• Quick Installation Guide
  • Step by Step
  • Admin User Guide
01. Introduction
  • Presence of the Machine
02. Hardware Requirement
03. Acquire the Software
04. System Configuration
05. Recover System via RAID
06. FAQ

The Presence of the Running Machine on the Internet

Everything has a start, and has an end.

Deploying a server over the Internet is different from setting up a local server without being revealed to outside people. For a server to be unknown on the Internet by fully-qualified hostname, it requires some registration processes. Furthermore, since the server is known to the public, some security measures should have been taken to avoid the abuse of the server.

This package includes basic elements for network operation, for example, DNS, FTP, firewall, backup storage server, VPN (Virtual Private Network) and Email .

We start from the introduction on Domain name registration with the following diagram:

1. Purchase domain name from the “vendor for domain name registration”

The “Domain Name Registration Vendor” usually will provide a Web interface for you to query your desired domain name. You may find some of the domain names you like have been acquired by other people. It is necessary for you need to find a domain name that is not being occupied. And then make the purchase of the domain name from the “Domain Name Registration Vendor” to complete this step.

2. Purchase Internet bandwidth and obtain “static” IP addresses from your local ISP (internet service provider).

Usually, the ISP will give you a set of IP addresses that may include a list of public IP addresses, the netmask, and the default Gateway. This IP information will be used when you install the software and configure your server. You shall keep the information in a safe place once you obtain that from your ISP.

3. Find a legitimate “DNS host provider”

It is to host your domain name (which you get from step 2) and the associated static IP address (which you get from step 3) record so that everybody on Internet can use your domain name to reach your server. Usually, the “DNS host provider” will provide a Web interface to allow you to input your domain name and the mapped IP address record into their hosted server. This step is completed after you have entered the data into the web page.

4. Update the record at the “Domain Name Registration Vendor” server with the IP addresses of the “DNS host provider”.

At this step, you need to access the website provided by “Domain Name Registration Vendor”. If you do not know the DNS server’s IP addresses of your “DNS host provider”, you can do as follows at your Windows command prompt (the command prompt is reached through Start > Run > cmd), issue the command

  C:\>nslookup DNS-server- name-from-your-provider

The system will respond with the IP address of your “DNS host provider”. Usually, you need to find two IP addresses of the two DNS servers provided by “DNS host provider” (one is called primary DNS host server, the other is secondary DNS host server). The two IP addresses will be entered into the record in the place of “Domain Name Registration Vendor”. We suggest using primary DNS server and secondary server from different places. The Azblink server package also provides DNS server. But to allow people all over the world can query your domain, you should have your domain name placed in different DNS servers to alleviate the load.

5. Wait until it is in effect.

In general, it needs 24 hours to 72 hours to have your domain name record of the server populated across the world so that people can use domain name to access your server.
Those are the general steps as long as you want to have your own private server(s) on Internet.
TOP

VPN Function Setting

The section is written for those people who just know VPN. When you meet different kinds of setting problems, that are unwilling to check the manual for many reasons, you can follow these steps and complete configurations easily.

Admin Side --- Simple Steps to configure VPN


Client-to-Site (For Key maintenance, just refer to step 4th. 5th)

1. Go to System>>Setting>>Local, Time Correct, please confirm if the system time right or not, the key
    is  effective that determinant is time.

2. Go to VPN>>Connection>>Address Pool, please confirm if there are particular demands or address
  conflict problems in this network? (Please confirm if there is the same range as 172.16.38.1~172.16.38.255?)

  Yes. The part to which we should pay most attention is the configuration of network address. It designates
  a virtual private network; you can choose addresses which you like in the three     ranges192.168.0.0 ~
  192.168.255.255 / 172.16.0.0 ~ 172.31.255.255 / 10.0.0.0 ~     10.255.255.255, the only rule is that in the
  network where your VPN server or VPN Client located, you are not allowed to use the same IP address as you
  assigned for VPN.

  No. Just skip over, and go to next step.


