How to setup a relay server as VPNAzure.net service do

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
artioni81
Posts: 22
Joined: Wed Dec 25, 2019 10:56 pm

How to setup a relay server as VPNAzure.net service do

Post by artioni81 » Sun Mar 15, 2020 3:52 am

Hi,
is there any manual/tutorial on how to setup a relay service as vpnazure.net do?

ddunston
Posts: 22
Joined: Fri Mar 13, 2020 11:33 pm

Re: How to setup a relay server as VPNAzure.net service do

Post by ddunston » Sun Mar 15, 2020 4:43 am

I had this set up at one point.

What you could do is get a Linux Digitalocean droplet, for example. Then follow the tutorial here:

https://lxadm.com/Iptables:_redirect_po ... xternal_IP

You would change ports and protocols accordingly, based on the VPN protocols you would use and change the IPs for your use case.

However, if you have a VPN server behind a firewall that you control and the public IP uses DHCP, then consider using a free Dynamic DNS service and set up port-forwarding on your firewall to the VPN server. It reduces a layer of complexity with the relay. That is if this is your intended goal.

artioni81
Posts: 22
Joined: Wed Dec 25, 2019 10:56 pm

Re: How to setup a relay server as VPNAzure.net service do

Post by artioni81 » Sun Mar 15, 2020 6:21 am

ddunston wrote:
Sun Mar 15, 2020 4:43 am
I had this set up at one point.

What you could do is get a Linux Digitalocean droplet, for example. Then follow the tutorial here:

https://lxadm.com/Iptables:_redirect_po ... xternal_IP

You would change ports and protocols accordingly, based on the VPN protocols you would use and change the IPs for your use case.

However, if you have a VPN server behind a firewall that you control and the public IP uses DHCP, then consider using a free Dynamic DNS service and set up port-forwarding on your firewall to the VPN server. It reduces a layer of complexity with the relay. That is if this is your intended goal.
Thank you. I'll try the tutorial.
What I want to achieve is penetrating the firewall, the same as VPNAzure.net do. I want my softethervpn server to connect to the droplet through https so the connection is initiated by the vpn server. When I point the softethervpn client to the droplet ip:port it forwards packets/requests to the vpn server.

artioni81
Posts: 22
Joined: Wed Dec 25, 2019 10:56 pm

Re: How to setup a relay server as VPNAzure.net service do

Post by artioni81 » Sun Mar 15, 2020 12:23 pm

artioni81 wrote:
Sun Mar 15, 2020 6:21 am
ddunston wrote:
Sun Mar 15, 2020 4:43 am
I had this set up at one point.

What you could do is get a Linux Digitalocean droplet, for example. Then follow the tutorial here:

https://lxadm.com/Iptables:_redirect_po ... xternal_IP

You would change ports and protocols accordingly, based on the VPN protocols you would use and change the IPs for your use case.

However, if you have a VPN server behind a firewall that you control and the public IP uses DHCP, then consider using a free Dynamic DNS service and set up port-forwarding on your firewall to the VPN server. It reduces a layer of complexity with the relay. That is if this is your intended goal.
Thank you. I'll try the tutorial.
What I want to achieve is penetrating the firewall, the same as VPNAzure.net do. I want my softethervpn server to connect to the droplet through https so the connection is initiated by the vpn server. When I point the softethervpn client to the droplet ip:port it forwards packets/requests to the vpn server.
Maybe when VPNAzure.net service is enabled the local server plays the role of a bridge and the VPNAzure counterpart the server. This would explain the local server needs to connect to the VPNAzure host and then all the traffic directed to the VPNAzure is redirected to the local server.

Can someone confirm this?

ddunston
Posts: 22
Joined: Fri Mar 13, 2020 11:33 pm

Re: How to setup a relay server as VPNAzure.net service do

Post by ddunston » Sun Mar 15, 2020 2:47 pm

artioni81 wrote:
Sun Mar 15, 2020 6:21 am
ddunston wrote:
Sun Mar 15, 2020 4:43 am
I had this set up at one point.

What you could do is get a Linux Digitalocean droplet, for example. Then follow the tutorial here:

https://lxadm.com/Iptables:_redirect_po ... xternal_IP

You would change ports and protocols accordingly, based on the VPN protocols you would use and change the IPs for your use case.

However, if you have a VPN server behind a firewall that you control and the public IP uses DHCP, then consider using a free Dynamic DNS service and set up port-forwarding on your firewall to the VPN server. It reduces a layer of complexity with the relay. That is if this is your intended goal.
Thank you. I'll try the tutorial.
What I want to achieve is penetrating the firewall, the same as VPNAzure.net do. I want my softethervpn server to connect to the droplet through https so the connection is initiated by the vpn server. When I point the softethervpn client to the droplet ip:port it forwards packets/requests to the vpn server.
Okay, so you don't have control over the firewall? If not, then you want to set up stunnel, or some other tool, on your VPN server and set up stunnel on your droplet as a service. When someone connects to port 443 on your droplet, it will forward the traffic through the stunnel channel to your VPN server.

You could also setup an SSH tunnel to accomplish the same purpose.

artioni81
Posts: 22
Joined: Wed Dec 25, 2019 10:56 pm

Re: How to setup a relay server as VPNAzure.net service do

Post by artioni81 » Sun Mar 15, 2020 3:06 pm

ddunston wrote:
Sun Mar 15, 2020 2:47 pm
artioni81 wrote:
Sun Mar 15, 2020 6:21 am
ddunston wrote:
Sun Mar 15, 2020 4:43 am
I had this set up at one point.

What you could do is get a Linux Digitalocean droplet, for example. Then follow the tutorial here:

https://lxadm.com/Iptables:_redirect_po ... xternal_IP

You would change ports and protocols accordingly, based on the VPN protocols you would use and change the IPs for your use case.

However, if you have a VPN server behind a firewall that you control and the public IP uses DHCP, then consider using a free Dynamic DNS service and set up port-forwarding on your firewall to the VPN server. It reduces a layer of complexity with the relay. That is if this is your intended goal.
Thank you. I'll try the tutorial.
What I want to achieve is penetrating the firewall, the same as VPNAzure.net do. I want my softethervpn server to connect to the droplet through https so the connection is initiated by the vpn server. When I point the softethervpn client to the droplet ip:port it forwards packets/requests to the vpn server.
Okay, so you don't have control over the firewall? If not, then you want to set up stunnel, or some other tool, on your VPN server and set up stunnel on your droplet as a service. When someone connects to port 443 on your droplet, it will forward the traffic through the stunnel channel to your VPN server.

You could also setup an SSH tunnel to accomplish the same purpose.
Yes, you are right, I don't have control over the firewall. And also, the only way to connect to the internet is through a http proxy server. I hope i can Stunnel or SSH tunnel through the proxy. This might be the right solution. Thank you.

Post Reply