ConoHaとSoftEther VPNで遊んでみる(インストール編)

ConoHa VPS上へSoftEther VPN Serverをインストール。
VPSの初期OS(CentOS 6.4 64-bit)だと依存関係もなくコマンド一撃でインストールできた。
最新版のVer 4.06, Build 9437, beta、外部認証とかLog保存設定とか機能が増えている感じ。

参考にしたサイト(そのまま指示通りにしただけ...)
7.3 Linux へのインストールと初期設定 - SoftEther VPN プロジェクト

手順

SoftEther VPN ServerをDownload
VPS上へUp Load
展開
make
ディレクトリーを移動
パーミッション変更
動作チェック
スタートアップスクリプトへの登録
起動および停止

SoftEther VPN ServerをDownload

SoftEther ダウンロードセンターへアクセス

コンポーネントは「SoftEther VPN Server」を選択
プラットフォームは「Linux」を選択
CPUは「Intel x64 / AMD64 (64bit)」を選択

SoftEther VPN Server (Ver 4.06, Build 9437, beta)をクリックしてDownload開始

VPS上へUp Load

初期状態だとVPS上にFTPサーバもインストールされていないので、SCPでUpLoad実施。
TeraTermでSSH接続してるなら、コンソール画面上にDownloadしたファイルをドラッグ＆ドロップ。その後「SCP」をクリック。

展開

[root@ConoHa ~]# ls
softether-vpnserver-v4.06-9437-beta-2014.04.09-linux-x64-64bit.tar.gz
[root@ConoHa ~]# tar xzvf softether-vpnserver-v4.06-9437-beta-2014.04.09-linux-x64-64bit.tar.gz
vpnserver/
vpnserver/Makefile
vpnserver/.install.sh
vpnserver/ReadMeFirst_License.txt
vpnserver/Authors.txt
vpnserver/ReadMeFirst_Important_Notices_ja.txt
vpnserver/ReadMeFirst_Important_Notices_en.txt
vpnserver/ReadMeFirst_Important_Notices_cn.txt
vpnserver/code/
vpnserver/code/vpnserver.a
vpnserver/code/vpncmd.a
vpnserver/lib/
vpnserver/lib/libcharset.a
vpnserver/lib/libcrypto.a
vpnserver/lib/libedit.a
vpnserver/lib/libiconv.a
vpnserver/lib/libintelaes.a
vpnserver/lib/libncurses.a
vpnserver/lib/libssl.a
vpnserver/lib/libz.a
vpnserver/lib/License.txt
vpnserver/hamcore.se2
[root@ConoHa ~]#

make

[root@ConoHa ~]# ls
softether-vpnserver-v4.06-9437-beta-2014.04.09-linux-x64-64bit.tar.gz  vpnserver
[root@ConoHa ~]# cd vpnserver
[root@ConoHa vpnserver]# ls
Authors.txt  lib                                   ReadMeFirst_Important_Notices_en.txt
code         Makefile                              ReadMeFirst_Important_Notices_ja.txt
hamcore.se2  ReadMeFirst_Important_Notices_cn.txt  ReadMeFirst_License.txt
[root@ConoHa vpnserver]# make
--------------------------------------------------------------------

SoftEther VPN Server (Ver 4.06, Build 9437, Intel x64 / AMD64) for Linux Install Utility
Copyright (c) SoftEther Project at University of Tsukuba, Japan. All Rights Reserved.

--------------------------------------------------------------------


Do you want to read the License Agreement for this software ?

 1. Yes
 2. No

Please choose one of above number:

"1"を入力後にエンター。このあと2回ほど同じ様に"1"を入力する

Did you read and understand the License Agreement ?
(If you couldn't read above text, Please read 'ReadMeFirst_License.txt'
 file with any text editor.)

 1. Yes
 2. No

Please choose one of above number: 
1

Did you agree the License Agreement ?

1. Agree
2. Do Not Agree

Please choose one of above number: 
1

とくに問題なければ、以下の表示が出てmake完了

All checks passed. It is most likely that SoftEther VPN Server / Bridge can operate normally on this system.

The command completed successfully.


--------------------------------------------------------------------
The preparation of SoftEther VPN Server is completed !


*** How to switch the display language of the SoftEther VPN Server Service ***
SoftEther VPN Server supports the following languages:
  - Japanese
  - English
  - Simplified Chinese

You can choose your prefered language of SoftEther VPN Server at any time.
To switch the current language, open and edit the 'lang.config' file.


