Vpn
From MyWiki
Contents
- 1 SoftEtherVPN
- 2 install SoftEtherVPN (server, client, bridge,...)
- 3 let's try SoftEtherVPN (without startup scripts)
- 4 install SoftEtherVPN (client only)
- 5 let's try SoftEtherVPN client (without startup scripts)
- 6 Check open ports
- 7 check that is works
- 8 did your browser leak your IP address?
- 9 proxy
- 10 gateway
- 11 commercial solutions
- 12 cross-compile
SoftEtherVPN
How to Setup a Multi-Protocol VPN Server Using SoftEther
How to set up Softehter VPN Client under Linux: Via vpngate.net
L2TP/IPsec Setup Guide for SoftEther VPN Server
11. Troubleshooting and Supplemental Guide
Install SoftEther VPN Server in CentOS
Install SoftEther client in CentOS
install SoftEtherVPN (server, client, bridge,...)
sudo apt install build-essential libreadline-dev libncurses-dev libssl-dev libz-dev cmake
cd ~ git clone git://github.com/SoftEtherVPN/SoftEtherVPN.git
cd ~/SoftEtherVPN ./configure
You should see:
--------------------------------------------------------------------- SoftEther VPN for Unix Copyright (c) SoftEther VPN Project at University of Tsukuba, Japan. Copyright (c) Daiyuu Nobori. All Rights Reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License version 2 as published by the Free Software Foundation. Read and understand README.TXT, LICENSE.TXT and WARNING.TXT before use. --------------------------------------------------------------------- Welcome to the corner-cutting configure script ! Select your operating system below: 1: Linux 2: FreeBSD 3: Solaris 4: Mac OS X 5: OpenBSD Which is your operating system (1 - 5) ? : 1 Select your CPU bits below: 1: 32-bit 2: 64-bit Which is the type of your CPU (1 - 2) ? : 2 The Makefile is generated. Run 'make' to build SoftEther VPN.
make
sudo make install
You should see:
cp bin/vpnserver/hamcore.se2 /usr/vpnserver/hamcore.se2 cp bin/vpnserver/vpnserver /usr/vpnserver/vpnserver echo "#!/bin/sh" > /usr/bin/vpnserver echo /usr/vpnserver/vpnserver '"$@"' >> /usr/bin/vpnserver echo 'exit $?' >> /usr/bin/vpnserver chmod 755 /usr/bin/vpnserver cp bin/vpnbridge/hamcore.se2 /usr/vpnbridge/hamcore.se2 cp bin/vpnbridge/vpnbridge /usr/vpnbridge/vpnbridge echo "#!/bin/sh" > /usr/bin/vpnbridge echo /usr/vpnbridge/vpnbridge '"$@"' >> /usr/bin/vpnbridge echo 'exit $?' >> /usr/bin/vpnbridge chmod 755 /usr/bin/vpnbridge cp bin/vpnclient/hamcore.se2 /usr/vpnclient/hamcore.se2 cp bin/vpnclient/vpnclient /usr/vpnclient/vpnclient echo "#!/bin/sh" > /usr/bin/vpnclient echo /usr/vpnclient/vpnclient '"$@"' >> /usr/bin/vpnclient echo 'exit $?' >> /usr/bin/vpnclient chmod 755 /usr/bin/vpnclient cp bin/vpncmd/hamcore.se2 /usr/vpncmd/hamcore.se2 cp bin/vpncmd/vpncmd /usr/vpncmd/vpncmd echo "#!/bin/sh" > /usr/bin/vpncmd echo /usr/vpncmd/vpncmd '"$@"' >> /usr/bin/vpncmd echo 'exit $?' >> /usr/bin/vpncmd chmod 755 /usr/bin/vpncmd -------------------------------------------------------------------- Installation completed successfully. Execute 'vpnserver start' to run the SoftEther VPN Server background service. Execute 'vpnbridge start' to run the SoftEther VPN Bridge background service. Execute 'vpnclient start' to run the SoftEther VPN Client background service. Execute 'vpncmd' to run SoftEther VPN Command-Line Utility to configure VPN Server, VPN Bridge or VPN Client. --------------------------------------------------------------------
let's try SoftEtherVPN (without startup scripts)
sudo ./vpnserver start
You should see:
The SoftEther VPN Server service has been started.
sudo ./vpnbridge start
You should see:
The SoftEther VPN Bridge service has been started.
sudo ./vpnclient start
You should see:
The SoftEther VPN Client service has been started.
