Installing soft-ether client


#1

Hi,

I have GL300M router.

I want to install soft-ether client package from OpenWRT.

Also, I have installed openWRT on my PC. I am able to install soft-ether client from Web GUI of openWRT.

How can I install same on GL300M router ?


#2

There is openwrt package of softether and you need to compile it to a ipk package. But you can use the pre-compiled ipk and install it using opkg.

To do this, use winscp and upload the file to the router then ssh to the router, and install using the following command

opkg install xxxx.ipk


#3

Hello,
Thank you for that information. Unfortunately, this is really not easy.
To compile the package for the GL_MT300A router, you need to install a virtual machine under debian…
Or there are ipk pre compiled here:
http://vpslv.tirlins.com/openwrt/packs/chaos_calmer/

But I don’t know if the package exists. I can’t identify the right pack.
Were you able to install softether? can you tell us which pack to take ?

A tip for the GL iNet team: openvpn is so slow that you should let the possibility of installing other servers more easily.

Thank you in advance


#4

You need to download this one softethervpn_4.21-9613_ramips_24kec.ipk I cannot help to configure but I installed successfully.

root@GL-MT300A:~# cd /tmp/
root@GL-MT300A:/tmp# wget http://vpslv.tirlins.com/openwrt/packs/chaos_calmer/so
ftethervpn_4.21-9613_ramips_24kec.ipk
Connecting to vpslv.tirlins.com (185.61.148.50:80)
softethervpn_4.21-96 100% |*******************************| 1066k 0:00:00 ETA
root@GL-MT300A:/tmp# opkg update
root@GL-MT300A:/tmp# opkg install softethervpn_4.21-9613_ramips_24kec.ipk
Installing softethervpn (4.21-9613) to root…
Installing libreadline (6.3-1) to root…
Downloading http://www.gl-inet.com/openwrt/ramips/2.263/packages/base/libreadline_6.3-1_ramips_24kec.ipk.
Installing libncurses (5.9-2) to root…
Downloading http://www.gl-inet.com/openwrt/ramips/2.263/packages/base/libncurses_5.9-2_ramips_24kec.ipk.
Installing terminfo (5.9-2) to root…
Downloading http://www.gl-inet.com/openwrt/ramips/2.263/packages/base/terminfo_5.9-2_ramips_24kec.ipk.
Configuring terminfo.
Configuring libreadline.
Configuring libncurses.
Configuring softethervpn.
The SoftEther VPN Server service has been started.
The SoftEther VPN Bridge service has been started.
The SoftEther VPN Client service has been started.

 


#5

Do you know that you are wonderful !

Exactly what I needed !

Thank you very much…


#6

Bought my first Ar300M. Liked it so much I bought bought 2 MT300N-V2. Only critique is slowish openVpn performance. In an effort to address that with another VPN I was seeking to install softethervpn so I bought an MT300A when I discovered the packages wouldn’t install on the Mangos.

Worked until firmware upgrade. Tried to reinstall and got error below:

Collected errors:

  • satisfy_dependencies_for: Cannot satisfy the following dependencies for softethervpn:

  •  libreadline *   libncurses *
    

Is there some change that would account for the error above?

Downgraded to 2.6.1 and SoftEtherVpn installs / runs ok.

Update :

After reflashing the latest firmware I was able to re-install SoftEtherVpn. I used Luci to install the prerequisites first. Then I installed the IPK file. I did have to stop and disable the VPNbridge as it interferes with the windows vpnserver manager I was using to set things up. After that all went well.

Being a Linux noob it also took awhile to learn some things in order to get unstuck.

Don’t get hung up on the ./vpncmd 3.tools check cmd failing on network connect (0)as that has to do with vunerableSSL3 which has been disabled in the package intentionally. the install will still work.

 


#7

Hi, tell me please

What a performance softether as a clien?
And on which device and what are the encryption settings.


#8

I could only get the MT300A to cooperate. The MT300NV2 errors out. Something about wrong environment.

Sadly the performance isn’t much better than OVPN. It is better however. The processing power just isn’t enough to provide anything better than 12-15m/s for me. I run 150/10 cable. I get those speeds over wireless.

I was using various encryptions up to SHA256.

I played with various features including connect through icmp/DNS and Nat-T. DDNS also works.

I used an android phone, Windows L2tp, and SoftEtherVpn’s client to connect. From what I gather the client is for SoftetherVpn servers only.

I also tested the ovpn clone feature and it was functional as well. I was able to run both OVPN and softether concurrently which was a surprise.

