Difference between revisions of "SoftEther VPN"

From SME Server
Jump to navigationJump to search
(Page init)
 
Line 1: Line 1:
 +
==Maintainer==
 +
This howto has been developed by [[User:beckynet]]
 +
 +
Sources info are located here : http://www.softether.org/
 +
 
Placeholder for http://forums.contribs.org/index.php/topic,52134.0.html
 
Placeholder for http://forums.contribs.org/index.php/topic,52134.0.html
 +
 +
==Status==
 +
{{Note box|Project Under Development.}}
 +
 +
==Description==
 +
SoftEther VPN ("SoftEther" means "Software Ethernet") is one of the world's most powerful and easy-to-use multi-protocol VPN software.
 +
It runs on Windows, Linux, Mac, FreeBSD and Solaris. SoftEther VPN is open source. You can use SoftEther for any personal or commercial use for free charge.
 +
SoftEther VPN is an optimum alternative to OpenVPN andMicrosoft's VPN servers.
 +
SoftEther VPN has a clone-function of OpenVPN Server.
 +
You can integrate from OpenVPN to SoftEther VPN smoothly.
 +
SoftEther VPN is faster than OpenVPN. SoftEther VPN also supports Microsoft SSTP VPN for Windows Vista / 7 / 8 / 10.
 +
No more need to pay expensive charges for Windows Server license for Remote-Access VPN function.
 +
SoftEther VPN can be used to realize BYOD (Bring your own device) on your business.
 +
If you have smartphones, tablets or laptop PCs, SoftEther VPN's L2TP/IPsec server function will help you to establish a remote-access VPN from your local network.
 +
SoftEther VPN's L2TP VPN Server has strong compatible withWindows, Mac, iOS and Android.
 +
[[Image:SoftEther_Schematic.jpg]]
 +
 +
==Processing==
 +
 +
Step to install and run SoftEther
 +
 +
===Configure Port Forwarding===
 +
 +
{| cellspacing="0" border="1"
 +
|Protocol
 +
|Source Port(s)
 +
|Destination Host IP Address
 +
|Destination Port(s)
 +
|Allow Hosts
 +
|Rule Comment
 +
|Action
 +
|-
 +
|TCP
 +
|1194
 +
|localhost
 +
|1194
 +
|
 +
|SoftEther OpenVPN
 +
|
 +
|-
 +
|TCP
 +
|5555
 +
|localhost
 +
|5555
 +
|
 +
|SoftEther Management
 +
|
 +
|-
 +
|UDP
 +
|1194
 +
|localhost
 +
|1194
 +
|
 +
|SoftEther OpenVPN
 +
|
 +
|-
 +
|UDP
 +
|500
 +
|localhost
 +
|500
 +
|
 +
|SoftEther SoftEther L2TP/IPSec
 +
|
 +
|-
 +
|UDP
 +
|1701
 +
|localhost
 +
|1701
 +
|
 +
|SoftEther SoftEther L2TP/IPSec
 +
|
 +
|-
 +
|UDP
 +
|4500
 +
|localhost
 +
|4500
 +
|
 +
|SoftEther SoftEther L2TP/IPSec
 +
|
 +
|-
 +
|}
 +
 +
===Download, Install and Run SoftEther===
 +
 +
Install needed tools
 +
 +
yum install gcc
 +
 +
 +
For SME 9.x 32 Bits
 +
 +
cd /opt
 +
wget http://www.softether-download.com/files/softether/v4.18-9570-rtm-2015.07.26-tree/Linux/SoftEther_VPN_Server/32bit_-_Intel_x86/softether-vpnserver-v4.18-9570-rtm-2015.07.26-linux-x86-32bit.tar.gz
 +
tar zxvf softether-vpnserver-v4.18-9570-rtm-2015.07.26-linux-x86-32bit.tar.gz
 +
cd vpnserver
 +
make # Read and Accept License Agreement, after compile (1 min)
 +
./vpnserver start
 +
 +
For SME 9.x 64 Bits
 +
 +
cd /opt
 +
wget http://www.softether-download.com/files/softether/v4.18-9570-rtm-2015.07.26-tree/Linux/SoftEther_VPN_Server/64bit_-_Intel_x64_or_AMD64/softether-vpnserver-v4.18-9570-rtm-2015.07.26-linux-x64-64bit.tar.gz
 +
tar zxvf softether-vpnserver-v4.18-9570-rtm-2015.07.26-linux-x64-64bit.tar.gz
 +
cd vpnserver
 +
make # Read and Accept License Agreement, after compile (1 min)
 +
./vpnserver start
 +
 +
===Finishing Installation On Windows===
 +
 +
Download Management Interface<BR>
 +
http://www.softether-download.com/files/softether/v4.18-9570-rtm-2015.07.26-tree/Windows/SoftEther_VPN_Server_and_VPN_Bridge/softether-vpnserver_vpnbridge-v4.18-9570-rtm-2015.07.26-windows-x86_x64-intel.exe
 +
 +
After installation Clic On New Setting<BR>
 +
[[Image:SoftEther_WIN_1.png]]
 +
 +
Set Setting Name, Set Host Name, Choose Port Number 5555<BR>
 +
[[Image:SoftEther_WIN_2.png]]
 +
 +
Connect<BR>
 +
[[Image:SoftEther_WIN_3.png]]
 +
 +
