I’ll need 2 programs to achieve this, assuming you already have access to a Linux box and you can connect using putty client. Need S/w packages are-
- Putty and
- SeaMonkey Browser
Follow the following steps-
Brain's Workbench
I’ll need 2 programs to achieve this, assuming you already have access to a Linux box and you can connect using putty client. Need S/w packages are-
Follow the following steps-
Download and Install SoftEther VPN Client
Download SoftEther VPN Client software from their official website (https://www.softether.org).
Navigate to Download — > Download SoftEther VPN
Click on Download SoftEther VPN link.
After the completion of make command process, start the vpn client using:
It’s assumed that you already have a vpn server deployed in your network, created user, password and enabled bridged network during vpn server configuration. A sample snippet of VPN Server Bridge enabled is below-
So here’re the setup value-
Let’s start.
My setup was done on Debian-10 fresh installation, should work on any linux distro though, it’s simple. The dependency packages that I needed were development tools/build-essentials and few other which were installed as below-
apt-get update apt-get install build-essential gcc openssl apt-transport-https
Softether Auto Install Script for multi platforms updated version
Centos 6 or 7 x64
Instruction
Choose your desired platform folder
Download installer.sh using wget or transfer to your root directory using ftp
This tutorial will describe securing access to a private network using a Pritunl server. The diagram below shows the network topology for this tutorial.
First remove the 0.0.0.0/0 route from the server. This route tunnels all internet traffic over the vpn, for this setup only the traffic for the private network will be tunneled.
Update your bare-bone and freshly installed Ubuntu 16 system.
sudo apt-get update && sudo apt-get upgrade
Add Pritunl’s APT repository and update the package lists:
echo "deb http://repo.mongodb.org/apt/ubuntu trusty/mongodb-org/3.0 multiverse" > /etc/apt/sources.list.d/mongodb-org-3.0.list echo "deb http://repo.pritunl.com/stable/apt trusty main" > /etc/apt/sources.list.d/pritunl.list
Add repo keys for apt to validate against
apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv 7F0CEB10 apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv CF8E292A
Update the package cache
sudo apt-get update
If you have a firewall running on the Linode, add exceptions for Pritunl’s Web UI and server:
sudo iptables -A INPUT -p udp -m udp --sport 9700 --dport 1025:65355 -j ACCEPT sudo iptables -A INPUT -p tcp -m tcp --sport 9700 --dport 1025:65355 -j ACCEPT sudo iptables -A INPUT -p `your protocol here` -m `your protocol here` --sport `your_port_here` --dport 1025:65355 -j ACCEPT
NoteIf you’ve configured the firewall according to the Securing Your Server guide, be sure to add these port ranges to the /etc/iptables.firewall.rules file.
Install Pritunl and its required dependencies:
sudo apt-get install python-software-properties pritunl mongodb-org
Start the Pritunl service:
sudo service pritunl start
Open a web browser on your computer, and navigate to https://123.45.67.89:9700, replacing 123.45.67.89 with your VM IP address. You will see a screen similar to this:
SoftEther VPN is one of the world’s most powerful and easy-to-use multi-protocol VPN software, made by the good folks at the University of Tsukuba, Japan. It runs on Windows, Linux, Mac, FreeBSD and Solaris and is freeware and open-source. You can use SoftEther for any personal or commercial use free of charge.
Step 1: Create a Virtual Server
First, you need to create a DigitalOcean Droplet. As mentioned in SoftEther’s website, SoftEther will work on almost every Linux distro with kernel v2.4 or above,; however it’s recommended to choose one of these distributions: CentOS, Fedora, or Red Hat Enterprise Linux.
Personally I have tried it on Ubuntu, CentOS and Fedora, both 32 and 64 bit editions, and it has worked perfectly.
Step 2: Update your Server Software
Using the command below, update and upgrade your server software packages to the latest version:
Debian / Ubuntu:
apt-get update && apt-get upgrade
CentOS / Fedora:
yum upgrade
Step 3: Download SoftEther
You can download the latest SoftEther server package for Linux from their website:
Download SoftEther
Unfortunately, there is no way of getting the latest version through package managers (or even using a single url) at the moment. Therefore you have to browse their website using a desktop browser to download the package. There are a couple of ways of dealing with this: First, browse their website on your own computer and then depending on your server configuration (OS, x86/x64, etc.) find the link to the appropriate package then use wget to download the package to your server. Alternatively, you can use a terminal based web browser such as lynx to browse the SoftEther website and download the right package.
Today we will setup a Site to Site ipsec VPN with Strongswan, which will be configured with PreShared Key Authentication.
After our tunnels are established, we will be able to reach the private ips over the vpn tunnels.
Get the Dependencies:
Update your repository indexes and install strongswan:
$ apt update && sudo apt upgrade -y $ apt install strongswan -y
Set the following kernel parameters:
$ cat >> /etc/sysctl.conf << EOF net.ipv4.ip_forward = 1 net.ipv4.conf.all.accept_redirects = 0 net.ipv4.conf.all.send_redirects = 0 EOF $ sysctl -p /etc/sysctl.conf
Generate Preshared Key:
We will need a preshared key that both servers will use:
1) If RRAS based VPN server is behind a firewall (i.e. a firewall is placed between Internet and RRAS server), then following ports need to be opened (bidirectional) on this firewall to allow VPN traffic to pass through: –
In this tutorial, I will use pptp as protocol to connect to VPN server using a username and password, with 128 bit MPPE encryption. Variable as below:
OS: CentOS 6 64bit
VPN server: 209.85.227.26
VPN client IP: 209.85.227.27 – 209.85.227.30
VPN username: vpnuser
Password: myVPN$99
Install ppp via yum:
$ yum install ppp -y
Download and install pptpd (the daemon for point-to-point tunneling). You can find the correct package at this website http://poptop.sourceforge.net/yum/stable/packages/ :
$ cd /usr/local/src $ wget http://poptop.sourceforge.net/yum/stable/packages/pptpd-1.3.4-2.el6.x86_64.rpm $ rpm -Uhv pptpd-1.3.4-2.el6.x86_64.rpm
Updated rpm link-
https://lnmpp.googlecode.com/files/pptpd-1.3.4-2.el6.x86_64.rpm
Once installed, open /etc/pptpd.conf using text editor and add following line:
localip 209.85.227.26 remoteip 209.85.227.27-30
*in remoteip you can use your lan interface IP if you have dual interface.
Open /etc/ppp/options.pptpd and add authenticate method, encryption and DNS resolver value:
require-mschap-v2 require-mppe-128 ms-dns 8.8.8.8
Lets create user to access the VPN server. Open /etc/ppp/chap-secrets and add the user as below:
vpnuser pptpd myVPN$99 *
The format is: [username] [space] [server] [space] [password] [space][IP addresses]
We need to allow IP packet forwarding for this server. Open /etc/sysctl.conf via text editor and change line below:
net.ipv4.ip_forward = 1
Run following command to take effect on the changes:
sysctl -p
Allow IP masquerading in IPtables by executing following line:
$ iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
$ service iptables save $ service iptables restart
Update: Once you have done with step 8, check the rules at /etc/sysconfig/iptables. Make sure that the POSTROUTING rules is above any REJECT rules.
Turn on the pptpd service at startup and reboot the server:
$ chkconfig pptpd on
$ init 6
Once the server is online after reboot, you should now able to access the PPTP server from the VPN client. You can monitor /var/log/messages for ppp and pptpd related log. Cheers!
Src: http://blog.secaserver.com/2011/10/install-vpn-pptp-server-centos-6/