Mungkin kalian sudah tahu bahwa jika kita konek ke Free Public WiFi, ada kemungkinan seseorang bisa melihat aktivitas online yang sedang kita lakukan misalnya menggunakan Packet Sniffer. Tapi jangan khawatir, ketika kita berhasil menginstall vpnserver di lokal network kita, internet browsing akan dienkripsi dan lebih aman. Ini akan membuat komputer kita berpikir bahwa komputer sedang terhubung dengan lokal network padahal kita berada di tempat yang mungkin bermil-mil jauhnya.
Terinspirasi ketika menonton Fast and Furious 7 dimana Si-hacker berhasil meretas suatu network dari internet dengan bermodal handphone yang berhasil terkoneksi dengan target lokal network, tulisan kali ini akan membahas bagaimana cara menginstall softether vpnserver pada small device, yaitu Raspberry Pi Zero, dan mengaktifkan VPN Azure Relay Service untuk menembus firewall (karena kita akan menggunakan port 443 yang biasa digunakan oleh https). Sehingga jika kita ingin konek ke lokal network kantor, cukup dengan mengaktifkan Raspberry Pi Zero (yang terinstall autostart vpnserver) serta menghubungkan kabel LAN RPi pada lokal network kantor. Alhasil, kita akan bisa mengakses komputer kantor seolah-olah kita sedang berada di sana (lihat ilustrasi di bawah ini). Selamat mencoba.
Install Raspbian Jessie dan SSH ke Raspberry Pi Zero
Tutorial ini menggunakan Raspbian Jessie sebagai OS dan langkah awal yang harus dilakukan sebelum menginstall SoftEther VPN server yaitu memastikan bahwa anda mempunyai akses ke Raspberry Pi Zero misal via SSH. Tutorial bagaimana cara menginstall Raspbian Jessie dan SSH ke Raspberry Pi Zero dapat dilihat di link berikut ini http://gear-second19.blogspot.jp/p/blog-page_18.html.
 |
| Raspberry Pi Zero terinstall SoftEther VPN Server |
Install SoftEther VPN Server pada Raspberry Pi Zero
Dalam tutorial ini, saya berasumsi bahwa anda telah berhasil memiliki akses ke terminal RPi Zero via SSH. Kemudian langkah selanjutnya adalah mendapatkan link download SoftEther VPN Server untuk Linux pada link berikut ini http://www.softether-download.com/en.aspx?product=softether. Pastikan anda mendapatkan link software untuk ARM 32bit seperti pada contoh gambar di bawah ini.
 |
| Tampilan Link Download SoftEther VPN Server |
Dalam tutorial ini, saya memilih SoftEther VPN Server versi 2016.04.17 dengan link sebagai berikut: http://jp.softether-download.com/files/softether/v4.20-9608-rtm-2016.04.17-tree/Linux/SoftEther_VPN_Server/32bit_-_ARM_EABI/softether-vpnserver-v4.20-9608-rtm-2016.04.17-linux-arm_eabi-32bit.tar.gz. Berikut di bawah ini adalah contoh tahapan-tahapan yang dilakukan untuk menginstall software tersebut.
- Download dan ekstrak Softether VPN server
- Install Sofether VPN server
(pilih saja 1 seperti contoh di bawah)
- Start Softether VPN server
- Masuk ke command line dari SoftEther VPN server
- Set Password untuk Admin
- Cek Virtual Hub yang tersedia
(secara default software ini sudah menyediakan sebuah virtual hub dengan nama "DEFAULT")
- Set Dynamic DNS Hostname
Dengan dynamic DNS kita tidak harus memiliki static global ip.
VPN Server/DEFAULT>DynamicDnsSetHostname
DynamicDnsSetHostname command - Set the Dynamic DNS Hostname
Dynamic DNS Hostname (3 - 31 letters): contoh-rpi-zero-server
The command completed successfully.
- Aktifkan VPN Azure
VPN Server/DEFAULT>VpnAzureGetStatus
VpnAzureGetStatus command - Show the current status of VPN Azure function
Item |Value
---------------------------------------------------+-------------------------------
VPN Azure Function is Enabled |Yes
Connection to VPN Azure Cloud Server is Established|Yes
Hostname of this VPN Server on VPN Azure Service |contoh-rpi-zero-server.vpnazure.net
The command completed successfully.
