Link to download a pdf
https://drive.google.com/uc?export=d...lZod3B5Nk5TQUk
SoftEther Client for Linux is not an easy setup. You will not find this tutorial anywhere else. Not complete like this...
You must have some basic knowledge of Linux commands like how to remove a file if you need to by: ( $ sudo rm and the file location) and how to use vi editor. This involves finding your local ip for your network card and changing routing tables with a init script. I would only recommend trying this on a cloned VM until you understand how it works.
Use wget to download SortEther Client for Linux. Go to SoftEthers download page and copy the download link for SoftEther Client Linux and past it in the command line.
$ wget softether-vpnclient-v2.00-9387-rtm-2013.09.16-linux-x64bit.tar.gaz
Once the client is downloaded extract the tar file:
$ tar xzvf softether-vpnclient-v2.00-9387-rtm-2013.09.16-linux-x64bit.tar.gaz
Now we have to compile and make vpnclient an executable file by running these commands (if you run into a problem here make sure you have the development tools installed):
$ cd vpnclient
$ make
Enter 1 three times when asked to read and accept the License Agreement, and then move the files to another directory and change permissions:
$ cd
$ sudo mv vpnclient /usr/local/
$ cd /usr/local/vpnclient
$ sudo chmod 600 *
$ sudo chmod 700 vpnclient
$ sudo chmod 700 vpncmd
Then start the VPN client service:
$ sudo ./vpnclient start
To configure our client, we're going to use vpncmd. While you're in the vpnclient directory enter this command to run vpncmd tool:
$ sudo ./vpncmd
vpncmd command - SoftEther VPN Command Line Management Utility
SoftEther VPN Command Line Management Utility (vpncmd command)
Version 2.00 Build 9387 (English)
Compiled 2013/09/16 12:45:42 by yagi at pc25
Copyright (c) SoftEther Project. All Rights Reserved.
By using vpncmd program, the following can be achieved.
1. Management of VPN Server or VPN Bridge
2. Management of VPN Client
3. Use of VPN Tools (certificate creation and Network Traffic Speed Test Tool)
Select 1, 2 or 3:
2
Specify the host name or IP address of the computer that the destination VPN Client is operating on.
If nothing is input and Enter is pressed, connection will be made to localhost (this computer).
Hostname of IP Address of Destination: localhost
Connected to VPN Client "localhost".
VPN Client>
remoteenable
RemoteEnable command - Allow Remote Management of VPN Client Service
The command completed successfully.
VPN Client>
niccreate
NicCreate command - Create New Virtual Network Adapter
Virtual Network Adapter Name:
vpn
The command completed successfully.
VPN Client>
niclist
NicList command - Get List of Virtual Network Adapters
Item |Value
----------------------------+-----------------------------------
Virtual Network Adapter Name|vpn
Status |Enabled
MAC Address |00ACDD071970
Version |Version 2.00 Build 9387 (English)
The command completed successfully.
VPN Client>
From here there is two ways to go about setting up the connection. You can set it up manually, or you can export your VPN Connections Settings from SoftEther VPN Client Manager on your Windows Client and import the file into your Linux Client.
To export the file from your Windows Client open your Windows SoftEther VPN Client Manager. Click on the connection you want to export the file from. Click Connect. From the drop down menu select Export VPN Connection Settings and save the file to a USB drive.
Back to your Linux machine… Open files. Copy and paste the SoftEther VPN Connection Settings into your Home directory. You can right click the file > properties to see the file location. It should be /home/ your usr name/
Back to vpncmd in the terminal.
VPN Client>
accountimport
AccountImport command - Import VPN Connection Setting
Import Source File Name:
/home/usr/nate.vpn
The VPN Connection Setting "nate" was imported.
The command completed successfully.
