onlinelabs Cloud Hosting

Install a Minecraft Bukkit Server on CentOS 7

Introduction

Bukkit is an extension of Minecraft, which offers some exclusive features and plugins to improve your gaming experience. Bukkit is a community-driven project that allows every Java developer to write plugins and create additional features.

1. Update the System

Ensure the system is up to date.

$ sudo yum update -y

2. Install Java

Install Java with the yum package manager.

$ sudo yum install java-1.8.0-openjdk

Verify the Java installation was successful.

# java -version

3. Download Bukkit

Create the Bukkit installation folder.

# mkdir /root/mc

Download Bukkit. This example uses version 1.15.2. You should select the most recent release from this list.

# cd /root/mc && wget https://cdn.getbukkit.org/craftbukkit/craftbukkit-1.15.2.jar

4. Run Bukkit

Accept the EULA.

# echo "eula=true" > eula.txt

Run Bukkit.

# java -Xmx1G -Xms1G -jar craftbukkit-1.15.2.jar

Replace 1G with the amount of RAM you would like to allocate.

5. Make Bukkit Persistent

Bukkit does not run in the background by default. Run it in a screen session so that it remains active after you log out.

# screen java -Xmx1G -Xms1G -jar craftbukkit-1.15.2.jar

Replace 1G with the amount of RAM you would like to allocate.

Conclusion

For more information on how to use and customize Bukkit, please refer to the official Bukkit documentation.

Install and configure VMware vSphere ESXi 7

Install VMware ESXi 7, In this blog, I will explore how to Run VMware ESXi 7 Host and configure inside VMware Workstation

How to Download VMware vSphere ESXi 7 Host

First, we would like to create an account, after creating an account you can download the trial version for 60 days.

1- Download VMware vSphere ESXi 7 so click here

Now I have my VMware ESXi 7 download ready and I am ready to install

How to create a Virtual Machine in VMware Workstation, so change the boot option from the bios to boot from ISO

Install VMware ESXi 7

2- It starts loading the files into memory to install the VMware ESXi 7

3- Press enter to start the installation

4- So, press the F11 key to accept the user license

5- Its start scanning for the available devices

6- Select a disk to install ESXI 7, and then press enter

7- Keyboard layout and then press enter to continue

8- Type a root password, confirm password and then press enter to continue

9- The installer is configured to install VMware ESXI 7, so press F11 to start the installation

10- The VMware ESXi 7 installation in progress and it will take a few minutes to complete

11- ESXi 7 installation successfully completed, please remove the installation media and then press enter to reboot the host

12- The ESXi 7 host server is rebooting

13- After successfully installed

Configure VMware ESXi 7

14- Once we have our VMware ESXi 7 host installed we need to configure, Press F2 for all options. F12 to restart and then turn off the VMware ESXi 7 host, Press F2, type your root password and press enter to continue

15- Configure Management Network option and press enter

16- IPv4 Configuration option and press enter

17- VMware ESXi 7, Choose set static IPv4 address and network configuration, type your IP Address, subnet mask, default gateway, and press enter

18- IPv6 Configuration option and press enter

19- I recommend that you disable IPv6 (restart required) and press enter

20- DNS Configuration option and press enter

21- Enter primary DNS server IP Address, hostname and press enter

22- Choose a custom DNS suffixes option and hit enter

23- Type your custom DNS suffixes and hit enter

24- Press the Esc button, then press the Y button to apply changes and reboot host

25- ESXi host restarting

26- Now the VMware ESXi 7 host configuration completed

27- Now you can type your VMware ESXi 7 hostname or IP Address in your browser and access your ESXi 7 with the web client, type your root user name and password and click the Login button

Install Let’s Encrypt Plugin

Installation

To install the plugin, perform the following steps:

Log in to the server in as the root user.
Run the following command:/usr/local/cpanel/scripts/install_lets_encrypt_autossl_provider

Uninstall the plugin

To uninstall the plugin, perform the following steps:

Log in to the server as the root user.
Run the following command:/usr/local/cpanel/scripts/uninstall_lets_encrypt_autossl_provider

Install Varnish Cache for Apache on CentOS 7

2. Install Apache

Install Apache HTTP server.

