linux · raspberrypi · Server

NeoRouter VPN: How configure a server and client on Debian based (Ubuntu/Debian/Raspbian)

NeoRouter VPN

NeoRouter is a Freeware software and the ideal Remote Access and VPN solution for small businesses and home. It helps you manage and connect to all your computers from anywhere. It gracefully integrates Remote Access, File Sharing, Virtual Private Network, User and Access Management.

Many small businesses or homes have high-speed internet and multiple computers, and users are facing challenges like remote access, directory management and network security. To solve similar problems at large enterprises, skilled administrators can deploy very expensive and complex tools like VPN, domain controller and corporate firewall. But small business or home users do not have the right tools that fit their needs.

How Works

NeoRouter solution includes two components: Server and Client. You may want to install a server and multiple clients, so that these clients can connect each other though a secure communication channel.

NeoRouter Topology

Features and Characteristics

Cross-platform – Support Windows, Mac OSX, FreeBSD, Android, Linux (all major distros), Raspbian and router firmwares (Tomato and OpenWRT).

Security – Make your connections encrypted – NeoRouter uses the SSLv3/TLS (AES-256) to provide a secure communication channel between NeoRouter Server and each Client while using a variation algorithm (RSA 2048bit + DH + AES-256) between clients (P2P – peer-to-peer).

Improvement of VPN – NeoRouter improves VPN speed relaying traffic through to your router instead of a central server. You can run your own server independently and no traffic is relayed through a third-party server.

P2P – NeoRouter can setup direct peer-to-peer (P2P) connection between computers. When direct P2P connection is impossible (e.g. your computer is behind a corporate firewall), NeoRouter relays the network traffic through your own router.

Bypass Corporate Firewalls – Allows you to bypass corporate firewalls that block P2P traffic, similar applications (e.g. Hamachi) get around firewalls routing traffic through a central server that can be at times slow depending on the number of users. Proxy support allows you access your virtual network behind proxy servers that support HTTP Proxy, SOCKS4 and SOCKS5 protocols.

Easy to monitor and admin –  Monitor computer status in a click using the NeoRouter Network Explorer and for administrate using the NeoRouter Configuration Explorer.

Remote Wakeup – Also known as Wake-on-LAN (WOL) support. When a client connects to the network, it will wake the computer and will be fully functional. Remark: works since these machines are on same LAN as the NeoRouter Server. The NeoRouter Server will send the magic packet.

No Internet Threat Expositions – No need to remember the computer IP address and expose the port to the Internet. So no expose to cyber attacks threats!

Bridge Network – NeoRouter also have support to Network Bridge witch allows to create point-to-site VPN, site-to-site VPN or even multiple site-to-site networks. [Not tested yet – add to my do list]

NeoRouter Client – runs on Windows (Win 7/8/10/Vista/XP/2008/2003/2000), Mac OSX (x86 Leopard/Snow Leopard, PPC Tiger), FreeBSD i386 and x64, Linux i386 and x64 (Redhat/Fedora/CentOS, Ubuntu/Debian, SuSE), Linux-based router firmware (Tomato, OpenWRT Kamikaze, Fonera) and Android v1.6+.

The NeoRouter Server and Client software are freeware but not open source!

For more features

Limitations of Free Version

  • You can interconnect up to 256 devices at no cost
  • No customization of NeoRouter Client (Branding)
  • No access to built-in Firewall, Packet Filter (as default will block broadcast and multicast packets), User Access Audit (Access Logs), Spoke-and-hub networking and create more Subnets

Check out this compassion table

NeoRouter Server

Environments tested

Requirements

  • Debian based Linux distro (Debian/Ubuntu/Raspbian)
  • Configure router/modem (ISP) or firewall for port-forwarding, if necessary
  • Access to Internet ;-D

Create a “free” NeoRouter domain (private network)

For this, create on this URL:

https://secure.neorouter.com/Dashboard/createdomainstandalone.aspx

Recommendation: Use a strong password (and secure) with at least 15 characters (I use 28 characters password – the maximum of password length allowed by the service) for your private network generate from LastPass – Password Generator or Secure Password Generator to secure your network. And store this password on a safe place.

Install NeoRouter Server (nrserver)

Download & Install nrserver – As of this writing, the newest version is v2.3.1.4360 (get the URL for the latest NeoRouter Free Server version on NeoRouter Free v2 > Linux, choose server version). Let’s start:

cd /tmp

On Debian (x64)  [requirement]:

su
Password: <--[enter your root password]
apt-get install sudo
[...]
exit

On Ubuntu/Debian (x64):

wget http://download.neorouter.com/Downloads/NRFree/Update_2.3.1.4360/Linux/Ubuntu/nrserver-2.3.1.4360-free-ubuntu-amd64.deb

On Raspbian:

wget http://download.neorouter.com/Downloads/NRFree/Update_2.3.1.4360/inabox/Raspbian/nrserver-2.3.1.4360-free-raspbian-armhf.deb

Install the package:

sudo dpkg -i nrserver-*.deb

Configure nrserver, set the domain for your NeoRouter server

Simply follow the steps from nrsetup:

sudo nrsetup

Follow the script:

Setup NeoRouter Domain

NeoRouter domain name uniquely identifies your NeoRouter server, and is required to login NeoRouter client.
Do you already have a NeoRouter domain(y/n): Please enter domain info.
Enter domain name: YOUR-NR-DOMAIN
Enter domain password: YOUR-NR-DOMAIN-PASSWORD
Domain setup succeeded.