VPN Client>
accountget nate
AccountGet command - Get Setting of VPN Connection Setting
Item |Value
-----------------------------------------------------+------------------------
VPN Connection Setting Name |nate
Destination VPN Server Host Name |55.55.55.55
Destination VPN Server Port Number |443
Destination VPN Server Virtual Hub Name |test
Proxy Server Type |Direct TCP/IP Connection
Verify Server Certificate |Disable
Device Name Used for Connection |vpn
Authentication Type |standard
User Name |fs0ciety
Number of TCP Connections to Use in VPN Communication|1
Interval between Establishing Each TCP Connection |1
Connection Life of Each TCP Connection |Infinite
Use Half Duplex Mode |Disable
Encryption by SSL |Enable
Data Compression |Disable
Connect by Bridge / Router Mode |Disable
Connect by Monitoring Mode |Disable
No Adjustment for Routing Table |Disable
Do not Use QoS Control Function |Disable
The command completed successfully.
VPN Client>
accountlist
AccountList command - Get List of VPN Connection Settings
Item |Value
----------------------------+-----------------------------------------------
VPN Connection Setting Name |nate
Status |Offline
VPN Server Hostname |55.55.55.55:443 (Direct TCP/IP Connection)
Virtual Hub |test
Virtual Network Adapter Name|vpn
The command completed successfully.
VPN Client>
accountconnect nate
AccountConnect command - Start Connection to VPN Server using VPN Connection Setting
The command completed successfully.
VPN Client>
accountlist
AccountList command - Get List of VPN Connection Settings
Item |Value
----------------------------+-----------------------------------------------
VPN Connection Setting Name |nate
Status |
Connected
VPN Server Hostname |55.55.55.55:443 (Direct TCP/IP Connection)
Virtual Hub |test
Virtual Network Adapter Name|vpn
The command completed successfully.
The last step is to automate this vpn connection so that when vpnclient starts so does the connection:
VPN Client>
accountstartupset nate
Now we have to set up ip routes and send a DHCP request to the server to get a local ip address for the NIC adapter and configure the DNS.
But first I’m going to show how to do a manual setup in vpncmd.
To set this up manually using vpncmd, create a new VPN connection named nate:
VPN Client>
accountcreate nate
Then enter your SoftEther VPN server's IP and Port number. The port number could be any port that you have set as listening on your server. By default, SoftEther listens on these four ports: 443, 992, 1194, 5555. Here as an example where we use port 443:
Destination VPN Server Host Name and Port Number: [VPN Server IP Address]
555.555.55.55:443
Note: Instead of an IP Address, you could also enter your vpn server's fully qualified domain name (DNS Hostname). If you’r using this on a vpn server with a dynamic public ip address or your server is behind a router you will need to use the DNS Hostname instead of the public ip address of the server.
Now enter the name of the Virtual Hub you're trying to connect to on your server. In our case it is named test:
Destination Virtual Hub Name:
test
Then enter the username of a user you created in your server. We created a user called fs0ciety:
Connecting User Name:
fs0ciety
Now enter the name of the Virtual Adapter you just created. We created a Virtual Network Adapter called vpn:
Used Virtual Network Adapter Name:
vpn
Now our VPN connection has been created and it's ready to be connected. One last step is to change the Authentication mode to Password since that's how we configured our user's authentication mode in the server:
VPN Client>
AccountPasswordSet nate
When asked, enter standard as password authentication method:
Specify standard or radius:
standard
Finally we can connect our connection-- use this command:
VPN Client>
accountconnect nate
You can see the connection status using these commands:
VPN Client>
accountstatusget nate
Or
VPN Client>
accountlist
AccountList command - Get List of VPN Connection Settings
Item |Value
----------------------------+-----------------------------------------------
VPN Connection Setting Name |nate
Status |
Connected
VPN Server Hostname |55.55.55.55:443 (Direct TCP/IP Connection)
Virtual Hub |test
Virtual Network Adapter Name|vpn
The command completed successfully.
The last step is to automate this vpn connection so that when vpnclient starts so does the connection:
VPN Client>
accountstartupset nate
Now comes the hard part….
The first thing we want to do is send a dhcp request to the vpn server to get the default gateway local ip for the NIC (virtual network adapter) which in this example was called: vpn
Note: when you connect from a Windows Client you will see the default gateway local ip pop up in a box just after connection is made. This will be the same default gateway ip. The SoftEther Server default is 192.168.30.1 but I will also show you how to check what it is through the command line.