- Setting Local Bridge
VPN Server/DEFAULT>BridgeCreate
BridgeCreate command - Create Local Bridge Connection
Virtual Hub Name to Create Bridge: DEFAULT
Bridge Destination Device Name: eth0
While in the condition that occurs immediately after a new bridge connection is made when bridging to a physical network adapter, depending on the type of network adapter, there are cases where it will not be possible to communicate using TCP/IP to the network adapter using a bridge connection from a computer on the virtual network.
(This phenomenon is known to occur for Intel and Broadcom network adapters.)
If this issue arises, remedy the situation by restarting the computer on which VPN Server / Bridge is running. Normal communication will be possible after the computer has restarted.
Also many wireless network adapters will not respond to the sending of packets in promiscuous mode and when this occurs you will be unable to use the Local Bridge. If this issue arises, try using a regular wired network adapter instead of the wireless network adapter.
The command completed successfully.
VPN Server/DEFAULT>BridgeList
BridgeList command - Get List of Local Bridge Connection
Number|Virtual Hub Name|Network Adapter or Tap Device Name|Status
------+----------------+----------------------------------+---------
1 |DEFAULT |eth0 |Operating
The command completed successfully.
- Membuat Akun
The command completed successfully.
VPN Server/DEFAULT>UserPasswordSet user1
UserPasswordSet command - Set Password Authentication for User Auth Type and Set Password
Please enter the password. To cancel press the Ctrl+D key.
Password: ***********
Confirm input: ***********
The command completed successfully.
- VPN server sudah terinstall dan siap untuk menerima koneksi dari luar
Jika ingin menyetop server
Akses Lokal Network Kantor dari Rumah menggunakan SoftEther VPN Client
Jika anda pengguna Windows, untuk konek ke lokal network sangatlah mudah. Anda tidak perlu menginstall VPN Client karena Windows (kecuali XP and versi sebelumnya) sudah memiliki SSTP-VPN Client secara default. Bagi pengguna Windows dapat membaca tutorial di link berikut http://www.vpnazure.net/en/. Untuk pengguna Linux, kita harus mendownload SoftEther VPN Client terlebih dahulu dari link berikut ini http://www.softether-download.com/en.aspx?product=softether.
atau bisa langsung download dari link berikut ini untuk Linux 64bit http://jp.softether-download.com/files/softether/v4.20-9608-rtm-2016.04.17-tree/Linux/SoftEther_VPN_Client/64bit_-_Intel_x64_or_AMD64/softether-vpnclient-v4.20-9608-rtm-2016.04.17-linux-x64-64bit.tar.gz. Untuk lebih lengkapnya kita bisa mengikuti contoh langkah-langkah di bawah ini.
- Cek lokal ip address kita, sekedar untuk tahu bahwa kita sedang terkoneksi dengan 1 ip address
- Install Softether VPN Client (dalam tutorial ini saya menggunakan Ubuntu 14.04 64bit)
- Start SoftEther VPN client
- Cek "ip link", ketika VPN client sudah dijalan, network interface untuk VPN akan muncul dimana dalam contoh di bawah ini interface tersebut belum ada.
- Jalankan "vpncmd" (command line dari SoftEther VPN client)
- Membuat akun untuk konek ke SoftEther VPN server
- Password akun (jangan lupa, password yang dimasukkan harus sama dengan yang dimasukkan saat membuat akun di server)
- Konek ke VPN server
- Cek ip link lagi (network interface untuk VPN akan muncul)
- Tetapi anda masih terkoneksi pada lokal network anda bukan kantor
- Jalankan dhclient command, kemudian cek kembali ip anda (jika ada dua ip berati anda telah konek ke VPN server tapi belum 100%).
- Cek IP routing table anda, jika hasilnya mirip dengan di bawah ini berati anda telah berhasil 100% konek dan bisa mencoba beberapa test misal ssh atau ping.
- Namun, jika IP routing table anda seperti di bawah ini dimana vpn_vpn menjadi default, maka baris pertama (default milik vpn_vpn) harus di hapus.
wawan@wawan-HP:~/VPNclient/vpnclient$ sudo route del default
wawan@wawan-HP:~/VPNclient/vpnclient$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default Air1-5 0.0.0.0 UG 600 0 0 wls1
192.168.3.0 * 255.255.255.0 U 600 0 0 wls1
192.168.10.0 * 255.255.255.0 U 0 0 0 vpn_vpn
AutoStart SoftEther VPN Server
Agar VPN Server bersifat autostart saat dijalankan ataupun saat direstart, ada beberapa tahapan yang harus dilakukan oleh Raspberry Pi Zero seperti pada contoh di bawah ini.