$ sudo yum install -y httpd

Set Apache port to 8080. Edit httpd.conf with nano.

$ sudo nano /etc/httpd/conf/httpd.conf

Change the line “Listen 80” to “Listen 8080“, then save and close the file. The line should like like this when finished.

    Listen 8080

Start the Apache service.

$ sudo systemctl start httpd.service
$ sudo systemctl enable httpd.service

3. Test Apache configuration

Create a test file.

$ sudo touch /var/www/html/test.html

Use curl to test the server at port 8080. This verifies Apache is configured correctly.

$ curl -I http://localhost:8080/test.html

HTTP/1.1 200 OK
Date: Fri, 10 Jul 2020 13:10:04 GMT
Server: Apache/2.4.6 (CentOS)
Last-Modified: Fri, 10 Jul 2020 13:09:56 GMT
ETag: "0-5aa160eb192a8"
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8

4. Install Varnish

Add the EPEL repository.

$ sudo yum install -y epel-release

Install the dependency packages.

$ sudo yum install -y pygpgme yum-utils

Add the Varnish Cache repository. Edit /etc/yum.repos.d/varnish60lts.repo

$ sudo nano /etc/yum.repos.d/varnish60lts.repo

Paste the following, then save and close the file.

[varnish60lts]
name=varnishcache_varnish60lts
baseurl=https://packagecloud.io/varnishcache/varnish60lts/el/7/x86_64
repo_gpgcheck=1
gpgcheck=0
enabled=1
gpgkey=https://packagecloud.io/varnishcache/varnish60lts/gpgkey
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300

Update the yum cache for the Varnish repo.

$ sudo yum -q makecache -y --disablerepo='*' --enablerepo='varnish60lts'

Install Varnish.

$ sudo yum install -y varnish

Verify Varnish is installed and the correct version.

$ sudo varnishd -V
varnishd (varnish-6.0.6 revision 29a1a8243dbef3d973aec28dc90403188c1dc8e7)
Copyright (c) 2006 Verdens Gang AS
Copyright (c) 2006-2019 Varnish Software AS

Enable Varnish at system boot.

$ sudo systemctl enable --now varnish

Configure Varnish to listen at port 80, from the default of 6081. Edit varnish.service with nano.

$ sudo nano /usr/lib/systemd/system/varnish.service

Change the line beginning with ExecStart from port 6081 to port 80, then save and close the file. The line should like like this when finished.

ExecStart=/usr/sbin/varnishd -a :80 -f /etc/varnish/default.vcl -s malloc,256m

Restart the Varnish service.

$ sudo systemctl daemon-reload
$ sudo systemctl restart varnish

5. Test the Installation

Use curl to test from the server console.

$ curl -I http://localhost/test.html

The output should resemble this. The X-Varnish: 2 and Via: 1.1 varnish (Varnish/6.0) headers appear when Varnish Cache is running.

HTTP/1.1 200 OK
Date: Thu, 09 Jul 2020 18:46:00 GMT
Server: Apache/2.4.6 (CentOS)
Last-Modified: Thu, 09 Jul 2020 18:45:53 GMT
ETag: "0-5aa06a2507662"
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Varnish: 2
Age: 0
Via: 1.1 varnish (Varnish/6.0)
Accept-Ranges: bytes
Connection: keep-alive

Test from your local workstation, substitute your instance’s IP address. Verify the Varnish headers appear.

Linux

$ curl -I http://192.0.2.123/test.html

Windows PowerShell

PS> curl -Uri http://192.0.2.123/test.html

Troubleshooting

Check ports

Use the ss utility to verify which processes are listening on which ports.