To send the dhcp request to the server:
$ sudo dhclient vpn_vpn (Yes it is “vpn_vpn” not “vpn”)
You can check the allotted ip address by:
$ ip addr show vpn_vpn
Note: This will not give the default local ip… but it will give you an idea of what it is. The ip address it shows will look like this:
inet: 192.168.30.10/24 brd 192.168.30.255 scope global vpn_vpn
You see that your ip is 192.168.30.10/24, so you should know that first ip in that subnet is 192.168.30.1, the last is 192.168.30.255. For most SoftEther servers, first ip in the subnet (192.168.30.1) is the default local ip that the vpn server issues to the NIC.
To get what we are looking for, the default local ip of the NIC adapter:
$ ip neigh
You should see the ip you are looking for, the default local ip in the results. It will look like:
192.168.30.1 dev vpn_vpn
Now we need to get the default gateway local ip of our PC. Get the default gateway ip by:
$ route -n
The gateway corresponding to 0.0.0.0 is the default gateway.
Before we tweak the routing table with a init script, we need to enable ip forward in /etc/sysctl.conf by uncommenting line net.ipv4.ip_forward=1
Open /etc/sysctl.conf by:
$ sudo vi /etc/sysctl.conf
Use the down button to you get the cursor on the line:
# net.ipv4.ip_forward=1
Uncomment the line by pressing ctrl+v then press d to delete the #
Then to write the file and exit press esc then ctrl+zz
Note: If you f#ck this up you can hit esc, then :q! to exit the editor without changing the file. Then try again.
Now we need to load the changes to the file by:
$ sudo sysctl -p
Now for the fun part, the init script to automate the ip route changes when vpnclient is started.
First we need to change the init script to fit our setup by copy and pasting it to notepad or another txt editor and change the ip addresses to the ones we found earlier.
#! /bin/sh
### BEGIN INIT INFO
# Provides: vpnclient
# Required-Start: $all
# Required-Stop: $network $local_fs $remote_fs $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Start VPN Client at boot time
# chkconfig: 345 44 56
# description: Start VPN Client at boot time.
# processname: vpnclient
### END INIT INFO
# /etc/init.d/vpnclient
case "$1" in
start)
echo "Starting VPN Client"
/usr/local/vpnclient/vpnclient start
sleep 1
ifdown vpn_vpn
sleep 1
ifup vpn_vpn
sleep 1
route add -host 55.55.55.55 gw 192.168.0.1
route del default
route add default gw 192.168.30.1 dev vpn_vpn
;;
stop)
echo "Stopping VPN Client"
/usr/local/vpnclient/vpnclient stop
route del -host 55.55.55.55
route del default
route add default gw 192.168.0.1 dev eth0
;;
*)
echo "Usage: /etc/init.d/vpnclient {start|stop}"
exit 1
;;
esac
exit 0
Server public ip = 55.55.55.55
Client default gateway ip address = 192.168.0.1
NIC virtual adapter default local ip = 192.168.30.1
You can get the init script on github with this link but you have to aslo change the stop/start file path from usr/local/bin/vpnclient to usr/local/vpnclient/vpnclient
https://gist.github.com/legokichi/10535395
Insert the init script by copy and pasting it into /etc/init.d/vpnclient by:
$ sudo vi /etc/init.d/vpnclient
Hit i to insert then paste the script to the file. To save and close hit esc then ctrl+zz
Now we need to set permissions for the file by:
$ sudo chmod 755 /etc/init.d/vpnclient
Now update the run levels of vpnclient by:
$ sudo update-rc.d vpnclient defaults
Now run the init script by:
$ sudo /etc/init.d/vpnclient start
Now the ip routes should be correct, there is one last thing to do, configure the DNS by:
$ sudo su
$ echo “nameserver 8.8.8.8” >> “/etc/resolv.conf”
That’s it, you should be connected using the public ip of the server. Check by opening up whoer.net
Now to run this from here on out after reboot in 3 steps. Reboot by:
$ reboot
Step 1. after reboot, open a terminal and start vpnclient and change routes by:
$ sudo /etc/init.d/vpnclient start
Step 2. you have to send the DHCP request to the server by:
$ sudo dhclient vpn_vpn
Step 3. configure the DNS
$ sudo su
$ echo “nameserver 8.8.8.8” >> “/etc/resolv.conf”
Ater those 3 steps you should connect every time
