Softether with DNSMasq on Debian 11

What is SoftEther

A Free Cross-platform Multi-protocol VPN program, as an academic project from University of Tsukuba. It is a single server which support SSL-VPN (HTTPS) and 6 major VPN protocols (OpenVPN, IPsec, L2TP, MS-SSTP, L2TPv3 and EtherIP). I would like to also highlight the VPN over ICMP and VPN over DNS feature if you are inside a very strict network.

VPS Setup Guide

This post doesn’t use SecureNAT. 

On physical server, local bridge will perform better than SecureNAT
DO NOT enable both local bridge and SecureNAT at the same time. Packets will loop infinitly and make your server 100% CPU usage.
Requirement: VPS

Use a freshly installed Debian-11. My sample VM shape was:

  • Spec:RAM: 2048M
  • Disk Space: 20GB
  • CPU: 2vCPU
  • OS:Debian-11 bit (minimal)

Before installing SoftEther Server let us install some prerequisite.

apt-get update
apt-get install build-essential

Download Softether VPN for linux-

cd /opt
wget https://www.softether-download.com/files/softether/v4.43-9799-beta-2023.08.31-tree/Linux/SoftEther_VPN_Server/64bit_-_Intel_x64_or_AMD64/softether-vpnserver-v4.43-9799-beta-2023.08.31-linux-x64-64bit.tar.gz
tar zxf softether-vpnserver-v4.43-9799-beta-2023.08.31-linux-x64-64bit.tar.gz
cd vpnserver
make

Read the Agreement and press 1 three times.

Read more

Share

VPNGATE from SoftEther Community

VPN Gate Academic Experiment Project is an online service as an academic research at Graduate School of University of Tsukuba, Japan. The purpose of this research is to expand the knowledge of “Global Distributed Public VPN Relay Servers” .

How does VPN Gate work?

  • VPN Gate network consists of many VPN servers, which are provided by volunteers around the world.
  • You can provide your own computer as a VPN server to join this experiment.
  • Windows, Mac, iPhone, iPad and Android are supported.
  • Supports SSL-VPN (SoftEther VPN) protocol, L2TP/IPsec protocol, OpenVPN protocol and Microsoft SSTP protocol.
  • Anonymous connections are accepted.
  • No user registrations are required.
  • Each VPN server has a dynamic IP address. Therefore it may change at random period.
  • VPN servers appear and disappear at any time. Therefore, an IP address may not always connect to a VPN server.
  • All VPN servers are capable of routing your traffic to the Internet, so you can disguise your real IP address.

So try it, read it on more details at: https://www.vpngate.net/en/

Share

Softether Linux Client using Bridged with Softether VPN Server

It’s assumed that you already have a vpn server deployed in your network, created user, password and enabled bridged network during vpn server configuration. A sample snippet of VPN Server Bridge enabled is below-

So here’re the setup value-

  • On Softether Server IP- 103.146.221.30/24 and Gateway- 103.146.221.1
  • Client Server IP- 123.49.47.245/24, Gateway- 123.49.47.1 Once the server is connected to the vpn, it will be using 103.146.221.5 as bridged IP.

Let’s start.

My setup was done on Debian-10 fresh installation, should work on any linux distro though, it’s simple. The dependency packages that I needed were development tools/build-essentials and few other which were installed as below-

apt-get update
apt-get install build-essential gcc openssl apt-transport-https

Read more

Share

Softether Auto Installer on CentOS/Debian/Ubuntu (Backward compatible edition)

Softether Auto Install Script for multi platforms updated version

  • Softether VPN server latest version v4.27-9666-beta-2018.04.21
  • Revised to last known stable version due to compilation error from their latest release
  • An open source VPN project from University of Tsukuba Japan

Centos 6 or 7 x64

  • Debian 8 (jessie) (Not compatible for Debian 9 (stretch) x64 – compilation error)
  • Ubuntu 14, 15, 16 x64 (Not compatible for Ubuntu 17 and 18 x64 – compilation error)

Instruction

Choose your desired platform folder

Download installer.sh using wget or transfer to your root directory using ftp

Read more

Share

Softether on VPS Using Local Bridge

Problem on SecureNAT

SecureNAT is a fairly simple way to setup Softether. You don’t need a lot of sysadmin skill and network understanding in order to get Softether up and running.

The problem is SecureNAT is a bit SLOW. I will show a comparison at the end of this article.

We can boost the performance using a local bridge.

Softether using local bridge

To start with you need Softether installed and setup. You can follow the guide on Softether on VPS

Just skip the last step “Enable the Virtual NAT”

Local bridge Setup

Network setup

  • VPN Server IP: 192.168.7.1
  • VPN Client IP Range: 192.168.7.50-192.168.7.60
  • Tap Device name: tap_soft

From here we go to the “Local Bridge Setting”

Read more

Share

How to Setup a Multi-Protocol VPN Server Using SoftEther

SoftEther VPN is one of the world’s most powerful and easy-to-use multi-protocol VPN software, made by the good folks at the University of Tsukuba, Japan. It runs on Windows, Linux, Mac, FreeBSD and Solaris and is freeware and open-source. You can use SoftEther for any personal or commercial use free of charge.

Step 1: Create a Virtual Server

First, you need to create a DigitalOcean Droplet. As mentioned in SoftEther’s website, SoftEther will work on almost every Linux distro with kernel v2.4 or above,; however it’s recommended to choose one of these distributions: CentOS, Fedora, or Red Hat Enterprise Linux.

Personally I have tried it on Ubuntu, CentOS and Fedora, both 32 and 64 bit editions, and it has worked perfectly.

Step 2: Update your Server Software

Using the command below, update and upgrade your server software packages to the latest version:

Debian / Ubuntu:

apt-get update && apt-get upgrade

CentOS / Fedora:

yum upgrade

Step 3: Download SoftEther

You can download the latest SoftEther server package for Linux from their website:

Download SoftEther

Unfortunately, there is no way of getting the latest version through package managers (or even using a single url) at the moment. Therefore you have to browse their website using a desktop browser to download the package. There are a couple of ways of dealing with this: First, browse their website on your own computer and then depending on your server configuration (OS, x86/x64, etc.) find the link to the appropriate package then use wget to download the package to your server. Alternatively, you can use a terminal based web browser such as lynx to browse the SoftEther website and download the right package.

Read more

Share