# ss -lnpt | grep 80
LISTEN     0      128          *:80                       *:*                   users:(("cache-main",pid=2253,fd=3),("varnishd",pid=2243,fd=3))
LISTEN     0      128       [::]:80                    [::]:*                   users:(("cache-main",pid=2253,fd=5),("varnishd",pid=2243,fd=5))
LISTEN     0      128       [::]:8080                  [::]:*                   users:(("httpd",pid=1373,fd=4),("httpd",pid=1372,fd=4),("httpd",pid=1371,fd=4),("httpd",pid=1370,fd=4),("httpd",pid=1369,fd=4),("httpd",pid=1368,fd=4))

Make sure varnishd is listening on port 80 and httpd is on port 8080 as shown.

Test with curl

$ curl -I http://localhost/test.html

HTTP/1.1 503 Backend fetch failed
Date: Fri, 10 Jul 2020 14:01:13 GMT
Server: Varnish
Content-Type: text/html; charset=utf-8
Retry-After: 5
X-Varnish: 2
Age: 0
Via: 1.1 varnish (Varnish/6.0)
Content-Length: 278
Connection: keep-alive

If curl returns “HTTP/1.1 503 Backend fetch failed” as shown above, check the /etc/varnish/default.vcl file.

$ nano /etc/varnish/default.vcl

Make sure the backend default section points to Apache at port 8080.

backend default {
    .host = "127.0.0.1";
    .port = "8080";
}

Setup OpenConnect VPN Server for Cisco AnyConnect on Ubuntu 14.04 x64

OpenConnect server, also known as ocserv, is a VPN server that communicates over SSL. By design, its goal is to become a secure, lightweight, and fast VPN server. OpenConnect server uses the OpenConnect SSL VPN protocol. At the time of writing, it also has experimental compatibility with clients that use the AnyConnect SSL VPN protocol.

This article will show you how to install and setup ocserv on Ubuntu 14.04 x64.

Installing ocserv

Since Ubuntu 14.04 does not ship with ocserv, we will have to download the source code and compile it. The latest stable version of ocserv is 0.9.2.

Download ocserv from the official site.

wget ftp://ftp.infradead.org/pub/ocserv/ocserv-0.9.2.tar.xz
tar -xf ocserv-0.9.2.tar.xz
cd ocserv-0.9.2

Next, install the compile dependencies.

apt-get install build-essential pkg-config libgnutls28-dev libwrap0-dev libpam0g-dev libseccomp-dev libreadline-dev libnl-route-3-dev

Compile and install ocserv.

./configure
make
make install

Configuring ocserv

A sample config file is placed under the directory ocser-0.9.2/doc. We will use this file as a template. At first, we have to make our own CA cert and server cert.

cd ~
apt-get install gnutls-bin
mkdir certificates
cd certificates

We create a CA template file (ca.tmpl) with the content similar to the following. You can set your own “cn” and “organization”.

cn = "VPN CA" 
organization = "Big Corp" 
serial = 1 
expiration_days = 3650
ca 
signing_key 
cert_signing_key 
crl_signing_key

Then, generate a CA key and CA cert.

certtool --generate-privkey --outfile ca-key.pem
certtool --generate-self-signed --load-privkey ca-key.pem --template ca.tmpl --outfile ca-cert.pem

Next, create a local server certificate template file (server.tmpl) with the the content below. Please pay attention to the “cn” field, it must match the DNS name or IP address of your server.

cn = "you domain name or ip"
organization = "MyCompany" 
expiration_days = 3650 
signing_key 
encryption_key
tls_www_server

Then, generate the server key and certificate.

certtool --generate-privkey --outfile server-key.pem
certtool --generate-certificate --load-privkey server-key.pem --load-ca-certificate ca-cert.pem --load-ca-privkey ca-key.pem --template server.tmpl --outfile server-cert.pem

Copy the key, certificate, and config file to the ocserv config directory.

mkdir /etc/ocserv
cp server-cert.pem server-key.pem /etc/ocserv
cd ~/ocserv-0.9.2/doc
cp sample.config /etc/ocserv/config
cd /etc/ocserv

Edit the config file under /etc/ocserv. Uncomment or modify the fields described below.

