(OLD) (ARCHIVED) Puppy Linux Discussion Forum Forum Index (OLD) (ARCHIVED) Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info

This forum can also be accessed as http://oldforum.puppylinux.com
It is now read-only and serves only as archives.

Please register over the NEW forum
https://forum.puppylinux.com
and continue your work there. Thank you.

 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups    
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Thu 22 Oct 2020, 16:05
All times are UTC - 4
 Forum index » House Training » HOWTO ( Solutions )
Softether VPN client compiled for 32bit Puppies
Moderators: Flash, Ian, JohnMurga
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies. View previous topic :: View next topic
Page 1 of 1 [10 Posts]  
Author Message
tommy

Joined: 04 Oct 2005
Posts: 133
Location: Italy

PostPosted: Sat 07 Mar 2020, 20:22    Post subject:  Softether VPN client compiled for 32bit Puppies
Subject description: How to create a VPN to access workplace LAN from your home PC
 

I have finally succeeded in setting a VPN so that I can access my work LAN when I'm at home.
Workplace LAN is behind a modem/router, where an OLD server PC runs an OLD Windows 2003 server. Workstation PCs run Windows 7 or Windows 10.

My goal: connect to workplace VPN from my home PC where I run Slacko 5.7 32bit, while other co-workers can connect from their Windows home PCs.

I tried many VPN server softwares, I ended up choosing a simple to configure, yet powerful VPN server: Softether. It is also compatible with Openvpn clients as well.

On server side I installed Softether VPN server, see here for infos and here to download the installer


Creating a virtual Hub on the server is a matter of few minutes, creating users account is a matter of seconds (just input name, password and you're done). If you don't have a static IP at work, Softether gives a free dynamic DNS service.

To make things simple I decided to setup a VPN where the login is controlled by username and passwords, but you can use certificates as well. Softether listens on 443 port by default, and while many routers don't block traffic on this port (it's the https port) I experienced some disconnections that disappeared after portforwarding it on the router. If you want to connect to Softether Server using an Openvpn client, you should portforward 1194 port.

On client side, you can download Softether client software here, those who don't want to compile can use the two main components (vpnclient and vpncmd) that you can find here:

https://ufile.io/iid7a4g5

I used slacko devx sfs, therefore they are 32bit binaries.


There are many pages on the web about how to set up a Softether client on linux, I suggest to read some to have an idea of the steps to do.

Basically, to connect open a console inside vpnclient folder and type:
./vpnclient start
then type:
./vpncmd
to start the client console,
choose number 2 'Management of VPN client',
at 'Hostname or IP address of Destination' type: localhost
a VPN client> prompt will appear.

The first time you run vpncmd you have to create your account.
type AccountCreate
you will be asked to type:
name of VPN setting, this may be whatever you like, ex. myvpn
the destination of VPN server: type static external WAN IP and port ex.: 1.1.1.1:443 or use softether dynamic DNS name you created when you installed the server software.
enter the Destination virtual Hub name you created on the server. The name must match exactly.
enter your personal Connecting User Name you created on the server
enter the virtual Network adapter name to be created: ex.: vpn

If you chose to connect using passwords, type:
AccountPasswordSet
and enter your account password
At this point you can check that everything is correct typing:
AccountList
If something is wrong delete the configuration with
AccountDelete
and start over.

To connect to VPN server type:
AccountConnect
type the name of the account (in example above: myvpn)
then type
AccountList
and see if the line 'Status' says 'Connected'
Leave the vpncmd console prompt open.


If you're connected, open another console and:
dhcpcd vpn_vpn
to acquire your IP (your workplace LAN must have a DHCP server).
Now you are inside the LAN of your workplace! You can mount samba shares as usual.


To be honest, browsing folders remotely is quite slow, especially those with 30+ files/folders.
A possible workaround that I used with success is to send a magic packet to Wake-On-Lan a workplace PC and to rdesktop into it, to do things faster...

To disconnect from VPN type in vpncmd console prompt:
AccountDisconnect
and then
exit
then stop the client :
./vpnclient stop


The second time you want to connect to VPN, all to do is:
./vpnclient start
./vpncmd
type 2
type localhost
type AccountConnect
type name-of-account
type Accountlist to see 'Status Connected'
open another console and dhcpcd vpn_vpn

When you connect to your VPN the Softether client software adds a route rule automatically so that the virtual adapter becomes default and all traffic passes through the LAN gateway (your home pc will browse the web with your workplace LAN external IP)

Since dhcpcd overwrites puppy's /etc/resolv.conf with your workplace LAN gateway, after you disconnect from VPN you may need to edit again /etc/resolv.conf to your original values of your home modem/router.

Last edited by tommy on Tue 24 Mar 2020, 10:44; edited 1 time in total
Back to top
View user's profile Send private message 
jafadmin

Joined: 19 Mar 2009
Posts: 1258

PostPosted: Sat 07 Mar 2020, 22:45    Post subject:  

For historical search purposes it is important to note that the MS recommended VPN solution is to install the "Routing and Remote Access" (PPTP) component of 2003 server, then use the MS VPN client in Windows clients to access the domain/server.

