Last active
October 10, 2020 14:47
-
-
Save amanjuman/294295fe4f1cad6280afaacc80692bda to your computer and use it in GitHub Desktop.
Softether VPN with Local Bridge DHCP
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sudo apt-get update && sudo apt-get upgrade -y && sudo apt-get autoremove -y | |
| apt-get -y install build-essential wget curl gcc make wget tzdata git libreadline-dev libncurses-dev libssl-dev zlib1g-dev dnsmasq | |
| wget https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/releases/download/v4.34-9745-beta/softether-vpnserver-v4.34-9745-beta-2020.04.05-linux-x64-64bit.tar.gz | |
| tar xzf softether-vpnserver-v4.34-9745-beta-2020.04.05-linux-x64-64bit.tar.gz && rm softether-vpnserver-v4.34-9745-beta-2020.04.05-linux-x64-64bit.tar.gz | |
| cd vpnserver && sudo make | |
| cd .. | |
| sudo mv vpnserver /usr/local && cd /usr/local/vpnserver/ | |
| sudo chmod 600 * | |
| sudo chmod 700 vpnserver vpncmd | |
| sudo ./vpnserver start | |
| sudo ./vpncmd | |
| ServerPasswordSet | |
| sudo cat >> /etc/dnsmasq.conf << EOF | |
| interface=tap_sevpn | |
| dhcp-range=tap_sevpn,192.168.5.101,192.168.5.150,6h | |
| dhcp-option=tap_sevpn,3,192.168.5.1 | |
| EOF | |
| iptables -t nat -A POSTROUTING -s 192.168.5.0/24 -j SNAT --to-source [YOUR VPS IP ADDRESS] | |
| sudo cat >> /etc/init.d/vpnserver << EOF | |
| #!/bin/sh | |
| ### BEGIN INIT INFO | |
| # Provides: vpnserver | |
| # Required-Start: $remote_fs $syslog | |
| # Required-Stop: $remote_fs $syslog | |
| # Default-Start: 2 3 4 5 | |
| # Default-Stop: 0 1 6 | |
| # Short-Description: Start daemon at boot time | |
| # Description: Enable Softether by daemon. | |
| ### END INIT INFO | |
| DAEMON=/usr/local/vpnserver/vpnserver | |
| LOCK=/var/lock/subsys/vpnserver | |
| TAP_ADDR=192.168.5.1 | |
| test -x $DAEMON || exit 0 | |
| case "$1" in | |
| start) | |
| $DAEMON start | |
| touch $LOCK | |
| sleep 1 | |
| /sbin/ifconfig tap_sevpn $TAP_ADDR | |
| ;; | |
| stop) | |
| $DAEMON stop | |
| rm $LOCK | |
| ;; | |
| restart) | |
| $DAEMON stop | |
| sleep 3 | |
| $DAEMON start | |
| sleep 1 | |
| /sbin/ifconfig tap_sevpn $TAP_ADDR | |
| ;; | |
| *) | |
| echo "Usage: $0 {start|stop|restart}" | |
| exit 1 | |
| esac | |
| exit 0 | |
| EOF | |
| echo net.ipv4.ip_forward = 1 | ${SUDO} tee -a /etc/sysctl.conf | |
| echo net.ipv6.ip_forward = 1 | ${SUDO} tee -a /etc/sysctl.conf | |
| systemctl enable vpnserver | |
| systemctl start vpnserver | |
| systemctl stop vpnserver | |
| systemctl restart vpnserver | |
| systemctl status vpnserver | |
| sudo ufw allow 500,4500/udp | |
| ufw allow 443 | |
| ufw allow 1701 | |
| ufw allow 1194 | |
| ufw allow 5555 | |
| # Static Route Push | |
| # Format: | |
| <VPC Network>/<VPC Netmask>/<VPN Gateway IP> | |
| # Example: | |
| 10.125.0.0/255.255.0.0/10.130.30.1 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment