Welcome to AUXNET IRC Network

Idle on AUXnet a lot? Why not play our idlerpg game, you can check it out at #idleRPG - for more information visit the website http://idlerpg.auxnet.org

VPN: Softether VPN Server di CentOS 6

Attention: open in a new window. PDFPrintE-mail



# vi /etc/hosts server.localdomain server client.localdomain client

Server и Client

# yum groupinstall -y "Development Tools"

# yum install -y \
readline-devel \
ncurses-devel \

# yum install -y git

# cd /tmp

# git clone https://github.com/SoftEtherVPN/SoftEtherVPN/

# cd /tmp/SoftEtherVPN/

#  ./configure && make && make install


# vpnserver start # vpncmd 1 Enter Enter -- задать рутовый пароль сервера VPN Server>ServerPasswordSet -- отключаем keepalive-пакеты. VPN Server>KeepDisable -- создаем виртуальный хаб командой HubCreate VPN Server>hubcreate vpnserver -- перейти в режим администрирования хаба VPN Server>Hub vpnserver -- Автоматом вместе с NAT включается и DHCP. VPN Server/vpnserver>SecureNATEnable VPN Server/vpnserver> UserCreate username1 VPN Server/vpnserver> UserPasswordSet username1 VPN Server/vpnserver>IPsecEnable IPsecEnable command - Enable or Disable IPsec VPN Server Function Enable L2TP over IPsec Server Function (yes / no): yes Enable Raw L2TP Server Function (yes / no): no Enable EtherIP / L2TPv3 over IPsec Server Function (yes / no): no Pre Shared Key for IPsec (Recommended: 9 letters at maximum): __________________ Default Virtual HUB in a case of omitting the HUB on the Username: vpn The command completed successfully. -- посмотреть статус хаба VPN Server/vpnserver>StatusGet StatusGet command - Get Current Status of Virtual Hub Item |Value -----------------------------+------------------- Virtual Hub Name |vpnserver Status |Online Type |Standalone SecureNAT |Enabled Sessions |1 Access Lists |0 Users |1 Groups |0 MAC Tables |1 IP Tables |1 Num Logins |0 Last Login |2014-04-07 05:46:57 Last Communication |2014-04-07 05:50:37 Created at |2014-04-07 05:46:57 Outgoing Unicast Packets |28 packets Outgoing Unicast Total Size |1,176 bytes Outgoing Broadcast Packets |0 packets Outgoing Broadcast Total Size|0 bytes Incoming Unicast Packets |28 packets Incoming Unicast Total Size |1,176 bytes Incoming Broadcast Packets |60 packets Incoming Broadcast Total Size|3,660 bytes The command completed successfully. Хаб можно выключить командой Offline и вернуть обратно командой Online. VPN Server/vpnserver>exit

buat config untuk menjalankan softether
nano /etc/init.d/vpnserver paste kan code berikut

#!/bin/sh # chkconfig: 2345 99 01 # description: SoftEther VPN Server DAEMON=/usr/vpnserver/vpnserver LOCK=/var/lock/subsys/vpnserver test -x $DAEMON || exit 0 case "$1" in start) $DAEMON start touch $LOCK ;; stop) $DAEMON stop rm $LOCK ;; restart) $DAEMON stop sleep 3 $DAEMON start ;; *) echo "Usage: $0 {start|stop|restart}" exit 1 esac exit 0

 save dengan cara ctrl+x confirm y, enter
# lsof -i4 -n -P|grep vpnserver vpnserver 1624 root 10u IPv4 22869 0t0 UDP *:33638 vpnserver 1624 root 20u IPv4 22885 0t0 TCP *:443 (LISTEN) vpnserver 1624 root 21u IPv4 24073 0t0 UDP> vpnserver 1624 root 24u IPv4 22889 0t0 TCP *:992 (LISTEN) vpnserver 1624 root 29u IPv4 22895 0t0 TCP *:1194 (LISTEN) vpnserver 1624 root 33u IPv4 22899 0t0 TCP *:5555 (LISTEN) vpnserver 1624 root 37u IPv4 22906 0t0 UDP *:57852 vpnserver 1624 root 44u IPv4 22930 0t0 UDP vpnserver 1624 root 45u IPv4 22931 0t0 UDP vpnserver 1624 root 59u IPv4 23752 0t0 UDP vpnserver 1624 root 60u IPv4 23753 0t0 UDP vpnserver 1624 root 63u IPv4 23756 0t0 UDP vpnserver 1624 root 64u IPv4 23757 0t0 UDP


# vpnclient start # vpncmd 2 Enter VPN Client>AccountList AccountList command - Get List of VPN Connection Settings Item|Value ----+----- The command completed successfully. VPN Client>AccountCreate myconnection /SERVER: /HUB:vpnserver /USER:username1 /NICNAME:username1 -- VPN Client>AccountDelete myconnection VPN Client>AccountPasswordSet myconnection AccountPasswordSet command - Set User Authentication Type of VPN Connection Setting to Password Authentication Please enter the password. To cancel press the Ctrl+D key. Password: *** Confirm input: *** Specify standard or radius: standard The command completed successfully. VPN Client> AccountConnect myconnection -- VPN Client>AccountDisconnect myconnection VPN Client> AccountStartupSet myconnection VPN Client>AccountStatusGet myconnection VPN Client>AccountGet myconnection ЗАМЕНИТЬ ВЫВОД AccountGet command - Get Setting of VPN Connection Setting Item |Value -----------------------------------------------------+-------------------------------- VPN Connection Setting Name |vpn Destination VPN Server Host Name | Destination VPN Server Port Number |443 Destination VPN Server Virtual Hub Name |vpn Proxy Server Type |Direct TCP/IP Connection Verify Server Certificate |Disable Device Name Used for Connection |user1 Authentication Type |Standard Password Authentication User Name |user1 Number of TCP Connections to Use in VPN Communication|1 Interval between Establishing Each TCP Connection |1 Connection Life of Each TCP Connection |Infinite Use Half Duplex Mode |Disable Encryption by SSL |Enable Data Compression |Disable Connect by Bridge / Router Mode |Disable Connect by Monitoring Mode |Disable No Adjustment for Routing Table |Disable Do not Use QoS Control Function |Disable The command completed successfully. VPN Client>exit # dhclient vpn_vpn # ip addr show vpn_vpn 5: vpn_vpn: mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 500 link/ether 00:ac:b6:71:14:2b brd ff:ff:ff:ff:ff:ff inet brd scope global vpn_vpn inet6 fe80::2ac:b6ff:fe71:142b/64 scope link valid_lft forever preferred_lft forever # ip neigh # ip route dev eth0 proto kernel scope link src dev vpn_vpn proto kernel scope link src dev eth0 scope link metric 1002 default via dev vpn_vpn # ping -I vpn_vpn ya.ru PING ya.ru ( from vpn_vpn: 56(84) bytes of data. 64 bytes from www.yandex.ru ( icmp_seq=1 ttl=55 time=13.9 ms 64 bytes from www.yandex.ru ( icmp_seq=2 ttl=55 time=13.3 ms 64 bytes from www.yandex.ru ( icmp_seq=3 ttl=55 time=11.1 ms