Open source softether.net/vpnazure.net code #1094
Comments
|
Please release this ASAP. |
|
I agree vpnazure.net code should be Open. So that people can build their vpnazure.net within their region. Usually, ISP provide additional bandwidth for inter continental path like IX. So hosting vpnazure.net in IX would be great idea. |
|
Working on it. |
davidebeatrici
changed the title
|
I agree this needs to be a priority. While there are ways to set this up yourself with a VPS and a little skills. I think the real software running on VPN Azure should be open to the public AND for the next version of SoftEther VPN to support the ability to choose/add different VPN Azure servers. |
|
And I just realized vpn azure is TLS 1.0.... |
|
what really may happen - alternative implementation. if someone will contribute code, it will be reviewed and merged. |
Okay first of all, PacketIX is outdated and I doubt there are many new customers lining up to buy a new license for it anytime soon and second of all VPN Azure is 100% free to use meaning there is no profit to be made to put "food on the plate daily" Also what the heck are you talking about "Open-source won't keep the food on the plate daily."? There are hundreds of successful, open source products that make a ton of money through support and training contracts! Just look at companies like Canonical (Ubuntu), Crossover (Wine), and Zabbix! Which with some time, the SoftEther project can implement a similar system if wanted by the devs. However I do believe VPNAzure would need to be re-written anyway since it uses outdated TLS and only supports SoftEther/SSTP protocols. But it's whatever. I'm not complaining since I can't implement it myself. |
|
@andrewfer000 is completely right. The plan is to rewrite both VPN Azure and Dynamic DNS, releasing them as soon as they are ready. |
|
Seems like an Open Source implementation of DynamicDNS and VPNAzure are becoming less of a nice to have and more of a necessity due to the hosted services' instability. Hopefully it can hold out until we can find a solution. I am currently working on a project to make my own VPNAzure-like system by using allready existing technologies such as reverse and transparent proxy servers and using WireGuard (stand-alone) and/or SoftEtherVPN as a way for the real VPN servers to connect to the reverse-proxy server and allow tunneling. I already established that SE can function behind HAProxy with little issues and running services on a local machine and using the remote server as the connection point works so far with Minecraft and Web Servers but I want to work on finding an easier, more secure, and flexible method. If all goes well I will make a guide in the Wiki. |
|
Sounds good, thanks! And yes, decentralized Dynamic DNS and Azure servers would (will) be awesome. |
If you'd like to try running multiple applications on Port 443, Give this a shot! Feel free to ask me if you need any help. Click the second to bottom one on the pages list. "Running a HTTPS Website and SoftEtherVPN along side each other." |
|
Hello |
We have no idea. At this point the VPNAzure/DynamicDNS source code is probably so old (and non-portable) that it would be better to create new ones from scratch. I think davidebeatrici is working on something but I'm not sure if it's ready yet. For now try looking for a similar solution. |
|
@andrewfer000 Similiar solution ? |
Please refer to this discussion. I am still actively working on it
While I agree that the old code should be released it's likely not going to happen because it's a separate entity from the SoftEtherVPN Project. Also even if that code is released it does not mean it is portable or even public-use ready. If the code for these products was released the odds it would compile and run properly on any modern Linux distribution (or Windows) is slim to none not to mention since this is a private project a lot of the configuration such as the network may be hard-coded into the program meaning it may not work on other servers or networks that are not run by vpnazure.net. |
|
I'm working on publishing a guide to an alternative method. So far so good in my testing. Here is the link to the Wiki Page. It should be complete in a week or so. |
|
So the guide is complete for all who are interested. There is still work to be done. But so far it seems to be working fine. I'm still working on flushing out the vClient (the VPN server hosted behind the firewall, or the "VPNAzure Client") configuration guide. Feel free to test it out and leave some feedback. Here is the Wiki Page |
|
Any updates ? |
|
I apologize for the delay, unfortunately I've been busy with other projects and didn't make much progress on it. However, I can confirm that the idea is to rewrite the service from scratch, mostly due to it currently being hardcoded for the specific domains we're using. I would also like to clarify the difference between the two components:
Both are tightly interconnected, but separating them should be straightforward. As for providing DNS answers, I've been considering using PowerDNS Authoritative Server. |
|
It's fine for me Davide. Like I said I have already found and documented an alternative that works very well with if you put in the time and effort to implement it. I am actually working on a simpler implementation that takes out the need for SoftEtherVPN on the cloud front end and uses FRP instead which will result in a massive latency decrease and a much easier deployment while still being NAT/Firewall friendly. For the time being, It would be nice to see a branch or fork that focuses on removing DynamicDNS and VPNAzure from the codebase. If it's just going to be re-written anyway might as well start now. Just out of curiosity, have you attempted to build a alternative to Azure yet? |
|
Thank you very much for the great wiki page! I haven't attempted to build an alternative to Azure yet, I've only experimented with Dynamic DNS so far. An objective of mine was to maintain compatibility with the current Azure client, but if a better well established implementation exists I would rely on that instead. As for DDNS: we should probably just implement support for RFC 2136 so that any services that comply to the standard can be used. |
|
@davidebeatrici I just started to build a private Azure solution that works without DDNS, hopefully not duplicating your work. It authenticates clients by SNI and TLS certificates. |
|
No worries, I hadn't found the time to go ahead with my implementation. Separating Azure and DDNS is a great idea. |
|
The VPN Azure part is ready for testing in #1739 . It does not include the DDNS service. Users are required to do manual DNS setup. For privately hosted solutions that should not be an issue. |
and others
As noted in this issue, the vpnazure.net code is not open source. I think the community would benefit if that code is also open source, allowing further customizations and also security evaluations.
Thank you all for creating and maintaining this great project.
The text was updated successfully, but these errors were encountered: