Running softether vpn on smartos
An Open-Source Free Cross-platform Multi-protocol VPN Program.
Getting SoftEther running on Smartos in a branded zone isn't that difficult, it's just a lot of work :)
Downloading and compiling
Import debian 8:
# imgadm import 445d04f4-cad6-11e5-a1a0-9f6c0ce02707
And create a nice lx branded zone:
{
"brand": "lx",
"image_uuid": "445d04f4-cad6-11e5-a1a0-9f6c0ce02707",
"kernel_version": "3.13.0",
"autoboot": true,
"alias": "lxvpn",
"hostname": "lxvpn",
"dns_domain": "mindtravel.nl",
"nics": [
{
"nic_tag": "admin",
"ip": "192.168.1.123",
"netmask": "255.255.255.0",
"gateway": "192.168.1.1"
}
],
"resolvers": [
"192.168.1.5"
],
"max_physical_memory": 512,
"quota": 10
}
Make sure to update the system:
# apt-get update
and install the basic stuff to be able to compile stuff:
# apt-get install build-essential -y
You can not find softether as a .deb so I downloaded the install package directly from the website using lynx
# apt-get install lynx
Now browse to the download website and download the file softether-vpnserver-v4.18-9570-rtm-2015.07.26-linux-x64-64bit.tar.gz by selecting the file and press D to save it.
# lynx http://www.softether-download.com/files/softether/v4.18-9570-rtm-2015.07.26-tree/Linux/SoftEther_VPN_Server/64bit_-_Intel_x64_or_AMD64/
Unpack the file:
# tar zxfv softether-vpnserver-v4.18-9570-rtm-2015.07.26-linux-x64-64bit.tar.gz
Time to build the server code and press a couple of times 1 for accepting some stuff and move it to a nice location:
# cd vpnserver
# make
# cd ..
# mv vpnserver /usr/local
# cd /usr/local/vpnserver/
# chmod 600 *
# chmod 700 vpnserver
# chmod 700 vpncmd
Create a nice service file:
# vi /etc/init.d/vpnserver
with the content:
#!/bin/sh
# chkconfig: 2345 99 01
# description: SoftEther VPN Server
DAEMON=/usr/local/vpnserver/vpnserver
LOCK=/var/lock/subsys/vpnserver
test -x $DAEMON || exit 0
case "$1" in
start)
$DAEMON start
touch $LOCK
;;
stop)
$DAEMON stop
rm $LOCK
;;
restart)
$DAEMON stop
sleep 3
$DAEMON start
;;
*)
echo "Usage: $0 {start|stop|restart}"
exit 1
esac
exit 0
Start the server and make it start on boot:
# chmod 755 /etc/init.d/vpnserver && /etc/init.d/vpnserver start
# update-rc.d vpnserver defaults
Configuring the server
Start the cli client and configure the server password:
# ./vpncmd
// and select option 1
And type:
ServerPasswordSet
To use Softether we need to setup a virtual hub. I named it VPN.
Lets create a VirtualHub and select it:
HubCreate VPN
Hub VPN
SecureNatEnable
bridgecreate VPN /DEVICE:soft /TAP:yes
The last command sets the way it can connect to the internal network.
Create a user test and set a password:
UserCreate test
UserPasswordSet test
I use an OSX laptop to connect. For this case you need to enable L2TP/IPsec with the following command:
IPsecEnable
The system will ask some questions, just press YES.
Also you will need to create a pre-shared key, used to connect if you are not using a cert to connect to the server.
Make sure you have the UDP port 500 and 4500 open to the server and your done and ready to connect with the user test to your vpn :D
Setting up your OSX client is very easy, just check this page
date: 14 March 2016