EdgeRouter PPTP/L2TP Firewall Modify

AUTO_VPN 是我的规则名称 /config/scripts/post-config.d/auto_vpn_fw_modify 需要加执行权限 Link to this post!

EdgeRouter PPtP Server访问本地DNS服务

UBNT EdgeRouter 自带了PPTP Server,典型的配置方法是

官方参考guide: https://help.ubnt.com/hc/en-us/articles/205220840-EdgeMAX-PPTP-VPN-with-local-users-RADIUS 这个案例里,我的路由eth0是LAN口,eth0的IP是 192.168.100.1,这个配置下我的pptp客户端能正常访问到我的内网的机器。 但是如果我需要把DNS设成 192.168.100.1,DNS请求就会一直没响应。 路由端抓 UDP 53 的包,可以看到pptp客户端发出的dns请求,但是没有回包。 看了眼/etc/dnsmasq.conf:

man dnsmasq -i, –interface= Listen only on the specified interface(s). Dnsmasq automatically adds the loopback (local) interface to the list of interfaces to use when the –interface option is used. If no –interface or –listen-address options are given … Continue reading “EdgeRouter PPtP Server访问本地DNS服务”

EdgeRouter OpenVPN Connectivity Monitor

VPN protocols are censored and blocked in China. I’ve set up an PPTP client and a Site-to-site OpenVPN connection on my EdgeRouter Lite. PPTP is insecure and is easier to censor, so I’ve removed PPTP client from my router. OpenVPN is better than PPTP, not only secured, but also much more stable. But traffics are … Continue reading “EdgeRouter OpenVPN Connectivity Monitor”

EdgeRouter DNAT for Remote Socks Proxy Server

I set up an HAProxy for socks 5 proxy server on my edgerouters, listening on 0.0.0.0:31080, forwarding to proxy server tunneled at 10.99.99.2:31080. You can find it: UBNT VPN + Socks5 代理. I chose this because of failure on setting destination NAT. The BAD thing is, HAProxy DOES NOT SUPPORT UDP. If I set foxyproxy … Continue reading “EdgeRouter DNAT for Remote Socks Proxy Server”

Set up OpenVPN Site-to-Site on UBNT EdgeRouter Lite

参考:https://help.ubnt.com/hc/en-us/articles/204949694-EdgeMAX-OpenVPN-Site-to-Site 不同的是,我一端是Ubuntu Linux,另一端是EdgeRouter Lite。 实现的目的也是让EdgeRouter连上远程vpn实现XXXX。 PPTP的方案参考:EdgeOS PPTP VPN客户端配置 环境 Ubuntu Linux, 10.99.99.2 EdgeRouter Lite, 10.99.99.1 配置EdgeRouter Lite SSH到Ubnt EdgeRouter Lite 生成共享密钥文件

执行命令创建VPN

执行命令启用NAT

如果需要重启tunnel

配置Linux 安装openvpn

把EdgeRouter的 /config/auth/secret 复制到 /etc/openvpn/er-site2site-static.key 编辑 /etc/openvpn/server.conf

启动openvpn

测试 在EdgeRouter ping Linux

在Linux ping EdgeRouter

如果还有问题,可以看日志 配置路由 参考下一篇文章 UBNT EdgeOS 配置设备路由(interface-route)的方法 … Continue reading “Set up OpenVPN Site-to-Site on UBNT EdgeRouter Lite”