usr/bin/vpnserver
cp bin/vpnbridge/hamcore.se2 /usr/vpnbridge/hamcore.se2
cp bin/vpnbridge/vpnbridge /usr/vpnbridge/vpnbridge
echo "#!/bin/sh" > /usr/bin/vpnbridge
echo /usr/vpnbridge/vpnbridge '"$@"' >> /usr/bin/vpnbridge
echo 'exit $?' >> /usr/bin/vpnbridge
chmod 755 /usr/bin/vpnbridge
cp bin/vpnclient/hamcore.se2 /usr/vpnclient/hamcore.se2
cp bin/vpnclient/vpnclient /usr/vpnclient/vpnclient
echo "#!/bin/sh" > /usr/bin/vpnclient
echo /usr/vpnclient/vpnclient '"$@"' >> /usr/bin/vpnclient
echo 'exit $?' >> /usr/bin/vpnclient
chmod 755 /usr/bin/vpnclient
cp bin/vpncmd/hamcore.se2 /usr/vpncmd/hamcore.se2
cp bin/vpncmd/vpncmd /usr/vpncmd/vpncmd
echo "#!/bin/sh" > /usr/bin/vpncmd
echo /usr/vpncmd/vpncmd '"$@"' >> /usr/bin/vpncmd
echo 'exit $?' >> /usr/bin/vpncmd
chmod 755 /usr/bin/vpncmd

--------------------------------------------------------------------
Installation completed successfully.

Execute 'vpnserver start' to run the SoftEther VPN Server background service.
Execute 'vpnbridge start' to run the SoftEther VPN Bridge background service.
Execute 'vpnclient start' to run the SoftEther VPN Client background service.
Execute 'vpncmd' to run SoftEther VPN Command-Line Utility to configure VPN Server, VPN Bridge or VPN Client.
--------------------------------------------------------------------

let's try SoftEtherVPN client (without startup scripts)

sudo vpnclient start

You should see:

The SoftEther VPN Client service has been started.

some config

sudo vpncmd

You should see:

The SoftEther VPN Client service has been started.
rber@T530:~/SoftEtherVPN$ sudo vpncmd
vpncmd command - SoftEther VPN Command Line Management Utility
SoftEther VPN Command Line Management Utility (vpncmd command)
Version 4.12 Build 9514   (English)
Compiled 2014/11/17 21:41:16 by yagi at pc25
Copyright (c) SoftEther VPN Project. All Rights Reserved.

By using vpncmd program, the following can be achieved. 

1. Management of VPN Server or VPN Bridge 
2. Management of VPN Client
3. Use of VPN Tools (certificate creation and Network Traffic Speed Test Tool)

Select 1, 2 or 3: 2

I selected 2

Specify the host name or IP address of the computer that the destination VPN Client is operating on. 
If nothing is input and Enter is pressed, connection will be made to localhost (this computer).
Hostname of IP Address of Destination: 

Connected to VPN Client "localhost".

VPN Client>

I pressed <enter>

VPN Client>NicCreate vlab3
NicCreate command - Create New Virtual Network Adapter
The command completed successfully.
VPN Client>NicList
NicList command - Get List of Virtual Network Adapters
Item                        |Value
----------------------------+-----------------------------------
Virtual Network Adapter Name|vlab3
Status                      |Enabled
MAC Address                 |00ACFB6AEA00
Version                     |Version 4.12 Build 9514   (English)
The command completed successfully.
VPN Client>AccountCreate vlab3_vpn
AccountCreate command - Create New VPN Connection Setting
Destination VPN Server Host Name and Port Number: vlab3.softether.net:5555

Destination Virtual Hub Name: VPN-vlab3

Connecting User Name: vpnuser

Used Virtual Network Adapter Name: vlab3

The command completed successfully.

VPN Client>
VPN Client>AccountPasswordSet vlab3_vpn
AccountPasswordSet command - Set User Authentication Type of VPN Connection Setting to Password Authentication
Please enter the password. To cancel press the Ctrl+D key.

Password: ***********
Confirm input: ***********


Specify standard or radius: standard

The command completed successfully.

VPN Client>

VPN Client>AccountList
AccountList command - Get List of VPN Connection Settings
Item                        |Value
----------------------------+------------------------------------------------
VPN Connection Setting Name |vlab3_vpn
Status                      |Offline
VPN Server Hostname         |vlab3.softether.net:5555 (Direct TCP/IP Connection)
Virtual Hub                 |VPN-vlab3
Virtual Network Adapter Name|vlab3
The command completed successfully.


VPN Client>AccountConnect vlab3_vpn
AccountConnect command - Start Connection to VPN Server using VPN Connection Setting
The command completed successfully.
VPN Client>AccountList
AccountList command - Get List of VPN Connection Settings
Item                        |Value
----------------------------+------------------------------------------------
VPN Connection Setting Name |vlab3_vpn
Status                      |Connected
VPN Server Hostname         |vlab3.softether.net:5555 (Direct TCP/IP Connection)
Virtual Hub                 |VPN-vlab3
Virtual Network Adapter Name|vlab3
The command completed successfully.
VPN Client>AccountStatusGet vlab3_vpn
AccountStatusGet command - Get Current VPN Connection Setting Status
Item                                      |Value
------------------------------------------+-------------------------------------------
VPN Connection Setting Name               |vlab3_vpn
Session Status                            |Connection Completed (Session Established)
VLAN ID                                   |-
Server Name                               |vlab3.softether.net
Port Number                               |TCP Port 5555
Server Product Name                       |SoftEther VPN Server (64 bit) (Open Source)
Server Version                            |4.12
...
VPN Client>exit
ifconfig

vpn_vlab3 Link encap:Ethernet  HWaddr 00:ac:fb:6a:ea:00  
          inet6 addr: fe80::2ac:fbff:fe6a:ea00/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:87 errors:0 dropped:0 overruns:0 frame:0
          TX packets:100 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500 
          RX bytes:6032 (6.0 KB)  TX bytes:10810 (10.8 KB) 
sudo dhclient vpn_vlab3
ifconfig

vpn_vlab3 Link encap:Ethernet  HWaddr 00:ac:fb:6a:ea:00  
          inet addr:192.168.30.10  Bcast:192.168.30.255  Mask:255.255.255.0
          inet6 addr: fe80::2ac:fbff:fe6a:ea00/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:137 errors:0 dropped:0 overruns:0 frame:0
          TX packets:153 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500 
          RX bytes:10044 (10.0 KB)  TX bytes:17479 (17.4 KB)

For this test I'm tethering through my mobile phone to be on a different network from what I want to test.

http://www.whatismyproxy.com/

Your external IP: 178.165.133.142

The IP we configured for the vpn dhcp server:

ping 192.168.30.1

PING 192.168.30.1 (192.168.30.1) 56(84) bytes of data.
64 bytes from 192.168.30.1: icmp_seq=1 ttl=128 time=221 ms
64 bytes from 192.168.30.1: icmp_seq=2 ttl=128 time=89.6 ms
64 bytes from 192.168.30.1: icmp_seq=3 ttl=128 time=99.4 ms
^C
ip neigh

...
192.168.30.1 dev vpn_vlab3 lladdr 00:ac:23:a6:fc:ac STALE
192.168.43.1 dev wlan0 lladdr 02:1a:11:fa:bc:8b REACHABLE
...
host vlab3.softether.net

vlab3.softether.net has address 193.154.22.114
sudo ip route add 193.154.22.114/32 via 192.168.43.1 dev wlan0
sudo ip route del default
sudo ip route add default via 192.168.30.1 dev vpn_vlab3

http://www.whatismyproxy.com/

Your external IP: 193.154.22.114

Check open ports

We don't use port 443 because we run a https service!

sudo nmap -p 500 -sU -sT -PN vlab3.dyndns.org
sudo nmap -p 4500 -sU -sT -PN vlab3.dyndns.org

as a control port we use 5555

sudo nmap -p 5555 -sU -sT -PN vlab3.dyndns.org

Note:

open|filtered

Nmap places ports in this state when it is unable to determine whether a port is open or filtered. This occurs for scan types in which open ports give no response. The lack of response could also mean that a packet filter dropped the probe or any response it elicited. So Nmap does not know for sure whether the port is open or being filtered. The UDP, IP protocol, FIN, NULL, and Xmas scans classify ports this way.

For L2TP/IPsec Sever Function Specifications on SoftEther VPN Server we need to allow ports 500 and 4500 on the firewall and add UDP port forwarding to the SoftEther VPN server of ports 500 and 4500.

check that is works

https://www.ip2location.com/

http://www.whatismyproxy.com/

did your browser leak your IP address?

https://diafygi.github.io/webrtc-ips/

proxy

socks proxy

ubuntu proxy setup

privoxy setup

squid

rpi as vpn

httptunnel

gateway

Rpi as a VPN gateway

How to set up OpenVPN to let the VPN clients to access all the servers inside the server LAN

shorewall

Ubuntu connection sharing

VPN router

sshuttle - a transparent proxy-based VPN using ssh

commercial solutions

privateinternetaccess

cross-compile

on target when executed:

https://pastebin.com/rWUEWuL5

looks like locales are missing

What contains UTF-16.so?

oe-pkgdata-util find-path \*/UTF-16.so

this one:

glibc-gconv-utf-16: /usr/lib/gconv/UTF-16.so

What contains EUC-JP.so?

oe-pkgdata-util find-path \*/EUC-JP.so
glibc-gconv-euc-jp: /usr/lib/gconv/EUC-JP.so