2020年9月30日 星期三

Install & Setup SoftEther VPN Server on ubuntu LTS 20.04

markdown # SoftEther VPN ## Installation ### install on ubuntu - install openssl(1.1.1g) ``` ~$ wget https://www.openssl.org/source/openssl-1.1.1g.tar.gz ~$ tar xzvf openssl-1.1.1g.tar.gz ~$ cd openssl-1.1.1g ~$ ./config ~$ make ~$ sudo make install ~$ sudo ldconfig ~$ openssl version -a ``` - install build essential(gcc) ``` ~$ sudo apt-get update ~$ sudo apt-get install build-essential ``` - download & install softether vpn server(v4.35) ``` ~$ wget https://www.softether-download.com/files/softether/v4.34-9745-rtm-2020.04.05-tree/Linux/SoftEther_VPN_Server/64bit_-_Intel_x64_or_AMD64/softether-vpnserver-v4.34-9745-rtm-2020.04.05-linux-x64-64bit.tar.gz ~$ tar xzf softether-vpnserver-v4.35********.tar.gz ~$ cd vpnserver ~$ make ``` ``` ~$ cd .. ~$ mv vpnserver /usr/local/ ~$ cd /usr/local/vpnserver/ ~$ chmod 600 * ~$ chmod 700 vpnserver ~$ chmod 700 vpncmd ``` ### install vpnserver as a service - create a service file as following ``` [Unit] Description=SoftEther VPN Server After=network.target [Service] Type=forking ExecStart=/usr/local/vpnserver/vpnserver start ExecStop=/usr/local/vpnserver/vpnserver stop ExecStartPost=/bin/sleep 0.1 Restart=always RestartSec=30 KillSignal=SIGQUIT StandardError=journal NotifyAccess=all KillMode=mixed [Install] WantedBy=multi-user.target ``` - move to /etc/systemd/system/vpnserver.service - Enable the service so that it starts automatically when the system boots. ``` ~$ sudo systemctl daemon-reload ~$ sudo systemctl enable vpnserver ~$ sudo reboot ``` ## Configure SoftEther VPN Server ### **SoftEther VPN Server configure concept** - Two level admin privilege - Entire VPN Server admin - Create VPN Server password - **ServerPasswordSet** - view server info - **ServerInfoGet** - create virtual hub - **HubCreate ${hub_name} [/PASSWORD:${password}]** - Virtual HUB admin - configure hub password - **SetHubPassword** - list existing user & create VPN user account/password - **UserList** - **UserCreate ${account}** - **UserPasswordSet ${account}** - enable IPSec **(L2TP VPN required)** - **Server admin privilege is required** - **IPSecEnable** - enable DHCP **(L2TP VPN required)** - **DHCPEnable** - enable secure NAT **(L2TP VPN required)** - **SecureNatEnable** - view connected client info - **IPTable** - get session info - **SessionGet** ### configure with cli ``` ~$ sudo /usr/local/vpnserver/vpncmd ``` - configure step 1 - **select 1** ``` vpncmd command - SoftEther VPN Command Line Management Utility SoftEther VPN Command Line Management Utility (vpncmd command) Version 4.34 Build 9745 (English) Compiled 2020/04/05 23:39:56 by buildsan at crosswin Copyright (c) SoftEther VPN Project. All Rights Reserved. By using vpncmd program, the following can be achieved. 1. Management of VPN Server or VPN Bridge 2. Management of VPN Client 3. Use of VPN Tools (certificate creation and Network Traffic Speed Test Tool) Select 1, 2 or 3: ``` - configure step 2 - press **Enter** - Don't need to key-in anything. ``` Specify the host name or IP address of the computer that the destination VPN Server or VPN Bridge is operating on. By specifying according to the format 'host name:port number', you can also specify the port number. (When the port number is unspecified, 443 is used.) If nothing is input and the Enter key is pressed, the connection will be made to the port number 8888 of localhost (this computer). Hostname of IP Address of Destination: ``` - configure step 3 - **Entering server admin** - press **Enter** - Don't need to key-in anything. - **Entering virtual HUB admin** - key-in the HUB name, and press Enter ``` Connection has been established with VPN Server "localhost" (port 443). You have administrator privileges for the entire VPN Server. VPN Server> ``` ``` If connecting to the server by Virtual Hub Admin Mode, please input the Virtual Hub name. If connecting by server admin mode, please press Enter without inputting anything. Specify Virtual Hub Name: ``` - configure step 4 - In server manage mode, your can enter the Virtual HUB with following command - HUB ${hub_name} ``` VPN Server>hub vpn Hub command - Select Virtual Hub to Manage The Virtual Hub "VPN" has been selected. The command completed successfully. VPN Server/VPN> ``` ## references: - [SoftEther VPN 架設記錄](https://noter.tw/4524/softether-vpn-%E6%9E%B6%E8%A8%AD%E8%A8%98%E9%8C%84/) - [CLI document](https://www.softether.org/4-docs/1-manual/6._Command_Line_Management_Utility_Manual)

沒有留言: