vpn

https://www.digitalocean.com/community/tutorials/how-to-setup-a-multi-protocol-vpn-server-using-softether

declare Listener0
		{
			bool DisableDos false
			bool Enabled true
			uint Port 443
		}
		declare Listener1
		{
			bool DisableDos false
			bool Enabled true
			uint Port 992
		}
		declare Listener2
		{
			bool DisableDos false
			bool Enabled true
			uint Port 1194
		}
		declare Listener3
		{
			bool DisableDos false
			bool Enabled true
			uint Port 5555
		}
        
        
Pre Shared Key for IPsec:
freego2016

ServerCertSet /etc/letsencrypt/live/novice.ren/fullchain.pem       
VPN Server/VPN>ServerCertSet /LOADCERT:/etc/letsencrypt/live/novice.ren/fullchain.pem /LOADKEY:/etc/letsencrypt/live/novice.ren/privkey.pem

/data/vpnserver/vpncmd localhost:992 /SERVER /PASSWORD:freego /CMD ServerCertSet /LOADCERT:/etc/letsencrypt/live/novice.ren/fullchain.pem /LOADKEY:/etc/letsencrypt/live/novice.ren/privkey.pem

docker run -d -p 80:80 -p 1225:443 -p 1979:1979 --name le \
-v "/root/log:/var/log/lep" \
-v "/etc/letsencrypt:/etc/letsencrypt" \
-v "/var/lib/letsencrypt:/var/lib/letsencrypt" \

-t novice/letsencrypt:latest


cd vpnclient && make i_read_and_agree_the_license_agreement

ssh -R 9000:localhost:80 root@ServerAddress -N

//socks 代理
ssh -f -N -D 127.0.0.1:9000 nv


-f
输入密码后进入后台模式(Requests ssh to go to background just before command execution.)

-N
不执行远程命令,用于端口转发( Do not execute a remote command. This is useful for just for warding ports (protocol version 2 only).)

-D
socket5代理(Specifies a local “dynamic” application-level port forwarding.Currently the SOCKS4 and SOCKS5 protocols are supported, and ssh will act as a SOCKS server.)

-L
tcp转发(Specifies that the given port on the local (client) host is to be forwarded to the given host and port on the remote side.)

-C
使用数据压缩,网速快时会影响速度(Compression is desirable on modem lines and other slow connections, but will only slow down things on fast networks.The compression algorithm is the same used by gzip)