some config
sudo service nginx stop
sudo ./vpncmd
You should see:
vpncmd command - SoftEther VPN Command Line Management Utility SoftEther VPN Command Line Management Utility (vpncmd command) Version 4.12 Build 9514 (English) Compiled 2014/11/17 21:41:16 by yagi at pc25 Copyright (c) SoftEther VPN Project. All Rights Reserved. By using vpncmd program, the following can be achieved. 1. Management of VPN Server or VPN Bridge 2. Management of VPN Client 3. Use of VPN Tools (certificate creation and Network Traffic Speed Test Tool) Select 1, 2 or 3: 1
I selected 1
Specify the host name or IP address of the computer that the destination VPN Server or VPN Bridge is operating on. By specifying according to the format 'host name:port number', you can also specify the port number. (When the port number is unspecified, 443 is used.) If nothing is input and the Enter key is pressed, the connection will be made to the port number 8888 of localhost (this computer). Hostname of IP Address of Destination:
I pressed <enter>
If connecting to the server by Virtual Hub Admin Mode, please input the Virtual Hub name. If connecting by server admin mode, please press Enter without inputting anything. Specify Virtual Hub Name:
I pressed <enter>
Connection has been established with VPN Server "localhost" (port 443). You have administrator privileges for the entire VPN Server. VPN Server>
set the passwd:
VPN Server>ServerPasswordSet
ServerPasswordSet command - Set VPN Server Administrator Password Please enter the password. To cancel press the Ctrl+D key. Password: ******************* Confirm input: ******************* The command completed successfully.
We'll call the passwd <ubuntusrvr14-passwd> from now on.
exit:
VPN Server>exit
sudo vpncmd
vpncmd command - SoftEther VPN Command Line Management Utility
SoftEther VPN Command Line Management Utility (vpncmd command)
Version 4.12 Build 9514 (English)
Compiled 2014/11/17 21:41:16 by yagi at pc25
Copyright (c) SoftEther VPN Project. All Rights Reserved.
By using vpncmd program, the following can be achieved.
1. Management of VPN Server or VPN Bridge
2. Management of VPN Client
3. Use of VPN Tools (certificate creation and Network Traffic Speed Test Tool)
Select 1, 2 or 3: 3
VPN Tools has been launched. By inputting HELP, you can view a list of the commands that can be used.
VPN Tools>check
Check command - Check whether SoftEther VPN Operation is Possible
---------------------------------------------------
SoftEther VPN Operation Environment Check Tool
Copyright (c) SoftEther VPN Project.
All Rights Reserved.
If this operation environment check tool is run on a system and that system passes, it is most likely that SoftEther VPN software can operate on that system. This check may take a while. Please wait...
Checking 'Kernel System'...
Pass
Checking 'Memory Operation System'...
Pass
Checking 'ANSI / Unicode string processing system'...
Pass
Checking 'File system'...
Pass
Checking 'Thread processing system'...
Pass
Checking 'Network system'...
Pass
All checks passed. It is most likely that SoftEther VPN Server / Bridge can operate normally on this system.
The command completed successfully.
VPN Tools>
Note that what made it work was to return Goggle DNS servers from the NAT/DHCP 8.8.8.8 and 8.8.4.4
install SoftEtherVPN (client only)
sudo apt-get install build-essential libreadline-dev libncurses-dev libssl-dev
cd ~ git clone git://github.com/SoftEtherVPN/SoftEtherVPN.git
cd ~/SoftEtherVPN ./configure
You should see:
--------------------------------------------------------------------- SoftEther VPN for Unix Copyright (c) SoftEther VPN Project at University of Tsukuba, Japan. Copyright (c) Daiyuu Nobori. All Rights Reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License version 2 as published by the Free Software Foundation. Read and understand README.TXT, LICENSE.TXT and WARNING.TXT before use. --------------------------------------------------------------------- Welcome to the corner-cutting configure script ! Select your operating system below: 1: Linux 2: FreeBSD 3: Solaris 4: Mac OS X 5: OpenBSD Which is your operating system (1 - 5) ? : 1 Select your CPU bits below: 1: 32-bit 2: 64-bit Which is the type of your CPU (1 - 2) ? : 2 The Makefile is generated. Run 'make' to build SoftEther VPN.
