I have finally succeeded in setting a VPN so that I can access my work LAN when I'm at home.
Workplace LAN is behind a modem/router, where an OLD server PC runs an OLD Windows 2003 server. Workstation PCs run Windows 7 or Windows 10.
My goal: connect to workplace VPN from my home PC where I run Slacko 5.7 32bit, while other co-workers can connect from their Windows home PCs.
I tried many VPN server softwares, I ended up choosing a simple to configure, yet powerful VPN server: Softether. It is also compatible with Openvpn clients as well.
On server side I installed Softether VPN server, see here for infos and here to download the installer
Creating a virtual Hub on the server is a matter of few minutes, creating users account is a matter of seconds (just input name, password and you're done). If you don't have a static IP at work, Softether gives a free dynamic DNS service.
To make things simple I decided to setup a VPN where the login is controlled by username and passwords, but you can use certificates as well. Softether listens on 443 port by default, and while many routers don't block traffic on this port (it's the https port) I experienced some disconnections that disappeared after portforwarding it on the router. If you want to connect to Softether Server using an Openvpn client, you should portforward 1194 port.
On client side, you can download Softether client software here, those who don't want to compile can use the two main components (vpnclient and vpncmd) that you can find here:
https://ufile.io/iid7a4g5
I used slacko devx sfs, therefore they are 32bit binaries.
There are many pages on the web about how to set up a Softether client on linux, I suggest to read some to have an idea of the steps to do.
Basically, to connect open a console inside vpnclient folder and type:
./vpnclient start
then type:
./vpncmd
to start the client console,
choose number 2 'Management of VPN client',
at 'Hostname or IP address of Destination' type: localhost
a VPN client> prompt will appear.
The first time you run vpncmd you have to create your account.
type AccountCreate
you will be asked to type:
name of VPN setting, this may be whatever you like, ex. myvpn
the destination of VPN server: type static external WAN IP and port ex.: 1.1.1.1:443 or use softether dynamic DNS name you created when you installed the server software.
enter the Destination virtual Hub name you created on the server. The name must match exactly.
enter your personal Connecting User Name you created on the server
enter the virtual Network adapter name to be created: ex.: vpn
If you chose to connect using passwords, type:
AccountPasswordSet
and enter your account password
At this point you can check that everything is correct typing:
AccountList
If something is wrong delete the configuration with
AccountDelete
and start over.
To connect to VPN server type:
AccountConnect
type the name of the account (in example above: myvpn)
then type
AccountList
and see if the line 'Status' says 'Connected'
Leave the vpncmd console prompt open.
If you're connected, open another console and:
dhcpcd vpn_vpn
to acquire your IP (your workplace LAN must have a DHCP server).
Now you are inside the LAN of your workplace! You can mount samba shares as usual.
To be honest, browsing folders remotely is quite slow, especially those with 30+ files/folders.
A possible workaround that I used with success is to send a magic packet to Wake-On-Lan a workplace PC and to rdesktop into it, to do things faster...
To disconnect from VPN type in vpncmd console prompt:
AccountDisconnect
and then
exit
then stop the client :
./vpnclient stop
The second time you want to connect to VPN, all to do is:
./vpnclient start
./vpncmd
type 2
type localhost
type AccountConnect
type name-of-account
type Accountlist to see 'Status Connected'
open another console and dhcpcd vpn_vpn
When you connect to your VPN the Softether client software adds a route rule automatically so that the virtual adapter becomes default and all traffic passes through the LAN gateway (your home pc will browse the web with your workplace LAN external IP)
Since dhcpcd overwrites puppy's /etc/resolv.conf with your workplace LAN gateway, after you disconnect from VPN you may need to edit again /etc/resolv.conf to your original values of your home modem/router.
Softether VPN client compiled for 32bit Puppies
Softether VPN client compiled for 32bit Puppies
Last edited by tommy on Tue 24 Mar 2020, 14:44, edited 1 time in total.
For historical search purposes it is important to note that the MS recommended VPN solution is to install the "Routing and Remote Access" (PPTP) component of 2003 server, then use the MS VPN client in Windows clients to access the domain/server.
Of course, the Puppy PPTP client for this is "Gpptp" under the "Networking" menu.
re: Microsoft Server VPN
Of course, the Puppy PPTP client for this is "Gpptp" under the "Networking" menu.
re: Microsoft Server VPN
@jafadmin
Yes at the beginning of my VPN experiments I tried to set up the Windows 2003 server native 'remote access' VPN, but never had success. I don't remember exactly what was the problem, I recall that a message 'Routing and remote access is disabled' appeared, though it was indeed running, so installed service pack 3 for W2003S, rebooted, tried again, no success, gave up.
Setting up the Softether server was for me so simple that I can't imagine a better solution.
Yes at the beginning of my VPN experiments I tried to set up the Windows 2003 server native 'remote access' VPN, but never had success. I don't remember exactly what was the problem, I recall that a message 'Routing and remote access is disabled' appeared, though it was indeed running, so installed service pack 3 for W2003S, rebooted, tried again, no success, gave up.
Setting up the Softether server was for me so simple that I can't imagine a better solution.
That message indicates that you probably had the Remote Registry service on the 2k3 server disabled.tommy wrote:@jafadmin
Yes at the beginning of my VPN experiments I tried to set up the Windows 2003 server native 'remote access' VPN, but never had success. I don't remember exactly what was the problem, I recall that a message 'Routing and remote access is disabled' appeared, though it was indeed running, so installed service pack 3 for W2003S, rebooted, tried again, no success, gave up.
