yuzhao-razor.blogspot.com

ゴシック†ロリ yuzhao razor

Rabu, 01 Juli 2009

VPN Site to Site Menggunakan VTUN

Pengantar

VTUN (Virtual Tunnel) adalah sebuah VPN (Virtual Private Network) yang sederhana, menggunakan tun device (FreeBSD, OpenBSD, NetBSD) atau tun/tap (Linux, Solaris) untuk menyalin paket-paket stack TCP/IP dan program vtund berjalan di dalam user space. Secara arsitektur, VTUN serupa dengan SSH VPN.

VTUN adalah cara yang paling mudah untuk membuat Virtual Tunnels pada jaringan TCP/IP. Karena mendukung berbagai type tunneling dan menyediakan banyak fitur bermanfaat:

* Enkripsi
* Kompresi
* Traffic shaping

VTUN dengan mudah dan sangat configurable. dapat digunakan untuk berbagai tugas-tugas jaringan antara lain: VPN, Mobile IP, dan lain-lain.

Instalasi VTUN


Sebelum memulai, jgn lupa jadilah super user di machine kalian masing-masing

File-file yg di butuhkan dalam penginstalan vtun ini adalah sebagai berikut:

--------------------------------------------------------------------------------------------------
1. lzo-1.08.tar.gz
2. vtun-2.5.tar.gz
--------------------------------------------------------------------------------------------------

--------------------------------------------------------------------------------------------------
namira# cd /root
namira# mkdir dl
namira# wget tp://ftp.urc.ac.ru/pub/OS/FreeBSD/distfiles/lzo-1.08.tar.gz
namira# wget http://ftp.devil-linux.org/pub/devel/sources/1.0/vtun-2.5.tar.gz
namira# tar zxf lzo-1.08.tar.gz
namira# tar zxf vtun-2.5.tar.gz
namira# cd lzo-1.08
namira# ./configure
namira# make
namira# make check
namira# make test
namira# make install
namira# cd ../vtun-2.5
namira# ./configure -with-lzo-headers=/usr/local/include --with-lzo-lib=/usr/local/lib
namira# make
namira# make install
--------------------------------------------------------------------------------------------------

Ok, Anda telah berhasil menginstall vtun di machine anda. Langkah selanjutnya adalah pembuatan vtund.conf

--------------------------------------------------------------------------------------------------
1 sebagai vtun server
1 sebagai vtun client
--------------------------------------------------------------------------------------------------

--------------------------------------------------------------------------------------------------
namira# cd /usr/local/etc
namira# mv vtund.conf original.vtund.conf
namira# pico vtund.conf
##### VTUND CONFIG SERVER START HERE by Tubagus @ INDOFREEBSD.OR.ID #####
options {
port 5000; # port used to connect with customers
ifconfig /sbin/ifconfig; # path to the ifconfig
route /sbin/route; # path to the route
}

default {
compress lzo:9; # If that does not include support for lzo, it should take
the option value compress no;
speed 0; #speed limit does not exist
}

# Settings, certain blocks in options and default, applies to all
# Remaining blocks

indofreebsd { # # describe client branch
pass indofreebsd; # secret pass secret; # password compounds - the word
secret
type tun; # tun type tun; # type IP tunnel tun
proto udp; # UDP proto udp; # using UDP protocol
encr yes; # encr yes; # include encryption
keepalive yes; # keepalive yes; # maintain a connection

up {
ifconfig “%% 192.168.10.2 192.168.10.1 netmask 255.255.255.255 mtu 1450 up”;
route “add -net 192.168.20.0/24 192.168.10.1″;
};

down {
ifconfig “%% down”;
route “delete 192.168.20.0″;
};
}
##### VTUND CONFIG SERVER END HERE by Tubagus @ INDOFREEBSD.OR.ID #####
--------------------------------------------------------------------------------------------------


Itu salah satu contoh vtund.conf untuk menjadi sebuah vtun server. Sebelum running vtun server di server kalian, coba kalian
lihat dulu ip 192.168.10.1, jgn lupa di add di virtual interface anda. Untuk di server yang lain, yang tepatnya akan menjadi vtun client, cara instalansinya sama aja seperti di atas, namun hanya vtund.conf nya saja yg berbeda. ok here the config file.

