Page 1 of 1

How to setup a relay server as VPNAzure.net service do

Posted: Sun Mar 15, 2020 3:52 am
by artioni81
Hi,
is there any manual/tutorial on how to setup a relay service as vpnazure.net do?

Re: How to setup a relay server as VPNAzure.net service do

Posted: Sun Mar 15, 2020 4:43 am
by ddunston
I had this set up at one point.

What you could do is get a Linux Digitalocean droplet, for example. Then follow the tutorial here:

https://lxadm.com/Iptables:_redirect_po ... xternal_IP

You would change ports and protocols accordingly, based on the VPN protocols you would use and change the IPs for your use case.

However, if you have a VPN server behind a firewall that you control and the public IP uses DHCP, then consider using a free Dynamic DNS service and set up port-forwarding on your firewall to the VPN server. It reduces a layer of complexity with the relay. That is if this is your intended goal.

Re: How to setup a relay server as VPNAzure.net service do

Posted: Sun Mar 15, 2020 6:21 am
by artioni81
ddunston wrote:
Sun Mar 15, 2020 4:43 am
I had this set up at one point.

What you could do is get a Linux Digitalocean droplet, for example. Then follow the tutorial here:

https://lxadm.com/Iptables:_redirect_po ... xternal_IP

You would change ports and protocols accordingly, based on the VPN protocols you would use and change the IPs for your use case.

However, if you have a VPN server behind a firewall that you control and the public IP uses DHCP, then consider using a free Dynamic DNS service and set up port-forwarding on your firewall to the VPN server. It reduces a layer of complexity with the relay. That is if this is your intended goal.
Thank you. I'll try the tutorial.
What I want to achieve is penetrating the firewall, the same as VPNAzure.net do. I want my softethervpn server to connect to the droplet through https so the connection is initiated by the vpn server. When I point the softethervpn client to the droplet ip:port it forwards packets/requests to the vpn server.

Re: How to setup a relay server as VPNAzure.net service do

Posted: Sun Mar 15, 2020 12:23 pm
by artioni81
artioni81 wrote:
Sun Mar 15, 2020 6:21 am
ddunston wrote:
Sun Mar 15, 2020 4:43 am
I had this set up at one point.

What you could do is get a Linux Digitalocean droplet, for example. Then follow the tutorial here:

https://lxadm.com/Iptables:_redirect_po ... xternal_IP

You would change ports and protocols accordingly, based on the VPN protocols you would use and change the IPs for your use case.

However, if you have a VPN server behind a firewall that you control and the public IP uses DHCP, then consider using a free Dynamic DNS service and set up port-forwarding on your firewall to the VPN server. It reduces a layer of complexity with the relay. That is if this is your intended goal.
Thank you. I'll try the tutorial.
What I want to achieve is penetrating the firewall, the same as VPNAzure.net do. I want my softethervpn server to connect to the droplet through https so the connection is initiated by the vpn server. When I point the softethervpn client to the droplet ip:port it forwards packets/requests to the vpn server.
Maybe when VPNAzure.net service is enabled the local server plays the role of a bridge and the VPNAzure counterpart the server. This would explain the local server needs to connect to the VPNAzure host and then all the traffic directed to the VPNAzure is redirected to the local server.

Can someone confirm this?

Re: How to setup a relay server as VPNAzure.net service do

Posted: Sun Mar 15, 2020 2:47 pm
by ddunston
artioni81 wrote:
Sun Mar 15, 2020 6:21 am
ddunston wrote:
Sun Mar 15, 2020 4:43 am
I had this set up at one point.

What you could do is get a Linux Digitalocean droplet, for example. Then follow the tutorial here:

https://lxadm.com/Iptables:_redirect_po ... xternal_IP

You would change ports and protocols accordingly, based on the VPN protocols you would use and change the IPs for your use case.

However, if you have a VPN server behind a firewall that you control and the public IP uses DHCP, then consider using a free Dynamic DNS service and set up port-forwarding on your firewall to the VPN server. It reduces a layer of complexity with the relay. That is if this is your intended goal.
Thank you. I'll try the tutorial.
What I want to achieve is penetrating the firewall, the same as VPNAzure.net do. I want my softethervpn server to connect to the droplet through https so the connection is initiated by the vpn server. When I point the softethervpn client to the droplet ip:port it forwards packets/requests to the vpn server.
Okay, so you don't have control over the firewall? If not, then you want to set up stunnel, or some other tool, on your VPN server and set up stunnel on your droplet as a service. When someone connects to port 443 on your droplet, it will forward the traffic through the stunnel channel to your VPN server.

You could also setup an SSH tunnel to accomplish the same purpose.

Re: How to setup a relay server as VPNAzure.net service do

Posted: Sun Mar 15, 2020 3:06 pm
by artioni81
ddunston wrote:
Sun Mar 15, 2020 2:47 pm
artioni81 wrote:
Sun Mar 15, 2020 6:21 am
ddunston wrote:
Sun Mar 15, 2020 4:43 am
I had this set up at one point.

What you could do is get a Linux Digitalocean droplet, for example. Then follow the tutorial here:

https://lxadm.com/Iptables:_redirect_po ... xternal_IP

You would change ports and protocols accordingly, based on the VPN protocols you would use and change the IPs for your use case.

However, if you have a VPN server behind a firewall that you control and the public IP uses DHCP, then consider using a free Dynamic DNS service and set up port-forwarding on your firewall to the VPN server. It reduces a layer of complexity with the relay. That is if this is your intended goal.
Thank you. I'll try the tutorial.
What I want to achieve is penetrating the firewall, the same as VPNAzure.net do. I want my softethervpn server to connect to the droplet through https so the connection is initiated by the vpn server. When I point the softethervpn client to the droplet ip:port it forwards packets/requests to the vpn server.
Okay, so you don't have control over the firewall? If not, then you want to set up stunnel, or some other tool, on your VPN server and set up stunnel on your droplet as a service. When someone connects to port 443 on your droplet, it will forward the traffic through the stunnel channel to your VPN server.

You could also setup an SSH tunnel to accomplish the same purpose.
Yes, you are right, I don't have control over the firewall. And also, the only way to connect to the internet is through a http proxy server. I hope i can Stunnel or SSH tunnel through the proxy. This might be the right solution. Thank you.

Re: How to setup a relay server as VPNAzure.net service do

Posted: Wed May 27, 2020 7:44 pm
by kar_kumar
Hi, Did you successfully setup stunnel and achieved VPN server and client communication ?
If so can you pls share detailed steps?