Using AWS Linux setup an L2TP/IPSEC Soft Ether VPN
Consider HVM (SSD) EBS-Backed 64-bit m3.medium
-
us-east-1 => ami-1ecae776
-
Updates and dependencies
sudo yum -y update
sudo yum -y upgrade
sudo yum -y install docker git wget
- (Optional) Install ddclient to be able to set a friendly name at the DDNS
sudo rpm -ivh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
sudo yum install --enablerepo=rpmforge ddclient
- Start up docker
sudo service docker start
sudo usermod -a -G docker ec2-user
- Log out and log back in again to pick up the new docker group permissions
docker info
docker version
- Start up a docker container from the siomiz/softether image
SECRET=$(cat /dev/urandom | tr -dc 'A-Za-z0-9' | fold -w 20 | head -n 1)
export USERNAME=USERNAME
export PASSWORD=PASSNAME
# startup a softether container
#docker run -d -p 500:500/udp -p 4500:4500/udp -p 1701:1701/tcp -e PSK=$SECRET siomiz/softethervpn
docker run -d -p 500:500/udp -p 4500:4500/udp -p 1701:1701/tcp --name dockvpn -e PSK=$SECRET -e USERNAME=$USERNAME -e PASSWORD=$PASSWORD siomiz/softethervpn
# print out the psk, password and username that were created
# use in a L2TP over IPSEC VPN Client
echo PSK=$SECRET && docker logs `docker ps | grep -oh "[a-z\d]*_[a-z\d]*"`
echo PSK=$SECRET && docker logs `docker ps dockvpn`
- (Optional) Work with docker container which is running the VPN server.
# bash into the container
docker exec -i -t `docker ps | grep -oh "[a-z\d]*_[a-z\d]*"` bash
cat /opt/server_log/vpn_[yyyymmdd].log
exit
# stop the VPN contianer
docker stop `docker ps | grep -oh "[a-z\d]*_[a-z\d]*"`