*** How to start the SoftEther VPN Server Service ***

Please execute './vpnserver start' to run the SoftEther VPN Server Background Service.
And please execute './vpncmd' to run the SoftEther VPN Command-Line Utility to configure SoftEther VPN Server.
Of course, you can use the VPN Server Manager GUI Application for Windows on the other Windows PC in order to configure the SoftEther VPN Server remotely.
--------------------------------------------------------------------

make[1]: Leaving directory `/root/vpnserver'
[root@ConoHa vpnserver]#

ディレクトリーを移動

[root@ConoHa ~]# ls
softether-vpnserver-v4.06-9437-beta-2014.04.09-linux-x64-64bit.tar.gz  vpnserver
[root@ConoHa ~]# mv vpnserver /usr/local
[root@ConoHa ~]# cd /usr/local/
[root@ConoHa local]# ls
bin  etc  games  include  lib  lib64  libexec  sbin  share  src  vpnserver
[root@ConoHa local]#

パーミッション変更

[root@ConoHa local]# cd vpnserver/
[root@ConoHa vpnserver]# ls
Authors.txt  hamcore.se2  Makefile                              ReadMeFirst_Important_Notices_ja.txt  vpnserver
chain_certs  lang.config  ReadMeFirst_Important_Notices_cn.txt  ReadMeFirst_License.txt
code         lib          ReadMeFirst_Important_Notices_en.txt  vpncmd
[root@ConoHa vpnserver]# chmod 600 *
[root@ConoHa vpnserver]# chmod 700 vpnserver 
[root@ConoHa vpnserver]# chmod 700 vpncmd 
[root@ConoHa vpnserver]# ls -al
total 8508
drwxrwxrwx   5 root root    4096 May 11 01:53 .
drwxr-xr-x. 13 root root    4096 May 11 01:54 ..
-rw-------   1 root root    1838 Apr  9 10:20 Authors.txt
drw-------   2 root root    4096 May 11 01:53 chain_certs
drw-------   2 root root    4096 May 11 01:53 code
-rw-------   1 root root 1009450 Apr  9 10:20 hamcore.se2
-rwxrwxrwx   1 root root    1533 Apr  9 10:20 .install.sh
-rw-------   1 root root     867 May 11 01:53 lang.config
drw-------   2 root root    4096 May 11 01:53 lib
-rw-------   1 root root    2138 Apr  9 10:20 Makefile
-rw-------   1 root root   28351 Apr  9 10:20 ReadMeFirst_Important_Notices_cn.txt
-rw-------   1 root root   33209 Apr  9 10:20 ReadMeFirst_Important_Notices_en.txt
-rw-------   1 root root   47041 Apr  9 10:20 ReadMeFirst_Important_Notices_ja.txt
-rw-------   1 root root   58227 Apr  9 10:20 ReadMeFirst_License.txt
-rwx------   1 root root 3740257 May 11 01:53 vpncmd
-rwx------   1 root root 3740301 May 11 01:53 vpnserver
[root@ConoHa vpnserver]#

あ、.install.shのパーミッションが変わってなかったｗ

動作チェック

[root@ConoHa vpnserver]# ./vpncmd 
vpncmd command - SoftEther VPN Command Line Management Utility
SoftEther VPN Command Line Management Utility (vpncmd command)
Version 4.06 Build 9437   (English)
Compiled 2014/04/09 10:10:41 by yagi at pc25
Copyright (c) SoftEther VPN Project. All Rights Reserved.

By using vpncmd program, the following can be achieved. 

1. Management of VPN Server or VPN Bridge 
2. Management of VPN Client
3. Use of VPN Tools (certificate creation and Network Traffic Speed Test Tool)

Select 1, 2 or 3:

3を入力、その後checkコマンドを入力する。完了後はexitで動作チェック終了

Select 1, 2 or 3: 3

VPN Tools has been launched. By inputting HELP, you can view a list of the commands that can be used.

VPN Tools>check
Check command - Check whether SoftEther VPN Operation is Possible
---------------------------------------------------
SoftEther VPN Operation Environment Check Tool

Copyright (c) SoftEther VPN Project.
All Rights Reserved.

If this operation environment check tool is run on a system and that system passes, it is most likely that SoftEther VPN software can operate on that system. This check may take a while. Please wait...

