{"id":2373,"date":"2020-03-29T20:04:15","date_gmt":"2020-03-29T11:04:15","guid":{"rendered":"https:\/\/www.oji-koji.com\/?p=2373"},"modified":"2020-04-19T20:50:07","modified_gmt":"2020-04-19T11:50:07","slug":"l2tp%e5%af%be%e5%bf%9cvpn%e3%82%b5%e3%83%bc%e3%83%90%e3%82%92%e7%ab%8b%e3%81%a6%e3%82%8b","status":"publish","type":"post","link":"https:\/\/www.oji-koji.com\/?p=2373","title":{"rendered":"L2TP\u5bfe\u5fdcVPN\u30b5\u30fc\u30d0\u3092\u7acb\u3066\u308b(2020\/04\/19\u66f4\u65b0)"},"content":{"rendered":"\n<p class=\"program_discription\">\u30c6\u30ec\u30ef\u30fc\u30af\u304c\u63d0\u5531\u3055\u308c\u3066\u3044\u308b\u306e\u3067\u3001\u81ea\u5b85\u306b\u3082VPN\u30b5\u30fc\u30d0\u3092\u7acb\u3066\u308b\u3053\u3068\u306b\u3057\u307e\u3057\u305f\u3002<br>\u3053\u308c\u3067\u3001\u606f\u5b50\u304c\u30de\u30ec\u30fc\u30b7\u30a2\u3067\u5b8c\u5168\u81ea\u5b85\u5f85\u6a5f\u306a\u306e\u3067\u3001VPN\u7d4c\u7531\u3067\u65e5\u672c\u306e\u756a\u7d44\u3092\u307f\u308b\u3053\u3068\u304c<br>\u3067\u304d\u308b\u3067\u3057\u3087\u3046\u3002<br>\u307e\u305f\u3001\u5916\u51fa\u5148\u304b\u3089\u30ef\u30f3\u30b3\u306e\u30e9\u30a4\u30d6\u6620\u50cf\u3082\u898b\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002<br>\u3055\u3066\u3001VPN\u30b5\u30fc\u30d0\u3092\u3069\u3046\u7acb\u3066\u308b\u304b\u3067\u3059\u304c\u3001\u81ea\u5b85\u306b\u3042\u308b\u30eb\u30fc\u30bf(IO\u30c7\u30fc\u30bf\u3001\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc)\u306f<br>\u6b8b\u5ff5\u306a\u304c\u3089PPTP\u306b\u3057\u304b\u5bfe\u5fdc\u3057\u3066\u3044\u306a\u304f\u3066\u3001iPhone\u3084iPad\u304b\u3089\u3064\u306a\u304c\u308a\u307e\u305b\u3093\u3002<br>L2TP\u306b\u5bfe\u5fdc\u3057\u305fVPN\u30b5\u30fc\u30d0\u3092\u305f\u3066\u306a\u3051\u308c\u3070\u306a\u308a\u307e\u305b\u3093\u3002<br>\u3068\u3044\u3046\u3053\u3068\u3067\u3001\u56f0\u3063\u305f\u3068\u304d\u306eRaspberryPi\u3068\u3044\u3046\u3053\u3068\u3067\u3001RaspberryPi\u306bSoftEther\u3092<br>\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3059\u308b\u3053\u3068\u306b\u3057\u307e\u3057\u305f\u3002<\/p>\n\n\n\n<p class=\"program_discription\">RaspberryPi\u304c\u52d5\u3044\u3066\u3044\u3066\u3001ssh\u304c\u4f7f\u3048\u308b\u3068\u3044\u3046\u524d\u63d0\u3067\u5968\u3081\u307e\u3059<br>\u307e\u305f\u3001\u56fa\u5b9a\u306eIP\u30a2\u30c9\u30ec\u30b9\u3092\u632f\u3063\u3066\u304a\u3044\u3066\u304f\u3060\u3055\u3044\u3002<br>SoftEther\u306e\u8a2d\u5b9a\u306fGUI\u3067\u3084\u308b\u306e\u304c\u4fbf\u5229\u306a\u306e\u3067Windows\u7248\u306e\u7ba1\u7406\u30de\u30cd\u30fc\u30b8\u30e3\u3092<br> \u4f7f\u3046\u3053\u3068\u306b\u3057\u307e\u3059\u3002<\/p>\n\n\n\n<p