How to Install Softether VPN server on Centos 7. Setting up your own virtual private network server is a good way to evade blockage and be able to access sites that are blocked in your country. Choice of open source VPN packages is long but today we decided to try Softether coming from University of Tsukuba in Japan. The first step is to get server 2012 install on a server. Versatile range of use from SOHO to large enterprises. Connects with a variety of server types N7100 easily satisfies the digitizing needs of small office networks. Configure a DHCP Server on a Cisco router. This article will show you how to successfully configure the DHCP service its parameters on a Cisco router. If you are using DFSR service, you can use dfsrdiag SyncNow command in order to force sysvol replication. Windows 2012, Windows 2008 R2. Each Linux server for Oracle RAC should contain at least two NIC adapters. The Dell PowerEdge T100 includes an embedded BroadcomR. The Complete guide to Windows Deployment Services. How to install and configure WDS in Windows Server 2012 R2 with step by step. Softether have long been proprietary product under name Packet. X and it has been open sourced just several years ago. That may be the reason why it is so Windows oriented, the configuration GUI is windows only and connecting from Linux clients requires extra work. As for forwarders for external lookups, I tend to use any internal DMZ server they might have setup for external lookups and for redundancy you can use their ISP. An article on how install and configure of softether VPN server on centos 7. It is configured with Local Bridge for maximum performance, we only need to connect clients. We are going to use only Linux and no GUIs here, so lets start. In the beginning, lets update the system, install dependencies and disable SElinuxyum updateyum y groupinstall Development Toolsyum y install gcc zlib devel openssl devel readline devel ncurses devel wget tar dnsmasq net tools iptables services system config firewall tui nano iptables servicessed i sSELINUXenforcingSELINUXdisabledg etcselinuxconfig. After this reboot the computer so selinux stop and new kernel start if update had any new kernel. After the server boots up, disable both firewalls because they can interfere with testing. The firewall rules will be set after all is configuredsystemctl disable firewalldsystemctl stop firewalldsystemctl status firewalldservice iptables saveservice iptables stopchkconfig iptables off. Of those two batches of commands, one will error because you are not running two firewalls. Next we need to cd to usrsrc, download the Softether, unpack it and compile it. Latest Version Realplayer 2010 there. Breakaway Audio Enhancer Serial Key on this page. Install And Configure Windows Server 2003 Dhcp Server For Linux' title='Install And Configure Windows Server 2003 Dhcp Server For Linux' />We will use 4. Softether which is in the time of writing newest rtm version. There is also 4. 2. LinuxSoft. EtherVPNServer6. Intelx. 64orAMD6. C usrlocalcd usrlocalvpnservermake. Compile will ask you three questions at the end, you need to answer all with 1. Next wee need to make init script for softether, as one is not included into the install. So run vi etcinit. Objectives+Describe+key+functions+of+the+Network+Information+Service.jpg' alt='Install And Configure Windows Server 2003 Dhcp Server For Linux' title='Install And Configure Windows Server 2003 Dhcp Server For Linux' />BEGIN INIT INFO Provides vpnserver Required Start remotefs syslog Required Stop remotefs syslog Default Start 2 3 4 5 Default Stop 0 1 6 Short Description Start daemon at boot time Description Enable Softether by daemon. END INIT INFODAEMONusrlocalvpnservervpnserver. LOCKvarlocksubsysvpnserver. TAPADDR1. 92. 