Меню Рубрики

Установка neorouter server linux

NeoRouterWiki:ServerSetup

From NeoRouterWiki

Contents

Setup NeoRouter Server

Please setup NeoRouter server on only one computer within a physical network. On all other computers, please setup the NeoRouter client.

Understand your options

Option 1 NeoRouter server for Windows: It requires a PC or a Home/Small Business server that is always powered on, has stable Internet connection and running Windows XP SP2 or above.

Option 2 NeoRouter server for Linux: We currently support all major distros.

Option 3 NeoRouter server for Linux-based firmware, like Tomato, OpenWrt.

Install NeoRouter server for Windows

1. Visit http://www.neorouter.com/Downloads.html and download NeoRouter Standard Edition for Windows.

2. Run the installation wizard you have just downloaded, choose NeoRouter server, and click the Next button.

3. Setup a domain name that can uniquely identify your virtual LAN. You will need to enter the domain name in the «log on to» box during sign in. ee sign in for details.

4. Setup the administrator account for your domain. You will need to enter the username and password during signin. See sign in for details.

5. For secure purpose, it’s highly recommended to setup your router to enable port forwarding to the NeoRouter server at TCP port 32976 for remote client connections.

NeoRouter server supports Universal Plug and Play (UPnP) as well. On Windows 2000/2003/XP, you can use UPnP instead of port forwarding.If the server PC is behind a residential router, you need to ensure UPnP is enabled on the router.

If your router does not support UPnP, please add a static port forward entry.

Install NeoRouter server for Linux

1. Visit http://www.neorouter.com/Downloads.html and download NeoRouter Server for your Linux distribution.

  • Ubuntu & Debian: sudo dpkg -i nrserver- — .i386.deb
  • Fedora & SUSE: sudo rpm -i nrserver- — .i386.rpm

Note — OpenSSL on Fedora: NeoRouter is compiled using openssl 0.9.8g on Fedora 9. If you have an older version of Fedora, please upgrade the openssl package. You may also need to add the following symbol links:

In a terminal, run command «sudo nano /etc/sysconfig/iptables», add «-A INPUT -m state —state NEW -m tcp -p tcp —dport 32976 -j ACCEPT» before «COMMIT».

  • SUSE:
    • a. Launch firewall configuration tool
    • b. Choose «Allowed Services» in the left panel
    • c. Choose «External Zone» in the first drop-down box
    • d. Choose «NeoRouter server» in the second drop-down box
    • e. Click «Add» button
    • f. Click «Next»
    • g. Click «Finish» to save the changes
  • Ubuntu does not support firewall by default.

If you have any firewall enabled then it’s best to read its manual how to open the ports. The default port of the NeoRouter server is 32976 TCP.

  • a. GUI wizard method: Use NR Configuration Explorer to configure your nrserver. Currently Configuration Explorer is only available on Windows. (NR Web Console is available on other platforms since v2.x)
    • i. Install NeoRouter client for Windows on a Windows PC in the same LAN.
    • ii. Launch NeoRouter Configuration Explorer, enter your Linux user in the username field the IP address of the Linux server in «log on to» field. Proceed to sign in.
    • iii. Now the Configuration Explorer is connected to nrserver on your Linux box so that we can change the settings.
    • iv. Optionally, choose the settings tab, and edit domain. More details
      • NeoRouter domains function like a dynamic DNS server. A NeoRouter client can connect to a registered domain rather than the server’s IP. This domain registration is updated once an hour, and helps with servers that change their public IP address on the Internet.
    • v. You can Sign In via NeoRouter Network Explorer or configuration console using the same account you use to sign into Linux.
  • b. Command line method:
    • i. nrserver -showsettings
    • ii. nrserver -setdomain myPrivateNetwork myDomainPassword
    • iii. Optional step to change VPN network IP range: nrserver -dhcp 10.1.1.0 255.255.255.0
    • iv. nrserver -showsettings
    • v. nrserver -showusers
    • vi. nrserver -adduser serverbox password admin
    • vii. nrserver -adduser jdoe password admin
    • viii. nrserver -adduser bsmith password user
    • ix. nrserver -showusers

5. Install the appropriate NeoRouter client package on a workstation and attempt to log into the network via one of the users previously created. More details

6. Optionally, install the NeoRouter client package on the same machine running the NeoRouter server package. This allows VPN users to connect with other services hosted by the same computer as the NeoRouter server.