Setting up the Softether server was for me so simple that I can't imagine a better solution.
tommy
Can you tell me what is your objective? What you are trying to solve?
I know what VPN is. I believe softether is focus in windows. You even post your self
Why not just use Linux native OpenVPN. Then use their free openvpn configs?
Please see that I am not complaining instead I am just let you know there are Linux simple solutions.
Can you tell me what is your objective? What you are trying to solve?
I know what VPN is. I believe softether is focus in windows. You even post your self
To be honest, browsing folders remotely is quite slow, especially those with 30+ files/folders.
Why not just use Linux native OpenVPN. Then use their free openvpn configs?
Again if you are not going via VPN. Then why not just do Linux native ssh?A possible workaround that I used with success is to send a magic packet to Wake-On-Lan a workplace PC and to rdesktop into it, to do things faster...
Please see that I am not complaining instead I am just let you know there are Linux simple solutions.
@enrique
corona virus scared my co-workers, they asked me to find a way to work from home.
co-workers have Windows PCs at their home (they don't use linux, alas!).
I have Puppy Slacko at home.
My objective is:
I want all workers to connect from their home PC to worplace LAN, where an old Windows 2003 server is running. I want it to be VERY SIMPLE, as co-workers are not technicians.
What I tried to solve is: find an easy way to create a VPN on Windows 2003 server, and let me and co-workers connect to VPN. I can't use linux native solution on server side...
I found Softether to be a simple way to set up a VPN, server side, in just 5 minutes (I'm not kidding), and client-side in 3 minutes.
My howto is dedicated to those wanting to use Softether server and client software. Softether is free, source code is available.
Of course the next step will be: throw away the old server PC, buy a new powersaving PC, install a linux OS where OpenVpn or Softether server can be set up...
1- connect to VPN using home Puppy PC
2- wake on lan my Windows PC
3- rdesktop from home PC into work PC.
This way me and my co-workers see the desktop we normally see at work PC and can work using all the softwares we are used to, without installing anything into home PC.
Bye!!
corona virus scared my co-workers, they asked me to find a way to work from home.
co-workers have Windows PCs at their home (they don't use linux, alas!).
I have Puppy Slacko at home.
My objective is:
I want all workers to connect from their home PC to worplace LAN, where an old Windows 2003 server is running. I want it to be VERY SIMPLE, as co-workers are not technicians.
What I tried to solve is: find an easy way to create a VPN on Windows 2003 server, and let me and co-workers connect to VPN. I can't use linux native solution on server side...
I found Softether to be a simple way to set up a VPN, server side, in just 5 minutes (I'm not kidding), and client-side in 3 minutes.
My howto is dedicated to those wanting to use Softether server and client software. Softether is free, source code is available.
Of course the next step will be: throw away the old server PC, buy a new powersaving PC, install a linux OS where OpenVpn or Softether server can be set up...
I AM going rdesktop via VPN! Those are the steps:Again if you are not going via VPN. Then why not just do Linux native ssh?
1- connect to VPN using home Puppy PC
2- wake on lan my Windows PC
3- rdesktop from home PC into work PC.
This way me and my co-workers see the desktop we normally see at work PC and can work using all the softwares we are used to, without installing anything into home PC.
Bye!!
You do have a purpose away from Puppy:
...corona virus ... new server at office ... work from home on co-worker's own Windows PC.
I see now, I wish all users here do post like you do.
I do not know where you are located at. Today 1rst US governor that sound scared: "Governor Cuomo Calls on President Trump to Take Comprehensive Federal Action to Combat Novel Corona virus Now" I saw the press call and he even said he did not want to be there 3 weeks from now asking on future why NY hospital system collapsed. You could see his frustration on his watered eyes. He even said this is a wave that can not be stop!
At home, my governor was just saying all was fine, we are prepared. HEHEHEHE. And at complains on people of the government stupidity she is going to implement a curfew now, knowing she do not have the police resources to do that!
...corona virus ... new server at office ... work from home on co-worker's own Windows PC.
I see now, I wish all users here do post like you do.
I do not know where you are located at. Today 1rst US governor that sound scared: "Governor Cuomo Calls on President Trump to Take Comprehensive Federal Action to Combat Novel Corona virus Now" I saw the press call and he even said he did not want to be there 3 weeks from now asking on future why NY hospital system collapsed. You could see his frustration on his watered eyes. He even said this is a wave that can not be stop!
At home, my governor was just saying all was fine, we are prepared. HEHEHEHE. And at complains on people of the government stupidity she is going to implement a curfew now, knowing she do not have the police resources to do that!
@dogle
Server program offers various encryption methods through SSL,
RC4-MD5
RC4-SHA
AES128-SHA
AES256-SHA
DES-CBC-SHA
DES-CBC3-SHA
see here at page bottom:
https://www.softether.org/4-docs/1-manu ... n_Protocol
It should be as safe as connecting through an https connection when doing online banking.
Server program offers various encryption methods through SSL,
RC4-MD5
RC4-SHA
AES128-SHA
AES256-SHA
DES-CBC-SHA
DES-CBC3-SHA
see here at page bottom:
https://www.softether.org/4-docs/1-manu ... n_Protocol
It should be as safe as connecting through an https connection when doing online banking.