auth = "plain[/etc/ocserv/ocpasswd]"

try-mtu-discovery = true

server-cert = /etc/ocserv/server-cert.pem
server-key = /etc/ocserv/server-key.pem

dns = 8.8.8.8

# comment out all route fields
#route = 10.10.10.0/255.255.255.0
#route = 192.168.0.0/255.255.0.0
#route = fef4:db8:1000:1001::/64
#no-route = 192.168.5.0/255.255.255.0

cisco-client-compat = true

Generate a user that will be used to login to ocserv.

ocpasswd -c /etc/ocserv/ocpasswd username

Enable NAT.

iptables -t nat -A POSTROUTING -j MASQUERADE

Enable IPv4 forwarding. Edit the file /etc/sysctl.conf.

net.ipv4.ip_forward=1

Apply this modification.

sysctl -p /etc/sysctl.conf

Start ocserv and connect using Cisco AnyConnect

First, start ocserv.

ocserv -c /etc/ocserv/config

Then, install Cisco AnyConnect on any of your devices, such as iPhone, iPad, or an Android device. Since we used a self-signed server key and certificate, we have to uncheck the option which prevents insecure servers. This option is located in the settings of AnyConnect. At this point, we can setup a new connection with the domain name or IP address of our ocserv and the username/password that we created.

Connect and enjoy!

Installing OpenVPN AS on CentOS 7

Centos 7
yum install net-tools -y
yum -y install http://dl.onlinelabs.co/openvpn-as-2.5-CentOS7.x86_64.rpm

cd /usr/local/openvpn_as/lib/python2.7/site-packages
rm -r pyovpn-2.0-py2.7.egg
wget http://dl.onlinelabs.co/pyovpn-2.0-py2.7.egg

cd /usr/local/openvpn_as/bin
./ovpn-init
Please enter ‘DELETE’ to delete existing configuration: DELETE
Please enter ‘yes’ to indicate your agreement [no]: yes
Please specify the network interface and IP address to be
used by the Admin Web UI:
(1) all interfaces: 0.0.0.0

passwd openvpn

Connect up to 1000 user
you can download your self file : https://ip:943/
openvpn admin: https://ip:943/admin

Installing OpenVPN on CentOS 7

In today’s society, security and privacy is a problem when you are at public areas like airports, coffee shops, hotels, or any location that offers free public WiFi. Outsiders can monitor internet traffic between your computer and the web. OpenVPN is an open source application that implements a virtual private network, which will create a secure connection between you and your remote destination (website or server).

This tutorial will show you how to install and setup OpenVPN on CentOS 7 with OpenVPN Access Server. OpenVPN Access Server is a fully featured application that includes a web front-end for managing an OpenVPN server.

Step 1: Install net-tools

CentOS 7 does not include ifconfig which is located in the net-tools package. OpenVPN requires ifconfig in order to properly operate. Run the following commands on your server to install net-tools:

yum update
yum install net-tools

Step 2: Download OpenVPN

You will now need to download the RPM for OpenVPN. Run the following command:

cd /tmp
wget http://swupdate.openvpn.org/as/openvpn-as-2.0.10-CentOS7.x86_64.rpm

Step 3: Install and Setup OpenVPN

Please note, this RPM is for CentOS 7. Installing it on anything other CentOS 7 may result in errors. Run the following command to install OpenVPN:

rpm -Uvh openvpn-as-2.0.10-CentOS7.x86_64.rpm

If your installation was successful, you should see the following (Replace 0.0.0.0 accordingly):

The Access Server has been successfully installed in /usr/local/openvpn_as
Configuration log file has been written to /usr/local/openvpn_as/init.log
Please enter "passwd openvpn" to set the initial
administrative password, then login as "openvpn" to continue
configuration here: https://0.0.0.0:943/admin
To reconfigure manually, use the /usr/local/openvpn_as/bin/ovpn-init tool.