Install NeoRouter server for OpenWrt

  • OpenWrt is an open source project and you can find the source code from http://openwrt.org/
  • NeoRouter server is fully tested on LinkSys WRT54GL and Asus WL-520GU with Kamikaze 8.09.
  • NeoRouter server should work on all broadcom based routers. We will be happy to support other platforms, and you can post your request at our forum.

1. Connect to the router using ssh or telnet

2. Update available install packages using command

4. Edit firewall setting for the NeoRouter server listening port.

Edit /etc/firewall.user and add the following:

5. Install NeoRouter client on any Windows computer, run NeoRouter Configuration Explorer to log on to the router using the router’s root account and password, then configure the domain information.

6. Setup Domain and User Accounts: see instructions under «Install NeoRouter server for Linux».

Читайте также:  Установка загрузчика на dreambox

Install NeoRouter server for Tomato firmware

  • OpenWrt is an open source project and you can find the source code from http://www.polarcloud.com/tomato
  • NeoRouter server is fully tested on Asus WL-500gp. (Minimum flash 8MB)

NeoRouter server for Tomato is provided as a custom build of the full tomato firmware in TRX format. You can download the TRX file from from http://www.neorouter.com/Downloads.html.

Please visit OpenWRT Wiki for instructions on flashing your router with TRX.

2. In tomato UI – Administration – Jffs2, enable jffs and format if needed

3. In tomato UI – Administration – scripts – WAN up,

5. Setup Domain and User Accounts: see instructions under «Install NeoRouter server for Linux».

  • By default, our built-in script can automatically open firewall for the tomato router’s LAN IP address. But if you are using v0.9.4.881 or older AND you have changed the default LAN IP address from 192.168.1.1 to a different LAN IP Address, you need to edit firewall setting manually to open up the listening port for NeoRouter.

In tomato UI – Administration – scripts – Firewall, add following lines:

Note: If your box is not a fresh new router, some other rules may affect the lines above and it may not be able to work. In this case, you may want to use the following rules:

In some cases, the computers behind the Tomato box cannot use the NeoRouter domain name or public IP address of the router to connect to the NeoRouter server. You can use port forwarding to map the listen port (32976) to the local IP address of the router as well. For example, your router has Internet IP (202.xxx.xxx.xxx) and local IP address (192.168.1.1), you can create a port forward record to map 32976 to local 192.168.1.1, so that the computers behind the router can work.

  • If you have trouble signing into NeoRouter Network Explorer from a remote client, please try DISABLE the Inbound Connection Logging.

In tomato UI — Status — Logs — Logging Configuration, disable Inbound Connection

Install NeoRouter server for Fonera firmware

Please see dedicated page here.

Install NeoRouter server for Mac

1. Visit http://www.neorouter.com/Downloads.html and download NeoRouter server for Mac.

2. Uninstall previous version, if needed:

  • sudo /Library/NeoRouter/rmnrserver.sh
  • rmnrclient.sh can optionally remove user data. All NeoRouter user data is written to /usr/local/ZebraNetworkSystems/NeoRouter.
  • Double-click nrserver- — .tar.gz to expand it, then double-click on the nrserver- — .mpkg to launch installer wizard.

NeoRouter is installed under /Library/NeoRouter folder. nrserver will automatically start after installation and every time OS starts.

  • Tip: Manually start/stop nrserver

0.9.9 uses launchd. Use «launchctl remove com.neorouter.nrserver» take over control from launchd. Then you can run «sudo /Library/NeoRouter/nrserver» or «sudo killall nrserver»

0.9.8 uses startup items. Use «/Library/StartupItems/nrservice/nrservice «.

5. Setup Domain and User Accounts: see instructions under «Install NeoRouter server for Linux».

Install NeoRouter server for FreeBSD

1. Visit http://www.neorouter.com/Downloads.html and download NeoRouter server for FreeBSD.

4. cd /tmp; tar zxvf nrserver*.tgz

  • To uninstall NeoRouter server for FreeBSD

Command Line Interface

From v0.9.9, the server executable supports more command line parameters for maintaining the settings. It’s very useful for the Linux/Mac/in-a-box users, who don’t have a Windows system to run the Configuration Explorer. With these commands, they can set most settings defined in the Configuration Explorer.