make
sudo make install
You should see:
cp bin/vpnserver/hamcore.se2 /usr/vpnserver/hamcore.se2 cp bin/vpnserver/vpnserver /usr/vpnserver/vpnserver echo "#!/bin/sh" > /usr/bin/vpnserver echo /usr/vpnserver/vpnserver '"$@"' >> /usr/bin/vpnserver echo 'exit $?' >> /usr/bin/vpnserver chmod 755 /usr/bin/vpnserver cp bin/vpnbridge/hamcore.se2 /usr/vpnbridge/hamcore.se2 cp bin/vpnbridge/vpnbridge /usr/vpnbridge/vpnbridge echo "#!/bin/sh" > /usr/bin/vpnbridge echo /usr/vpnbridge/vpnbridge '"$@"' >> /usr/bin/vpnbridge echo 'exit $?' >> /usr/bin/vpnbridge chmod 755 /usr/bin/vpnbridge cp bin/vpnclient/hamcore.se2 /usr/vpnclient/hamcore.se2 cp bin/vpnclient/vpnclient /usr/vpnclient/vpnclient echo "#!/bin/sh" > /usr/bin/vpnclient echo /usr/vpnclient/vpnclient '"$@"' >> /usr/bin/vpnclient echo 'exit $?' >> /usr/bin/vpnclient chmod 755 /usr/bin/vpnclient cp bin/vpncmd/hamcore.se2 /usr/vpncmd/hamcore.se2 cp bin/vpncmd/vpncmd /usr/vpncmd/vpncmd echo "#!/bin/sh" > /usr/bin/vpncmd echo /usr/vpncmd/vpncmd '"$@"' >> /usr/bin/vpncmd echo 'exit $?' >> /usr/bin/vpncmd chmod 755 /usr/bin/vpncmd -------------------------------------------------------------------- Installation completed successfully. Execute 'vpnserver start' to run the SoftEther VPN Server background service. Execute 'vpnbridge start' to run the SoftEther VPN Bridge background service. Execute 'vpnclient start' to run the SoftEther VPN Client background service. Execute 'vpncmd' to run SoftEther VPN Command-Line Utility to configure VPN Server, VPN Bridge or VPN Client. --------------------------------------------------------------------
let's try SoftEtherVPN client (without startup scripts)
sudo vpnclient start
You should see:
The SoftEther VPN Client service has been started.
some config
sudo vpncmd
You should see:
The SoftEther VPN Client service has been started. rber@T530:~/SoftEtherVPN$ sudo vpncmd vpncmd command - SoftEther VPN Command Line Management Utility SoftEther VPN Command Line Management Utility (vpncmd command) Version 4.12 Build 9514 (English) Compiled 2014/11/17 21:41:16 by yagi at pc25 Copyright (c) SoftEther VPN Project. All Rights Reserved. By using vpncmd program, the following can be achieved. 1. Management of VPN Server or VPN Bridge 2. Management of VPN Client 3. Use of VPN Tools (certificate creation and Network Traffic Speed Test Tool) Select 1, 2 or 3: 2
I selected 2
Specify the host name or IP address of the computer that the destination VPN Client is operating on. If nothing is input and Enter is pressed, connection will be made to localhost (this computer). Hostname of IP Address of Destination: Connected to VPN Client "localhost". VPN Client>
I pressed <enter>
VPN Client>NicCreate vlab3 NicCreate command - Create New Virtual Network Adapter The command completed successfully.
VPN Client>NicList NicList command - Get List of Virtual Network Adapters Item |Value ----------------------------+----------------------------------- Virtual Network Adapter Name|vlab3 Status |Enabled MAC Address |00ACFB6AEA00 Version |Version 4.12 Build 9514 (English) The command completed successfully.
VPN Client>AccountCreate vlab3_vpn AccountCreate command - Create New VPN Connection Setting Destination VPN Server Host Name and Port Number: vlab3.softether.net:5555 Destination Virtual Hub Name: VPN-vlab3 Connecting User Name: vpnuser Used Virtual Network Adapter Name: vlab3 The command completed successfully. VPN Client>
VPN Client>AccountPasswordSet vlab3_vpn AccountPasswordSet command - Set User Authentication Type of VPN Connection Setting to Password Authentication Please enter the password. To cancel press the Ctrl+D key. Password: *********** Confirm input: *********** Specify standard or radius: standard The command completed successfully. VPN Client>
VPN Client>AccountList AccountList command - Get List of VPN Connection Settings Item |Value ----------------------------+------------------------------------------------ VPN Connection Setting Name |vlab3_vpn Status |Offline VPN Server Hostname |vlab3.softether.net:5555 (Direct TCP/IP Connection) Virtual Hub |VPN-vlab3 Virtual Network Adapter Name|vlab3 The command completed successfully.