Create Management Password<BR>
 +
[[Image:SoftEther_WIN_4.png]]
 +
 +
Choose Remote Access VPN Server<BR>
 +
[[Image:SoftEther_WIN_5.png]]
 +
 +
Create Virtual Hub Name<BR>
 +
[[Image:SoftEther_WIN_6.png]]
 +
 +
Set Dynamic DNS if Needed (Dynamic IP)<BR>
 +
[[Image:SoftEther_WIN_7.png]]
 +
 +
Enable L2TP/IPSec And Create Pre-Shared Key (No More Of 10 Charactere for compatibility with Android)<BR>
 +
[[Image:SoftEther_WIN_8.png]]
 +
 +
Disable VPN Azure<BR>
 +
[[Image:SoftEther_WIN_9.png]]
 +
 +
Create User(s)<BR>
 +
[[Image:SoftEther_WIN_10.png]]
 +
 +
Set User Name, Autentification Method, Password<BR>
 +
[[Image:SoftEther_WIN_11.png]]
 +
 +
Create Local Bridge<BR>
 +
[[Image:SoftEther_WIN_14.png]]
 +
 +
Choose Virtual Hub, Choose Bridge With Tap Device, Set Tap Device Name : soft<BR>
 +
[[Image:SoftEther_WIN_15.png]]
 +
 +
===Check On SME===
 +
 +
# ifconfig
 +
tap_soft  Link encap:Ethernet  HWaddr 00:AC:0D:17:8E:2D 
 +
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
 +
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
 +
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
 +
          collisions:0 txqueuelen:500
 +
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
 +
 +
===Auto Start SoftEther vpnserver===
 +
 +
nano /etc/init.d/vpnserver
 +
 +
#!/bin/sh
 +
#
 +
### BEGIN INIT INFO
 +
# Provides: vpnserver
 +
# Default-Start:
 +
# Default-Stop:
 +
# Should-Start: portreserve
 +
# Required-Start: $network
 +
# Required-Stop:
 +
# Short-Description: Start and stop the vpnserver server
 +
# Description: SoftEther VPN Server.
 +
### END INIT INFO
 +
DAEMON=/opt/vpnserver/vpnserver
 +
LOCK=/var/lock/subsys/vpnserver
 +
test -x $DAEMON || exit 0
 +
case "$1" in
 +
start)
 +
$DAEMON start
 +
touch $LOCK
 +
;;
 +
stop)
 +
$DAEMON stop
 +
rm $LOCK
 +
;;
 +
restart)
 +
$DAEMON stop
 +
sleep 3
 +
$DAEMON start
 +
;;
 +
*)
 +
echo "Usage: $0 {start|stop|restart}"
 +
exit 1
 +
esac
 +
exit 0
 +
 +
Start In Run Level 7
 +
 +
chmod 755 /etc/init.d/vpnserver
 +
ln -s /etc/init.d/vpnserver /etc/rc7.d/S79vpnserver
 +
 +
===Download And Install Bridging===
 +
 +
{{Note box|the procedure below is a little dirty, but I don't want to have dependency (OpenVPN). see TODO}}
 +
 +
For SME 9.x 32 Bits
 +
 +
rpm -i http://koozali.groenz.co.nz/releases/9.1/smecontribs/i386/RPMS/smeserver-bridge-interface-0.2-1.el6.sme.noarch.rpm --nodeps
 +
signal-event post-upgrade; signal-event reboot
 +
 +
For SME 9.x 64 Bits
 +
 +
rpm -i http://koozali.groenz.co.nz/releases/9.1/smecontribs/x86_64/RPMS/smeserver-bridge-interface-0.2-1.el6.sme.noarch.rpm --nodeps
 +
signal-event post-upgrade; signal-event reboot
 +
 +
===Configure Bridging and restart===
 +
 +
config setprop bridge ethernetInterface YOUR_LAN_INTERFACE
 +
config setprop bridge tapInterface tap_soft
 +
/etc/init.d/bridge restart
 +
 +
Check Bridge
 +
 +
# brctl show
 +
bridge name    bridge id              STP enabled    interfaces
 +
br0            8000.00ac0d178e2d      no              em1
 +
                                                        tap_soft
 +
 +
===Test With Windows===
 +
 +
{{Note box|Sorry For ScreenShot In French it's My Mother Language}}
 +
 +
Create VPn Connection<BR>
 +
 +
Set Internet Address and Destination Name, clic do not connect now and Next<BR>
 +
[[Image:SoftEther_WIN_CON_1.png]]
 +
 +
 +
Set User Name and Password<BR>
 +
[[Image:SoftEther_WIN_CON_2.png]]
 +
 +
Set Property On Your VPN Connection<BR>
 +
[[Image:SoftEther_WIN_CON_4.png]]
 +
 +
Choose VPN Network Type and clic on Advanced Settings<BR>
 +
[[Image:SoftEther_WIN_CON_5.png]]
 +
 +
Type Your Pre-Shared Key<BR>
 +
[[Image:SoftEther_WIN_CON_6.png]]
 +
 +
Make A Connection and Check State<BR>
 +
[[Image:SoftEther_WIN_CON_7.png]]
 +
 +
You can now access your samba ressources !
 +
 +
==TODO==
 +
 +
Create a rpm with softether vpnserver RTM<BR>
 +
Create a rpm with a bridge for softether<BR>
 +
Use SME Radius