-setalias COMPUTERNAME ALIAS

User Access Auditing

NeoRouter Professional Edition (v1.2.0+) supports audting feature. It allows administrator to trace the user access activies, such as sign in, sign out and so on. In v1.2.0, it logs the auditing information to a file. By default, this feature is disabled.

The parameters controlling auditing feature is defined in Feature.ini

1. Enable or disable auditing

2. Specify the audit log file location

AuditLogFileLocation=[path of the log file]

By default, the audit log file is located in the main configuration folder and the file name is in the format:

Note: the folder specified must exist.

3. Specify max number of lines in log file

If it’s 0 (zero), all information will be put in a single audit log file. By setting the max number of lines in each log file, it will split the information into several files.

источник

NeoRouterWiki:ClientSetup

From NeoRouterWiki

Contents

Setup NeoRouter Client

Install NeoRouter Client for Windows

1. Visit http://www.neorouter.com/Downloads.html and download NeoRouter Free for Windows.

2. Run the installation wizard you have just downloaded, choose NeoRouter Network Explorer, and click Next.

3. (Vista Only) you may be prompted with a security warning. NeoRouter setup is installing a virtual LAN network driver which is not yet certified by Microsoft. NeoRouter is guaranteed to be free of spyware, adware or virus. This driver component is essential to NeoRouter and please allow the setup to continue.

For more information on Windows Logo program, please visit: http://www.microsoft.com/whdc/winlogo/default.mspx

Rant: Microsoft is notorious for charging a large fee for its Windows Logo program. This prohibits start-up companies like us from becoming certified.

4. If your computer is behind an ISA firewall, please read NeoRouterWiki:ClientSetupISAFirewall. Most users can skip this step.

Install NeoRouter Client for Linux

1. Visit http://www.neorouter.com/Downloads.html and download NeoRouter Client for your Linux distribution.

Читайте также:  Установка карбюратор к60в крот

2. Uninstall previous version, if needed:

  • Ubuntu & Debian: sudo dpkg -r nrclient
  • Fedora, RedHat & SUSE: sudo rpm -e nrclient
  • Fedora, RedHat & SUSE: You may need to disable outbound firewalling to allow NeoRouter client service (nrservice) to establish a P2P connection. Otherwise nrservice will establish routed connection via server.
  • More info on NAT traversal and STUN:
  • Use one of the following commands as appropriate to connect with a running NeoRouter server:
    • nrclientcmd -d localhost -u serverbox -p password
    • nrclientcmd -d NRserverIP -u jdoe -p password
    • nrclientcmd -d NRregisteredDomain -u jdoe -p password
  • Ubuntu & Debian:
    • /etc/init.d/nrservice.sh restart
    • ifconfig nrtap
  • Fedora (and likely others):
    • systemctl restart nrservice
    • ifconfig nrtap

nrclient contains two executables: nrservice and nrclientcmd. nrservice will automatically start after installation and every time Linux starts. Run nrclientcmd to log in your virtual LAN.

Install NeoRouter Client for Mac

1. Visit http://www.neorouter.com/Downloads.html and download NeoRouter Client for Mac.

2. Uninstall previous version, if needed:

  • sudo /Library/NeoRouter/rmnrclient.sh
  • rmnrclient.sh can optionally remove tuntap driver and NeoRouter user data
  • All NeoRouter user data is written to /usr/local/ZebraNetworkSystems/NeoRouter
  • Please first install the latest tuntap driver from http://tuntaposx.sourceforge.net/download.xhtml.
  • Double-click nrclient- — .tar.gz to expand it, then double-click on the nrclient- — .mpkg to launch installer wizard.

NeoRouter is installed under /Library/NeoRouter folder. In the folder you can find two executables: nrservice and nrclientcmd. nrservice will automatically start after installation and every time OS starts. Run nrclientcmd to log in your virtual LAN.

You can also create a desktop shortcut to nrclientcmd using this command: «ln /Library/NeoRouter/nrclientcmd

/Desktop». Then you can launch nrclientcmd by simply double-clicking on the shortcut icon.

  • Tip: Manually start/stop nrservice

0.9.9 uses launchd. Use «launchctl remove com.neorouter.nrservice» take over control from launchd. Then you can run «sudo /Library/NeoRouter/nrservice» or «sudo killall nrservice».

0.9.8 uses startup items. Use «/Library/StartupItems/nrservice/nrservice «.