VPN Client>AccountConnect vlab3_vpn AccountConnect command - Start Connection to VPN Server using VPN Connection Setting The command completed successfully.
VPN Client>AccountList AccountList command - Get List of VPN Connection Settings Item |Value ----------------------------+------------------------------------------------ VPN Connection Setting Name |vlab3_vpn Status |Connected VPN Server Hostname |vlab3.softether.net:5555 (Direct TCP/IP Connection) Virtual Hub |VPN-vlab3 Virtual Network Adapter Name|vlab3 The command completed successfully.
VPN Client>AccountStatusGet vlab3_vpn AccountStatusGet command - Get Current VPN Connection Setting Status Item |Value ------------------------------------------+------------------------------------------- VPN Connection Setting Name |vlab3_vpn Session Status |Connection Completed (Session Established) VLAN ID |- Server Name |vlab3.softether.net Port Number |TCP Port 5555 Server Product Name |SoftEther VPN Server (64 bit) (Open Source) Server Version |4.12 ...
VPN Client>exit
ifconfig
vpn_vlab3 Link encap:Ethernet HWaddr 00:ac:fb:6a:ea:00
inet6 addr: fe80::2ac:fbff:fe6a:ea00/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:87 errors:0 dropped:0 overruns:0 frame:0
TX packets:100 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:6032 (6.0 KB) TX bytes:10810 (10.8 KB)
sudo dhclient vpn_vlab3
ifconfig
vpn_vlab3 Link encap:Ethernet HWaddr 00:ac:fb:6a:ea:00
inet addr:192.168.30.10 Bcast:192.168.30.255 Mask:255.255.255.0
inet6 addr: fe80::2ac:fbff:fe6a:ea00/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:137 errors:0 dropped:0 overruns:0 frame:0
TX packets:153 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:10044 (10.0 KB) TX bytes:17479 (17.4 KB)
For this test I'm tethering through my mobile phone to be on a different network from what I want to test.
Your external IP: 178.165.133.142
The IP we configured for the vpn dhcp server:
ping 192.168.30.1 PING 192.168.30.1 (192.168.30.1) 56(84) bytes of data. 64 bytes from 192.168.30.1: icmp_seq=1 ttl=128 time=221 ms 64 bytes from 192.168.30.1: icmp_seq=2 ttl=128 time=89.6 ms 64 bytes from 192.168.30.1: icmp_seq=3 ttl=128 time=99.4 ms ^C
ip neigh ... 192.168.30.1 dev vpn_vlab3 lladdr 00:ac:23:a6:fc:ac STALE 192.168.43.1 dev wlan0 lladdr 02:1a:11:fa:bc:8b REACHABLE ...
host vlab3.softether.net vlab3.softether.net has address 193.154.22.114
sudo ip route add 193.154.22.114/32 via 192.168.43.1 dev wlan0
sudo ip route del default sudo ip route add default via 192.168.30.1 dev vpn_vlab3
Your external IP: 193.154.22.114
Check open ports
We don't use port 443 because we run a https service!
sudo nmap -p 500 -sU -sT -PN vlab3.dyndns.org
sudo nmap -p 4500 -sU -sT -PN vlab3.dyndns.org
as a control port we use 5555
sudo nmap -p 5555 -sU -sT -PN vlab3.dyndns.org
Note:
open|filtered
Nmap places ports in this state when it is unable to determine whether a port is open or filtered. This occurs for scan types in which open ports give no response. The lack of response could also mean that a packet filter dropped the probe or any response it elicited. So Nmap does not know for sure whether the port is open or being filtered. The UDP, IP protocol, FIN, NULL, and Xmas scans classify ports this way.
For L2TP/IPsec Sever Function Specifications on SoftEther VPN Server we need to allow ports 500 and 4500 on the firewall and add UDP port forwarding to the SoftEther VPN server of ports 500 and 4500.
check that is works
did your browser leak your IP address?
https://diafygi.github.io/webrtc-ips/
proxy
gateway
How to set up OpenVPN to let the VPN clients to access all the servers inside the server LAN
sshuttle - a transparent proxy-based VPN using ssh
commercial solutions
cross-compile
on target when executed:
looks like locales are missing
What contains UTF-16.so?
oe-pkgdata-util find-path \*/UTF-16.so
this one:
glibc-gconv-utf-16: /usr/lib/gconv/UTF-16.so
What contains EUC-JP.so?
oe-pkgdata-util find-path \*/EUC-JP.so
glibc-gconv-euc-jp: /usr/lib/gconv/EUC-JP.so
