We’re dusting off our favorite old trademark to introduce the all-new VPN in a Flash™ featuring NeoRouter™ 1.7 Free Server Edition. Last month we showed how to install NeoRouter as an add-on for existing PBX in a Flash™ servers. In sites with 10 or fewer machines to interconnect, this works extremely well. However, for those with major collections of servers and PCs scattered across the universe (up to 256!), you’re going to want dedicated hardware to manage your virtual private network. Thanks to the terrific work of Tom King, you’ve got that choice. Meet VPN in a Flash.
As with PBX in a Flash, the Dedicated Server Edition of VPN in a Flash is offered in 32-bit or 64-bit flavors. How do you get it? It’s now an option in the PBX in a Flash 2.0.6.2.4 ISO featuring the CentOS 6.2 platform for the ultimate in reliability. Just download the new 2.0.6.2.4 ISO from SourceForge, burn it to a CD or DVD or, better yet, make yourself a bootable flash drive, and find some hardware to dedicate to the task of managing your virtual private network. Set up the server behind a dedicated firewall on any private LAN other than the 10.0.0.x network. Answer a few prompts to choose your timezone and set up your NeoRouter credentials. Then configure your hardware firewall to lock down the assigned DHCP address of your VPN in a Flash server and map TCP 32976 to the IP address of your VPN server, and you’re done. In 30 minutes, you get a rock-solid, preconfigured VPN. Not only is it SECURE, it’s also FREE!
After your VPN in a Flash server is installed, you can optionally go to the NeoRouter web site and register your new VPN by clicking Create Standalone Domain. Make up a name you can easily remember with no periods or spaces. You’ll be prompted for the IP address of your server in the second screen. FQDNs are NOT permitted.
When a VPN client attempts to login to your server, the server address is always checked against this NeoRouter database first before any attempt is made to resolve an IP address or FQDN using DNS. If no matching entry is found, it will register directly to your server using a DNS lookup of the FQDN. Whether to register your VPN is totally up to you. Logins obviously occur quicker using this registered VPN name, but logins won’t happen at all if your server’s dynamic IP address changes and you’ve hard-coded a different IP address into your registration at neorouter.com.
Setting Up a NeoRouter Client. There are NeoRouter clients available for almost every platform imaginable, except iPhones and iPads. Hopefully, they’re in the works. So Step #1 is to download whatever clients are appropriate to meet your requirements. The VPN in a Flash install automatically loads the Linux clients into the /usr/src/neorouter directory and installs the NeoRouter client for you. Here’s the NeoRouter Download Link for the other clients. Make sure you choose a client for the Free version of NeoRouter. And make sure it is a version 1.7 client! Obviously, the computing platform needs to match your client device. The clients can be installed in the traditional way with Windows machines, Macs, etc.
CentOS NeoRouter Client. As part of the installation above, we have automatically installed the NeoRouter client for your particular flavor of CentOS 6, 32-bit or 64-bit. In order to access resources on your NeoRouter server from other clients, you will need to activate the client on your server as well. This gets the server a private IP address in the 10.0.0.0 network.
To activate the client, type: nrclientcmd. You’ll be prompted for your Domain, Username, and Password. You can use the registered domain name from neorouter.com if you completed the optional registration step above. Or you can use the private IP address of your server. If your router supports hairpin NAT, you can use the public IP address or server’s FQDN, if you have one. After you complete the entries, you’ll get a display that looks something like this:
To exit from NeoRouter Explorer, type: quit. The NeoRouter client will continue to run so you can use the displayed private IP addresses to connect to any other online devices in your NeoRouter VPN. All traffic from connections to devices in the 10.0.0.0 network will flow through NeoRouter’s encrypted VPN tunnel. This includes inter-office SIP and IAX communications between Asterisk® endpoints.
Admin Tools for NeoRouter. Here are a few helpful commands for monitoring and managing your NeoRouter VPN.
Browser access to NeoRouter Configuration Explorer (requires user with Admin privileges)
Browser access to NeoRouter Network Explorer (user with Admin or User privileges)
To access your NeoRouter Linux client: nrclientcmd
To restart NeoRouter Linux client: /etc/rc.d/init.d/nrservice.sh restart
To restart NeoRouter Linux server: /etc/rc.d/init.d/nrserver.sh restart
To set domain: nrserver -setdomain YOUR-VPN-NAME domainpassword
For a list of client devices: nrserver -showcomputers
For a list of existing user accounts: nrserver -showusers
For the settings of your NeoRouter VPN: nrserver -showsettings
To add a user account: nrserver -adduser username password user
To add admin account: nrserver -adduser username password admin
Test VPN access: http://www.neorouter.com/checkport.php
For a complete list of commands: nrserver –help
To change client name from default pbx.local1:
- Edit /etc/hosts
- Edit /etc/sysconfig/network
- Edit /etc/sysconfig/network-scripts/ifcfg-eth0
- reboot
For the latest NeoRouter happenings, follow the NeoRouter blog on WordPress.com.
Eating Our Own Bear Food. We’ve actually been at our SOHO cabin this month "testing" VPN in a Flash. It’s provided instant access both to our desktop machines and servers in Charleston as well as Tom King’s Proxmox server in Florida where we’ve been developing Yate in a Flash™, a new, dedicated SIP to Google Voice Gateway for Asterisk. We’ll have more to say about it next week, or you can follow the link and get a head start. The bottom line on VPN in a Flash: It Just Works! VPN in a Flash frees you from ever having to stay in your home or office to get work done. And it’s been rock-solid reliable. Enjoy!
Originally published: Wednesday, June 20, 2012
Need help with Asterisk? Visit the NEW PBX in a Flash Forum.
whos.amung.us If you’re wondering what your fellow man is reading on Nerd Vittles these days, wonder no more. Visit our new whos.amung.us statistical web site and check out what’s happening. It’s a terrific resource both for us and for you.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…