All and all a versatile software package. It didn’t give the performance gains I was hoping for, but the feature set was worth the time.

Hope this helps.


#9

I managed to install softether vpn client on my MT300N. By using vpncmd I was able to create a network interface, account and connect to a Softether VPN Server.

What should I do next to use softether vpn interface for all outgoing internet connections?


#10

You just need to enter hub name, username and password. Don’t need anything else.

You can refer to this article. https://wordpress.tirlins.com/2015/03/setting-up-softether-vpn-on-openwrt/


#11

I think i was misunderstood. I’m trying to use MT300N as a softether vpn client. On the link that you have sent it’s explaining how to install and setup Softether VPN Server onto the router.


#12
  • Create a connection account

    root@GL-AR750S:/# vpncmd 
    vpncmd command - SoftEther VPN Command Line Management Utility
    SoftEther VPN Command Line Management Utility (vpncmd command)
    Version 4.25 Build 9656   (English)
    Compiled 2018/01/15 09:33:22 by yagi at pc33
    Copyright (c) SoftEther VPN Project. All Rights Reserved.
    
    By using vpncmd program, the following can be achieved. 
    
    1. Management of VPN Server or VPN Bridge 
    2. Management of VPN Client
    3. Use of VPN Tools (certificate creation and Network Traffic Speed Test Tool)
    
    Select 1, 2 or 3: 2
    
    Specify the host name or IP address of the computer that the destination VPN Client is operating on. 
    If nothing is input and Enter is pressed, connection will be made to localhost (this computer).
    Hostname of IP Address of Destination: 
    
    Access has been denied. Possibly the password is incorrect, or perhaps you are connecting by an incorrect 
    admin mode. You can try inputting the password again. To cancel, press Ctrl+D.
    Password: *********
    
    Connected to VPN Client "localhost".
    
    VPN Client>AccountCreate
    AccountCreate command - Create New VPN Connection Setting
    Name of VPN Connection Setting: test
    
    Destination VPN Server Host Name and Port Number: 192.168.17.163:5555
    
    Destination Virtual Hub Name: glinet
    
    Connecting User Name: test1
    
    Used Virtual Network Adapter Name: vpn
    
    The command completed successfully.
    
    
  • Set Account Password and connect to server

    VPN Client>AccountPasswordSet
    AccountPasswordSet command - Set User Authentication Type of VPN Connection Setting to Password Authentication
    Name of VPN Connection Setting: test
    
    Please enter the password. To cancel press the Ctrl+D key.
    
    Password: *********
    Confirm input: *********
    
    
    Specify standard or radius: standard
    
    The command completed successfully.
    
    VPN Client>AccountConnect
    AccountConnect command - Start Connection to VPN Server using VPN Connection Setting
    Name of VPN Connection Setting: test
    
    The command completed successfully.
    
    VPN Client>AccountList
    AccountList command - Get List of VPN Connection Settings
    Item                        |Value
    ----------------------------+----------------------------------------------
    VPN Connection Setting Name |test
    Status                      |Connected
    VPN Server Hostname         |192.168.17.163:5555 (Direct TCP/IP Connection)
    Virtual Hub                 |glinet
    Virtual Network Adapter Name|vpn
    The command completed successfully.
    
    VPN Client>
    
    
  • Add an interface to network uci and restart network

    uci set network.vpn=interface
    uci set network.vpn.ifname='vpn_vpn'
    uci set network.vpn.proto='dhcp'
    uci commit network
    
    /etc/init.d/network restart
    

It should work now.

root@GL-AR750S:/# ifconfig vpn_vpn
vpn_vpn   Link encap:Ethernet  HWaddr 00:AC:84:B1:99:85  
          inet addr:192.168.17.117  Bcast:192.168.17.255  Mask:255.255.255.0
          inet6 addr: fe80::28f4:2aff:fe97:8aa4/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:337 errors:0 dropped:0 overruns:0 frame:0
          TX packets:180 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:42671 (41.6 KiB)  TX bytes:59868 (58.4 KiB)

#13

Thanks. I’ve successfully created the vpn interface by using your steps. However I’m still not able to use the vpn connection for outgoing internet access. All the traffic goes through WAN. When I check my ip address on google it still shows my ip address instead of softether vpn server’s ip. Looks like it needs some ip rules to forward all the outgoing internet traffic through vpn interface.