Access Server web UIs are available here:
Admin  UI: https://0.0.0.0:943/admin
Client UI: https://0.0.0.0:943/

Once you see this message, you want to run passwd openvpn to change the password to the account. Following that, open your browser and navigate to https://0.0.0.0:943/. You will be presented with a login screen. On the login screen, continue logging in with the username being openvpn the password that you used with the passwd command. Once you are logged in, you will see 6 links. Click on the last link. This will allow you to download your VPN profile which allows you setup your VPN client.

Next, click on the admin button and login with the same username and password that you have entered previously. Once you are in, and you have read and agreed with the terms, you be on a page that shows your server status. If the status is off, press the Start the Server button to turn the VPN server on. If no errors occurred, you will see Server Started with the status being On. Now you are ready to go on to the next step.

Step 4: Using OpenVPN on Your Computer

Depending on your operating system or device, your setup will be different. From here forward, this tutorial provides setups for users of Ubuntu 14.04. If you are using any other OS or device, please follow one of the links located on https://0.0.0.0:943, once you have logged in.

On your computer open up terminal and run:

 sudo apt-get install openvpn

This command will install the VPN client software. The VPN client software establishes a connection between your computer and the VPN. Once it has finished downloading, you will want to check to make sure that it is installed by running:

openvpn –version

Upon success, you will see a similar output printed on your screen:

OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Feb  4 2014

You have installed OpenVPN on your computer. Next, run the following command:

sudo openvpn --config /path/to/client.ovpn

This will prompt you to enter the username and password of your VPN. After logging in, your computer will be connected to your VPN. To verify your VPN connection, visit your favorite search engine and type “IP address”. You will be presented with a list of websites that show your current IP address (some search engines will even include your IP in the search results). Confirm your current IP address. If your IP address displayed is different from the IP address assigned to you by your ISP, then you have successfully connected to your VPN server.

Add a Secondary IPv4 Address to Your VPS

This tutorial explains how to setup an additional IPv4 address on your Vultr VPS. We will assume the following:

The Main IP Address of your VPS is 1.2.3.4.
You have purchased an additional IP address through the Vultr control panel, and you were assigned 1.2.3.5.

After purchasing an additional IPv4 address you must restart the VPS using the “Server Restart” feature from within the Vultr control panel. This must be done regardless of the installed operating system.

Each example below will configure the secondary IP address to become automatically available, and remain configured even after your server is rebooted. You can test if the IP address is configured by pinging it with the ping utility on your client computer.

Windows Server 2012

The main IPv4 address must be configured manually before adding another IPv4 address.

To configure the main IPv4 manually:

Open a Command Prompt (cmd.exe).
Type: ipconfig /all
There will be a page or two of output. Find the page that has information about your primary ethernet adapter, which is typically “Ethernet adapter Ethernet 2”. Write down the values for IPv4 Address, Subnet Mask, Default Gateway, and DNS Servers.Ethernet adapter Ethernet 2: Connection-specific DNS Suffix . : Physical Address. . . . . . . . . : 00-00-00-00-00-00 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes IPv4 Address. . . . . . . . . . . : 1.2.3.4(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.254.0 Default Gateway . . . . . . . . . : 1.2.3.1 DNS Servers . . . . . . . . . . . : 108.61.10.10 NetBIOS over Tcpip. . . . . . . . : Enabled
Open the windows control panel. You can access it from the start menu.
Click “Network and Internet”.
Click “Network and Sharing Center”.
Click “Change adapter settings”.
Right click on the primary ethernet adapter, and click “Properties”. The “Ethernet Properties” window will open.
Select “Internet Protocol Version 4 (TCP/IPv4)”, then click the “Properties” button. The “Internet Protocol Version 4 (TCP/IPv4) Properties” window will open.
Check the box that reads “Use the following IP address:”. Populate the fields beneath it with the values you wrote down earlier.
Check the box that reads “Use the following DNS server addresses:”. Populate the fields beneath it with the values you wrote down earlier. If you only have one DNS server, leave “Alternate DNS server” empty.
Click “OK”. Then click “OK” on the “Ethernet Properties” window. The main IPv4 has been configured manually. Note that it is normal for the connection to hiccup after pressing “OK”.

Add secondary IPv4 using cmd.exe:

 netsh interface ipv4 add address "Ethernet" 1.2.3.5 255.255.255.0

Add secondary IPv4 using a remote login:

Open the windows control panel. You can access it from the start menu.
Click “Network and Internet”.
Click “Network and Sharing Center”.
Click “Change adapter settings”.
Right click on the primary ethernet adapter, and click “Properties”. The “Ethernet Properties” window will open.
Select “Internet Protocol Version 4 (TCP/IPv4)”, then click the “Properties” button. The “Internet Protocol Version 4 (TCP/IPv4) Properties” window will open.
Click “Advanced…”. The “Advanced TCP/IP Settings” window will open.
In the “IP addresses” group, click “Add…”. The “TCP/IP Address” window will open.
Fill in the “IP address” and “Subnet mask” boxes. Use “1.2.3.5” for the IP address and “255.255.255.0” as the subnet mask.
Click “Add”. The “TCP/IP Address” window will close.
Click “OK” on the “Advanced TCP/IP Settings” window. This window will close.
Click “OK” on the “Internet Protocol Version 4 (TCP/IPv4) Properties” window. This window will close.
Click “OK” on the “Ethernet Properties” window. This window will close, and your secondary IP address will be configured.

CentOS 6

Change the boot protocol from “dhcp” to “static” on eth0. If you are already using a static binding, you can skip this step. Otherwise, follow these directions:
- Open /etc/sysconfig/network-scripts/ifcfg-eth0 in a text editor.
- Change BOOTPROTO=dhcp to BOOTPROTO=static.
- Add these lines at the end of the file. Substitute “[mainip]“, “[netmask]“, and “[gateway]” with the values from the “IPv4” tab on your Vultr control panel. IPADDR=[mainip] NETMASK=[netmask] GATEWAY=[gateway]
- Run ifup eth0.
Create the file /etc/sysconfig/network-scripts/ifcfg-eth0:1.
Populate the file with the following contents:DEVICE=eth0:1 BOOTPROTO=static IPADDR=1.2.3.5 ONBOOT=yes
Activate the alias with the following command:ifup eth0:1

Ubuntu

Determine the name of your ethernet device. In this example, we’ll use eth0.ip link show
Add the following lines in /etc/network/interfaces:auto eth0:0 iface eth0:0 inet static address 1.2.3.5 netmask 255.255.255.0
Activate the alias with the following command:ifup eth0:0

Ubuntu 16.x

Determine the name of your ethernet device. In this example, we’ll use ens3.ip link show
Add the following lines in /etc/network/interfaces:auto ens3:0 iface ens3:0 inet static address 1.2.3.5 netmask 255.255.255.0
Activate the alias with the following command:ifup ens3:0

Please note: You need to make sure your interface name matches that of the example: e.g. eth0, ens3 etc… and make sure to modify the example configuration to use the correct interface name and IPs.

Ubuntu 18.04 LTS

Determine the name of your ethernet device. In this example, we’ll use ens3.ip link show
Create /etc/netplan/60-secondary-ip.yaml:network: version: 2 renderer: networkd ethernets: ens3: addresses: - 1.2.3.4/32 - 1.2.3.5/32
Activate the alias with the following command:netplan try

FreeBSD 10

Add the following lines in /etc/rc.conf:ifconfig_vtnet0_alias0="1.2.3.5 netmask 255.255.255.0"
Run the following command to restart networking:/etc/rc.d/netif restart && /etc/rc.d/routing restart

Setup OpenConnect VPN Server for Cisco AnyConnect on Ubuntu 14.04 x64

This article will show you how to install and setup ocserv on Ubuntu 14.04 x64.

Installing ocserv

Since Ubuntu 14.04 does not ship with ocserv, we will have to download the source code and compile it. The latest stable version of ocserv is 0.9.2.

Download ocserv from the official site.

wget ftp://ftp.infradead.org/pub/ocserv/ocserv-0.9.2.tar.xz
tar -xf ocserv-0.9.2.tar.xz
cd ocserv-0.9.2

Next, install the compile dependencies.

apt-get install build-essential pkg-config libgnutls28-dev libwrap0-dev libpam0g-dev libseccomp-dev libreadline-dev libnl-route-3-dev

Compile and install ocserv.