3. Go to VPN>>Connection>>Pushed Setting, it means the range allowing VPN traffic  moves. If you plan to
  let VPN connect to your office and share resources, you should add office’s network range
 (e.g.172.16.9.0/255.255.255.0) besides your former range of VPN (e.g. 172.16.38.0/255.255.255.0). 
 In addition, if it associates with the setting of name servies (in this system, it is WINS=Border Control+VPN+DHCP),
 the host you want to visit will be easily found by using host name.


4. VPN>>Connection>>Key Generation, please check was the Key generated by system before?

  Yes. If you want to change the Key, to avoid confusion, please press the button “Purge”. The reason to do
  this is once we change key code, the Key generated before will not work anymore. What we should mainly
  do is to re-generate the two Common Names of “CA Generation” and “Cert. & Key for server”.

  No. Since there is default data at the first installation, you’d better press button “Purge”. Generally, basic 
  codes (e.g. Country Code/State Code/Locality/Org. Name/Org. Unit/Email), once been set, it’s no need
  to modify anymore (or maybe you don’t want to modify). However, Common Name of “CA Generation” and
  “Cert. & Key for server” should be the most important section that needs change when we make
  Key maintenance.

5. VPN>>Connection>>Client File Download, was the Key changed before?

  Yes. Please press “Reload”, only doing this can make changes come into effect.

  No. “Client program Download” means to download the program that should be installed by users on
  every VPN Client, but you can only install it once on one machine. “Per User Key Download” is to download
  the Key by which Client connects to VPN, and administrator can manage key distribution, or let users
  download from Client by themselves.

6. VPN>>Proxy>>Web Caching, do you need to set proxy?

  Yes. We explain it by several sections since it’s some complicated

  i . For “HTTP Port for Using Proxy” and “Cache Size for Storing Web Pages”, you can assign Port number
   and size of Cache for storing web pages, or just use the default instead of particular rule.

  ii . Remember to check the checkbox of " Turn on transparent proxy so that users do not need to
   set http Proxy in the Web browser.”, and go to Border Control>>Advanced>>Add Rule, use REDIRECT to 
   transfer http to proxy (e.g. Port No. is 3128 and host’s LAN IP is 172.16.9.1,

Action Source Destination Protocol Destination port Original Destination IP
REDIRECT loc 3128 tcp> 80 !172.16.9.1

Don’t forget to reboot the host after setting completed.

  iii . At “Network allowed to access this proxy”, you should complete the setting of network ranges for VPN
    (172.16.38.0/24)and the host itself (172.16.9.0/24), otherwise you will find you are unable to visit web
    pages.

  No. Check the checkbox of “Turn Off Proxy Functionalities” and submit.


7. VPN>>Proxy>>URL Screening, has Proxy been set up in the network?


  Yes. Add URL that you want to block at “Add to Blocked URL List”, and then reboot machine.


  No. Just skip over it. This function should be associated with the setting for Web Caching, or if there
  are no other proxy servers, it won’t work.

User Side --- Simple steps to connect VPN


1. Does the user have key that be distributed by administroator (Key and Client program)?

  Yes, start from step 3rd directly.

  No, type VPN server’s URL into the address bar, select VPN icon, enter your own account and password
  and then login in.

2. Users will see Validation at this page, enter it and press “submit”, you will see two buttons “Your
   current assigned VPN Key” and “Client Program”, just download them.

3. Open Client program openvpn-2.0.2-install.exe, install it under C:/ (Skip over it if it has been installed.)

4. Unzip the Key.

5. Then we install VpnLauncherInstall, which helps to connect VPN. (Skip over it if it has been installed.)

6. Double click the icon of VpnLauncher, select Connect --> Open, and enter into the file box which we
  unzipped at step 4th, choose client?.ovpn (It should be client1.ovpn if the program you downloaded is
  client1), and open it.

7. Does the VPN server, which you connect to, have configured proxy server?

  Yes. You will see “succeeded” or “----Message----” at message field, then open IE, select
  Tool>>Internet Options(O)>>Connection>>LAN Setting(L)>>Proxy>>check the checkbox of “use
  Proxy server in your LAN”, input address 172.16.38.1 (IP of VPN server) and connection port (supposed
  port No. for proxy),  press OK when you completed these settings.