--------------------------------------------------------------------------------------------------
<span style="font-weight:bold;">##### VTUND CONFIG CLIENT START HERE by Tubagus @ INDOFREEBSD.OR.ID #####
options {

port 5000; port 5000;
ifconfig /sbin/ifconfig;
route /sbin/route;
}

default {
compress lzo:9;
speed 0;
}

indofreebsd {
pass indofreebsd;
type tun;
proto udp;
encr yes;
keepalive yes;

up {
ifconfig “%% 192.168.10.3 192.168.10.2 netmask 255.255.255.255 mtu 1450 up”;
route “add -net 192.168.30.0/24 192.168.10.2″;
};

down {
ifconfig “%% down”;
route “delete 192.168.30.0″;
};
}

##### VTUND CONFIG CLIENT END HERE by Tubagus @ INDOFREEBSD.OR.ID #####
--------------------------------------------------------------------------------------------------

Ok, itu salah satu config vtun client, dan jgn lupa untuk add ip 192.168.10.1 di virtual interface anda.

Setelah semuanya selesai, lakukan perintah berikut di vtund server anda

--------------------------------------------------------------------------------------------------
namira# vtund -s

lalu di machine vtun client anda lakukan perintah berikut

namira# vtund -p indofreebsd IPVTUNSERVERANDA

Untuk mengecek apakah vtun tersebut sudah jalan lakukan perintah beriktut:

namira# netstat -tan | grep 5000

karena vtun ini berjalan pada port 5000, tapi bisa anda ganti semau kalian juga c, mau port ataupun ip nya, hasilnya akan seperti ini:

namira# netstat -tan | grep 5000
namira# netstat -tan | grep 5000
tcp4 0 0 121.101.Xxx.xxx.55000 202.xxx.xxx.xxx.3128 ESTABLISHED
udp4 0 0 121.101.xxx.xxx.54483 202.xxx.xxx.xxx.5000
namira#

Hal tersebut di check di pada machine vtun client, dan dari vtun server akan seperti berikut:

portal# netstat -tan | grep 5000
tcp4 0 0 *.5000 *.* LISTEN
udp4 0 0 202.xxx.xxx.xxx.5000 121.101.xxx.xxx.54483
portal#
--------------------------------------------------------------------------------------------------

Kemudian check di machine vtun client dan machine vtun server anda, apakah IP-nya sudah saling berhubungan

Contoh dari vtun server:

--------------------------------------------------------------------------------------------------
tun2: flags=8051 mtu 1450
inet6 fe80::21c:f0ff:fe5c:b2fb%tun2 prefixlen 64 scopeid 0xa
inet 192.168.10.2 –> 192.168.10.3 netmask 0xffffffff
Opened by PID 67526
--------------------------------------------------------------------------------------------------

dan ini contoh dari vtun client:

--------------------------------------------------------------------------------------------------
tun0: flags=8051 mtu 1450
inet 192.168.10.3 –> 192.168.10.2 netmask 0xffffffff
Opened by PID 73871
--------------------------------------------------------------------------------------------------

Selesailah bridge networking menggunakan vtun.


fuck to. IndoFreeBSD TEAM
fuck to #Indofreebsd DALnet

Referensi:

http://vtun.sourceforge.net/features.html

9 komentar:

Anonim mengatakan...

Hi just wanted to give you a brief heads up and
let you know a few of the pictures aren't loading correctly. I'm not sure why but I think its a linking issue.
I've tried it in two different browsers and both show the same results.

Take a look at my weblog; drinks zum zunehmen
my web site :: schnelle gewichtsreduzierung

Anonim mengatakan...

I visited multiple sites except the audio feature for audio songs present
at this site is really excellent.

Here is my webpage :: wie importiere ich ein plugin in wordpress

Anonim mengatakan...

Your style is very unique in comparison to other folks I've read stuff from. Thank you for posting when you have the opportunity, Guess I will just book mark this web site.

Have a look at my web blog - Top

Anonim mengatakan...

continuously i used to read smaller posts that also clear their motive, and that is also happening with this post which I
am reading now.

My web-site; ernährung low carb

Anonim mengatakan...

Interesting blog! Is your theme custom made or did you download it from somewhere?
A theme like yours with a few simple tweeks would really make my blog shine.
Please let me know where you got your design. Bless you

Check out my web-site; kohlenhydrate produkte

Anonim mengatakan...

Also make certain that should you are instruction at property to wear suitable footwear as you don't want any excess weight of the dumbell landing on a exposed toe.

Also visit my website: http://www.getfitnstrong.com/adjustable-dumbbells/3-great-adjustable-weights-affordable-prices/

Anonim mengatakan...

Your whole body also are unable to aim on shedding all of that pregnancy pounds
without the need of sufficient h2o possibly.

Also visit my homepage ... click the up coming website

Anonim mengatakan...

The tread belt is smaller sized than on the high-end treadmill, but it
really does have a very two.

My web site - Read Full Report

Anonim mengatakan...

Individuals which have experienced the uncommon concern of bow breakage all report that consumer service was a breeze to
operate with and all warranties had been upheld 100%.



My web page just click the following webpage