softasap.sa-vpn-softether

Panoramica Versioni Approfondimenti

sa-vpn-softether

Build Status

Example of Use: Check Box-Example

Possible Configuration:

softether_option_securenat: true
softether_option_bridge: false

softether_location: /opt
softether_home: "{{softether_location}}/vpnserver"
softether_lang: en
softether_fqdn: "{{ansible_host}}"

# ============== IPSEC ===================
softether_option_ipsec: true
softether_ipsec_l2tp: yes
softether_ipsec_l2tpraw: yes
softether_ipsec_etherip: no
softether_ipsec_presharedkey: "zzz"
# /============== IPSEC ===================

# ============== OPENVPN ===================
softether_option_openvpn: true
softether_openvpn_port: 1194
softether_openvpn_config: "{{softether_home}}/generated/openvpn_config.zip"
# /============== OPENVPN ===================

# ============== Bridge ===================
softether_bridge_device: soft
softether_bridge_tap: no
# ============== /Bridge ===================

# ============== Users ===================
softether_vpn_users:
  - {
      name: "test",
      password: "test"
    }
# ============== /Users ===================

softether_sysctl_conf_lines:
  - {
      name: 'net.ipv4.ip_forward',
      value: '1'
    }

Simple Usage:

vars:
     - my_softether_vpn_users:
        - {
            name: "my_user",
            password: "my_password"
          }

     - my_softether_ipsec_presharedkey: "[1KH;+r-X#cvhpv7Y6=#;[{u"

roles:
     - {
         role: "sa-vpn-softether",
         softether_vpn_users: "{{my_softether_vpn_users}}",
         softether_ipsec_presharedkey: "{{my_softether_ipsec_presharedkey}}"
       }

Advanced Usage:

vars:
     - my_softether_vpn_users:
        - {
            name: "my_user",
            password: "my_password"
          }

     - my_softether_ipsec_presharedkey: "[1KH;+r-X#cvhpv7Y6=#;[{u"

roles:
     - {
         role: "sa-vpn-softether",
         softether_vpn_users: "{{my_softether_vpn_users}}",
         softether_ipsec_presharedkey: "{{my_softether_ipsec_presharedkey}}",
         softether_option_securenat: true,
         softether_option_bridge: false,
         softether_fqdn: "{{ansible_host}}",

         # ============== IPSEC ===================
         softether_option_ipsec: true,
         softether_ipsec_l2tp: yes,
         softether_ipsec_l2tpraw: yes,
         softether_ipsec_etherip: no,
         # /============== IPSEC ===================

         # ============== OPENVPN ===================
         softether_option_openvpn: true,
         softether_openvpn_port: 1194,
         softether_openvpn_config: "{{softether_home}}/generated/openvpn_config.zip",
         # /============== OPENVPN ===================

         # ============== Bridge ===================
         softether_bridge_device: soft,
         softether_bridge_tap: no
         # ============== /Bridge ===================
       }

Adding VPN Server Initialization:

If you need to set up the VPN server later, use:

  softether_init_script: scenarios/dummy

Using Ansible Galaxy Workflow

If you installed the sa-vpn-softether role using:

   ansible-galaxy install softasap.sa-vpn-softether

The role will be in the folder library/softasap.sa-vpn-softether. Adjust the path as needed.

     - {
         role: "softasap.sa-vpn-softether"
       }

Connecting to OpenVPN from Client

After running the last play step, you'll have a .cer file for IPsec and a .zip file with OpenVPN configuration.

  1. Unpack the ZIP file and ensure you have the OpenVPN GUI ready. If the "Import saved VPN configuration" option is missing, install it by running:
sudo apt install network-manager-openvpn network-manager-openvpn-gnome network-manager-pptp network-manager-vpnc

  1. After logging out/back in or rebooting, you will find the option "Import saved VPN configuration".

  2. Import the file named yourhostname_l3.ovpn. Use your user in the format user@vpn, e.g., test@vpn, followed by the password (e.g., test).

  3. If you have only one hub, you can use just the username.

To troubleshoot, you can use the native OpenVPN client interactively:

sudo openvpn --config my.ovpn

OpenVPN Connection Details

  1. About Files: When you open the ZIP file, you will find configuration files related to L3 (IP Routing) and L2 (Ethernet Bridging):

    • openvpn_remote_access_l3.ovpn for L3 connections.
    • openvpn_site_to_site_bridge_l2.ovpn for L2 connections.

  2. L3 vs. L2:

    • Use L3 for remote access from a regular computer.
    • Use L2 for connecting entire networks transparently.

  3. Username and Password: Enter the same username and password defined on the VPN server's Virtual HUB. If there are multiple hubs, specify the hub name with the username.

  4. Protocol and Port: You can use both TCP and UDP to connect to the VPN server. Make sure to use the appropriate port based on your server configuration.

This code is available under the BSD 3-Clause and MIT License. Choose whichever license suits you.

Get in Touch

Informazioni sul progetto

softether multi protocol vpn

role ipsec l2tp l2tpv3 msstp openvpn server softether ubuntu vpn
Installa
ansible-galaxy install softasap.sa-vpn-softether
GitHub repository
13 stelle
12 fork
11 problemi aperti
Licenza
mit
Download
754
Proprietario
softasap
Get your application deployed in a robust way