2024年1月13日 星期六

Private Softether VPN Azure

 A. Build private VPN azure

1. Download and build vpnauzure-go


git clone https://github.com/domosekai/vpnazure-go.git 
cd vpnazure-go 
go mod tidy 
go build

2. Modify auth.txt and suffix.txt

auth.txt (seprated by TAB):

vpn* .domain.my password Password_Of_VPNazure_Server

suffix.txt (seperated by TAB):

.domain.my    cloud.domain.my  fullchain.pem   privkey.pem

3. Start vpnazure-go

./vpnazure-go -b 0.0.0.0:443 -auth auth.txt -suffix suffix.txt -log vpnazure.log &

4. Modify DNS record

  • Add A record for VPNazure host: 
cloud.domain.my ip_address_of_cloud.domain.my

  • Add A record for each of VPN server (host to be relayed), for example:
vpn123.domain.my ip_address_of_cloud.domain.my

5. Setup VPN server for vpn123

After completion of setup, VPN client can connect to server by SSTP to vpn123.domain.my


B. Setup VPN server 

1. Download and build Softether VPN server

sudo apt -y install cmake gcc g++ make pkgconf libncurses5-dev libssl-dev libsodium-dev libreadline-dev zlib1g-dev
git clone https://github.com/SoftEtherVPN/SoftEtherVPN.git
cd SoftEtherVPN
git submodule init && git submodule update
./configure
make -C build
sudo make -C build install

2. Modify codes to prevent connecting to softether-related hosts

  • Modify src/Cedar/DDNS.c:
Add instant return for void DCThread()

  • Modify src/Mayaqua/Network.c:
Add instant return for void RUDPGetRegisterHostNameByIP()

  • Rebuild source code:
make -C build
sudo make -C build install


3. Setup VPN server

  • Add auto start system service:
sudo vi /etc/systemd/system/vpnserver.service
------
[Unit]
Description=SoftEther VPN Server
After=network.target

[Service]
Type=forking
ExecStart=/usr/local/bin/vpnserver start
ExecStop=/usr/local/bin/vpnserver stop

[Install]
WantedBy=multi-user.target
------

  • Start vpnserver service:

sudo systemctl start vpnserver
sudo systemctl enable vpnserver
sudo vpncmd

Select 1, 2 or 3: 1
Hostname of IP Address of Destination: [Enter]
Specify Virtual Hub Name: [Enter]
VPN Server>ServerPasswordSet
Password: [Enter password]
Confirm input: [Enter password]
VPN Server>Hub DEFAULT
VPN Server/DEFAULT>UserCreate username
VPN Server/DEFAULT>UserPasswordSet username
Password: [Enter password]
Confirm input: [Enter password]
VPN Server/DEFAULT>SecureNatEnable
VPN Server/DEFAULT>VpnAzureSetCustom
Server address: cloud.domain.my:443
Hostname: vpn123.domain.my
Password: Password_of_VPNazure_Server
VPN Server/DEFAULT>VpnAzureSetEnable yes
exit
張貼者:

沒有留言:

張貼留言

訂閱: 張貼留言 (Atom)