Of course, the Puppy PPTP client for this is "Gpptp" under the "Networking" menu.

re: Microsoft Server VPN
Back to top
View user's profile Send private message 
tommy

Joined: 04 Oct 2005
Posts: 133
Location: Italy

PostPosted: Sun 08 Mar 2020, 04:59    Post subject:  

@jafadmin
Yes at the beginning of my VPN experiments I tried to set up the Windows 2003 server native 'remote access' VPN, but never had success. I don't remember exactly what was the problem, I recall that a message 'Routing and remote access is disabled' appeared, though it was indeed running, so installed service pack 3 for W2003S, rebooted, tried again, no success, gave up.
Setting up the Softether server was for me so simple that I can't imagine a better solution.
Back to top
View user's profile Send private message 
jafadmin

Joined: 19 Mar 2009
Posts: 1258

PostPosted: Sun 08 Mar 2020, 23:25    Post subject:  

tommy wrote:
@jafadmin
Yes at the beginning of my VPN experiments I tried to set up the Windows 2003 server native 'remote access' VPN, but never had success. I don't remember exactly what was the problem, I recall that a message 'Routing and remote access is disabled' appeared, though it was indeed running, so installed service pack 3 for W2003S, rebooted, tried again, no success, gave up.
Setting up the Softether server was for me so simple that I can't imagine a better solution.


That message indicates that you probably had the Remote Registry service on the 2k3 server disabled.
Back to top
View user's profile Send private message 
enrique

Joined: 09 Nov 2019
Posts: 601
Location: Planet Earth

PostPosted: Sat 14 Mar 2020, 20:58    Post subject:  

tommy

Can you tell me what is your objective? What you are trying to solve?

I know what VPN is. I believe softether is focus in windows. You even post your self
Quote:
To be honest, browsing folders remotely is quite slow, especially those with 30+ files/folders.



Why not just use Linux native OpenVPN. Then use their free openvpn configs?

Quote:
A possible workaround that I used with success is to send a magic packet to Wake-On-Lan a workplace PC and to rdesktop into it, to do things faster...


Again if you are not going via VPN. Then why not just do Linux native ssh?

Please see that I am not complaining instead I am just let you know there are Linux simple solutions.
Back to top
View user's profile Send private message 
tommy

Joined: 04 Oct 2005
Posts: 133
Location: Italy

PostPosted: Sun 15 Mar 2020, 15:14    Post subject:  

@enrique
corona virus scared my co-workers, they asked me to find a way to work from home.

co-workers have Windows PCs at their home (they don't use linux, alas!).
I have Puppy Slacko at home.

My objective is:
I want all workers to connect from their home PC to worplace LAN, where an old Windows 2003 server is running. I want it to be VERY SIMPLE, as co-workers are not technicians.

What I tried to solve is: find an easy way to create a VPN on Windows 2003 server, and let me and co-workers connect to VPN. I can't use linux native solution on server side...

I found Softether to be a simple way to set up a VPN, server side, in just 5 minutes (I'm not kidding), and client-side in 3 minutes.

My howto is dedicated to those wanting to use Softether server and client software. Softether is free, source code is available.
Of course the next step will be: throw away the old server PC, buy a new powersaving PC, install a linux OS where OpenVpn or Softether server can be set up...

Quote:
Again if you are not going via VPN. Then why not just do Linux native ssh?


I AM going rdesktop via VPN! Those are the steps:
1- connect to VPN using home Puppy PC
2- wake on lan my Windows PC
3- rdesktop from home PC into work PC.

This way me and my co-workers see the desktop we normally see at work PC and can work using all the softwares we are used to, without installing anything into home PC.


Bye!!
Back to top
View user's profile Send private message 
enrique

Joined: 09 Nov 2019
Posts: 601
Location: Planet Earth

PostPosted: Sun 15 Mar 2020, 17:07    Post subject:  

You do have a purpose away from Puppy:

...corona virus ... new server at office ... work from home on co-worker's own Windows PC.

I see now, I wish all users here do post like you do.

I do not know where you are located at. Today 1rst US governor that sound scared: "Governor Cuomo Calls on President Trump to Take Comprehensive Federal Action to Combat Novel Corona virus Now" I saw the press call and he even said he did not want to be there 3 weeks from now asking on future why NY hospital system collapsed. You could see his frustration on his watered eyes. He even said this is a wave that can not be stop!

At home, my governor was just saying all was fine, we are prepared. HEHEHEHE. And at complains on people of the government stupidity she is going to implement a curfew now, knowing she do not have the police resources to do that!
Back to top
View user's profile Send private message 
dogle

Joined: 11 Oct 2007
Posts: 411

PostPosted: Mon 23 Mar 2020, 18:25    Post subject:  

Splendid work, tommy, thank you.

I see from the Softether website they claim to offer pretty robust encryption.

How would you rate the system for security (e.g. for a medical practice handling very sensitive patient data)?
Back to top
View user's profile Send private message 
tommy

Joined: 04 Oct 2005
Posts: 133
Location: Italy

PostPosted: Tue 24 Mar 2020, 11:14    Post subject:  

@dogle

Server program offers various encryption methods through SSL,

RC4-MD5
RC4-SHA
AES128-SHA
AES256-SHA
DES-CBC-SHA
DES-CBC3-SHA

see here at page bottom:

https://www.softether.org/4-docs/1-manual/2._SoftEther_VPN_Essential_Architecture/2.1_VPN_Communication_Protocol

It should be as safe as connecting through an https connection when doing online banking.
Back to top
View user's profile Send private message 
8Geee


Joined: 12 May 2008
Posts: 2190
Location: N.E. USA

PostPosted: Tue 07 Apr 2020, 14:43    Post subject:  

Any GCM 128 or 256 ?

Those listed are hackable

_________________
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [10 Posts]  
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies. View previous topic :: View next topic
 Forum index » House Training » HOWTO ( Solutions )
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.1263s ][ Queries: 12 (0.0461s) ][ GZIP on ]