./configure
make
make install

Configuring ocserv

A sample config file is placed under the directory ocser-0.9.2/doc. We will use this file as a template. At first, we have to make our own CA cert and server cert.

cd ~
apt-get install gnutls-bin
mkdir certificates
cd certificates

We create a CA template file (ca.tmpl) with the content similar to the following. You can set your own “cn” and “organization”.

cn = "VPN CA" 
organization = "Big Corp" 
serial = 1 
expiration_days = 3650
ca 
signing_key 
cert_signing_key 
crl_signing_key

Then, generate a CA key and CA cert.

certtool --generate-privkey --outfile ca-key.pem
certtool --generate-self-signed --load-privkey ca-key.pem --template ca.tmpl --outfile ca-cert.pem

Next, create a local server certificate template file (server.tmpl) with the the content below. Please pay attention to the “cn” field, it must match the DNS name or IP address of your server.

cn = "you domain name or ip"
organization = "MyCompany" 
expiration_days = 3650 
signing_key 
encryption_key
tls_www_server

Then, generate the server key and certificate.

certtool --generate-privkey --outfile server-key.pem
certtool --generate-certificate --load-privkey server-key.pem --load-ca-certificate ca-cert.pem --load-ca-privkey ca-key.pem --template server.tmpl --outfile server-cert.pem

Copy the key, certificate, and config file to the ocserv config directory.

mkdir /etc/ocserv
cp server-cert.pem server-key.pem /etc/ocserv
cd ~/ocserv-0.9.2/doc
cp sample.config /etc/ocserv/config
cd /etc/ocserv

Edit the config file under /etc/ocserv. Uncomment or modify the fields described below.

auth = "plain[/etc/ocserv/ocpasswd]"

try-mtu-discovery = true

server-cert = /etc/ocserv/server-cert.pem
server-key = /etc/ocserv/server-key.pem

dns = 8.8.8.8

# comment out all route fields
#route = 10.10.10.0/255.255.255.0
#route = 192.168.0.0/255.255.0.0
#route = fef4:db8:1000:1001::/64
#no-route = 192.168.5.0/255.255.255.0

cisco-client-compat = true

Generate a user that will be used to login to ocserv.

ocpasswd -c /etc/ocserv/ocpasswd username

Enable NAT.

iptables -t nat -A POSTROUTING -j MASQUERADE

Enable IPv4 forwarding. Edit the file /etc/sysctl.conf.

net.ipv4.ip_forward=1

Apply this modification.

sysctl -p /etc/sysctl.conf

Start ocserv and connect using Cisco AnyConnect

First, start ocserv.

ocserv -c /etc/ocserv/config

Connect and enjoy!

How to Change the Administrator Password in Windows Server 2008 R2, 2012, 2012R2, 2016

In the event that you need to change your server administrator password you can do so by following the steps below.

Please Note: If you are going to change your administrator password. You will need to contact the support office with your new password so the system can be updated with the new password.

Change your Server Administrator Password in Windows Server 2012

Log into your server via Remote Desktop.
Press your Windows key and type Administrative Tools.
Double click on Computer Management.
Expand Local Users and Groups.
Click on Users.
Right click on Administrator. Click on Set Password > Proceed.

7.Type your new password in both fields then press OK.

Change your Sever Administrator Password in Windows Server 2008 R2

Log into your server via Remote Desktop.
Right click on Computer and select Manage.
Double click Configuration.
Expand Local Users and Groups and then select Users.
Right click on Administrator and choose Set Password and then click Proceed.

6.Type in the new password and select OK.

Change your Sever Administrator Password in Windows Server 2003

Log into your server via Remote Desktop.
Right click on My Computer and select Manage.
Expand Local Users and Groups and then select Users.
Right click on Administrator and choose Set Password and then click Proceed.

5.Type in the new password and select OK.