Setup Administrator Account

NeoRouter can defer authentication to the operating system. If your OS user account has a non-empty password, you can use the same username/password to login NeoRouter and can skip this step.
Do you want to create an administrator account? (y/n): 
Enter username: YOUR-ADMIN-USERNAME
Enter password: YOUR-ADMIN-USERNAME-PASSWORD
Enter password again: YOUR-ADMIN-USERNAME-PASSWORD
Administrator account setup succeeded.

Setup Port Forward as necessary

NeoRouter server listens at port 32976. Please make sure it can receive incoming connections from Internet. If NeoRouter server is behind a NAT, please setup port forward. You can use http://www.neorouter.com/checkport.php to verify the settings.

NeoRouter Server Setup succeeded.

You can make additional configuration changes using Configuration Explorer or nrserver CLI.
You can find more information in User's Manual (http://www.neorouter.com/Documents.html).

This step is only necessary if your server host is behind a router or firewall. We need to expose the NeoRouter server port (port 32976) to Internet so server can accept incoming connections  from the NeoRouter clients. If you are using NeoRouter in-a-box version and your router is directly connected to the cable/DSL modem, this step is unnecessary.

Search on Google for “how to port forward” or some other mean to do this because have one zillion of routers – ways to do that. A very nice reference to start is this site: How To Forward a Port.

After configure (or not, conform necessary) verify/test the NeoRouter Server connectivity is really working:

http://www.neorouter.com/checkport.php

NeoRouter Server Check

Create a user/admin account for ensure access

This user will be used for access your NeoRouter private network using the client version of NeoRouter. Create how many users as you need.

From NeoRouter Web Console [more easy method]

NeoRouter Web Console is web version of NeoRouter Configuration Explorer and provides full configuration features. You need a user with admin rights:

http://www.neorouter.com/webconsole-nrfree

Then go on “User Accounts” and add, edit and remove Users.

From terminal

For create a administrative user (remove computers, create groups, etc):

sudo nrserver -adduser adminuser "password" admin

For create a user, only for add computers in network and access the network:

sudo nrserver -adduser johndoe "password" user

Sample of Successful output:

NeoRouter Free [Version 2.3.1.4360]
Copyright (C) 2015 NeoRouter Inc.

*** Please run this command as root ***

SUCCEEDED

For more info:

sudo nrserver --help

NeoRouter Client (NeoRouter Network Explorer)

Requirements

  • Debian based Linux distro (Debian/Ubuntu/Raspbian) – Remember, it also work on many another platforms.
  • Access to Internet ;-D
  • Don’t need open any port

Install NeoRouter Client Service on Ubuntu/Debian/Raspbian

As of this writing, the newest version is v2.3.1.4360 (get the URL for the latest NeoRouter version on NeoRouter Free v2 > Linux). Let’s start:

cd /tmp

On Debian (x64)  [requirement]:

su
Password: <--[enter your root password]
apt-get install sudo
[...]
exit

On Ubuntu/Debian (x64):

wget http://download.neorouter.com/Downloads/NRFree/Update_2.3.1.4360/Linux/Ubuntu/nrclient-2.3.1.4360-free-ubuntu-amd64.deb

On Raspbian:

wget http://download.neorouter.com/Downloads/NRFree/Update_2.3.1.4360/inabox/Raspbian/nrclient-2.3.1.4360-free-raspbian-armhf.deb

Install the package:

sudo dpkg -i nrclient-*.deb

Configure/Register the Client

Linux via GUI, using the NeoRouter Network Explorer:

nrclient.sh

Enter your NR domain name, user name and password information and get access to your NeoRouter VPN easily:

From terminal using the nrclientcmd:

nrclientcmd -d "NR-registered-Domain or NR-server-local-IP" -u jdoe -register

Sample output:

NeoRouter Free [Version 2.3.1.4360]
Copyright (C) 2015 NeoRouter Inc.

Password: <--[enter your user password]

Followed by:

NeoRouter Network Explorer (Free)

Signing in.

Followed by:

NeoRouter Network Explorer (Free)

Computer registered successfully.

Note: Remember, the NR-server-local-IP also can be your public IP address (from internet) or your domain (or DDNS).

Recommended read

Check out the post NeoRouter VPN: Tips and Tricks

References:

NeoRouter User Manual v2.2
NeoRouter – How It Works
NeoRouterWiki:ProductOverview – NeoRouterWiki

NeoRouterWiki:FAQ – NeoRouterWiki
NeoRouterWiki:ServerSetup

Anúncios

Um comentário em “NeoRouter VPN: How configure a server and client on Debian based (Ubuntu/Debian/Raspbian)

Deixe um comentário

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do WordPress.com

Você está comentando utilizando sua conta WordPress.com. Sair / Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair / Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair / Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair / Alterar )

Conectando a %s