Running softether vpn on smartos

An Open-Source Free ​Cross-platform Multi-protocol VPN Program.

Getting SoftEther running on Smartos in a branded zone isn't that difficult, it's just a lot of work :)

Downloading and compiling

Import debian 8:

# imgadm import 445d04f4-cad6-11e5-a1a0-9f6c0ce02707

And create a nice lx branded zone:

{
  "brand": "lx",
  "image_uuid": "445d04f4-cad6-11e5-a1a0-9f6c0ce02707",
  "kernel_version": "3.13.0",
  "autoboot": true,
  "alias": "lxvpn",
  "hostname": "lxvpn",
  "dns_domain": "mindtravel.nl",
 "nics": [
  {
    "nic_tag": "admin",
    "ip": "192.168.1.123",
    "netmask": "255.255.255.0",
    "gateway": "192.168.1.1"
  }
 ],
  "resolvers": [
    "192.168.1.5"
  ],
 "max_physical_memory": 512,
 "quota": 10
}

Make sure to update the system:

# apt-get update

and install the basic stuff to be able to compile stuff:

# apt-get install build-essential -y

You can not find softether as a .deb so I downloaded the install package directly from the website using lynx

# apt-get install lynx

Now browse to the download website and download the file softether-vpnserver-v4.18-9570-rtm-2015.07.26-linux-x64-64bit.tar.gz by selecting the file and press D to save it.

# lynx http://www.softether-download.com/files/softether/v4.18-9570-rtm-2015.07.26-tree/Linux/SoftEther_VPN_Server/64bit_-_Intel_x64_or_AMD64/

Unpack the file:

# tar zxfv softether-vpnserver-v4.18-9570-rtm-2015.07.26-linux-x64-64bit.tar.gz

Time to build the server code and press a couple of times 1 for accepting some stuff and move it to a nice location:

# cd vpnserver
# make
# cd ..
# mv vpnserver /usr/local
# cd /usr/local/vpnserver/
# chmod 600 *
# chmod 700 vpnserver
# chmod 700 vpncmd

Create a nice service file:

# vi /etc/init.d/vpnserver

with the content:

#!/bin/sh
# chkconfig: 2345 99 01
# description: SoftEther VPN Server
DAEMON=/usr/local/vpnserver/vpnserver  
LOCK=/var/lock/subsys/vpnserver  
test -x $DAEMON || exit 0  
case "$1" in  
start)  
$DAEMON start
touch $LOCK  
;;
stop)  
$DAEMON stop
rm $LOCK  
;;
restart)  
$DAEMON stop
sleep 3  
$DAEMON start
;;
*)
echo "Usage: $0 {start|stop|restart}"  
exit 1  
esac  
exit 0  

Start the server and make it start on boot:

# chmod 755 /etc/init.d/vpnserver && /etc/init.d/vpnserver start
# update-rc.d vpnserver defaults

Configuring the server

Start the cli client and configure the server password:

# ./vpncmd
// and select option 1

And type:

ServerPasswordSet  

To use Softether we need to setup a virtual hub. I named it VPN.
Lets create a VirtualHub and select it:

HubCreate VPN  
Hub VPN  
SecureNatEnable  
bridgecreate VPN /DEVICE:soft /TAP:yes  

The last command sets the way it can connect to the internal network.
Create a user test and set a password:

UserCreate test  
UserPasswordSet test  

I use an OSX laptop to connect. For this case you need to enable L2TP/IPsec with the following command:

IPsecEnable  

The system will ask some questions, just press YES.
Also you will need to create a pre-shared key, used to connect if you are not using a cert to connect to the server.

Make sure you have the UDP port 500 and 4500 open to the server and your done and ready to connect with the user test to your vpn :D

Setting up your OSX client is very easy, just check this page

date: 14 March 2016