class=\"program_discription\"><strong>\u3010SoftEther\u306e\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3011<\/strong><br>\u6700\u65b0\u7248\u3092\u63a2\u3059\u306e\u304c\u3079\u3093\u308a\u306a\u306e\u3067\u30d1\u30bd\u30b3\u30f3\u3067\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3057\u307e\u3059<br>https:\/\/www.softether-download.com\/ja.aspx?product=softether<br>\u304b\u3089\u6b21\u306e\u3088\u3046\u306b\u9078\u3093\u3067\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3057\u307e\u3059\u3002<br>\u3000\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\uff1aSoftEther VPN<br>\u3000\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\uff1aSoftEther VPN Server<br>\u3000\u30d7\u30e9\u30c3\u30c8\u30d5\u30a9\u30fc\u30e0\uff1aLinux<br>\u3000CPU\uff1aARM EABI(32bit)<\/p>\n\n\n\n<p class=\"program_discription\"><strong>\u3010SCP\u306a\u3069\u3067RaspberryPi\u30d8\u8ee2\u9001\u3011<\/strong><br>RaspberryPi\u3067SCP\u306a\u3069\u3092\u4f7f\u3063\u3066\u8ee2\u9001\u3057\u307e\u3059\u3002<\/p>\n\n\n\n<p class=\"program_discription\"><strong>\u3010RaspberryPi\u306bSoftEther\u3092\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3011<\/strong><br>\u5148\u305a\u306f\u5c55\u958b\u3057\u307e\u3059<\/p>\n\n\n\n<p class=\"source_code\">$ tar xf softether-vpnserver-v4.34-9744-beta-2020.03.20-linux-arm_eabi-32bit.tar.gz<\/p>\n\n\n\n<p class=\"program_discription\"><strong>\u3010\u5c55\u958b\u3057\u305f\u3082\u306e\u30d3\u30eb\u30c9\u3057\u307e\u3059\u3011<\/strong><\/p>\n\n\n\n<p class=\"source_code\">$ cd vpnserver\n$ make<\/p>\n\n\n\n<p class=\"program_discription\"><strong>\u3010\/usr\/local\u3078\u30b3\u30d4\u30fc\u3057\u3066\u30d1\u30fc\u30df\u30c3\u30b7\u30e7\u30f3\u306e\u5909\u66f4\u3057\u307e\u3059\u3011<\/strong><\/p>\n\n\n\n<p class=\"source_code\">$ sudo mv vpnserver \/usr\/local\n$ cd \/usr\/local\/vpnserver\n$ chmod 600 *\n$ chmod 700 vpncomd vpnserver<\/p>\n\n\n\n<p class=\"program_discription\"><strong>\u3010\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3067\u304d\u3066\u3044\u308b\u304b\u306e\u78ba\u8a8d(VPN Tools\u306e\u5b9f\u884c)\u3092\u3057\u307e\u3059\u3011<\/strong><\/p>\n\n\n\n<p class=\"source_code\">$ \/usr\/local\/vpnserver\/vpncmd\n1. VPN Server \u307e\u305f\u306f VPN Bridge \u306e\u7ba1\u7406\n2. VPN Client \u306e\u7ba1\u7406\n3. VPN Tools \u30b3\u30de\u30f3\u30c9\u306e\u4f7f\u7528 (\u8a3c\u660e\u66f8\u4f5c\u6210\u3084\u901a\u4fe1\u901f\u5ea6\u6e2c\u5b9a)\n\u300c3.\u3092\u9078\u3073check\u30b3\u30de\u30f3\u30c9\u306e\u5b9f\u65bd\u300d\nVPN Tools&gt;check\nVPN Tools\u306e\u7d42\u4e86\nVPN Tools&gt;quit<\/p>\n\n\n\n<p class=\"program_discription\"><strong>\u3010vpnserver\u306e\u81ea\u52d5\u8d77\u52d5\u3092\u8a2d\u5b9a\u3057\u307e\u3059\u3011<\/strong><br>\/etc\/systemd\/system \u306b vpnserver.service\u3092\u4f5c\u6210\u3057\u307e\u3059<\/p>\n\n\n\n<p class=\"source_code\">$ sudo vi \/etc\/systemd\/system\/vpnserver.service\n\n[Unit]\nDescription=SoftEther VPN Server\nAfter=network.target network-online.target\n\n[Service]\nUser=root\nExecStart=\/usr\/local\/vpnserver\/vpnserver start\nExecStop=\/usr\/local\/vpnserver\/vpnserver