Introduction
VPN, which stands for Private Virtual Networks, is a necessary essential tool to let users to bypass the internet censorship in some countries. Setting up a working VPN servers is not an easy job. It is like an endless “Cat-and-Mouse” game between the VPN users and the country firewall.
There are many VPN protocols, PPTP, L2TP, SSTP, OpenVPN. Setting up PPTP is easy on Linux, but PPTP protocol is quite easy to be caught because of fixed TCP port 1723 and IP port 47, it would be blocked after few hours or few days. L2TP is better, could last longer, but installing a L2TP linux server is complicated. OpenVPN is better than L2TP because you can use common port to transfer data, and installing OpenVPN linux server is tough too.
SSTP is the best choice among these VPN solutions if your clients are only running in Windows. SSTP only relies on https port 443, and could bypass these countries’ firewalls.
I have tried to setup all these VPN server with different VPN installation packages in both Windows and LINUX. I am here to recommend SoftEther VPN solution.
SoftEther VPN relies on a client-server architecture with support for six of the most popular VPN protocols, namely: EtherIP, IPsec, L2TP, OpenVPN, MS-STTP and L2TPv3. VPN tunnels are established securely, so the transmission of information will be protected in the best way possible.
Session 1: Setup SoftEther L2TP Server on Amazon AWS Ubuntu
1. Create Instance on AWS Amazon
You need to create an ubuntu 14.04 LTS instance (LTS is long term stable version) in Amazon AWS.
Just A0.Micro is ok.
You need to enable SSTP, L2TP ports and SoftEther ports.
2. Setup VPN Server on Ubuntu
To run SoftEther on Linux, you need to make sure these libraries are ready.
If it is running on Ubuntu 14.04LTS, you only need to install "make".
gcc software
binutils software
tar, gzip or other software for extracting package files
chkconfig system utility
cat, cp or other basic file operation utility
EUC-JP, UTF-8 or other code page table for use in a Japanese language environment
libc (glibc) library
zlib library
openssl library
readline library
ncurses library
pthread library
3. Download and Install SoftEther VPN Server
a. Download SoftEther
Choose the version you want, and then press Enter to download the gz file.
b. Install SoftEther
>tar -xzvf softether-vpnserver-v4.14-9529-beta-2015.02.02-linux-x64-64bit.tar.gz
After extracting, a directory named "vpnserver" will be created in current folder.
>cd vpnserver
>sudo bash
>./.install.sh
You would get some errors of missing libraries. You need to make sure you have these libraries:
make, gccbinutils (gcc), libc (glibc), zlib, openssl, readline, and ncurses
>apt-get install build-essential
>./.install.sh
c. SoftEther License Agreement
Just press 1 to all questions.
d. Make vpnserver as service and run it
>cd ..
>mv vpnserver/ /usr/local
>cd /usr/local/vpnserver
>vi /etc/init.d/vpnserver
#!/bin/sh
# chkconfig: 2345 99 01
# description: SoftEther VPN Server
DAEMON=/usr/local/vpnserver/vpnserver
LOCK=/var/lock/subsys/vpnserver
test -x $DAEMON || exit 0
case "$1" in
start)
$DAEMON start
touch $LOCK
;;
stop)
$DAEMON stop
rm $LOCK
;;
restart)
$DAEMON stop
sleep 3
$DAEMON start
;;
*)
echo "Usage: $0 {start|stop|restart}"
exit 1
esac
exit 0
>mkdir /var/lock/subsys
>chmod 755 /etc/init.d/vpnserver
>/etc/init.d/vpnserver start
>update-rc.d vpnserver defaults
>
>shutdown -r now
4. Configure the SoftEther VPN Server Remotely on Windows
Once you've started the vpnserver, you have to immediately run the SoftEther VPN server manager to setup the server, because the vpnserver admin password is still the default password.
Download the SoftEther VPN Server Manageer for Windows on http://www.softether-download.com/en.aspx?product=softether.
Run the "vpnsmgr.exe", click the "New Setting", in popup window, fill the host name, and click "OK",
Then another popup window to change admin password.
Then select the "Other Advance Configuration of VPN" in the following popup window.
Then check the following 1 or 2 L2TP settings in popup L2TP setting window.
Then you need to create some VPN users.
Input user name and password.
Enable NAT and Virtual DHCP.
Click "Enable SecureNAT", then "SecureNAT Configuration".
5. Setup L2TP VPN Client on Windows
It is easy to setup L2TP client in windows7/8.
You also need to click "Advanced settings" to setup preshared key.
6. Check VPN Connection Status