SoftEther


opkg update
opkg install kmod-usb2 block-mount kmod-usb-storage-extras
insmod usbcore
insmod ehci-hcd
reboot
dmesg | grep usbcore...... 
demsg | grep usb-storage
dmesg | tail -20
ls /dev/sda*
--
opkg update
opkg install fdisk e2fsprogs
opkg install kmod-usb-storage block-mount libext2fs kmod-fs-ext4
--
My partitions on my 8GB thumb drive:
sda1 – 6.2GB – ext4 – Use for personal data ( /mnt/shares )
sda2 – 504MB – ext4 – Root files system data ( /overlay )
sda3 – The rest 300MB+ – Swap
--
 mkfs.ext4 -O ^has_journal,extent /dev/sda1
 mkfs.ext4 -O ^has_journal,extent /dev/sda2
 mkswap /dev/sda3
mkdir /mnt/shares && mount /dev/sda1 /mnt/shares
swapon /dev/sda3
------------------------------------------
root@SoftEtherBJ:~# block detect
config 'global'
        option  anon_swap       '0'
        option  anon_mount      '0'
        option  auto_swap       '1'
        option  auto_mount      '1'
        option  delay_root      '5'
        option  check_fs        '0'

config 'mount'
        option  target  '/mnt/sda1'
        option  uuid    '4751fa49-8048-461c-8761-588e513c0a66'
        option  enabled '0'

config 'mount'
        option  target  '/mnt/sda2'
        option  uuid    'bff97f88-dfd8-4bdf-99ab-0d71b932fa4a'
        option  enabled '0'

config 'swap'
        option  device  '/dev/sda3'
        option  enabled '0'
------------------------------------------
------------------------------------------
root@SoftEtherBJ:~# vi /etc/config/fstab
config 'global'
        option  anon_swap       '0'
        option  anon_mount      '0'
        option  auto_swap       '1'
        option  auto_mount      '1'
        option  delay_root      '5'
        option  check_fs        '0'

config 'mount'
        option  target  '/mnt/sda1'
        option  uuid    '2048-6c15'
        option  enabled '0'
------------------------------------------
NEW fstab---------------------------------
------------------------------------------

root@SoftEtherBJ:~# cat /etc/config/fstab
config 'global'
        option  anon_swap       '0'
        option  anon_mount      '0'
        option  auto_swap       '1'
        option  auto_mount      '1'
        option  delay_root      '5'
        option  check_fs        '0'

config 'mount'
        option  target  /mnt/shares
        option  uuid    '4751fa49-8048-461c-8761-588e513c0a66'
        #option device  /dev/sda1
        option  fstype  ext2
        option  options rw,sync
        option  enabled 1
        option  enabled_fsck    0

config 'mount'
        option  target  /overlay
        option  uuid    'bff97f88-dfd8-4bdf-99ab-0d71b932fa4a'
        #option device  /dev/sda2
        option  fstype  ext4
        option  options rw,sync
        option  enabled 1
        option  enabled_fsck    0

config 'swap'
        option  device  /dev/sda3
        option  enabled 1
------------------------------------------
mkdir /mnt/sda2 && mount /dev/sda2 /mnt/sda2
Then copy the original data to the external storage:
tar -C /overlay -cvf - . | tar -C /mnt/sda2 -xf -
Unmount the external drive then reboot:
umount /mnt/sda2 && rm -rf /mnt/sda2
---------
To start over you can emtpy the /overlay folder containing all your configurations, installed packages, etc.
>>  # rm -rf /overlay/*

and upgrade the kernel / firmware
>> # cd /tmp

>> # wget http://downloads.openwrt.org/snapshots/trunk/ar71xx/openwrt-ar71xx-generic-tl-mr3020-v1-squashfs-factory.bin

>> # sysupgrade -v /tmp/openwrt-ar71xx-generic-tl-mr3020-v1-squashfs-factory.bin
----------
所以如果你要升级,请千万不要轻易用opkg upgrade,因为U盘上的extroot必须和内置Flash的系统保持内核版本一致。想要在U盘上升级内核是不可以实现的。如果需要增加新的Kernel Module往往都需要刷内置的固件。

如果你需要更改extroot的设置,你也需要回到内置的Flash里操作,所以………我们还是挂载上原来的内存吧。

编辑U盘上的fstab文件:
config mount
    option target    /overlay-boot
    option device    /dev/mtdblock3   #我的是mtdblock5,路由不同这里就不同
    option fstype    jffs2
    option options    rw,sync
    option enabled    1
    option enabled_fsck 0
对于mtdblock的确认,可以执行$ cat /proc/mtd查看rootfs_data。
-------------
-------------
http://b.mikomoe.jp/
http://vpslv.tirlins.com/openwrt/packs/

NAME                    SIZE    HASH                    DESC        DATE
softethervpn_4.20-9608_brcm47xx.ipk 1.0 MB  e958dc4e9e8d8b6eafcd1bb61650cb25    OpenWrt 14.07   2016/06/22 21:51:52
softethervpn_4.20-9608_ar71xx.ipk   1.0 MB  b9cc1302d19d65d9e0338de5266605c4    OpenWrt 14.07   2016/06/22 21:50:43

