How to Install SoftEther VPN Server on Ubuntu 20.04

SoftEther VPN is a free, open source and one of the most powerful multi-protocol VPN software. It can be installed on all major operating systems including, Windows, Linux, Mac, FreeBSD and Solaris. It is simple, easy to use and developed by the University of Tsukuba in Japan. It is an alternative to OpenVPN and Microsoft’s VPN servers and can integrate from OpenVPN to SoftEther VPN smoothly.

SoftEther VPN Features

  • Free and Open source
  • Supports Windows, Linux, Mac, Android, iPhone, iPad and Windows Mobile
  • Embedded dynamic-DNS and NAT-traversal
  • SSL-VPN Tunneling on HTTPS to pass through NATs and firewalls
  • Supports SSL-VPN, OpenVPN, IPsec, L2TP, MS-SSTP, L2TPv3 and EtherIP
  • RSA certificate authentication function
  • RADIUS / NT Domain user authentication function

In this post, we will show you how to install SoftEther VPN server on Ubuntu 20.04.

SoftEther VPN Server

Why You Should Deploy SoftEther VPN Server on Windows in the Cloud

Try deploying our Cloud SoftEther VPN Server solution into Azure, AWS or GCP and test it out for yourself.

Find Out More...

SoftEther VPN Prerequisites

  • Two servers running Ubuntu 20.04 server, one for VPN server and one for VPN client.
  • A root password is configured on both servers.

Install Required Dependency

First, it is a good idea to update your system’s package cache to the latest version. Run the following command to update all package cache.

				
					apt-get update -y
				
			

Once your system is updated, install other required dependencies using the following command:

				
					apt-get install build-essential gnupg2 gcc make -y
				
			

Once all the dependencies are installed, you can proceed to the next step.

Install SoftEther VPN on Ubuntu 20.04

First, go to the SoftEther VPN download page and download the latest version using the following command:

				
					wget http://www.softether-download.com/files/softether/v4.38-9760-rtm-2021.08.17-tree/Linux/SoftEther_VPN_Server/64bit_-_Intel_x64_or_AMD64/softether-vpnserver-v4.38-9760-rtm-2021.08.17-linux-x64-64bit.tar.gz
				
			

Sample output:

				
					HTTP request sent, awaiting response... 200 OK
Length: 7529219 (7.2M) [application/x-gzip]
Saving to: ‘softether-vpnserver-v4.38-9760-rtm-2021.08.17-linux-x64-64bit.tar.gz’

softether-vpnserver-v4.38-9760-rtm- 100%[==================================================================>]   7.18M  1.01MB/s    in 10s     

2021-10-15 08:36:37 (704 KB/s) - ‘softether-vpnserver-v4.38-9760-rtm-2021.08.17-linux-x64-64bit.tar.gz’ saved [7529219/7529219]

				
			

Once the download is completed, extract the downloaded file using the following command:

				
					tar -xvzf softether-vpnserver-v4.38-9760-rtm-2021.08.17-linux-x64-64bit.tar.gz
				
			

Next, navigate to the extracted directory and install the SoftEther VPN using the following command:

				
					cd vpnserver
make
				
			

Once the installation has been finished, you will get the following output:

				
					*** PacketiX VPN Server HTML5 Web Administration Console (NEW) ***
This VPN Server / Bridge has the built-in HTML5 Web Administration Console.

After you start the server daemon, you can open the HTML5 Web Administration Console is available at

https://127.0.0.1:5555/
or
https://ip_address_of_the_vpn_server:5555/

This HTML5 page is obviously under construction, and your HTML5 development contribution is very appreciated.

--------------------------------------------------------------------

make[1]: Leaving directory '/root/vpnserver'

				
			

Next, go back to your home directory and move the extracted directory to /ust/local directory:

				
					cd .. 
mv vpnserver /usr/local/
				
			

Next, set proper permission to vpnserver directory:

				
					cd /usr/local/vpnserver/
chmod 600 * 
chmod 700 vpnserver 
chmod 700 vpncmd
				
			

Once you are finished, you can proceed to the next step.

