Local Bridge Setup Softether On CENTOS
Local Bridge Setup Softether On CENTOS
On physical server, local bridge will perform better than SecureNAT DO NOT enable BOTH LOCAL BRIDGE and SecureNAT at the same time !! Packets will loop infinitly and make your server 100% CPU usage.
Local bridge Setup Softether On CENTOS ! Network setup VPN Server IP: 192.168.7.1 VPN Client IP Range: 192.168.7.50-192.168.7.90 (40 Clients ) Tap Device name: tap_soft From here we go to the Local Bridge Setting
www.groundmans.tk
First we choose the Virtual Hub. It should be only one for normal setup. Then we check the tap device box. After that we type in the name of the tap device(I use soft here for simplicity). Create Local Bridge
After the creation of the local bridge we jump back to our server. And run cd /usr/local/vpnserver ifconfig tap_soft
www.groundmans.tk
now, we have to configure the dhcp server on our vps nano /etc/dnsmasq.conf NOTE : If you have VPN over DNS like picture below, input this lines, to the end of page interface=tap_soft dhcp-range=tap_soft,192.168.7.50,192.168.7.90,12h dhcp-option=tap_soft,3,192.168.7.1 port=0 dhcp-option=option:dns-server,8.8.8.8
IF you have VPN OVER DNS DISABLED please just input this : interface=tap_soft dhcp-range=tap_soft,192.168.7.50,192.168.7.90,12h dhcp-option=tap_soft,3,192.168.7.1
www.groundmans.tk
EDIT STARTUP We Have to edit the start up code, to be syncronized with tap_soft nano /etc/init.d/vpnserver
clear the all the lines on page and insert this following lines : #!/bin/sh ### BEGIN INIT INFO # Provides: vpnserver # Required-Start: $remote_fs $syslog # Required-Stop: $remote_fs $syslog # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: Start daemon at boot time # Description: Enable Softether by daemon. ### END INIT INFO DAEMON=/usr/local/vpnserver/vpnserver LOCK=/var/lock/subsys/vpnserver TAP_ADDR=192.168.7.1 test -x $DAEMON || exit 0 case "$1" in start) $DAEMON start touch $LOCK sleep 1 /sbin/ifconfig tap_soft $TAP_ADDR ;; stop) $DAEMON stop rm $LOCK ;; restart) $DAEMON stop sleep 3 $DAEMON start sleep 1 /sbin/ifconfig tap_soft $TAP_ADDR ;; *) echo "Usage: $0 {start|stop|restart}" exit 1 esac exit 0 Then we need to enable NAT on linux server.
www.groundmans.tk
nano /etc/sysctl.conf
======= CHANGE
0 TO 1
Then we add a POSTROUTING rule to iptables iptables -t nat -A POSTROUTING -s 192.168.7.0/24 -j SNAT --to-source [YOUR VPS IP ADDRESS] service iptables save
After all the above setting, restart the vpnserver then we are good to go. service vpnserver restart service dnsmasq restart
www.groundmans.tk
www.groundmans.tk