#14

Could you please execute those commands and show the result in here.

ifconfig
ip route show

#15

VPN Client>accountlist
AccountList command - Get List of VPN Connection Settings
Item |Value
----------------------------±-------------------------------------------------
VPN Connection Setting Name |etherip
Status |Connected
VPN Server Hostname |xxx.xxx.xxx.xxx:443 (Direct TCP/IP Connection)
Virtual Hub |DEFAULT
Virtual Network Adapter Name |vpn
The command completed successfully.

root@GL-MT300N:~# uci set network.vpn=interface
root@GL-MT300N:~# uci set network.vpn.ifname=‘vpn_vpn’
root@GL-MT300N:~# uci set network.vpn.proto=‘dhcp’
root@GL-MT300N:~# uci commit network
root@GL-MT300N:~# /etc/init.d/network restart
root@GL-MT300N:~#

root@GL-MT300N:~# ifconfig
br-lan Link encap:Ethernet HWaddr E4:95:6E:40:E5:4B
inet addr:192.168.8.1 Bcast:192.168.8.255 Mask:255.255.255.0
inet6 addr: fe80::e695:6eff:fe40:e54b%5200904/64 Scope:Link
inet6 addr: fdad:8eba:6e3::1%5200904/60 Scope:Global
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1234 errors:0 dropped:0 overruns:0 frame:0
TX packets:1069 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:231865 (226.4 KiB) TX bytes:373258 (364.5 KiB)

eth0 Link encap:Ethernet HWaddr E4:95:6E:40:E5:4B
inet6 addr: fe80::e695:6eff:fe40:e54b%5200008/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:657521 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:208773449 (199.1 MiB)
Interrupt:5

eth0.1 Link encap:Ethernet HWaddr E4:95:6E:40:E5:4B
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:72 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:12524 (12.2 KiB)

eth0.2 Link encap:Ethernet HWaddr E4:95:6E:40:E5:4C
inet6 addr: fe80::e695:6eff:fe40:e54c%5201160/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:47 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:12542 (12.2 KiB)

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1%5199176/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:5138006 errors:0 dropped:0 overruns:0 frame:0
TX packets:5138006 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:717493796 (684.2 MiB) TX bytes:717493796 (684.2 MiB)

vpn_vpn Link encap:Ethernet HWaddr 00:AC:AC:6B:44:28
inet addr:192.168.30.11 Bcast:192.168.30.255 Mask:255.255.255.0
inet6 addr: fe80::2ac:acff:fe6b:4428%5200616/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:151 errors:0 dropped:0 overruns:0 frame:0
TX packets:140 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:14270 (13.9 KiB) TX bytes:15520 (15.1 KiB)

wlan-sta Link encap:Ethernet HWaddr E4:95:6E:40:E5:4C
inet addr:192.168.1.99 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::e695:6eff:fe40:e54c%5198600/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1219 errors:0 dropped:0 overruns:0 frame:0
TX packets:1356 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:361245 (352.7 KiB) TX bytes:296858 (289.9 KiB)

wlan0 Link encap:Ethernet HWaddr E4:95:6E:40:E5:4D
inet6 addr: fe80::e695:6eff:fe40:e54d%5199720/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1260 errors:0 dropped:0 overruns:0 frame:0
TX packets:1070 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:257680 (251.6 KiB) TX bytes:395679 (386.4 KiB)

root@GL-MT300N:~# ip route show
default via 192.168.30.1 dev vpn_vpn proto static src 192.168.30.11
default via 192.168.1.254 dev wlan-sta proto static src 192.168.1.99 metric 20
192.168.1.0/24 dev wlan-sta proto static scope link metric 20
192.168.1.254 dev wlan-sta proto static scope link src 192.168.1.99 metric 20
192.168.8.0/24 dev br-lan proto kernel scope link src 192.168.8.1
192.168.30.0/24 dev vpn_vpn proto kernel scope link src 192.168.30.11
192.168.30.1 dev vpn_vpn proto static scope link src 192.168.30.11
root@GL-MT300N:~#


#16

It has a default rule for softethervpn, so all data traffic should passthrough it.

You can try to stop and remove mwan3. Execute those commands.

mwan3 stop
opkg remove mwan3 luci-app-mwan3

#17

Unfortunately it didn’t help.
I’ve spotted something. After creating new interface vpn_vpn and restarting it, I checked the account status with vpncmd. It changed from Connected to Connecting.


#18

Did you connect it with vpncmd?


#19

Yes. The connection status of the account is connected on vpncmd. However, once I add vpn interface to network uci and restart network, the connection status on vpncmd changes to Connecting.


#20

But I check your output, there has IP address for vpn_vpn interface, isn’t it?