Revision as of 22:03, 18 December 2015

Maintainer

This howto has been developed by User:beckynet

Sources info are located here : http://www.softether.org/

Placeholder for http://forums.contribs.org/index.php/topic,52134.0.html

Status

Important.png Note:
Project Under Development.


Description

SoftEther VPN ("SoftEther" means "Software Ethernet") is one of the world's most powerful and easy-to-use multi-protocol VPN software. It runs on Windows, Linux, Mac, FreeBSD and Solaris. SoftEther VPN is open source. You can use SoftEther for any personal or commercial use for free charge. SoftEther VPN is an optimum alternative to OpenVPN andMicrosoft's VPN servers. SoftEther VPN has a clone-function of OpenVPN Server. You can integrate from OpenVPN to SoftEther VPN smoothly. SoftEther VPN is faster than OpenVPN. SoftEther VPN also supports Microsoft SSTP VPN for Windows Vista / 7 / 8 / 10. No more need to pay expensive charges for Windows Server license for Remote-Access VPN function. SoftEther VPN can be used to realize BYOD (Bring your own device) on your business. If you have smartphones, tablets or laptop PCs, SoftEther VPN's L2TP/IPsec server function will help you to establish a remote-access VPN from your local network. SoftEther VPN's L2TP VPN Server has strong compatible withWindows, Mac, iOS and Android. SoftEther Schematic.jpg

Processing

Step to install and run SoftEther

Configure Port Forwarding

Protocol Source Port(s) Destination Host IP Address Destination Port(s) Allow Hosts Rule Comment Action
TCP 1194 localhost 1194 SoftEther OpenVPN
TCP 5555 localhost 5555 SoftEther Management
UDP 1194 localhost 1194 SoftEther OpenVPN
UDP 500 localhost 500 SoftEther SoftEther L2TP/IPSec
UDP 1701 localhost 1701 SoftEther SoftEther L2TP/IPSec
UDP 4500 localhost 4500 SoftEther SoftEther L2TP/IPSec

Download, Install and Run SoftEther

Install needed tools

yum install gcc 


For SME 9.x 32 Bits

cd /opt
wget http://www.softether-download.com/files/softether/v4.18-9570-rtm-2015.07.26-tree/Linux/SoftEther_VPN_Server/32bit_-_Intel_x86/softether-vpnserver-v4.18-9570-rtm-2015.07.26-linux-x86-32bit.tar.gz
tar zxvf softether-vpnserver-v4.18-9570-rtm-2015.07.26-linux-x86-32bit.tar.gz
cd vpnserver
make # Read and Accept License Agreement, after compile (1 min)
./vpnserver start

For SME 9.x 64 Bits

cd /opt
wget http://www.softether-download.com/files/softether/v4.18-9570-rtm-2015.07.26-tree/Linux/SoftEther_VPN_Server/64bit_-_Intel_x64_or_AMD64/softether-vpnserver-v4.18-9570-rtm-2015.07.26-linux-x64-64bit.tar.gz
tar zxvf softether-vpnserver-v4.18-9570-rtm-2015.07.26-linux-x64-64bit.tar.gz
cd vpnserver
make # Read and Accept License Agreement, after compile (1 min)
./vpnserver start

