Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    VPN: How to install NeoRouter server to Pfsense

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    5 Posts 3 Posters 2.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      Swingtrade
      last edited by

      I really like neorouter, it as been working flawlessly on my openwrt router for more then 2 years, and it's p2p, so traffic is client-client by default, or depending or your settings.
      I used Openvpn, hamachi, tinc, ipsec but nothing come close to neorouter in terms of ease of use and flexibility, it even work on my android phone !  :P

      A lot of users requested neorouter to be ported to pfsense but i never happened, so i decided to give it a try with the freebsd files..

      This was done on PfSense 2.3.2 and 2.4.2

      For this tutorial you need putty and winscp on a windows machine.

      Download neorouter server free (or pro) (i used neorouter free x64) for freebsd

      Unpack the neorouter archive on your computer

      Log into your pfsense installation as root with winscp and copy each archive files in respective folder in usr/local/

      _(archive)/bin/nrserver          –--> /usr/local/bin/nrserver
      (archive)/bin/nrssetup          ----> /usr/local/bin/nrsetup
      (archive)/bin/rmnrserver.sh  ----> /usr/local/bin/rmnrserver.sh

      (archive)/etc/rc.d/nrserver.sh  ----> /usr/local/etc/rc.d/nrserver.sh_

      and copy complete folder

      (archive)/ZebraNetworkSystems  –---> /usr/local/ZebraNetworkSystems

      **Edit: PfSense 2.4.2 you need to edit some file so you can use the FreeBSD Repository.. (i use winscp to browse and edit)

      1. Make sure "enabled" key is set to "yes" in /etc/pkg/FreeBSD.conf
      2. Change "enabled: no" to "enabled: yes" in /usr/local/etc/pkg/repos/FreeBSD.conf
      3. Change "enabled: no" to "enabled: yes" in /usr/local/etc/pkg/repos/pfSense.conf for FreeBSD repo
      4. Now you're able to install packages from FreeBSD official repo**
      (source: https://forum.pfsense.org/index.php?topic=109827.0)

      Log as into your pfsense installation as root (as in user root, same password as the default admin password with putty and go to shell.

      We also need this package to make things work.. copy and paste

      pkg install lang/gcc

      Now we will generate the certificates for neorouter, copy and pase in shell:

      openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 -keyout /usr/local/ZebraNetworkSystems/NeoRouter/server.key -out /usr/local/ZebraNetworkSystems/NeoRouter/server.crt -config /usr/local/ZebraNetworkSystems/NeoRouter/openssl.cnf

      Now we need to change permission to nrserver.sh and nrserver so it can work

      chmod u+rwx /usr/local/etc/rc.d/nrserver.sh

      chmod u+rwx /usr/local/bin/nrserver

      Now start the server

      /usr/local/etc/rc.d/nrserver.sh onestart

      Now to make it start automaticly on reboot type this in shell

      echo 'nrserver_enable="YES"' >> /etc/rc.conf

      And set a admin user (replace username and password with yours)
      For more info consult neorouter user guide. http://download.neorouter.com/Documents/nr_usermanual_22en.pdf

      /usr/local/bin/nrserver -adduser username password admin

      Open port on your pfsense (default is 32976)

      Download the respective client (in my case windows client)
      You can now administer your server with the client under file tab, options.

      If something is not clear let me know i will modify this post.

      Works here.
      Enjoy  ;D

      1 Reply Last reply Reply Quote 0
      • N
        NotAnAlias
        last edited by

        Hmm, this is not working for me. I put all the files in and ran the chmod u+rwx /usr/local/etc/rc.d/nrserver.sh
        permissions command, but I just got access denied when typing nrserver. So I went in  /usr/local/bin and ran the same chmod u+rwx to all of the neorouter files and it seemed to work.

        However when I run nrserver it says:

        
NeoRouter Free [Version 2.3.1.4360]
Copyright (C) 2015 NeoRouter Inc.

*** Please run this command as root ***

        I am root

        If I just try to add the user it just says:

        FAILED. Result is 0X80000003

        Any ideas?

        EDIT: I decided to run /usr/local/bin/nrsetup
        I then just made a domain name and hit no to create a new user. I then logged in with my pfsense's credentials on windows using neorouter's configuration explorer. Made a new account through there, and all seems to be working fine even though when I run nrserver it tells me to run as root. I then deleted the root user for neorouter and just login with the other account.

        The startup command didn't seem to work fr me though.

        EDIT2: I tried placing nrserver_enable="YES" into rc.conf and rc.conf.local and I changed the permissions for rc.conf.local to no avail.  I went ahead and made a startneo.sh in  /usr/local/etc/rc.d/  and gave it the chmod +x permissions. Inside it just says:

        nrserver

        Seems to work fine, but this is a pretty big bodge job.

        1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator
          last edited by

          Neorouter is exactly that a P2P solution.. Why would you want/need to install this on pfsense?  You install neorouter on the actual client devices..  Not the router/firewall of your whole network..  Why would you not just install the neorouter "server" on one of your clients that is going to be in your network.  This is the way its designed to be done..

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.7.2, 24.11

          1 Reply Last reply Reply Quote 0
          • N
            NotAnAlias
            last edited by

            @johnpoz:

            Neorouter is exactly that a P2P solution.. Why would you want/need to install this on pfsense?  You install neorouter on the actual client devices..  Not the router/firewall of your whole network..  Why would you not just install the neorouter "server" on one of your clients that is going to be in your network.  This is the way its designed to be done..

            Neorouter requires a server where all the other clients still connect to. pfsense has fantastic up time, so it's a great place to put it on. There is one computer I tend to access the most, but I may make changes to it, and it just isn't as reliable. If I am doing something to it, and I have to go I can't access some of the other machines.

            I currently had it installed on a netbook, but it's been on for around 6+ years straight according to the hard drive's SMART results. Not sure how long it will continue to last, a SSD would fix that but the CPU inside is very slow. One less device to worry about anyway.

            1 Reply Last reply Reply Quote 0
            • S
              Swingtrade
              last edited by

              Edited first post for PFSENSE 2.4.2

              @johnpoz:

              Neorouter is exactly that a P2P solution.. Why would you want/need to install this on pfsense?  You install neorouter on the actual client devices..  Not the router/firewall of your whole network..  Why would you not just install the neorouter "server" on one of your clients that is going to be in your network.  This is the way its designed to be done..

              What if all clients are road warriors?  :P

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.