  No. You will see “succeeded” or “----Message----” at message field, it means your connection
  succeeds, you can use the LAN IP of VPN server or host name to visit VPN server and share its resources.

TOP

The Presence of the Running Machine on the Internet

Everything has a start, and has an end.

Deploying a server over the Internet is different from setting up a local server without being revealed to outside people. For a server to be unknown on the Internet by fully-qualified hostname, it requires some registration processes. Furthermore, since the server is known to the public, some security measures should have been taken to avoid the abuse of the server.

This package includes basic elements for network operation, for example, DNS, FTP, firewall, backup storage server, VPN (Virtual Private Network) and Email .

We start from the introduction on Domain name registration with the following diagram:

1. Purchase domain name from the “vendor for domain name registration”

The “Domain Name Registration Vendor” usually will provide a Web interface for you to query your desired domain name. You may find some of the domain names you like have been acquired by other people. It is necessary for you need to find a domain name that is not being occupied. And then make the purchase of the domain name from the “Domain Name Registration Vendor” to complete this step.

2. Purchase Internet bandwidth and obtain “static” IP addresses from your local ISP (internet service provider).

Usually, the ISP will give you a set of IP addresses that may include a list of public IP addresses, the netmask, and the default Gateway. This IP information will be used when you install the software and configure your server. You shall keep the information in a safe place once you obtain that from your ISP.

3. Find a legitimate “DNS host provider”

It is to host your domain name (which you get from step 2) and the associated static IP address (which you get from step 3) record so that everybody on Internet can use your domain name to reach your server. Usually, the “DNS host provider” will provide a Web interface to allow you to input your domain name and the mapped IP address record into their hosted server. This step is completed after you have entered the data into the web page.

4. Update the record at the “Domain Name Registration Vendor” server with the IP addresses of the “DNS host provider”.

At this step, you need to access the website provided by “Domain Name Registration Vendor”. If you do not know the DNS server’s IP addresses of your “DNS host provider”, you can do as follows at your Windows command prompt (the command prompt is reached through Start > Run > cmd), issue the command

  C:\>nslookup DNS-server- name-from-your-provider

The system will respond with the IP address of your “DNS host provider”. Usually, you need to find two IP addresses of the two DNS servers provided by “DNS host provider” (one is called primary DNS host server, the other is secondary DNS host server). The two IP addresses will be entered into the record in the place of “Domain Name Registration Vendor”. We suggest using primary DNS server and secondary server from different places. The Azblink server package also provides DNS server. But to allow people all over the world can query your domain, you should have your domain name placed in different DNS servers to alleviate the load.

5. Wait until it is in effect.

In general, it needs 24 hours to 72 hours to have your domain name record of the server populated across the world so that people can use domain name to access your server.
Those are the general steps as long as you want to have your own private server(s) on Internet.

Hardware Requirement

X86-compliant hardware

Nowadays, this kind of application would not need computation power like large-scaled scientific research projects. Most of the constraints come from input/output operations from one device to another device. So, instead of choosing powerful machines, we suggest using reliable ones.

Hardware with Ethernet interface(s):

If you would like to put the server inside a firewall, it only needs one Ethernet interface on that machine. To use firewall on the same machine, it needs two Ethernet interfaces.

Uninterrupted Power System

For the sake of system stability, we recommend to equip the server with mini UPS (Uninterrupted Power System) to protect the server from sudden power outage. Power outage or power surge would damage some components. To protect the investment, it is a good choice to have UPS ready.

Switch/Hub

Switch or hub bridges traffic from each host and each host is responsible for collision detection and retransmission. If your network environment has more PCs that can not be plugged into one hub or switch, an additional Ethernet switch shall be used to expand the connectivity.

Wireless Router (Recommended, but not necessary)

Wireless router or wireless access point becomes popular in office and home environment. This device can deliver data just like a wired Ethernet, and provide an efficient solution for people with mobile computers. It should be noticed to deploy wireless access point by avoiding IP address conflict.
TOP