Install NeoRouter client for FreeBSD

1. Visit http://www.neorouter.com/Downloads.html and download NeoRouter client for FreeBSD.

4. cd /tmp; tar zxvf nrclient*.tgz

  • To uninstall NeoRouter client for FreeBSD

Install NeoRouter Client for OpenWrt

  • OpenWrt is an open source project and you can find the source code from http://openwrt.org/
  • NeoRouter Client is fully tested on Asus WL-520G Premium v2 with Kamikaze 8.09.
  • NeoRouter Client should work on all broadcom based routers with >=8MB flash. We will be happy to support other platforms, and you can post your request at our forum.

1. Connect to the router using ssh or telnet

2. Update available install packages using command

Warning: this will disable the firewall on this device to allow P2P NAT traversal. Only do this if this device is not on the public network, or this change may compromise its security. (I use my WL-500GP v2 as a NAS. It is behind my public-facing router, so it is fully protected from intruders).

If this device is your public-facing router, then skip this step. NRClient will connect to peers using relay-mode. It’s a bit slower, but the device has the full firewall protection.

To drop firewall and enable P2P, you can edit /etc/firewall.user and add the following:

Run /usr/bin/nrclientcmd and join your NeoRouter domain.

6. Turn your router into a file or backup server (Optional)

Because NeoRouter is so small, you have plenty of space left on the flash for other packages.

You can enable USB storage and Samba server, and your router will become a file server. You can even install rsync and turn it into a backup server. NeoRouter’s remote access and VPN service will allow you to securely access the files from anywhere.

This solution is a lot cheaper than Small Business server or Windows Home server.

источник

Need For Bits

System Administrator / TI Manager / Ubuntu-Debian Power User

NeoRouter VPN: How configure a server and client on Debian based (Ubuntu/Debian/Raspbian)

NeoRouter is a Freeware software and the ideal Remote Access and VPN solution for small businesses and home. It helps you manage and connect to all your computers from anywhere. It gracefully integrates Remote Access, File Sharing, Virtual Private Network, User and Access Management.

Many small businesses or homes have high-speed internet and multiple computers, and users are facing challenges like remote access, directory management and network security. To solve similar problems at large enterprises, skilled administrators can deploy very expensive and complex tools like VPN, domain controller and corporate firewall. But small business or home users do not have the right tools that fit their needs.

How Works

NeoRouter solution includes two components: Server and Client. You may want to install a server and multiple clients, so that these clients can connect each other though a secure communication channel.

Features and Characteristics

Cross-platform – Support Windows, Mac OSX, FreeBSD, Android, Linux (all major distros), Raspbian and router firmwares (Tomato and OpenWRT).

Security – Make your connections encrypted – NeoRouter uses the SSLv3/TLS (AES-256) to provide a secure communication channel between NeoRouter Server and each Client while using a variation algorithm (RSA 2048bit + DH + AES-256) between clients (P2P – peer-to-peer).

Improvement of VPN – NeoRouter improves VPN speed relaying traffic through to your router instead of a central server. You can run your own server independently and no traffic is relayed through a third-party server.

Читайте также:  Установка замка 800 руб

P2P – NeoRouter can setup direct peer-to-peer (P2P) connection between computers. When direct P2P connection is impossible (e.g. your computer is behind a corporate firewall), NeoRouter relays the network traffic through your own router.

Bypass Corporate Firewalls – Allows you to bypass corporate firewalls that block P2P traffic, similar applications (e.g. Hamachi) get around firewalls routing traffic through a central server that can be at times slow depending on the number of users. Proxy support allows you access your virtual network behind proxy servers that support HTTP Proxy, SOCKS4 and SOCKS5 protocols.

Easy to monitor and admin – Monitor computer status in a click using the NeoRouter Network Explorer and for administrate using the NeoRouter Configuration Explorer.

Remote Wakeup – Also known as Wake-on-LAN (WOL) support. When a client connects to the network, it will wake the computer and will be fully functional. Remark: works since these machines are on same LAN as the NeoRouter Server. The NeoRouter Server will send the magic packet.

No Internet Threat Expositions – No need to remember the computer IP address and expose the port to the Internet. So no expose to cyber attacks threats!