stop\nType=forking\nRestartSec=3s\nWorkingDirectory=\/usr\/local\/vpnserver\/\nExecStartPre=\/sbin\/ip link set dev eth0 promisc on\n\n[Install]\nWantedBy=multi-user.target<\/p>\n\n\n\n<p class=\"program_discription\"><strong>\u3010\u30b5\u30fc\u30d3\u30b9\u306e\u52d5\u4f5c\u78ba\u8a8d\u3068\u505c\u6b62\u3068\u81ea\u52d5\u8d77\u52d5\u306e\u8a2d\u5b9a\u3092\u884c\u3044\u307e\u3059\u3011<\/strong><\/p>\n\n\n\n<p class=\"source_code\">$ sudo systemctl start vpnserver\n$ systemctl status vpnserver.service\n\u300c\u52d5\u4f5c\u3057\u3066\u3044\u308b\u72b6\u614b\u304c\u8868\u793a\u3055\u308c\u307e\u3059\u300d\n$ sudo systemctl stop vpnserver\n\n\u300c\u81ea\u52d5\u8d77\u52d5\u306e\u8a2d\u5b9a\u300d\n$ sudo systemctl enable vpnserver.service\n\u300c\u518d\u8d77\u52d5\u5f8c\u52d5\u4f5c\u78ba\u8a8d\u3092\u3057\u3066\u304f\u3060\u3055\u3044\u300d<\/p>\n\n\n\n<p class=\"program_discription\"><strong>\u3010Windows\u306b VPN Server Manager\u3092\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3057\u3066\u8a2d\u5b9a\u3011<\/strong><br>VPN Server Manager\u306e\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3092\u3057\u307e\u3059<br>https:\/\/www.softether-download.com\/ja.aspx?product=softether<br>\u304b\u3089\u6b21\u306e\u3088\u3046\u306b\u9078\u3093\u3067\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3057\u307e\u3059\u3002<br>\u3000\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\uff1aSoftEther VPN<br>\u3000\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\uff1aSoftEther VPN Server Manager for Windows<br>\u3000\u30d7\u30e9\u30c3\u30c8\u30d5\u30a9\u30fc\u30e0\uff1aWindows<br>\u3000CPU\uff1aInterl(x86 and x64)<\/p>\n\n\n\n<p class=\"program_discription\">\u3010\u30a4<strong>\u30f3\u30b9\u30c8\u30fc\u30eb\u306e\u5b9f\u884c\u3068\u8a2d\u5b9a\u3011<\/strong><br> \u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3059\u308b\u30bd\u30d5\u30c8\u30a6\u30a8\u30a2\u306e\u9078\u629e\u3067\u300cSoftEther VPM \u30b5\u30fc\u30d0\u30fc\u7ba1\u7406\u30de\u30cd\u30fc\u30b8\u30e3\u300d<br> \u3092\u9078\u3073\u307e\u3059\u3002<br>SoftEther VPM \u30b5\u30fc\u30d0\u30fc\u7ba1\u7406\u30de\u30cd\u30fc\u30b8\u30e3\u3092\u8d77\u52d5\u3057\u6b21\u306e\u8a2d\u5b9a\u3092\u3057\u307e\u3059\u3002<br>\u3000\u65b0\u3057\u3044\u63a5\u7d9a\u8a2d\u5b9a<br>\u3000\u3000\u63a5\u7d9a\u8a2d\u5b9a\u540d<br>\u3000\u3000\u30db\u30b9\u30c8\u540d(IP\u30a2\u30c9\u30ec\u30b9)<br>\u8a2d\u5b9a\u3057\u305f\u63a5\u7d9a\u60c5\u5831\u306b\u63a5\u7d9a\u3057\u6b21\u306e\u8a2d\u5b9a\u3092\u3057\u307e\u3059\u3002<br>\u3000IPSec\/L2TPP\u8a2d\u5b9a<br>\u3000\u3000L2TP\u30b5\u30fc\u30d0\u6a5f\u80fd\u3092\u6709\u52b9\u306b\u3059\u308b<br>\u3000\u3000IPSec\u5171\u6709\u9375\uff08\u30b7\u30fc\u30af\u30ec\u30c3\u30c8\uff09\u3092\u5165\u529b<br>\u3000\u4eee\u60f3HUB\u306e\u7ba1\u7406<br>\u3000\u3000\u30e6\u30fc\u30b6\u7ba1\u7406<br>\u3000\u3000\u3000\u30e6\u30fc\u30b6