Checking 'Kernel System'... 
              Pass
Checking 'Memory Operation System'... 
              Pass
Checking 'ANSI / Unicode string processing system'... 
              Pass
Checking 'File system'... 
              Pass
Checking 'Thread processing system'... 
              Pass
Checking 'Network system'... 
              Pass

All checks passed. It is most likely that SoftEther VPN Server / Bridge can operate normally on this system.

The command completed successfully.

VPN Tools>exit
[root@ConoHa vpnserver]#

スタートアップスクリプトへの登録

最後の行の改行の後に Ctrl+Dでぬける

[root@ConoHa vpnserver]#  cat > /etc/init.d/vpnserver
#!/bin/sh
# chkconfig: 2345 99 01
# description: SoftEther VPN Server
DAEMON=/usr/local/vpnserver/vpnserver
LOCK=/var/lock/subsys/vpnserver
test -x $DAEMON || exit 0
case "$1" in
start)
$DAEMON start
touch $LOCK
;;
stop)
$DAEMON stop
rm $LOCK
;;
restart)
$DAEMON stop
sleep 3
$DAEMON start
;;
*)
echo "Usage: $0 {start|stop|restart}"
exit 1
esac
exit 0
[root@ConoHa vpnserver]#

[root@ConoHa vpnserver]# cd /etc/init.d/
[root@ConoHa init.d]# ls -al
total 272
drwxr-xr-x.  2 root root  4096 May 11 01:58 .
drwxr-xr-x. 10 root root  4096 Jun 19  2013 ..
-rwxr-xr-x.  1 root root  1288 Feb 23  2013 abrt-ccpp
-rwxr-xr-x.  1 root root  1628 Feb 23  2013 abrtd
-rwxr-xr-x.  1 root root  1642 Feb 23  2013 abrt-oops
-rwxr-xr-x.  1 root root  1725 Aug 19  2010 acpid
(省略)
-rwxr-xr-x.  1 root root  2276 Apr  2  2013 svnserve
-rwxr-xr-x.  1 root root  1228 Jun 22  2012 sysstat
-rwxr-xr-x.  1 root root  2294 Feb 22  2013 udev-post
-rw-r--r--   1 root root   353 May 11 01:58 vpnserver
[root@ConoHa init.d]# chmod 755 vpnserver
[root@ConoHa init.d]# 
[root@ConoHa init.d]# ls -al
total 272
drwxr-xr-x.  2 root root  4096 May 11 01:58 .
drwxr-xr-x. 10 root root  4096 Jun 19  2013 ..
-rwxr-xr-x.  1 root root  1288 Feb 23  2013 abrt-ccpp
-rwxr-xr-x.  1 root root  1628 Feb 23  2013 abrtd
-rwxr-xr-x.  1 root root  1642 Feb 23  2013 abrt-oops
-rwxr-xr-x.  1 root root  1725 Aug 19  2010 acpid
(省略)
-rwxr-xr-x.  1 root root  2276 Apr  2  2013 svnserve
-rwxr-xr-x.  1 root root  1228 Jun 22  2012 sysstat
-rwxr-xr-x.  1 root root  2294 Feb 22  2013 udev-post
-rwxr-xr-x   1 root root   353 May 11 01:58 vpnserver
[root@ConoHa init.d]# chkconfig --add vpnserver 
[root@ConoHa init.d]# chkconfig --list
abrt-ccpp      	0:off	1:off	2:off	3:on	4:off	5:on	6:off
abrt-oops      	0:off	1:off	2:off	3:on	4:off	5:on	6:off
abrtd          	0:off	1:off	2:off	3:on	4:off	5:on	6:off
acpid          	0:off	1:off	2:on	3:on	4:on	5:on	6:off
(省略)
svnserve       	0:off	1:off	2:off	3:off	4:off	5:off	6:off
sysstat        	0:off	1:on	2:on	3:on	4:on	5:on	6:off
udev-post      	0:off	1:on	2:on	3:on	4:on	5:on	6:off
vpnserver      	0:off	1:off	2:on	3:on	4:on	5:on	6:off
[root@ConoHa init.d]#

起動および停止

起動

[root@ConoHa init.d]# /etc/init.d/vpnserver start
SoftEther VPN Server Service Started.
[root@ConoHa init.d]# 
[root@ConoHa init.d]# netstat -an

TCP443/992/1194/5555/ などが開いていればOk

停止

[root@ConoHa init.d]# /etc/init.d/vpnserver stop
Stopping SoftEther VPN Server Service...
SoftEther VPN Server Service Stopped.
[root@ConoHa init.d]#

設定はまた今度。