- Copy vpnserver folder ke /usr/local dan beri permission
- Buat file dengan nama vpnserver pada direktori /etc/init.d/
- Kemudian paste kode berikut pada file vpnserver, kemudian save.
- Jalankan command di bawah ini, kemudian restart.
Sekarang, anda sudah bisa akses lokal network kantor anda dari manapun selama terhubung dengan internet. Selamat Mencoba
- Download dan ekstrak Softether VPN server
pi@raspberrypi:~ $\$$ mkdir MyVPN
pi@raspberrypi:~ $\$$ cd MyVPN/
pi@raspberrypi:~/MyVPN $\$$ wget http://jp.softether-download.com/files/softether/v4.20-9608-rtm-2016.04.17-tree/Linux/SoftEther_VPN_Server/32bit_-_ARM_EABI/softether-vpnserver-v4.20-9608-rtm-2016.04.17-linux-arm_eabi-32bit.tar.gz
pi@raspberrypi:~/MyVPN $\$$ tar zxvf softether-vpnserver-v4.20-9608-rtm-2016.04.17-linux-arm_eabi-32bit.tar.gz
pi@raspberrypi:~ $\$$ cd MyVPN/
pi@raspberrypi:~/MyVPN $\$$ wget http://jp.softether-download.com/files/softether/v4.20-9608-rtm-2016.04.17-tree/Linux/SoftEther_VPN_Server/32bit_-_ARM_EABI/softether-vpnserver-v4.20-9608-rtm-2016.04.17-linux-arm_eabi-32bit.tar.gz
pi@raspberrypi:~/MyVPN $\$$ tar zxvf softether-vpnserver-v4.20-9608-rtm-2016.04.17-linux-arm_eabi-32bit.tar.gz
- Install Sofether VPN server
(pilih saja 1 seperti contoh di bawah)
pi@raspberrypi:~/MyVPN $ cd vpnserver/
pi@raspberrypi:~/MyVPN/vpnserver $ make
pi@raspberrypi:~/MyVPN/vpnserver $ make
Did you read and understand the License Agreement ?
(If you couldn't read above text, Please read 'ReadMeFirst_License.txt'
file with any text editor.)
1. Yes
2. No
(If you couldn't read above text, Please read 'ReadMeFirst_License.txt'
file with any text editor.)
1. Yes
2. No
Please choose one of above number:
1
Did you agree the License Agreement ?
1. Agree
2. Do Not Agree
1
Did you agree the License Agreement ?
1. Agree
2. Do Not Agree
Please choose one of above number:
1
1
- Start Softether VPN server
pi@raspberrypi:~/MyVPN/vpnserver $ sudo ./vpnserver start
The SoftEther VPN Server service has been started.
The SoftEther VPN Server service has been started.
- Masuk ke command line dari SoftEther VPN server
pi@raspberrypi:~/MyVPN/vpnserver $ ./vpncmd
vpncmd command - SoftEther VPN Command Line Management Utility
SoftEther VPN Command Line Management Utility (vpncmd command)
Version 4.20 Build 9608 (English)
Compiled 2016/04/17 21:59:35 by yagi at pc30
Copyright (c) SoftEther VPN Project. All Rights Reserved.
By using vpncmd program, the following can be achieved.
1. Management of VPN Server or VPN Bridge
2. Management of VPN Client
3. Use of VPN Tools (certificate creation and Network Traffic Speed Test Tool)
Select 1, 2 or 3: 1
Specify the host name or IP address of the computer that the destination VPN Server or VPN Bridge is operating on.
By specifying according to the format 'host name:port number', you can also specify the port number.
(When the port number is unspecified, 443 is used.)
If nothing is input and the Enter key is pressed, the connection will be made to the port number 8888 of localhost (this computer).
Hostname of IP Address of Destination: %(enter saja di sini)
If connecting to the server by Virtual Hub Admin Mode, please input the Virtual Hub name.
If connecting by server admin mode, please press Enter without inputting anything.
Specify Virtual Hub Name:
Connection has been established with VPN Server "localhost" (port 443).
You have administrator privileges for the entire VPN Server.
VPN Server>
vpncmd command - SoftEther VPN Command Line Management Utility
SoftEther VPN Command Line Management Utility (vpncmd command)
Version 4.20 Build 9608 (English)
Compiled 2016/04/17 21:59:35 by yagi at pc30
Copyright (c) SoftEther VPN Project. All Rights Reserved.