FOR Openwrt 14.07 (barrier_breaker)
FOR Openwrt 12.09 (chaos_calmer)
>
cd /mnt/share && mkdir download
cd /mnt/share/download
wget http://b.mikomoe.jp/download/1466599843/attach/softethervpn_4.20-9608_ar71xx.ipk
>
opkg update  
(need some more packages)
opkg install softethervpn*
/usr/bin/env LANG=en_US.UTF-8 /usr/bin/vpnserver start
/etc/init.d/softethervpnserver enable
-------------
-------------
/usr/bin/env LANG=en_US.UTF-8 /usr/bin/vpncmd
Choose 3
Write check
Write exit

Setup password for administering server
/usr/bin/env LANG=en_US.UTF-8 /usr/bin/vpncmd
Choose 1
Press ENTER
Press ENTER
Write ServerPasswordSet
Input your password
Repeat your password
Write exit
-------------
use GUI to config 
https://wordpress.tirlins.com/2015/03/setting-up-softether-vpn-on-openwrt/
======================================================================================
tcp        0      0 :::22      ssh      
tcp        0      0 :::53      dns      
tcp        0      0 :::80      openwrt  
tcp        0      0 :::443     softether(https)
tcp        0      0 :::992     softether(telnet over ssl)
tcp        0      0 :::1194    softether(openvpn)
tcp        0      0 :::5555    softether
tcp        0      0 :::8888    tinyproxy
=======================================================================================

BJ Office DNS has problem. I force Openwrt Dnsmasq to use other Resolver.

/etc/resolv.dnsmasq.conf
# fix BJ Telecom resolver
nameserver 219.141.136.10
nameserver 219.141.140.10

Then add below in /etc/dnsmasq.conf
#
...
resolv-file=/etc/resolv.dnsmasq.conf
...

2018-04-22 22:38:42.198 On the TCP Listener (Port 443), a Client (IP address 23.55.36.15, Host name "a23-55-36-15.deploy.static.akamaitechnologies.com", Port number 54634) has connected.
2018-04-22 22:38:42.198 For the client (IP address: 23.55.36.15, host name: "a23-55-36-15.deploy.static.akamaitechnologies.com", port number: 54634), connection "CID-37681" has been created.
2018-04-22 22:38:42.381 SSL communication for connection "CID-37681" has been started. The encryption algorithm name is "RC4-MD5".
2018-04-22 22:38:42.573 Connection "CID-37681" terminated by the cause "A client which is non-SoftEther VPN software has connected to the port." (code 5).
2018-04-22 22:38:42.573 Connection "CID-37681" has been terminated.
2018-04-22 22:38:42.573 The connection with the client (IP address 23.55.36.15, Port number 54634) has been disconnected.

