Changes

Jump to navigation Jump to search

VPN (view source)

Revision as of 04:23, 13 June 2022

1,897 bytes added ,  2 years ago
Added SOCAT
Line 1,040: Line 1,040:     
Calling tinc with -k or --kill option will cause it to automatically unregister itself.
 
Calling tinc with -k or --kill option will cause it to automatically unregister itself.
 +
 +
== SOCAT ==
 +
SOCAT can be used to create a simple virtual network between two hosts using UDP and TUN devices. 
 +
 +
'''Note: It is possible to use TCP for this as well, but without the nodelay option it might cause problems.  You can also replace UDP with DTLS to add security to the connection.'''
 +
 +
*IP addresses used in this example:
 +
{| class="wikitable" style="text-align: center; width: 35%"
 +
! Host
 +
! Address
 +
! Mask
 +
|-
 +
| Physical server address
 +
| 1.2.3.4
 +
| N/A
 +
|-
 +
| Physical client address
 +
| N/A
 +
| N/A
 +
|-
 +
| TUN device on server
 +
| 192.168.255.1
 +
| 255.255.255.0
 +
|-
 +
| TUN device on client
 +
| 192.168.255.2
 +
| 255.255.255.0
 +
|}
 +
 +
Note: UDP connections will use PORT 11443.
 +
 +
=== Create TUN devices ===
 +
*TUN Server<syntaxhighlight lang="text">
 +
socat -d -d UDP-LISTEN:11443,reuseaddr TUN:192.168.255.1/24,up</syntaxhighlight>
 +
 +
*TUN Client<syntaxhighlight lang="text">
 +
socat UDP:1.2.3.4:11443 TUN:192.168.255.2/24,up</syntaxhighlight>
 +
 +
Executing these two commands will result in a connection being established from the client to the server via TUN devices.
 +
 +
=== Troubleshooting ===
 +
The following are common errors that you may encounter when using SOCAT to create a VPN.
 +
*Missing TUN/TAP Support<syntaxhighlight lang="text">
 +
... E unknown device/address "tun"</syntaxhighlight>
 +
 +
The SOCAT binary probably does not provide TUN/TAP support.  Reasons include not using Linux and using an older version of SOCAT.
 +
 +
*Missing Kernel Support<syntaxhighlight lang="text">
 +
,,, E open("/dev/net/tun", 02, 0666): No such file or directory</syntaxhighlight>
 +
 +
This incidates that your kernel does not have TUN/TAP support compiled in.
 +
 +
*TUN Cloning Device Permissions<syntaxhighlight lang="text">
 +
... E open("/dev/net/tun", 02, 0666): Permission denied</syntaxhighlight>
 +
 +
This indicates that you do not have sufficient permission to read or write to the TUN cloning device.  Check the device's permssions and ownership.
    
== SoftEther ==
 
== SoftEther ==
Retrieved from "http://wiki.pttlink.org/wiki/Special:MobileDiff/12346"

Navigation menu