By using vpncmd program, the following can be achieved.
1. Management of VPN Server or VPN Bridge
2. Management of VPN Client
3. Use of VPN Tools (certificate creation and Network Traffic Speed Test Tool)
Select 1, 2 or 3: 1
Specify the host name or IP address of the computer that the destination VPN Server or VPN Bridge is operating on.
By specifying according to the format 'host name:port number', you can also specify the port number.
(When the port number is unspecified, 443 is used.)
If nothing is input and the Enter key is pressed, the connection will be made to the port number 8888 of localhost (this computer).
Hostname of IP Address of Destination: %(enter saja di sini)
If connecting to the server by Virtual Hub Admin Mode, please input the Virtual Hub name.
If connecting by server admin mode, please press Enter without inputting anything.
Specify Virtual Hub Name:
Connection has been established with VPN Server "localhost" (port 443).
You have administrator privileges for the entire VPN Server.
VPN Server>
- Set Password untuk Admin
VPN Server>ServerPasswordSet
ServerPasswordSet command - Set VPN Server Administrator Password
Please enter the password. To cancel press the Ctrl+D key.
Password: ***********
Confirm input: ***********
The command completed successfully.
ServerPasswordSet command - Set VPN Server Administrator Password
Please enter the password. To cancel press the Ctrl+D key.
Password: ***********
Confirm input: ***********
The command completed successfully.
- Cek Virtual Hub yang tersedia
(secara default software ini sudah menyediakan sebuah virtual hub dengan nama "DEFAULT")
VPN Server>HubList
HubList command - Get List of Virtual Hubs
Item |Value
------------------+-------------------
Virtual Hub Name |DEFAULT
Status |Online
Type |Standalone
Users |0
Groups |0
Sessions |0
MAC Tables |0
IP Tables |0
Num Logins |0
Last Login |2016-05-27 12:02:12
Last Communication|2016-05-27 12:02:12
Transfer Bytes |0
Transfer Packets |0
The command completed successfully.
HubList command - Get List of Virtual Hubs
Item |Value
------------------+-------------------
Virtual Hub Name |DEFAULT
Status |Online
Type |Standalone
Users |0
Groups |0
Sessions |0
MAC Tables |0
IP Tables |0
Num Logins |0
Last Login |2016-05-27 12:02:12
Last Communication|2016-05-27 12:02:12
Transfer Bytes |0
Transfer Packets |0
The command completed successfully.
- Set Dynamic DNS Hostname
Dengan dynamic DNS kita tidak harus memiliki static global ip.
VPN Server>Hub DEFAULT
Hub command - Select Virtual Hub to Manage
The Virtual Hub "DEFAULT" has been selected.
The command completed successfully.
Hub command - Select Virtual Hub to Manage
The Virtual Hub "DEFAULT" has been selected.
The command completed successfully.
VPN Server/DEFAULT>DynamicDnsSetHostname
DynamicDnsSetHostname command - Set the Dynamic DNS Hostname
Dynamic DNS Hostname (3 - 31 letters): contoh-rpi-zero-server
The command completed successfully.
- Aktifkan VPN Azure
VPN Server/DEFAULT>VpnAzureSetEnable yes
VpnAzureSetEnable command - Enable / Disable VPN Azure Function
The command completed successfully.
VpnAzureSetEnable command - Enable / Disable VPN Azure Function
The command completed successfully.
VPN Server/DEFAULT>VpnAzureGetStatus
VpnAzureGetStatus command - Show the current status of VPN Azure function
Item |Value
---------------------------------------------------+-------------------------------
VPN Azure Function is Enabled |Yes
Connection to VPN Azure Cloud Server is Established|Yes
Hostname of this VPN Server on VPN Azure Service |contoh-rpi-zero-server.vpnazure.net
The command completed successfully.
- Setting Local Bridge
VPN Server/DEFAULT>BridgeDeviceList
BridgeDeviceList command - Get List of Network Adapters Usable as Local Bridge
eth0 %(sebaiknya jangan menggunakan WiFi Adapter)
The command completed successfully.
BridgeDeviceList command - Get List of Network Adapters Usable as Local Bridge
eth0 %(sebaiknya jangan menggunakan WiFi Adapter)
The command completed successfully.
