Qiita Teams that are logged in
You are not logged in to any team

Log in to Qiita Team
Community
OrganizationAdvent CalendarQiitadon (β)
Service
Qiita JobsQiita ZineQiita Blog
1
Help us understand the problem. What is going on with this article?
@sgr@github

[メモ] NanoPi NEO2 で SoftEther を動かす

More than 1 year has passed since last update.

NanoPI NEO2 で SoftEther を動かした時のメモです。OS は Armbian Buster、ローカルブリッジには USB 接続の有線 LAN アダプターを使用しました。

OS のインストール

詳しくは [メモ] NanoPi NEO2 を Armbian で使う をご覧ください。

CA344597-FB99-4386-842F-44CB5FE1CCF1.jpeg

SoftEther のビルドとインストール

sudo apt install libreadline-dev libncurses-dev clang
wget https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/releases/download/v4.29-9680-rtm/softether-src-v4.29-9680-rtm.tar.gz
tar zxvf softether-src-v4.29-9680-rtm.tar.gz
cd v4.29-9680/
./configure

生成された Makefile を編集し、インストール先を /opt/softether コンパイラを clang にしました。

Makefile.patch
--- src/makefiles/linux_64bit.mak       2019-02-28 20:05:23.000000000 +0900
+++ Makefile    2019-08-13 13:49:42.316522782 +0900
@@ -60,7 +60,7 @@

 # Variables

-#CC=gcc
+CC=clang

 OPTIONS_COMPILE_DEBUG=-D_DEBUG -DDEBUG -DUNIX -DUNIX_LINUX -DCPU_64 -D_REENTRANT -DREENTRANT -D_THREAD_SAFE -D_THREADSAFE -DTHREAD_SAFE -DTHREADSAFE -D_FILE_OFFSET_BITS=64 -I./src/ -I./src/Cedar/ -I./src/Mayaqua/ -g -fsigned-char -m64

@@ -70,11 +70,11 @@

 OPTIONS_LINK_RELEASE=-O2 -fsigned-char -m64 -lm -ldl -lrt -lpthread -lssl -lcrypto -lreadline -lncurses -lz

-INSTALL_BINDIR=/usr/bin/
-INSTALL_VPNSERVER_DIR=/usr/vpnserver/
-INSTALL_VPNBRIDGE_DIR=/usr/vpnbridge/
-INSTALL_VPNCLIENT_DIR=/usr/vpnclient/
-INSTALL_VPNCMD_DIR=/usr/vpncmd/
+INSTALL_BINDIR=/opt/softether/bin/
+INSTALL_VPNSERVER_DIR=/opt/softether/vpnserver/
+INSTALL_VPNBRIDGE_DIR=/opt/softether/vpnbridge/
+INSTALL_VPNCLIENT_DIR=/opt/softether/vpnclient/
+INSTALL_VPNCMD_DIR=/opt/softether/vpncmd/

 ifeq ($(DEBUG),YES)
        OPTIONS_COMPILE=$(OPTIONS_COMPILE_DEBUG)

ビルドし、インストールします。

make
sudo mkdir -p /opt/softether/bin
sudo make install

vpnserver の動作確認

vpnserver を動かす前に、 OpenSSL default version and security level raised を参考に、 /etc/ssl/openssl.cnf を編集します。

[system_default_sect]
#MinProtocol = TLSv1.2
#CipherString = DEFAULT@SECLEVEL=2
MinProtocol = None
CipherString = DEFAULT

vpnserver を手動で動かし動作確認します。設定には vpncmd や VPN サーバー管理マネージャ を用います。

sudo /opt/softether/bin/vpnserver start
sudo /opt/softether/bin/vpnserver stop

自動起動設定

動作が確認できたら、systemd の自動起動設定を行います。

/etc/systemd/system/vpnserver.service
[Unit]
Description=Softether VPN Server Service
After=network.target

[Service]
Type=forking
User=root
ExecStart=/opt/softether/bin/vpnserver start
ExecStop=/opt/softether/bin/vpnserver stop
Restart=on-abort

[Install]
WantedBy=multi-user.target

手動でサービスを起動し、動作確認します。

sudo systemctl daemon-reload
sudo systemctl start vpnserver

問題なければサービスを有効にします。

sudo systemctl enable vpnserver
1
Help us understand the problem. What is going on with this article?
Why not register and get more from Qiita?
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away

Comments

No comments
Sign up for free and join this conversation.
Sign Up
If you already have a Qiita account Login
1
Help us understand the problem. What is going on with this article?