\u306e\u767b\u9332\u3092\u3057\u307e\u3059<br>\u3000\u4eee\u60f3NAT\u304a\u3088\u3073\u4eee\u60f3DHCP\u30b5\u30fc\u30d0\u6a5f\u80fd<br>\u3000\u3000SecureNAT\u6a5f\u80fd\u3092\u6709\u52b9\u306b\u3059\u308b\u3000\u3053\u308c\u3092\u3057\u306a\u3044\u3068iPhone\u3067\u300cPPP\u30b5\u30fc\u30d0\u3078\u306e\u63a5\u7d9a\u3092\u78ba\u7acb<br>\u3000\u3000\u3067\u304d\u307e\u305b\u3093\u3067\u3057\u305f\uff5e\u300d\u3068\u3044\u308f\u308c\u307e\u3059<\/p>\n\n\n\n<p class=\"program_discription\"><strong>\u3010\u30eb\u30fc\u30bf\u306b\u30dd\u30fc\u30c8\u306e\u8ee2\u9001\u3092\u66f8\u304d\u307e\u3059(L2TP, IPSec)\u3011<\/strong><br>\u3000UDP\uff1a500,4500<br>\u3000AH\uff1a\u30d7\u30ed\u30c8\u30b3\u30eb\u756a\u53f751<br>\u3000ESC\uff1a\u30d7\u30ed\u30c8\u30b3\u30eb\u756a\u53f750<br>\u3000\u3092SoftEther\u3092\u52d5\u304b\u3059\u30db\u30b9\u30c8\u306b\u8ee2\u9001\u8a2d\u5b9a\u3092\u3057\u307e\u3059\u3002<\/p>\n\n\n\n<p class=\"program_discription\"><strong>\u3010\u30eb\u30fc\u30bf\u306b\u30d7\u30ed\u30c8\u30b3\u30eb\u6307\u5b9a\u3067\u306e\u8ee2\u9001\u6a5f\u80fd\u304c\u306a\u3044\u3068\u304d\u3011<\/strong><br>VPN\u30b5\u30fc\u30d0\u3092DMZ\u306b\u7f6e\u304b\u3056\u308b\u3092\u5f97\u306a\u3044\u3067\u3059\u304c\u3001\u3053\u306e\u3068\u304d\u306fssh\u306e\u30a2\u30af\u30bb\u30b9\u3092<br>\u5916\u90e8\u304b\u3089\u3067\u304d\u306a\u3044\u3088\u3046\u306b\u3057\u307e\u3059\u3002<br>VPN\u306e\u63a5\u7d9a\u4ee5\u5916\u306f\u8a31\u53ef\u3057\u306a\u3044\u3088\u3046\u306b\u3059\u308b\u306e\u304c\u826f\u3044\u3068\u601d\u3044\u307e\u3059\u3002SoftEther\u306b\u3088\u308b<strong>IPSec\u3092firewalld\u3067\u8a31\u53ef\u3057\u307e\u3059<\/strong><br>\u3000\u3000sudo firewall-cmd &#8211;add-port=500\/udp &#8211;zone=public &#8211;permanent<br>\u3000\u3000sudo firewall-cmd &#8211;add-port=4500\/udp &#8211;zone=public &#8211;permanent<br>\u3000\u3000sudo firewall-cmd &#8211;permanent &#8211;zone=public &#8211;add-service=ipsec<br><strong>SSL, SSH\u3092\u5916\u304b\u3089\u30a2\u30af\u30bb\u30b9\u3067\u304d\u306a\u3044\u3088\u3046\u306b\u3057\u3066<\/strong><br>\u3000\u3000sudo firewall-cmd &#8211;remove-port=443\/tcp &#8211;zone=public &#8211;permanent<br>\u3000\u3000sudo firewall-cmd &#8211;remove-port=22\/tcp &#8211;zone=public &#8211;permanent<br><strong>SSL, SSH\u3092\u5185\u5074\u304b\u3089\u306f\u30a2\u30af\u30bb\u30b9\u3067\u304d\u308b\u3088\u3046\u306b\u3059\u308b<\/strong><br>\u3000\u3000sudo firewall-cmd &#8211;permanent &#8211;zone=public &#8211;add-rich-rule=&#8221;rule family=&#8221;ipv4&#8243; source address=&#8221;192.168.101.0\/24&#8243; port protocol=&#8221;tcp&#8221; port=&#8221;443&#8243; accept&#8221;<br>\u3000\u3000sudo firewall-cmd &#8211;permanent &#8211;zone=public &#8211;add-rich-rule=&#8221;rule family=&#8221;ipv4&#8243; source address=&#8221;192.168.101.0\/24&#8243; port