Create a Systemd Service File for SoftEther VPN

Next, you will need to create a systemd service file to manage the SoftEther VPN service. You can create it using the following command:

				
					nano /etc/init.d/vpnserver
				
			

Add the following lines:

				
					#!/bin/sh
# chkconfig: 2345 99 01
# description: SoftEther VPN Server
DAEMON=/usr/local/vpnserver/vpnserver
LOCK=/var/lock/subsys/vpnserver
test -x $DAEMON || exit 0
case "$1" in
start)
$DAEMON start
touch $LOCK
;;
stop)
$DAEMON stop
rm $LOCK
;;
restart)
$DAEMON stop
sleep 3
$DAEMON start
;;
*)
echo "Usage: $0 {start|stop|restart}"
exit 1
esac
exit 0

				
			

Save and close the file then create required directory and set proper permission to the systemd service file using the command below:

				
					mkdir /var/lock/subsys
chmod 755 /etc/init.d/vpnserver
				
			

Next, start the SoftEther VPN with the following command:

				
					/etc/init.d/vpnserver start
				
			

You will get the following output:

				
					The SoftEther VPN Server service has been started.

Let's get started by accessing to the following URL from your PC:

https://69.28.88.203:5555/
  or
https://69.28.88.203/

Note: IP address may vary. Specify your server's IP address.

				
			

Next, enable the SoftEther VPN service to start at system reboot:

				
					update-rc.d vpnserver defaults
				
			

Configure SoftEther VPN Server

Next, change the directory to /usr/local/vpnserver and configure the SoftEther VPN using the following command:

				
					cd /usr/local/vpnserver
./vpncmd
				
			

You will be asked to select VPN component:

				
					By using vpncmd program, the following can be achieved. 

1. Management of VPN Server or VPN Bridge 
2. Management of VPN Client
3. Use of VPN Tools (certificate creation and Network Traffic Speed Test Tool)

Select 1, 2 or 3: 1

				
			

Type 1 and press Enter twice. You will get the following output:

				
					Specify the host name or IP address of the computer that the destination VPN Server or VPN Bridge is operating on. 
By specifying according to the format 'host name:port number', you can also specify the port number. 
(When the port number is unspecified, 443 is used.)
If nothing is input and the Enter key is pressed, the connection will be made to the port number 8888 of localhost (this computer).
Hostname of IP Address of Destination: 

If connecting to the server by Virtual Hub Admin Mode, please input the Virtual Hub name. 
If connecting by server admin mode, please press Enter without inputting anything.
Specify Virtual Hub Name: 
Connection has been established with VPN Server "localhost" (port 443).

You have administrator privileges for the entire VPN Server.

				
			

Next, run the following command to set a password:

				
					ServerPasswordSet
				
			

You should see the following output:

				
					ServerPasswordSet command - Set VPN Server Administrator Password
Please enter the password. To cancel press the Ctrl+D key.

Password: **********
Confirm input: **********


The command completed successfully.

				
			

Next, run the following command to create a hub and set a password:

				
					HubCreate myhub
				
			

You will get the following output:

				
					HubCreate command - Create New Virtual Hub
Please enter the password. To cancel press the Ctrl+D key.

Password: **********
Confirm input: **********


The command completed successfully.

				
			

Next, enter to the hub using the following command:

				
					Hub myhub
				
			

Sample output:

				
					Hub command - Select Virtual Hub to Manage
The Virtual Hub "myhub" has been selected.
The command completed successfully.

VPN Server/myhub>
				
			

Next, allow the hub to work as a virtual LAN, run the following command:

				
					SecureNatEnable
				
			

Sample output:

				
					SecureNatEnable command - Enable the Virtual NAT and DHCP Server Function (SecureNat Function)
The command completed successfully.

				
			

Next, create a VPN user with the following command:

				
					UserCreate vpnuser
				
			

Sample output:

				
					UserCreate command - Create User 
Assigned Group Name: 

User Full Name: VPN User

User Description: IT

The command completed successfully.
				