2018-04-22 22:38:42.350 IPsec Client 10 (58.177.117.41:500 -> 117.18.105.143:500): A new IPsec client is created.
2018-04-22 22:38:42.350 IPsec IKE Session (IKE SA) 9 (Client: 10) (58.177.117.41:500 -> 117.18.105.143:500): A new IKE SA (Main Mode) is created. Initiator Cookie: 0xB052E111E26E46BE, Responder Cookie: 0xD815BB72A6918BD9, DH Group: MODP 1024 (Group 2), Hash Algorithm: SHA-1, Cipher Algorithm: 3DES-CBC, Cipher Key Size: 192 bits, Lifetime: 4294967295 Kbytes or 28800 seconds
2018-04-22 22:38:42.391 IPsec Client 10 (58.177.117.41:4500 -> 117.18.105.143:4500): The port number information of this client is updated.
2018-04-22 22:38:42.391 IPsec Client 10 (58.177.117.41:4500 -> 117.18.105.143:4500):
2018-04-22 22:38:42.391 IPsec IKE Session (IKE SA) 9 (Client: 10) (58.177.117.41:4500 -> 117.18.105.143:4500): This IKE SA is established between the server and the client.
2018-04-22 22:38:42.391 IPsec IKE Session (IKE SA) 9 (Client: 10) (58.177.117.41:4500 -> 117.18.105.143:4500): The client initiates a QuickMode negotiation.
2018-04-22 22:38:42.391 IPsec ESP Session (IPsec SA) 12 (Client: 10) (58.177.117.41:4500 -> 117.18.105.143:4500): A new IPsec SA (Direction: Client -> Server) is created. SPI: 0xDFC54E38, DH Group: (null), Hash Algorithm: SHA-1, Cipher Algorithm: AES-CBC, Cipher Key Size: 128 bits, Lifetime: 250000 Kbytes or 3600 seconds
2018-04-22 22:38:42.391 IPsec ESP Session (IPsec SA) 12 (Client: 10) (58.177.117.41:4500 -> 117.18.105.143:4500): A new IPsec SA (Direction: Server -> Client) is created. SPI: 0xE413B0FD, DH Group: (null), Hash Algorithm: SHA-1, Cipher Algorithm: AES-CBC, Cipher Key Size: 128 bits, Lifetime: 250000 Kbytes or 3600 seconds
2018-04-22 22:38:42.401 IPsec ESP Session (IPsec SA) 12 (Client: 10) (58.177.117.41:4500 -> 117.18.105.143:4500): This IPsec SA is established between the server and the client.
2018-04-22 22:38:42.401 IPsec Client 10 (58.177.117.41:4500 -> 117.18.105.143:4500): The L2TP Server Module is started.
2018-04-22 22:38:42.471 L2TP PPP Session [58.177.117.41:1701]: A new PPP session (Upper protocol: L2TP) is started. IP Address of PPP Client: 58.177.117.41 (Hostname: "Desktop"), Port Number of PPP Client: 1701, IP Address of PPP Server: 117.18.105.143, Port Number of PPP Server: 1701, Client Software Name: "L2TP VPN Client - Microsoft", IPv4 TCP MSS (Max Segment Size): 1314 bytes
2018-04-22 22:38:42.512 On the TCP Listener (Port 0), a Client (IP address 58.177.117.41, Host name "058177117041.ctinets.com", Port number 1701) has connected.
2018-04-22 22:38:42.512 For the client (IP address: 58.177.117.41, host name: "058177117041.ctinets.com", port number: 1701), connection "CID-37682" has been created.
2018-04-22 22:38:42.512 SSL communication for connection "CID-37682" has been started. The encryption algorithm name is "(null)".
2018-04-22 22:38:42.512 [HUB "VPN-HK"] The connection "CID-37682" (IP address: 58.177.117.41, Host name: 058177117041.ctinets.com, Port number: 1701, Client name: "L2TP VPN Client - Microsoft", Version: 4.22, Build: 9634) is attempting to connect to the Virtual Hub. The auth type provided is "External server authentication" and the user name is "timyou".
2018-04-22 22:38:42.512 [HUB "VPN-HK"] Connection "CID-37682": Successfully authenticated as user "timyou".
2018-04-22 22:38:42.512 [HUB "VPN-HK"] Connection "CID-37682": The new session "SID-TIMYOU-[L2TP]-18" has been created. (IP address: 58.177.117.41, Port number: 1701, Physical underlying protocol: "Legacy VPN - L2TP")
2018-04-22 22:38:42.512 [HUB "VPN-HK"] Session "SID-TIMYOU-[L2TP]-18": The parameter has been set. Max number of TCP connections: 1, Use of encryption: Yes, Use of compression: No, Use of Half duplex communication: No, Timeout: 20 seconds.
2018-04-22 22:38:42.512 [HUB "VPN-HK"] Session "SID-TIMYOU-[L2TP]-18": VPN Client details: (Client product name: "L2TP VPN Client - Microsoft", Client version: 422, Client build number: 9634, Server product name: "SoftEther VPN Server (32 bit)", Server version: 422, Server build number: 9634, Client OS name: "L2TP VPN Client - Microsoft", Client OS version: "-", Client product ID: "-", Client host name: "Desktop", Client IP address: "58.177.117.41", Client port number: 1701, Server host name: "117.18.105.143", Server IP address: "117.18.105.143", Server port number: 1701, Proxy host name: "", Proxy IP address: "0.0.0.0", Proxy port number: 0, Virtual Hub name: "VPN-HK", Client unique ID: "A2F6D009C177001283657162937CFF98")
2018-04-22 22:38:42.522 L2TP PPP Session [58.177.117.41:1701]: Trying to request an IP address from the DHCP server.
2018-04-22 22:38:45.811 [HUB "VPN-HK"] Session "SID-BJSRV-15": The DHCP server of host "00-AC-3D-8F-F3-B2" (10.10.11.1) on this session allocated, for host "SID-TIMYOU-[L2TP]-18" on another session "CA-42-2E-C4-F4-4F", the new IP address 10.10.11.205.
2018-04-22 22:38:45.811 L2TP PPP Session [58.177.117.41:1701]: An IP address is assigned. IP Address of Client: 10.10.11.205, Subnet Mask: 255.255.255.0, Default Gateway: 10.10.11.1, Domain Name: "lan", DNS Server 1: 10.10.11.1, DNS Server 2: 0.0.0.0, WINS Server 1: 0.0.0.0, WINS Server 2: 0.0.0.0, IP Address of DHCP Server: 10.10.11.1, Lease Lifetime: 43200 seconds
2018-04-22 22:38:45.811 L2TP PPP Session [58.177.117.41:1701]: The IP address and other network information parameters are set successfully. IP Address of Client: 10.10.11.205, Subnet Mask: 255.255.255.0, Default Gateway: 10.10.11.1, DNS Server 1: 10.10.11.1, DNS Server 2: 0.0.0.0, WINS Server 1: 0.0.0.0, WINS Server 2: 0.0.0.0
^C

[root@vps server_log]# pwd
/usr/local/vpnserver/server_log

Labels: my.