VPN Server/DEFAULT>BridgeCreate
BridgeCreate command - Create Local Bridge Connection
Virtual Hub Name to Create Bridge: DEFAULT
Bridge Destination Device Name: eth0
While in the condition that occurs immediately after a new bridge connection is made when bridging to a physical network adapter, depending on the type of network adapter, there are cases where it will not be possible to communicate using TCP/IP to the network adapter using a bridge connection from a computer on the virtual network.
(This phenomenon is known to occur for Intel and Broadcom network adapters.)
If this issue arises, remedy the situation by restarting the computer on which VPN Server / Bridge is running. Normal communication will be possible after the computer has restarted.
Also many wireless network adapters will not respond to the sending of packets in promiscuous mode and when this occurs you will be unable to use the Local Bridge. If this issue arises, try using a regular wired network adapter instead of the wireless network adapter.
The command completed successfully.
VPN Server/DEFAULT>BridgeList
BridgeList command - Get List of Local Bridge Connection
Number|Virtual Hub Name|Network Adapter or Tap Device Name|Status
------+----------------+----------------------------------+---------
1 |DEFAULT |eth0 |Operating
The command completed successfully.
- Membuat Akun
VPN Server/DEFAULT>UserCreate
UserCreate command - Create User
User Name: user1
Assigned Group Name: %enter saja
User Full Name: %enter saja
UserCreate command - Create User
User Name: user1
Assigned Group Name: %enter saja
User Full Name: %enter saja
User Description: %enter saja
The command completed successfully.
VPN Server/DEFAULT>UserPasswordSet user1
UserPasswordSet command - Set Password Authentication for User Auth Type and Set Password
Please enter the password. To cancel press the Ctrl+D key.
Password: ***********
Confirm input: ***********
The command completed successfully.
VPN Server/DEFAULT>exit
- VPN server sudah terinstall dan siap untuk menerima koneksi dari luar
Jika ingin menyetop server
pi@raspberrypi:~/MyVPN/vpnserver $\$$ sudo ./vpnserver stop
Stopping the SoftEther VPN Server service ...
SoftEther VPN Server service has been stopped.
Akses Lokal Network Kantor dari Rumah menggunakan SoftEther VPN Client
Jika anda pengguna Windows, untuk konek ke lokal network sangatlah mudah. Anda tidak perlu menginstall VPN Client karena Windows (kecuali XP and versi sebelumnya) sudah memiliki SSTP-VPN Client secara default. Bagi pengguna Windows dapat membaca tutorial di link berikut http://www.vpnazure.net/en/. Untuk pengguna Linux, kita harus mendownload SoftEther VPN Client terlebih dahulu dari link berikut ini http://www.softether-download.com/en.aspx?product=softether.
 |
| SoftEther VPN Client |
atau bisa langsung download dari link berikut ini untuk Linux 64bit http://jp.softether-download.com/files/softether/v4.20-9608-rtm-2016.04.17-tree/Linux/SoftEther_VPN_Client/64bit_-_Intel_x64_or_AMD64/softether-vpnclient-v4.20-9608-rtm-2016.04.17-linux-x64-64bit.tar.gz. Untuk lebih lengkapnya kita bisa mengikuti contoh langkah-langkah di bawah ini.
- Cek lokal ip address kita, sekedar untuk tahu bahwa kita sedang terkoneksi dengan 1 ip address
wawan@wawan-HP:~$ hostname -I
192.168.3.5
192.168.3.5
- Install Softether VPN Client (dalam tutorial ini saya menggunakan Ubuntu 14.04 64bit)
wawan@wawan-HP:~$ mkdir VPNclient
wawan@wawan-HP:~$ cd VPNclient/
wawan@wawan-HP:~/VPNclient$ wget http://jp.softether-download.com/files/softether/v4.20-9608-rtm-2016.04.17-tree/Linux/SoftEther_VPN_Client/64bit_-_Intel_x64_or_AMD64/softether-vpnclient-v4.20-9608-rtm-2016.04.17-linux-x64-64bit.tar.gz
wawan@wawan-HP:~/VPNclient$ tar zxvf softether-vpnclient-v4.20-9608-rtm-2016.04.17-linux-x64-64bit.tar.gz
wawan@wawan-HP:~/VPNclient$ cd vpnclient/
wawan@wawan-HP:~/VPNclient/vpnclient$ make
Did you read and understand the License Agreement ? %pilih aja 1 terus
(If you couldn't read above text, Please read 'ReadMeFirst_License.txt'
file with any text editor.)
1. Yes
2. No
Please choose one of above number:
1
Did you agree the License Agreement ?
