Personal VPN setup - see attached topology
Posted: Wed Aug 06, 2014 4:18 pm
Hi everyone.
I recently rented a VPS server and setup SoftEther on it. I'm a Cisco Engineer although I've only just started down this career so my knowledge of VPN's is limited.
My purpose for this VPN is educational and I'll be using it for these reasons;
* To encrypt my internet traffic from home devices and when out - for example using public WiFi.
* To allow site to site connectivity between LAN devices in 'My House' and a 'Friends House'
* To connect to LAN devices in 'My House' and a 'Friends House' when in public wifi areas.
So the server is up and running I have tested from my home network by applying VPN config to specific devices; phones, tablets etc on my home wifi. I can also connect from any other public location.
The next steps for me are to configure either a Cisco 1841 or ASA 5505 to have a permanent tunnel so I don't need to worry about securing each device in my home. I will look at doing this myself on the 1841 using tutorials on SoftEther site. Is it possible to do the same on a Cisco ASA? I would prefer this because of performance.
The reason for my post is for assistance in configuring the server.
1. Operating system name and the type of CPU-bits
14.04.1 LTS (GNU/Linux 3.13.0-24-generic x86_64)
1 Ghz CPU, 256 RAM on a VPS Server with 1 physical interface
2. The result of "ifconfig –a" (UNIX)
eth0 Link encap:Ethernet HWaddr 00:16:3e:75:8b:5a
inet addr:30.30.30.30 Bcast:<ommitted> Mask:<ommitted>
inet6 addr: <ommitted> /64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:722074 errors:0 dropped:287 overruns:0 frame:0
TX packets:71727 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:44304785 (44.3 MB) TX bytes:15515349 (15.5 MB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:53 errors:0 dropped:0 overruns:0 frame:0
TX packets:53 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:23730 (23.7 KB) TX bytes:23730 (23.7 KB)
3. The result of "uname –a" (UNIX)
root@shedether:~# uname -a
Linux shedether 3.13.0-24-generic #47-Ubuntu SMP Fri May 2 23:30:00 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
4. The build number of SoftEther VPN
VPN Server/vpn>about
About command - Display the version information
SoftEther VPN Command Line Management Utility (vpncmd command)
Version 4.08 Build 9449 (English)
5. Which SoftEther VPN component are you using?
VPNServer
6. Whether or not there is a NAT or Firewall between your VPN server and the Internet.
(If there is a NAT or Firewall, you should open a TCP port for the VPN listener.)
No nat, no firewall
7. Are you using SecureNAT?
(If so, why don't you use the Local Bridge function instead?
Can I use Local Bridge? There are no LAN resources I need to access on the Virtual Hub\SoftEther server network
8. Your current vpn_server.config or vpn_bridge.config file should be attached on the post.
Attached along with my network diagram.
[attachment=1]Visio SoftEther.PNG[/attachment]
[attachment=0]00000028_vpn_server.config.txt[/attachment]
So what I'm trying to achieve, looking at the diagram; I want to be able to access the media server at my friends house and vice-versa. I also want to be able to access either from public wifi spots and also my IP camera.
While connected to the VPN all internet traffic should go via the Virtual Hub. (I'm looking at doing some Policy Based Routing on the 1841 to exclude certain types of traffic, but not asking for help on that)
Appreciate any and all replies, thanks.
I recently rented a VPS server and setup SoftEther on it. I'm a Cisco Engineer although I've only just started down this career so my knowledge of VPN's is limited.
My purpose for this VPN is educational and I'll be using it for these reasons;
* To encrypt my internet traffic from home devices and when out - for example using public WiFi.
* To allow site to site connectivity between LAN devices in 'My House' and a 'Friends House'
* To connect to LAN devices in 'My House' and a 'Friends House' when in public wifi areas.
So the server is up and running I have tested from my home network by applying VPN config to specific devices; phones, tablets etc on my home wifi. I can also connect from any other public location.
The next steps for me are to configure either a Cisco 1841 or ASA 5505 to have a permanent tunnel so I don't need to worry about securing each device in my home. I will look at doing this myself on the 1841 using tutorials on SoftEther site. Is it possible to do the same on a Cisco ASA? I would prefer this because of performance.
The reason for my post is for assistance in configuring the server.
1. Operating system name and the type of CPU-bits
14.04.1 LTS (GNU/Linux 3.13.0-24-generic x86_64)
1 Ghz CPU, 256 RAM on a VPS Server with 1 physical interface
2. The result of "ifconfig –a" (UNIX)
eth0 Link encap:Ethernet HWaddr 00:16:3e:75:8b:5a
inet addr:30.30.30.30 Bcast:<ommitted> Mask:<ommitted>
inet6 addr: <ommitted> /64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:722074 errors:0 dropped:287 overruns:0 frame:0
TX packets:71727 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:44304785 (44.3 MB) TX bytes:15515349 (15.5 MB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:53 errors:0 dropped:0 overruns:0 frame:0
TX packets:53 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:23730 (23.7 KB) TX bytes:23730 (23.7 KB)
3. The result of "uname –a" (UNIX)
root@shedether:~# uname -a
Linux shedether 3.13.0-24-generic #47-Ubuntu SMP Fri May 2 23:30:00 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
4. The build number of SoftEther VPN
VPN Server/vpn>about
About command - Display the version information
SoftEther VPN Command Line Management Utility (vpncmd command)
Version 4.08 Build 9449 (English)
5. Which SoftEther VPN component are you using?
VPNServer
6. Whether or not there is a NAT or Firewall between your VPN server and the Internet.
(If there is a NAT or Firewall, you should open a TCP port for the VPN listener.)
No nat, no firewall
7. Are you using SecureNAT?
(If so, why don't you use the Local Bridge function instead?
Can I use Local Bridge? There are no LAN resources I need to access on the Virtual Hub\SoftEther server network
8. Your current vpn_server.config or vpn_bridge.config file should be attached on the post.
Attached along with my network diagram.
[attachment=1]Visio SoftEther.PNG[/attachment]
[attachment=0]00000028_vpn_server.config.txt[/attachment]
So what I'm trying to achieve, looking at the diagram; I want to be able to access the media server at my friends house and vice-versa. I also want to be able to access either from public wifi spots and also my IP camera.
While connected to the VPN all internet traffic should go via the Virtual Hub. (I'm looking at doing some Policy Based Routing on the 1841 to exclude certain types of traffic, but not asking for help on that)
Appreciate any and all replies, thanks.