12 月 272019
修改初始密码
[root@localhost ~]# passwd Changing password for user root. New password: Retype new password: passwd: all authentication tokens updated successfully. [root@localhost ~]#
修改时区
[root@localhost ~]# cp /usr/share/zoneinfo/Asia/Hong_Kong /etc/localtime cp: overwrite ‘/etc/localtime’? y [root@localhost ~]# date Wed Dec 18 08:10:18 HKT 2019 [root@localhost ~]#
禁用防火墙
[root@localhost ~]# systemctl stop firewalld [root@localhost ~]# systemctl disable firewalld Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service. Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. [root@localhost ~]#
更新YUM缓存
[root@localhost ~]# yum makecache [root@localhost ~]#
安装EPEL源
[root@localhost ~]# yum -y install epel-release.noarch
检查依赖并安装工具包
[root@localhost ~]# yum install gcc net-tools
解压并执行编译安装
[root@localhost ~]# tar xzf softether-vpnserver-v4.31-9727-beta-2019.11.18-linux-x64-64bit.tar.gz [root@localhost ~]# cd vpnserver/ [root@localhost vpnserver]# make -------------------------------------------------------------------- SoftEther VPN Server (Ver 4.31, Build 9727, Intel x64 / AMD64) for Linux Install Utility Copyright (c) SoftEther Project at University of Tsukuba, Japan. All Rights Reserved. -------------------------------------------------------------------- Do you want to read the License Agreement for this software ? 1. Yes 2. No Please choose one of above number: 1 Did you read and understand the License Agreement ? (If you couldn't read above text, Please read 'ReadMeFirst_License.txt' file with any text editor.) 1. Yes 2. No Please choose one of above number: 1 Did you agree the License Agreement ? 1. Agree 2. Do Not Agree Please choose one of above number: 1 make[1]: Entering directory `/root/vpnserver' Preparing SoftEther VPN Server... ranlib lib/libcharset.a ranlib lib/libcrypto.a ranlib lib/libedit.a ranlib lib/libiconv.a ranlib lib/libintelaes.a ranlib lib/libncurses.a ranlib lib/libssl.a ranlib lib/libz.a ranlib code/vpnserver.a gcc code/vpnserver.a -fPIE -O2 -fsigned-char -pthread -m64 -lm -lrt -lpthread -L./ lib/libssl.a lib/libcrypto.a lib/libiconv.a lib/libcharset.a lib/libedit.a lib/libncurses.a lib/libz.a lib/libintelaes.a -ldl -o vpnserver ranlib code/vpncmd.a gcc code/vpncmd.a -fPIE -O2 -fsigned-char -pthread -m64 -lm -lrt -lpthread -L./ lib/libssl.a lib/libcrypto.a lib/libiconv.a lib/libcharset.a lib/libedit.a lib/libncurses.a lib/libz.a lib/libintelaes.a -ldl -o vpncmd ./vpncmd /tool /cmd:Check vpncmd command - SoftEther VPN Command Line Management Utility SoftEther VPN Command Line Management Utility (vpncmd command) Version 4.31 Build 9727 (English) Compiled 2019/11/18 11:14:51 by buildsan at crosswin Copyright (c) SoftEther VPN Project. All Rights Reserved. VPN Tools has been launched. By inputting HELP, you can view a list of the commands that can be used. VPN Tools>Check Check command - Check whether SoftEther VPN Operation is Possible --------------------------------------------------- SoftEther VPN Operation Environment Check Tool Copyright (c) SoftEther VPN Project. All Rights Reserved. If this operation environment check tool is run on a system and that system passes, it is most likely that SoftEther VPN software can operate on that system. This check may take a while. Please wait... Checking 'Kernel System'... Pass Checking 'Memory Operation System'... Pass Checking 'ANSI / Unicode string processing system'... Pass Checking 'File system'... Pass Checking 'Thread processing system'... Pass Checking 'Network system'... Pass All checks passed. It is most likely that SoftEther VPN Server / Bridge can operate normally on this system. The command completed successfully. -------------------------------------------------------------------- The preparation of SoftEther VPN Server is completed ! *** How to switch the display language of the SoftEther VPN Server Service *** SoftEther VPN Server supports the following languages: - Japanese - English - Simplified Chinese You can choose your prefered language of SoftEther VPN Server at any time. To switch the current language, open and edit the 'lang.config' file. Note: the administrative password is not set on the VPN Server. Please set your own administrative password as soon as possible by vpncmd or the GUI manager. *** How to start the SoftEther VPN Server Service *** Please execute './vpnserver start' to run the SoftEther VPN Server Background Service. And please execute './vpncmd' to run the SoftEther VPN Command-Line Utility to configure SoftEther VPN Server. Of course, you can use the VPN Server Manager GUI Application for Windows / Mac OS X on the other Windows / Mac OS X computers in order to configure the SoftEther VPN Server