			

Next, set a password for VPN user using the command below:

				
					UserPasswordSet vpnuser
				
			

Sample output:

				
					UserPasswordSet command - Set Password Authentication for User Auth Type and Set Password
Please enter the password. To cancel press the Ctrl+D key.

Password: **********
Confirm input: **********


The command completed successfully.
				
			

Next, enable the IPsec to get Multi-Protocol working using the following command:

				
					IPsecEnable
				
			

Answer all the questions as shown below:

				
					IPsecEnable command - Enable or Disable IPsec VPN Server Function
Enable L2TP over IPsec Server Function (yes / no): yes

Enable Raw L2TP Server Function (yes / no): yes

Enable EtherIP / L2TPv3 over IPsec Server Function (yes / no): yes

Pre Shared Key for IPsec (Recommended: 9 letters at maximum): vpnserver

Default Virtual HUB in a case of omitting the HUB on the Username: myhub

The command completed successfully.

				
			

Finally, exit from the VPN configuration wizard using the following command:

				
					exit
				
			

Configure UFW Firewall

If the UFW firewall is installed and configured in your system then you will need to allow ports 443, 5555, 992 and 1194 through the firewall. You can allow them with the following command:

				
					ufw allow 443/tcp 
ufw allow 5555/tcp 
ufw allow 992/tcp 
ufw allow 1194/udp
				
			

Once all the required rules are added, reload the UFW firewall using the following command:

				
					ufw reload
				
			

Install SoftEther VPN Client

At this point, the SoftEther VPN server is installed and running. Now, you will need to install the SoftEther VPN client on the Client machine.
First, install the required dependencies using the following command:

				
					apt-get install build-essential gnupg2 gcc make -y
				
			

Next, download the latest version of the SoftEther VPN client using the following command:

				
					wget http://www.softether-download.com/files/softether/v4.38-9760-rtm-2021.08.17-tree/Linux/SoftEther_VPN_Client/64bit_-_Intel_x64_or_AMD64/softether-vpnclient-v4.38-9760-rtm-2021.08.17-linux-x64-64bit.tar.gz
				
			

Once the download is completed, extract the downloaded file with the following command:

				
					tar -xvzf softether-vpnclient-v4.38-9760-rtm-2021.08.17-linux-x64-64bit.tar.gz
				
			

This will extracts all contents in to the vpnclient directory. Next, create a directory to store VPN client script.

				
					mkdir /root/vpnscript
				
			

Next, go visit the VPN script download page and download all scripts using the following command.

				
					cd /root/vpnscript
wget https://raw.githubusercontent.com/mfaizanse/intellexlab-files/main/softether-vpn-client/remove-client.sh
wget https://raw.githubusercontent.com/mfaizanse/intellexlab-files/main/softether-vpn-client/setup-client.sh
wget https://raw.githubusercontent.com/mfaizanse/intellexlab-files/main/softether-vpn-client/vpn-connect.sh
wget https://raw.githubusercontent.com/mfaizanse/intellexlab-files/main/softether-vpn-client/vpn-disconnect.sh
wget https://raw.githubusercontent.com/mfaizanse/intellexlab-files/main/softether-vpn-client/vpn_config

				
			

Once all the scripts are downloaded, set proper permission to the downloaded script:

				
					chmod 755 *
				
			

Next, edit the vpn_config file and define your VPN client directory, VPN server IP, VPN username, and local gateway IP.

				
					nano vpn_config
				
			

Add the following lines as per your configuration:

				
					CLIENT_DIR="/root/vpnclient"
NIC_NAME="nic1"
ACCOUNT_NAME="vpnuser"
VPN_HOST_IPv4="vpn-server-ip"
LOCAL_GATEWAY="gateway-ip-of-client-machine"
				
			

Save and close the file then setup the VPN client using the following command:

				
					./setup-client.sh
				
			

You will be asked to provide your VPN server IP, port, Hub name, VPN username, Virtual adapter name and password as shown below:

				
					Connected to VPN Client "localhost".