1. Agree
2. Do Not Agree
Please choose one of above number:
1
Did you read and understand the License Agreement ? %pilih aja 1 terus
(If you couldn't read above text, Please read 'ReadMeFirst_License.txt'
file with any text editor.)
1. Yes
2. No
Please choose one of above number:
1
Did you agree the License Agreement ?
1. Agree
2. Do Not Agree
Please choose one of above number:
1
- Start SoftEther VPN client
wawan@wawan-HP:~/VPNclient/vpnclient$ sudo ./vpnclient start
[sudo] password for wawan:
The SoftEther VPN Client service has been started.
[sudo] password for wawan:
The SoftEther VPN Client service has been started.
- Cek "ip link", ketika VPN client sudah dijalan, network interface untuk VPN akan muncul dimana dalam contoh di bawah ini interface tersebut belum ada.
wawan@wawan-HP:~/VPNclient/vpnclient$ ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT group default qlen 1000
link/ether ec:9a:74:36:8a:98 brd ff:ff:ff:ff:ff:ff
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DORMANT group default qlen 1000
link/ether 68:5d:43:01:ba:7b brd ff:ff:ff:ff:ff:ff
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT group default qlen 1000
link/ether ec:9a:74:36:8a:98 brd ff:ff:ff:ff:ff:ff
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DORMANT group default qlen 1000
link/ether 68:5d:43:01:ba:7b brd ff:ff:ff:ff:ff:ff
- Jalankan "vpncmd" (command line dari SoftEther VPN client)
wawan@wawan-HP:~/VPNclient/vpnclient$ ./vpncmd
vpncmd command - SoftEther VPN Command Line Management Utility
SoftEther VPN Command Line Management Utility (vpncmd command)
Version 4.20 Build 9608 (English)
Compiled 2016/04/17 21:59:35 by yagi at pc30
Copyright (c) SoftEther VPN Project. All Rights Reserved.
By using vpncmd program, the following can be achieved.
1. Management of VPN Server or VPN Bridge
2. Management of VPN Client
3. Use of VPN Tools (certificate creation and Network Traffic Speed Test Tool)
Select 1, 2 or 3: 2
Specify the host name or IP address of the computer that the destination VPN Client is operating on.
If nothing is input and Enter is pressed, connection will be made to localhost (this computer).
Hostname of IP Address of Destination:
Connected to VPN Client "localhost".
VPN Client>
vpncmd command - SoftEther VPN Command Line Management Utility
SoftEther VPN Command Line Management Utility (vpncmd command)
Version 4.20 Build 9608 (English)
Compiled 2016/04/17 21:59:35 by yagi at pc30
Copyright (c) SoftEther VPN Project. All Rights Reserved.
By using vpncmd program, the following can be achieved.
1. Management of VPN Server or VPN Bridge
2. Management of VPN Client
3. Use of VPN Tools (certificate creation and Network Traffic Speed Test Tool)
Select 1, 2 or 3: 2
Specify the host name or IP address of the computer that the destination VPN Client is operating on.
If nothing is input and Enter is pressed, connection will be made to localhost (this computer).
Hostname of IP Address of Destination:
Connected to VPN Client "localhost".
VPN Client>
- Membuat akun untuk konek ke SoftEther VPN server
VPN Client>AccountCreate
AccountCreate command - Create New VPN Connection Setting
Name of VPN Connection Setting: MyOffice.lan
Destination VPN Server Host Name and Port Number: contoh-rpi-zero-server.vpnazure.net:443
Destination Virtual Hub Name: DEFAULT
Connecting User Name: user1
Used Virtual Network Adapter Name: 0
The command completed successfully.
AccountCreate command - Create New VPN Connection Setting
Name of VPN Connection Setting: MyOffice.lan
Destination VPN Server Host Name and Port Number: contoh-rpi-zero-server.vpnazure.net:443
Destination Virtual Hub Name: DEFAULT
Connecting User Name: user1
Used Virtual Network Adapter Name: 0
The command completed successfully.
- Password akun (jangan lupa, password yang dimasukkan harus sama dengan yang dimasukkan saat membuat akun di server)
VPN Client>AccountPasswordSet
AccountPasswordSet command - Set User Authentication Type of VPN Connection Setting to Password Authentication
Name of VPN Connection Setting: MyOffice.lan
Please enter the password. To cancel press the Ctrl+D key.
Password: ***********
Confirm input: ***********
Specify standard or radius: standard
The command completed successfully.