remotely. *** For Windows users *** You can download the SoftEther VPN Server Manager for Windows from the http://www.softether-download.com/ web site. This manager application helps you to completely and easily manage the VPN server services running in remote hosts. *** For Mac OS X users *** In April 2016 we released the SoftEther VPN Server Manager for Mac OS X. You can download it from the http://www.softether-download.com/ web site. VPN Server Manager for Mac OS X works perfectly as same as the traditional Windows versions. It helps you to completely and easily manage the VPN server services running in remote hosts. *** PacketiX VPN Server HTML5 Web Administration Console (NEW) *** This VPN Server / Bridge has the built-in HTML5 Web Administration Console. After you start the server daemon, you can open the HTML5 Web Administration Console is available at https://127.0.0.1:5555/ or https://ip_address_of_the_vpn_server:5555/ This HTML5 page is obviously under construction, and your HTML5 development contribution is very appreciated. -------------------------------------------------------------------- make[1]: Leaving directory `/root/vpnserver' [root@localhost vpnserver]#
设置程序目录及权限
[root@localhost vpnserver]# cd [root@localhost ~]# mv vpnserver/ /usr/local/ [root@localhost ~]# cd /usr/local/vpnserver/ [root@localhost vpnserver]# chmod 600 * [root@localhost vpnserver]# chmod 700 vpncmd [root@localhost vpnserver]# chmod 700 vpnserver [root@localhost vpnserver]#
设置环境变量
[root@localhost ~]# vi /etc/profile ulimit -SHn 65535 export PATH=/usr/local/vpnserver:$PATH [root@localhost ~]# source /etc/profile [root@localhost ~]# ulimit unlimited [root@localhost ~]# ulimit -n 65535 [root@localhost ~]#
使用命令行接口检测
[root@localhost vpnserver]# ./vpncmd vpncmd command - SoftEther VPN Command Line Management Utility SoftEther VPN Command Line Management Utility (vpncmd command) Version 4.31 Build 9727 (English) Compiled 2019/11/18 11:14:51 by buildsan at crosswin Copyright (c) SoftEther VPN Project. All Rights Reserved. By using vpncmd program, the following can be achieved. 1. Management of VPN Server or VPN Bridge 2. Management of VPN Client 3. Use of VPN Tools (certificate creation and Network Traffic Speed Test Tool) Select 1, 2 or 3: 3 VPN Tools has been launched. By inputting HELP, you can view a list of the commands that can be used. VPN Tools>check Check command - Check whether SoftEther VPN Operation is Possible --------------------------------------------------- SoftEther VPN Operation Environment Check Tool Copyright (c) SoftEther VPN Project. All Rights Reserved. If this operation environment check tool is run on a system and that system passes, it is most likely that SoftEther VPN software can operate on that system. This check may take a while. Please wait... Checking 'Kernel System'... Pass Checking 'Memory Operation System'... Pass Checking 'ANSI / Unicode string processing system'... Pass Checking 'File system'... Pass Checking 'Thread processing system'... Pass Checking 'Network system'... Pass All checks passed. It is most likely that SoftEther VPN Server / Bridge can operate normally on this system. The command completed successfully. VPN Tools>exit [root@localhost vpnserver]#
添加服务脚本
[root@localhost ~]# vi /etc/init.d/vpnserver #!/bin/sh # chkconfig: 2345 99 01 # description: SoftEther VPN Server DAEMON=/usr/local/vpnserver/vpnserver LOCK=/var/lock/subsys/vpnserver test -x $DAEMON || exit 0 case "$1" in start) $DAEMON start touch $LOCK ;; stop) $DAEMON stop rm $LOCK ;; restart) $DAEMON stop sleep 3 $DAEMON start ;; *) echo "Usage: $0 {start|stop|restart}" exit 1 esac exit 0
注册服务并确认运行级别
[root@localhost ~]# vi /etc/init.d/vpnserver [root@localhost ~]# chmod 755 /etc/init.d/vpnserver [root@localhost ~]# chkconfig --add vpnserver [root@localhost ~]# chkconfig --list vpnserver Note: This output shows SysV services only and does not include native systemd services. SysV configuration data might be overridden by native systemd configuration. If you want to list systemd services use 'systemctl list-unit-files'. To see services enabled on particular target use 'systemctl list-dependencies [target]'. vpnserver 0:off 1:off 2:on 3:on 4:on 5:on 6:off [root@localhost ~]#
启动服务
[root@localhost ~]# service vpnserver start The SoftEther VPN Server service has been started. Let's get started by accessing to the following URL from your PC: https://14.17.100.1:5555/ or https://14.17.100.1/ Note: IP address may vary. Specify your server's IP address. A TLS certificate warning will appear because the server uses self signed certificate by default. That is natural. Continue with ignoring the TLS warning. [root@localhost ~]#