Bridge Network – NeoRouter also have support to Network Bridge witch allows to create point-to-site VPN, site-to-site VPN or even multiple site-to-site networks. [Not tested yet – add to my do list]

NeoRouter Client – runs on Windows (Win 7/8/10/Vista/XP/2008/2003/2000), Mac OSX (x86 Leopard/Snow Leopard, PPC Tiger), FreeBSD i386 and x64, Linux i386 and x64 (Redhat/Fedora/CentOS, Ubuntu/Debian, SuSE), Linux-based router firmware (Tomato, OpenWRT Kamikaze, Fonera) and Android v1.6+.

The NeoRouter Server and Client software are freeware but not open source!

Limitations of Free Version

  • You can interconnect up to 256 devices at no cost
  • No customization of NeoRouter Client (Branding)
  • No access to built-in Firewall, Packet Filter (as default will block broadcast and multicast packets), User Access Audit (Access Logs), Spoke-and-hub networking and create more Subnets

NeoRouter Server

Environments tested

Requirements

  • Debian based Linux distro (Debian/Ubuntu/Raspbian)
  • Configure router/modem (ISP) or firewall for port-forwarding, if necessary
  • Access to Internet ;-D

Create a “free” NeoRouter domain (private network)

For this, create on this URL:

Recommendation: Use a strong password (and secure) with at least 15 characters (I use 28 characters password – the maximum of password length allowed by the service) for your private network generate from LastPass – Password Generator or Secure Password Generator to secure your network. And store this password on a safe place.

Install NeoRouter Server (nrserver)

Download & Install nrserver – As of this writing, the newest version is v2.3.1.4360 (get the URL for the latest NeoRouter Free Server version on NeoRouter Free v2 > Linux, choose server version). Let’s start:

On Debian (x64) [requirement]:

Configure nrserver, set the domain for your NeoRouter server

Simply follow the steps from nrsetup:

Setup NeoRouter Domain

Setup Administrator Account

Setup Port Forward as necessary

This step is only necessary if your server host is behind a router or firewall. We need to expose the NeoRouter server port (port 32976) to Internet so server can accept incoming connections from the NeoRouter clients. If you are using NeoRouter in-a-box version and your router is directly connected to the cable/DSL modem, this step is unnecessary.

Search on Google for “how to port forward” or some other mean to do this because have one zillion of routers – ways to do that. A very nice reference to start is this site: How To Forward a Port.

After configure (or not, conform necessary) verify/test the NeoRouter Server connectivity is really working:

Create a user/admin account for ensure access

This user will be used for access your NeoRouter private network using the client version of NeoRouter. Create how many users as you need.

From NeoRouter Web Console [more easy method]

NeoRouter Web Console is web version of NeoRouter Configuration Explorer and provides full configuration features. You need a user with admin rights:

Then go on “User Accounts” and add, edit and remove Users.

From terminal

For create a administrative user (remove computers, create groups, etc):

For create a user, only for add computers in network and access the network:

Sample of Successful output:

NeoRouter Client (NeoRouter Network Explorer)

Requirements

  • Debian based Linux distro (Debian/Ubuntu/Raspbian) – Remember, it also work on many another platforms.
  • Access to Internet ;-D
  • Don’t need open any port

Install NeoRouter Client Service on Ubuntu/Debian/Raspbian

As of this writing, the newest version is v2.3.1.4360 (get the URL for the latest NeoRouter version on NeoRouter Free v2 > Linux). Let’s start:

On Debian (x64) [requirement]:

Configure/Register the Client

Linux via GUI, using the NeoRouter Network Explorer:

Enter your NR domain name, user name and password information and get access to your NeoRouter VPN easily:

» data-medium-file=»https://needforbits.files.wordpress.com/2016/12/neorouter-network-explorer-sigin-login.png?w=158″ data-large-file=»https://needforbits.files.wordpress.com/2016/12/neorouter-network-explorer-sigin-login.png?w=212″ src=»https://needforbits.files.wordpress.com/2016/12/neorouter-network-explorer-sigin-login.png?w=328&h=621″ w/>

» data-medium-file=»https://needforbits.files.wordpress.com/2016/12/neorouter-network-explorer-computerlist.png?w=158″ data-large-file=»https://needforbits.files.wordpress.com/2016/12/neorouter-network-explorer-computerlist.png?w=212″ src=»https://needforbits.files.wordpress.com/2016/12/neorouter-network-explorer-computerlist.png?w=327&h=621″ w/>

From terminal using the nrclientcmd:

Note: Remember, the NR-server-local-IP also can be your public IP address (from internet) or your domain (or DDNS).

источник

Добавить комментарий