AccountPasswordSet command - Set User Authentication Type of VPN Connection Setting to Password Authentication
Name of VPN Connection Setting: MyOffice.lan
Please enter the password. To cancel press the Ctrl+D key.
Password: ***********
Confirm input: ***********
Specify standard or radius: standard
The command completed successfully.
- Konek ke VPN server
VPN Client>AccountConnect MyOffice.lan
AccountConnect command - Start Connection to VPN Server using VPN Connection Setting
The command completed successfully.
AccountConnect command - Start Connection to VPN Server using VPN Connection Setting
The command completed successfully.
- Cek ip link lagi (network interface untuk VPN akan muncul)
wawan@wawan-HP:~/VPNclient/vpnclient$ ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT group default qlen 1000
link/ether ec:9a:74:36:8a:98 brd ff:ff:ff:ff:ff:ff
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DORMANT group default qlen 1000
link/ether 68:5d:43:01:ba:7b brd ff:ff:ff:ff:ff:ff
4: vpn_vpn: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN mode DEFAULT group default qlen 500
link/ether 00:ac:37:4f:40:3b brd ff:ff:ff:ff:ff:ff
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT group default qlen 1000
link/ether ec:9a:74:36:8a:98 brd ff:ff:ff:ff:ff:ff
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DORMANT group default qlen 1000
link/ether 68:5d:43:01:ba:7b brd ff:ff:ff:ff:ff:ff
4: vpn_vpn: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN mode DEFAULT group default qlen 500
link/ether 00:ac:37:4f:40:3b brd ff:ff:ff:ff:ff:ff
- Tetapi anda masih terkoneksi pada lokal network anda bukan kantor
wawan@wawan-HP:~/VPNclient/vpnclient$ hostname -I
192.168.3.5
192.168.3.5
- Jalankan dhclient command, kemudian cek kembali ip anda (jika ada dua ip berati anda telah konek ke VPN server tapi belum 100%).
wawan@wawan-HP:~/VPNclient/vpnclient$ sudo dhclient vpn_vpn
wawan@wawan-HP:~/VPNclient/vpnclient$ hostname -I
192.168.3.5 192.168.10.106
192.168.3.5 192.168.10.106
- Cek IP routing table anda, jika hasilnya mirip dengan di bawah ini berati anda telah berhasil 100% konek dan bisa mencoba beberapa test misal ssh atau ping.
wawan@wawan-HP:~/VPNclient/vpnclient$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default Air1-5 0.0.0.0 UG 0 0 0 wlan0
192.168.3.0 * 255.255.255.0 U 9 0 0 wlan0
192.168.10.0 * 255.255.255.0 U 0 0 0 vpn_vpn
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default Air1-5 0.0.0.0 UG 0 0 0 wlan0
192.168.3.0 * 255.255.255.0 U 9 0 0 wlan0
192.168.10.0 * 255.255.255.0 U 0 0 0 vpn_vpn
- Namun, jika IP routing table anda seperti di bawah ini dimana vpn_vpn menjadi default, maka baris pertama (default milik vpn_vpn) harus di hapus.
wawan@wawan-HP:~/VPNclient/vpnclient$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 192.168.10.1 0.0.0.0 UG 0 0 0 vpn_vpn
default Air1-5 0.0.0.0 UG 600 0 0 wls1
192.168.3.0 * 255.255.255.0 U 600 0 0 wls1
192.168.10.0 * 255.255.255.0 U 0 0 0 vpn_vpn
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 192.168.10.1 0.0.0.0 UG 0 0 0 vpn_vpn
default Air1-5 0.0.0.0 UG 600 0 0 wls1
192.168.3.0 * 255.255.255.0 U 600 0 0 wls1
192.168.10.0 * 255.255.255.0 U 0 0 0 vpn_vpn
wawan@wawan-HP:~/VPNclient/vpnclient$ sudo route del default
wawan@wawan-HP:~/VPNclient/vpnclient$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default Air1-5 0.0.0.0 UG 600 0 0 wls1
192.168.3.0 * 255.255.255.0 U 600 0 0 wls1
192.168.10.0 * 255.255.255.0 U 0 0 0 vpn_vpn
AutoStart SoftEther VPN Server
Agar VPN Server bersifat autostart saat dijalankan ataupun saat direstart, ada beberapa tahapan yang harus dilakukan oleh Raspberry Pi Zero seperti pada contoh di bawah ini.
