所谓内网穿透,就是用外部或者家中的电脑访问公司局域网内的设备,实现这种功能的方法有很多,这里用 SoftEtherVPN 实现,原理和方法在官网上有详细描述 https://www.softether.org/4-docs/2-howto/1.VPN_for_On-premise/2.Remote_Access_VPN_to_LAN

简单讲需要三个步骤:

  1. 在公网服务器 (VPS) 上部署 SoftEther VPN Server
  2. 在内网一台计算机上部署 SoftEther VPN Server Manager
  3. 在外部计算机上用 SoftEther VPN Client 访问内网

1. 外网服务器的配置

在官网选择一个合适版本:

当前下载的是 softether-vpnserver-v4.28-9669-beta-2018.09.11-linux-x64-64bit.tar.gz 。解压后得到 vpnserver 文件夹,进入文件夹后执行 make ,按提示输入选项,都输入 1 即可,编译成功后在当前目录下生产可执行文件,直接启动 vpnserver :

$ ./vpnserver start
The SoftEther VPN Server service has been started.
Warning: The current user context is non-root. It is recommended to run the VPN service by the root user. Although the VPN service may run under non-root users, some privilege-required functions (e.g. the local bridge function) need the root privilege.

执行 ./vpnserver stop 就可以停止 vpnserver 。

然后要配置密码:

$ ./vpncmd
vpncmd command - SoftEther VPN Command Line Management Utility
SoftEther VPN Command Line Management Utility (vpncmd command)
Version 4.28 Build 9669   (English)
Compiled 2018/09/11 12:23:27 by yagi at pc33
Copyright (c) SoftEther VPN Project. All Rights Reserved.

By using vpncmd program, the following can be achieved.

1. Management of VPN Server or VPN Bridge
2. Management of VPN Client
3. Use of VPN Tools (certificate creation and Network Traffic Speed Test Tool)

Select 1, 2 or 3: [这里输入 1 ]

Specify the host name or IP address of the computer that the destination VPN Server or VPN Bridge is operating on.
By specifying according to the format 'host name:port number', you can also specify the port number.
(When the port number is unspecified, 443 is used.)
If nothing is input and the Enter key is pressed, the connection will be made to the port number 8888 of localhost (this computer).
Hostname of IP Address of Destination:[这里按回车]

If connecting to the server by Virtual Hub Admin Mode, please input the Virtual Hub name.
If connecting by server admin mode, please press Enter without inputting anything.
Specify Virtual Hub Name:[这里按回车]
Connection has been established with VPN Server "localhost" (port 443).

You have administrator privileges for the entire VPN Server.

VPN Server>[这里输入 ServerPasswordSet ]
ServerPasswordSet command - Set VPN Server Administrator Password
Please enter the password. To cancel press the Ctrl+D key.

Password: [输入密码]
Confirm input: [再次输入密码]

The command completed successfully.

VPN Server>exit

至此,服务器端的配置就结束了,记得在防火墙上打开相应的端口。

2. 内网服务器的配置

以 Windows 系统为例,选择合适的版本:

当前的版本是 softether-vpnserver_vpnbridge-v4.28-9669-beta-2018.09.11-windows-x86_x64-intel.exe ,选择安装 SoftEther VPN Server Manager :

Li Shaocheng. Published under BY-NC-SA
Comments
Write a Comment