VPN Client>AccountCreate vpnuser
AccountCreate command - Create New VPN Connection Setting
Destination VPN Server Host Name and Port Number: 69.28.88.203:443

Destination Virtual Hub Name: myhub

Connecting User Name: vpnuser

Used Virtual Network Adapter Name: nic1

The command completed successfully.

vpncmd command - SoftEther VPN Command Line Management Utility
SoftEther VPN Command Line Management Utility (vpncmd command)
Version 4.38 Build 9760   (English)
Compiled 2021/08/17 22:32:49 by buildsan at crosswin
Copyright (c) SoftEther VPN Project. All Rights Reserved.

Connected to VPN Client "localhost".

VPN Client>AccountPassword vpnuser
AccountPasswordSet command - Set User Authentication Type of VPN Connection Setting to Password Authentication
Please enter the password. To cancel press the Ctrl+D key.

Password: **********
Confirm input: **********


Specify standard or radius: radius

The command completed successfully.

				
			

Next, connect to the VPN server using the following script:

				
					./vpn-connect.sh
				
			

Once you are connected successfully, you will get the following output:

				
					Stopping the SoftEther VPN Client service ...
SoftEther VPN Client service has been stopped.
The SoftEther VPN Client service has been started.
vpncmd command - SoftEther VPN Command Line Management Utility
SoftEther VPN Command Line Management Utility (vpncmd command)
Version 4.38 Build 9760   (English)
Compiled 2021/08/17 22:32:49 by buildsan at crosswin
Copyright (c) SoftEther VPN Project. All Rights Reserved.

Connected to VPN Client "localhost".

VPN Client>AccountConnect vpnuser
AccountConnect command - Start Connection to VPN Server using VPN Connection Setting
The command completed successfully.

vpncmd command - SoftEther VPN Command Line Management Utility
SoftEther VPN Command Line Management Utility (vpncmd command)
Version 4.38 Build 9760   (English)
Compiled 2021/08/17 22:32:49 by buildsan at crosswin
Copyright (c) SoftEther VPN Project. All Rights Reserved.

Connected to VPN Client "localhost".

VPN Client>AccountList
AccountList command - Get List of VPN Connection Settings
Item                        |Value
----------------------------+-------------------------------------------
VPN Connection Setting Name |vpnuser
Status                      |Connected
VPN Server Hostname         |69.28.88.203:443 (Direct TCP/IP Connection)
Virtual Hub                 |myhub
Virtual Network Adapter Name|nic1
The command completed successfully.

				
			

After the successful connection, a new VPN interface named vpn_nic1 has been created. You can check it using the following command:

				
					ifconfig 
				
			

You will get the following output:

				
					eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 69.28.85.54  netmask 255.255.254.0  broadcast 69.28.85.255
        inet6 fe80::200:45ff:fe1c:5536  prefixlen 64  scopeid 0x20<link>
        ether 00:00:45:1c:55:36  txqueuelen 1000  (Ethernet)
        RX packets 19867  bytes 74357003 (74.3 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 8098  bytes 1085017 (1.0 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 854  bytes 648247 (648.2 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 854  bytes 648247 (648.2 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

vpn_nic1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.30.10  netmask 255.255.255.0  broadcast 192.168.30.255
        inet6 fe80::5c86:a0ff:fe6a:a652  prefixlen 64  scopeid 0x20<link>
        ether 5e:86:a0:6a:a6:52  txqueuelen 1000  (Ethernet)
        RX packets 312  bytes 20440 (20.4 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 292  bytes 22588 (22.5 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
				
			

Conclusion

In the above guide, we explained how to install and set up a SoftEther VPN server on Ubuntu 20.04. We also explained how to install the SoftEther VPN client and connect to the VPN server.

Avatar for Hitesh Jethva
Hitesh Jethva

I am a fan of open source technology and have more than 10 years of experience working with Linux and Open Source technologies. I am one of the Linux technical writers for Cloud Infrastructure Services.

3.5 4 votes
Article Rating
Subscribe
Notify of
0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x