- Copy vpnserver folder ke /usr/local dan beri permission
pi@raspberrypi:~/MyVPN $ sudo cp -ar vpnserver/ /usr/local/
pi@raspberrypi:~/MyVPN $ cd /usr/local/vpnserver/
pi@raspberrypi:/usr/local/vpnserver $ sudo chmod 600 *
pi@raspberrypi:/usr/local/vpnserver $ sudo chmod 600 *
pi@raspberrypi:/usr/local/vpnserver $ sudo chmod 700 vpnserver
pi@raspberrypi:/usr/local/vpnserver $ sudo chmod 700 vpncmd
- Buat file dengan nama vpnserver pada direktori /etc/init.d/
pi@raspberrypi:/usr/local/vpnserver $ sudo nano /etc/init.d/vpnserver
- Kemudian paste kode berikut pada file vpnserver, kemudian save.
#!/bin/sh
# chkconfig: 2345 99 01
# description: SoftEther VPN Server
DAEMON=/usr/local/vpnserver/vpnserver
LOCK=/var/lock/subsys/vpnserver
test -x $\$$DAEMON || exit 0
case "$\$$1" in
start)
$\$$DAEMON start
touch $\$$LOCK
;;
stop)
$\$$DAEMON stop
rm $\$$LOCK
;;
restart)
$\$$DAEMON stop
sleep 3
$\$$DAEMON start
;;
*)
echo "Usage: $\$$0 {start|stop|restart}"
exit 1
esac
exit 0
# chkconfig: 2345 99 01
# description: SoftEther VPN Server
DAEMON=/usr/local/vpnserver/vpnserver
LOCK=/var/lock/subsys/vpnserver
test -x $\$$DAEMON || exit 0
case "$\$$1" in
start)
$\$$DAEMON start
touch $\$$LOCK
;;
stop)
$\$$DAEMON stop
rm $\$$LOCK
;;
restart)
$\$$DAEMON stop
sleep 3
$\$$DAEMON start
;;
*)
echo "Usage: $\$$0 {start|stop|restart}"
exit 1
esac
exit 0
- Jalankan command di bawah ini, kemudian restart.
pi@raspberrypi:/usr/local/vpnserver $ sudo chmod 755 /etc/init.d/vpnserver
pi@raspberrypi:/usr/local/vpnserver $ sudo update-rc.d vpnserver defaults
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = (unset),
LC_ALL = (unset),
LC_PAPER = "ja_JP.UTF-8",
LC_ADDRESS = "ja_JP.UTF-8",
LC_MONETARY = "ja_JP.UTF-8",
LC_NUMERIC = "ja_JP.UTF-8",
LC_TELEPHONE = "ja_JP.UTF-8",
LC_IDENTIFICATION = "ja_JP.UTF-8",
LC_MEASUREMENT = "ja_JP.UTF-8",
LC_TIME = "ja_JP.UTF-8",
LC_NAME = "ja_JP.UTF-8",
LANG = "en_GB.UTF-8"
are supported and installed on your system.
perl: warning: Falling back to a fallback locale ("en_GB.UTF-8").
insserv: warning: script 'vpnserver' missing LSB tags and overrides
pi@raspberrypi:/usr/local/vpnserver $ sudo reboot
pi@raspberrypi:/usr/local/vpnserver $ sudo update-rc.d vpnserver defaults
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = (unset),
LC_ALL = (unset),
LC_PAPER = "ja_JP.UTF-8",
LC_ADDRESS = "ja_JP.UTF-8",
LC_MONETARY = "ja_JP.UTF-8",
LC_NUMERIC = "ja_JP.UTF-8",
LC_TELEPHONE = "ja_JP.UTF-8",
LC_IDENTIFICATION = "ja_JP.UTF-8",
LC_MEASUREMENT = "ja_JP.UTF-8",
LC_TIME = "ja_JP.UTF-8",
LC_NAME = "ja_JP.UTF-8",
LANG = "en_GB.UTF-8"
are supported and installed on your system.
perl: warning: Falling back to a fallback locale ("en_GB.UTF-8").
insserv: warning: script 'vpnserver' missing LSB tags and overrides
pi@raspberrypi:/usr/local/vpnserver $ sudo reboot
Sekarang, anda sudah bisa akses lokal network kantor anda dari manapun selama terhubung dengan internet. Selamat Mencoba
Mau tanya klo koneksi ke internetnya pakai wireless dan ke lokal pakai eth apakh bisa?
ReplyDelete