VPN Client on CentOS 7 (Init.D and ip vpn interface)

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
pierrick
Posts: 7
Joined: Fri Nov 10, 2017 1:02 pm

VPN Client on CentOS 7 (Init.D and ip vpn interface)

Post by pierrick » Fri Nov 10, 2017 1:07 pm

Hy eveyone,

i'm not able to find documentation to create an Init.D / systemD script for running the vpn client at startup. Does it exist ?

Actually i start manually the vpn client and i have trouble to assignate a static IP to the local brigde of vpn client network interface.

Someone have a exemple or cofig files of a working installation on centOS 7 ?

Have a good day !

pierrick
Posts: 7
Joined: Fri Nov 10, 2017 1:02 pm

Re: VPN Client on CentOS 7 (Init.D and ip vpn interface)

Post by pierrick » Tue Nov 14, 2017 10:42 am

Hy, no one have done a init script for running VPN client on centOS at startup ?

:)

fenice
Posts: 183
Joined: Sun Jul 19, 2015 4:23 pm

Re: VPN Client on CentOS 7 (Init.D and ip vpn interface)

Post by fenice » Tue Nov 14, 2017 10:47 am

Did you ever think of looking at the source code on github and using the examples there?
Regards


Bill

pierrick
Posts: 7
Joined: Fri Nov 10, 2017 1:02 pm

Re: VPN Client on CentOS 7 (Init.D and ip vpn interface)

Post by pierrick » Tue Nov 14, 2017 1:24 pm

Indeed I had not seen that there was on github.

https://github.com/SoftEtherVPN/SoftEth ... er/systemd


Thanks it's workging but with trouble.
There is my SystemD config file (i just changed vpnclient path) :

-----------------------------------------------------------------------------------------------------------------------------------

[Unit]
Description=SoftEther VPN Client
After=network.target auditd.service
ConditionPathExists=!/usr/local/vpnclient/vpnclient/do_not_run

[Service]
Type=forking
EnvironmentFile=-/usr/local/vpnclient/vpnclient
ExecStart=/usr/local/vpnclient/vpnclient start
ExecStop=/usr/local/vpnclient/vpnclient stop
KillMode=process
Restart=on-failure

# Hardening
PrivateTmp=yes
ProtectHome=yes
ProtectSystem=full
ReadOnlyDirectories=/
ReadWriteDirectories=-/usr/local/vpnclient/vpnclient
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYS_ADMIN CAP_SETUID

[Install]
WantedBy=multi-user.target
-----------------------------------------------------------------------------------------------------------------------------------

When i start the service, local brigde interface appear but without the static IP that i configure.
-------------------------------------------------------------------
vpn_softether: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::2ac:e9ff:fe7e:289e prefixlen 64 scopeid 0x20<link>
ether 00:ac:e9:7e:28:9e txqueuelen 1000 (Ethernet)
RX packets 12 bytes 864 (864.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 20 bytes 1632 (1.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
----------------------------------------------------------------------------


There is my /etc/sysconfig/network-scripts/ifcfg-vpn_softether :
-----------------------------------------------------------------------------
DEVICE="vpn_centreon"
HWADDR="00:ac:e9:7e:28:9e"
ONBOOT="yes"
BOOTPROTO=static
NM_CONTROLLED="no"
IPADDR="10.38.0.50"
NETMASK="255.255.255.0"
-----------------------------------------------------------------------------

I need to apply ifdown vpn_softether && ifup vpn_softether to be able to have my static IP on the interface :

-----------------------------------------------------------------------------
vpn_softether: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.38.0.50 netmask 255.255.255.0 broadcast 10.38.0.255
inet6 fe80::2ac:e9ff:fe7e:289e prefixlen 64 scopeid 0x20<link>
ether 00:ac:e9:7e:28:9e txqueuelen 1000 (Ethernet)
RX packets 33 bytes 2506 (2.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 69 bytes 12308 (12.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
-----------------------------------------------------------------------------


I will appreciate some tips :)

fenice
Posts: 183
Joined: Sun Jul 19, 2015 4:23 pm

Re: VPN Client on CentOS 7 (Init.D and ip vpn interface)

Post by fenice » Tue Nov 14, 2017 2:06 pm

Unfortunately I can't really help you much with your config as I'm relatively inexperienced and I only use the SoftEtherVPN server, I assume you're trying to get a site-to-site connection set-up - is that what you're attempting to do?
Regards


Bill

pierrick
Posts: 7
Joined: Fri Nov 10, 2017 1:02 pm

Re: VPN Client on CentOS 7 (Init.D and ip vpn interface)

Post by pierrick » Tue Nov 14, 2017 2:48 pm

No a Client-server connection, it's working but i dont know how to apply proprely the static IP to the local bridge of softEther VPN client without doing "ifdown" and "ifup" after starting the vpnclient service.


SystemD is powerfull but not easy to use :).

fenice
Posts: 183
Joined: Sun Jul 19, 2015 4:23 pm

Re: VPN Client on CentOS 7 (Init.D and ip vpn interface)

Post by fenice » Tue Nov 14, 2017 3:09 pm

OK, how did you create the bridge? Was it something like this: https://www.ipserverone.info/operation- ... softether/
Regards


Bill

pierrick
Posts: 7
Joined: Fri Nov 10, 2017 1:02 pm

Re: VPN Client on CentOS 7 (Init.D and ip vpn interface)

Post by pierrick » Tue Nov 14, 2017 3:29 pm

Yes exactly, trough the vpncmd tools and it's work well.


Pierrick

pierrick
Posts: 7
Joined: Fri Nov 10, 2017 1:02 pm

Re: VPN Client on CentOS 7 (Init.D and ip vpn interface)

Post by pierrick » Thu Nov 16, 2017 3:15 pm

/etc/sysconfig/network-scripts/ifcfg-vpn_softether on my Client OS works well but i need to do "ifdown && ifup "to be able to have my static IP on the interface. I have some trouble because vpn interfeace appear not on boot but when vpnclient service start.

Post Reply