protocol=&#8221;tcp&#8221; port=&#8221;6022&#8243; accept&#8221;<br><strong>firewalld\u3092\u30ea\u30ed\u30fc\u30c9\u3057\u307e\u3059<\/strong><br>\u3000\u3000sudo firewall-cmd &#8211;reload<br>(\uff0a)<br>\u3000\u3000RaspberryPi\u306bfirewalld\u304c\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3055\u308c\u3066\u3044\u306a\u3044\u6642<br>\u3000\u3000sudo apt install firewalld \u3067\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3057\u307e\u3059<br>\u3000\u3000firewalld\u306e\u30b3\u30de\u30f3\u30c9\u306a\u3069\u306b\u3064\u3044\u3066\u3001\u30a4\u30f3\u30bf\u30fc\u30cd\u30c3\u30c8\u691c\u7d22\u3067\u6ca2\u5c71\u60c5\u5831\u304c<br>\u3000\u3000\u3042\u308a\u307e\u3059\u306e\u3067\u3001\u305d\u3061\u3089\u3092\u53c2\u8003\u306b\u3057\u3066\u304f\u3060\u3055\u3044<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u30c6\u30ec\u30ef\u30fc\u30af\u304c\u63d0\u5531\u3055\u308c\u3066\u3044\u308b\u306e\u3067\u3001\u81ea\u5b85\u306b\u3082VPN\u30b5\u30fc\u30d0\u3092\u7acb\u3066\u308b\u3053\u3068\u306b\u3057\u307e\u3057\u305f\u3002\u3053\u308c\u3067\u3001\u606f\u5b50\u304c\u30de\u30ec\u30fc\u30b7\u30a2\u3067\u5b8c\u5168\u81ea\u5b85\u5f85\u6a5f\u306a\u306e\u3067\u3001VPN\u7d4c\u7531\u3067\u65e5\u672c\u306e\u756a\u7d44\u3092\u307f\u308b\u3053\u3068\u304c\u3067\u304d\u308b\u3067\u3057\u3087\u3046\u3002\u307e\u305f\u3001\u5916\u51fa\u5148\u304b\u3089\u30ef\u30f3\u30b3\u306e\u30e9\u30a4\u30d6\u6620\u50cf\u3082\u898b\u308b\u3053\u3068\u304c\u3067 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":2383,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_locale":"","_original_post":"","footnotes":""},"categories":[3],"tags":[],"class_list":["post-2373","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-monolog","ja"],"_links":{"self":[{"href":"https:\/\/www.oji-koji.com\/index.php?rest_route=\/wp\/v2\/posts\/2373","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.oji-koji.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.oji-koji.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.oji-koji.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.oji-koji.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2373"}],"version-history":[{"count":16,"href":"https:\/\/www.oji-koji.com\/index.php?rest_route=\/wp\/v2\/posts\/2373\/revisions"}],"predecessor-version":[{"id":2458,"href":"https:\/\/www.oji-koji.com\/index.php?rest_route=\/wp\/v2\/posts\/2373\/revisions\/2458"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.oji-koji.com\/index.php?rest_route=\/wp\/v2\/media\/2383"}],"wp:attachment":[{"href":"https:\/\/www.oji-koji.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2373"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.oji-koji.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2373"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.oji-koji.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2373"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}