Finishing Installation On Windows

Download Management Interface
http://www.softether-download.com/files/softether/v4.18-9570-rtm-2015.07.26-tree/Windows/SoftEther_VPN_Server_and_VPN_Bridge/softether-vpnserver_vpnbridge-v4.18-9570-rtm-2015.07.26-windows-x86_x64-intel.exe

After installation Clic On New Setting
SoftEther WIN 1.png

Set Setting Name, Set Host Name, Choose Port Number 5555
SoftEther WIN 2.png

Connect
SoftEther WIN 3.png

Create Management Password
SoftEther WIN 4.png

Choose Remote Access VPN Server
SoftEther WIN 5.png

Create Virtual Hub Name
SoftEther WIN 6.png

Set Dynamic DNS if Needed (Dynamic IP)
SoftEther WIN 7.png

Enable L2TP/IPSec And Create Pre-Shared Key (No More Of 10 Charactere for compatibility with Android)
SoftEther WIN 8.png

Disable VPN Azure
SoftEther WIN 9.png

Create User(s)
SoftEther WIN 10.png

Set User Name, Autentification Method, Password
SoftEther WIN 11.png

Create Local Bridge
SoftEther WIN 14.png

Choose Virtual Hub, Choose Bridge With Tap Device, Set Tap Device Name : soft
SoftEther WIN 15.png

Check On SME

# ifconfig
tap_soft  Link encap:Ethernet  HWaddr 00:AC:0D:17:8E:2D  
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:0 errors:0 dropped:0 overruns:0 frame:0
         TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:500 
         RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

Auto Start SoftEther vpnserver

nano /etc/init.d/vpnserver

#!/bin/sh
#
### BEGIN INIT INFO
# Provides: vpnserver
# Default-Start:
# Default-Stop:
# Should-Start: portreserve
# Required-Start: $network
# Required-Stop:
# Short-Description: Start and stop the vpnserver server
# Description: SoftEther VPN Server.
### END INIT INFO
DAEMON=/opt/vpnserver/vpnserver
LOCK=/var/lock/subsys/vpnserver
test -x $DAEMON || exit 0
case "$1" in
start)
$DAEMON start
touch $LOCK
;;
stop)
$DAEMON stop
rm $LOCK
;;
restart)
$DAEMON stop
sleep 3
$DAEMON start
;;
*)
echo "Usage: $0 {start|stop|restart}"
exit 1
esac
exit 0

Start In Run Level 7

chmod 755 /etc/init.d/vpnserver
ln -s /etc/init.d/vpnserver /etc/rc7.d/S79vpnserver

Download And Install Bridging

Important.png Note:
the procedure below is a little dirty, but I don't want to have dependency (OpenVPN). see TODO


For SME 9.x 32 Bits

rpm -i http://koozali.groenz.co.nz/releases/9.1/smecontribs/i386/RPMS/smeserver-bridge-interface-0.2-1.el6.sme.noarch.rpm --nodeps
signal-event post-upgrade; signal-event reboot

For SME 9.x 64 Bits

rpm -i http://koozali.groenz.co.nz/releases/9.1/smecontribs/x86_64/RPMS/smeserver-bridge-interface-0.2-1.el6.sme.noarch.rpm --nodeps
signal-event post-upgrade; signal-event reboot

Configure Bridging and restart

config setprop bridge ethernetInterface YOUR_LAN_INTERFACE
config setprop bridge tapInterface tap_soft
/etc/init.d/bridge restart

Check Bridge

# brctl show
bridge name     bridge id               STP enabled     interfaces
br0             8000.00ac0d178e2d       no              em1
                                                        tap_soft

Test With Windows

Important.png Note:
Sorry For ScreenShot In French it's My Mother Language


Create VPn Connection

Set Internet Address and Destination Name, clic do not connect now and Next
SoftEther WIN CON 1.png


Set User Name and Password
SoftEther WIN CON 2.png

Set Property On Your VPN Connection
SoftEther WIN CON 4.png

Choose VPN Network Type and clic on Advanced Settings
SoftEther WIN CON 5.png

Type Your Pre-Shared Key
SoftEther WIN CON 6.png

Make A Connection and Check State
SoftEther WIN CON 7.png

You can now access your samba ressources !

TODO

Create a rpm with softether vpnserver RTM
Create a rpm with a bridge for softether
Use SME Radius