1. DAEMON exit 0case 1 instartDAEMON starttouch LOCKsleep 1sbinifconfig tapsoft TAPADDR stopDAEMON stoprm LOCK restartDAEMON stopsleep 3DAEMON startsleep 1sbinifconfig tapsoft TAPADDR echo Usage 0 startstoprestartexit 1esacexit 0. Next need to add the executable bit to the init script and start it for the first time in the old fashion way and then enable it it with systemd to start at every boot. Dont mind that it complaints about tap interface, that is because we added it to init script and made it start with softether but didnt yet made the tap interface in softether config. We will come to that latter. Softether is installed, now we configure. Moving over to configuration part, we need to start vpncmd utilityusrlocalvpnservervpncmd. Press 1 to select Management of VPN Server or VPN Bridge, and then whe it asks you which server to configure, just press enter and it wll chose localhost where you just installed Softether. Press Enter one more time to get access to server as Administrator. Next type. Server. Password. Setto set admin password for the server. In order to use softether, virtual hub needs to be created. We will create one named MOB with following command. Hub. Create MOBIt will ask you to set password, which you will use to administer a hub, without access to entire VPN server. Now we need to create local bridge. That is more efficient of the ways, there is also Secure. NAT which is easier to setup but it is resource intensive. We will go with local bridge and tap device, note that with local bridge also DHCP server needs to be configured and installed which will do at the end of tutorial. So local bridge is created with following command Bridge. Create DEVICE soft TAP yes MOBIf TAP device creation fails with message about insufficient privileges, you might want to check if your network controller is set in promiscuous mode. Hyper. V and VMware by default create VMs without promiscuous mode. Set promiscuous mode and then retry creation of the tap device. Now we need to create user for the MOB virtual hub we created. Users are created with command User. Create and you can view the list of users by command User. List. Users can be added to groups and each group can have different authentication mode, for example Password, Certificate, RADIUS, NTLM and others. Configuring the virtual Hub. Now we switch to hub MOBHub MOBand create user. User. Create test. We will keep it simple and use password auth, so use the following command. User. Password. Set test. Now we setup L2. TPIPSec, work the prompt as follows, bold is what you need to type VPN ServerMOB IPsec. Enable. IPsec. Enable command Enable or Disable IPsec VPN Server Function. Enable L2. TP over IPsec Server Function yes no yes. Enable Raw L2. TP Server Function yes no yes. Enable Ether. IP L2. TPv. 3 over IPsec Server Function yes no yes. Pre Shared Key for IPsec Recommended 9 letters at maximum linoxide. Default Virtual HUB in a case of omitting the HUB on the Username MOBThe command completed successfully. That is it for IPsec, but we also want to have other protocols. For example Open. VPN and Microsoft protocols. We use Server. Cert. Regenerate command to generate and register a SSL certificate for the server in order to be able to use it for Open. VPN and Microsoft clients. Argument passed to the command must be your server IP adress or FQDIN Server. Cert. Regenerate lt YOUR SERVER IP or FQDN A new server certificate has been created, we needs to save it to file Server. Cert. Get cert. This certificate now can be transfered to your clients. We can now enable SSTP function with this command Sstp. Enable yes. And to enable Open. VPN Open. Vpn. Enable yes PORTS 1. Port for Open. VPN can be changed to your liking. Then we need to create config for Open. VPN client like this. Open. Vpn. Make. Config openvpnconfig. VPN over DNS and VPN over ICMPType Hub to return to administering entire vpn server and not just MOB hub. VPN ServerMOB Hub. Hub command Select Virtual Hub to Manage. The Virtual Hub selection has been unselected. The command completed successfully. For maximal evasion of all blockages, we also need to enable VPN over ICMP and DNS Vpn. Over. Icmp. Dns. Enable ICMP yes DNS yes. Vpn. Over. Icmp. Dns. Enable command Enable Disable the VPN over ICMP VPN over DNS Server Function. The command completed successfully. Now exit the vpncmd because we need to stop the vpnserver and setup dnsmasqservice vpnserver stop. DHCP server, forwarding and postrouting. Softether is now configured, but since we are not using Secure. NAT and going with local bridge instead, will need a DHCP server. The dnsmasq is already installed in first stage of tutorial when we installed dependancies, so now we need to configure it. We need to edit etcdnsmasq. We will use latter opton and while we are at it, we will also echo the ipv. Apply this setting by runingsysctl n e system. Check if it is applied cat procsysnetipv. It should show 1. If it shows 0, do thisecho 1 procsysnetipv. Enable nat and postrouting iptables t nat A POSTROUTING s 1.