VPSを自宅ネットワーク配下におくために、前回PPTPを導入した。
しかし、PPTPは暗号化アルゴリズムに不備があり、安全ではない。
そこで、別のVPNを導入しようと考えた。
VPNといえば SoftEther VPN でしょ。
という天の声が聞こえた気がした。
ちなみに他の候補としてはOpenVPNがある。
SoftEther VPNが優位であることを調べないことにはSoftEtherVPNを入れる気がしない。
https://ja.softether.org/
なるほど。SoftEtherは高スループットで他のプロトコルにも対応しているとな。
ではあらためてSoftEther VPNをRaspberryPiに入れよう。
まずはhttp://jp.softether-download.com/files/softether/ ここからARM EABIのServerバージョンをいれる。
1 2 3 4 |
wget http://jp.softether-download.com/files/softether/v4.04-9412-rtm-2014.01.15-tree/Linux/SoftEther%20VPN%20Server/32bit%20-%20ARM%20legacy%20ABI/softether-vpnserver-v4.04-9412-rtm-2014.01.15-linux-arm-32bit.tar.gz tar zxvf softether-vpnserver-v4.04-9412-rtm-2014.01.15-linux-arm-32bit.tar.gz cd vpnserver make |
1 2 |
/usr/bin/ld: failed to merge target specific data of file lib/libz.a(crc32.o) collect2: ld returned 1 exit status |
はい、順調にエラーですね。
結論からいうと、EABI Legacy ARM ではなく、ARM EABIのほうを選ぶと問題なくいけました。
1 2 3 4 5 6 7 8 9 10 11 |
wget http://jp.softether-download.com/files/softether/v4.04-9412-rtm-2014.01.15-tree/Linux/SoftEther%20VPN%20Server/32bit%20-%20ARM%20EABI/softether-vpnserver-v4.04-9412-rtm-2014.01.15-linux-arm_eabi-32bit.tar.gz tar zxvf softether-vpnserver-v4.04-9412-rtm-2014.01.15-linux-arm_eabi-32bit.tar.gz cd vpnserver make cd .. mv vpnserver /usr/local/ cd /usr/local/vpnserver chmod 600 * chmod 700 vpncmd chmod 700 vpnserver |
vpncmdで動作チェック
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 |
root@raspberrypi:/usr/local/vpnserver# ./vpncmd vpncmd command - SoftEther VPN Command Line Management Utility SoftEther VPN Command Line Management Utility (vpncmd command) Version 4.04 Build 9412 (English) Compiled 2014/01/15 17:48:18 by yagi at pc25 Copyright (c) SoftEther VPN Project. All Rights Reserved. By using vpncmd program, the following can be achieved. 1. Management of VPN Server or VPN Bridge 2. Management of VPN Client 3. Use of VPN Tools (certificate creation and Network Traffic Speed Test Tool) Select 1, 2 or 3: 3 VPN Tools has been launched. By inputting HELP, you can view a list of the commands that can be used. VPN Tools>check Check command - Check whether SoftEther VPN Operation is Possible --------------------------------------------------- SoftEther VPN Operation Environment Check Tool Copyright (c) SoftEther VPN Project. All Rights Reserved. If this operation environment check tool is run on a system and that system passes, it is most likely that SoftEther VPN software can operate on that system. This check may take a while. Please wait... Checking 'Kernel System'... Pass Checking 'Memory Operation System'... Pass Checking 'ANSI / Unicode string processing system'... Pass Checking 'File system'... Pass Checking 'Thread processing system'... Pass Checking 'Network system'... Pass All checks passed. It is most likely that SoftEther VPN Server / Bridge can operate normally on this system. The command completed successfully. VPN Tools>exit |
起動スクリプトに追加
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 |
root@raspberrypi:/usr/local/vpnserver# emacs /etc/init.d/vpnserver #!/bin/sh ### BEGIN INIT INFO # Provides: vpnserver # Required-Start: $local_fs $network # Required-Stop: $local_fs $network # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: SoftEther VPN 1.0 RC2 # Description: Start vpnserver daemon SoftEther VPN 1.0 Server ### END INIT INFO DAEMON=/usr/local/vpnserver/vpnserver LOCK=/var/lock/vpnserver . /lib/lsb/init-functions test -x $DAEMON || exit 0 case "$1" in start) sleep 3 log_daemon_msg "Starting SoftEther VPN 1.0 Server" "vpnserver" $DAEMON start >/dev/null 2>&1 touch $LOCK log_end_msg 0 sleep 3 ;; stop) log_daemon_msg "Stopping SoftEther VPN 1.0 Server" "vpnserver" $DAEMON stop >/dev/null 2>&1 rm $LOCK log_end_msg 0 sleep 2 ;; restart) $DAEMON stop sleep 2 $DAEMON start sleep 5 ;; status) if [ -e $LOCK ] then echo "vpnserver is running." else echo "vpnserver is not running." fi ;; *) echo "Usage: $0 {start|stop|restart|status}" exit 1 esac exit 0 |
1 2 3 4 |
chmod +x /etc/init.d/vpnserver apt-get install chkconfig chkconfig vpnserver on /etc/init.d/vpnserver start |