How to Setup SoftEther VPN Windows Server in Azure/AWS/GCP

Setup SoftEther VPN Server on Windows Server in the Cloud in Azure, AWS or Google GCP.  Deploy SoftEther VPN server into any of the cloud platforms. Perfect solution if you want to hide your ip address, allow external connections, site to site connections, NAT traversal, Remote access server and many many more features. Click on any of the links below to deploy into your cloud environment.

SoftEther VPN Server Windows

Table of Contents

SoftEther VPN Server features

Deploying a Cloud VPN Server will give you the following features:


  • Easy to establish both remote-access and site-to-site VPN.SSL-VPN Tunneling on HTTPS to pass through NATs and firewalls.
  • Revolutionary VPN over ICMP and VPN over DNS features.
  • Resistance to highly-restricted firewall.
  • Ethernet-bridging (L2) and IP-routing (L3) over VPN.
  • Embedded dynamic-DNS and NAT-traversal so that no static nor fixed IP address is required.
  • AES 256-bit and RSA 4096-bit encryptions.
  • 1Gbps-class high-speed throughput performance with low memory and CPU usage.
  • Windows, Linux, Mac, Android, iPhone, iPad and Windows Mobile are supported.
  • SSL-VPN (HTTPS) and 6 major VPN protocols (OpenVPN, IPsec, L2TP, MS-SSTP, L2TPv3 and EtherIP) are all supported as VPN tunneling underlay protocols.
  • The OpenVPN clone function supports legacy OpenVPN clients.
  • IPv4 / IPv6 dual-stack.
  • No static or fixed IP address is required due to Embedded  dynamic DNS and NAT traversal. 
  • Configure All settings on  GUI.
  • High availability and clustering.

Built-in NAT-traversal

Setup your own VPN server behind your firewall or NAT in your company network. You can reach that VPN server in the corporate private network from your home, remote office or mobile, without any modification of firewall settings. Any deep-packet inspection firewalls cannot detect SoftEther VPN’s transport packets as a VPN tunnel, because SoftEther VPN uses Ethernet over HTTPS for camouflage.

Remote-Access VPN and Site-to-Site VPN

Design and implement your VPN topology with SoftEther VPN. It virtualizes Ethernet by software-enumeration. SoftEther VPN Client implements Virtual Network Adapter, and SoftEther VPN Server implements Virtual Ethernet Switch. You can easily build both Remote-Access VPN and Site-to-Site VPN, as expansion of Ethernet-based L2 VPN. Of course, traditional IP-routing L3 based VPN can be built by SoftEther VPN.


You’ll also be able to connect AWS to Azure to GCP if you have multi cloud environments setup.

Getting Started with SoftEther VPN Server

Once you have deployed Softether VPN on Windows server, the first step is to RDP into the new instance once it has fully booted up.  The following links explain how to connect the VM once it has finished being deployed:



Once logged in, you’re now ready to start setting up your new server as per the following sections. 

Setting up Cloud SoftEther VPN Server

For full documentation check out SoftEthers tutorials:


We will run through the configuration as follows:

From the desktop open ‘SoftEther VPN Manager‘ and click New Setting

This creates a new VPN connection.  Give the setting a name, the VMs IP address, port and server administration mode password as shown in the following screenshot:

You should now see your new VPN connection within server manager as below:

Select your new VPN connection and press Connect, you will be asked to set a new password and then press Ok.

Next step is to select how you want to use this SoftEther VPN Server.  There are 3 options


  • Remote Access VPN Server
  • Site to Site VPN Server or VPN Bridge
  • Other Advanced Configuration on VPN (Select this if planning clustering or Virtual Layer 3 switch function)

For full documentation check out SoftEthers tutorials which explains in more detail about setting these up:

SoftEther VPN Firewall Ports

If you need to open any firewall ports on your VM, the following links explain how to create them:


Softether VPN uses the following ports


TCP 992

TCP 443 

TCP 1194

TCP 5555


To setup AWS firewall rules refer to – AWS Security Groups

To setup Azure firewall rules refer to – Azure Network Security Groups

To setup Google GCP firewall rules refer to – Creating GCP Firewalls

SoftEther VPN Installation Support/Documentation

If you have any problems with installing Softether VPN Server in any of the cloud environments please comment below or contact us and we will assist as much as we can.


Disclaimer: Softether VPN is a registered trademark of University of Tsukuba Japan & licenced under Apache License 2.0. No warrantee of any kind, express or implied, is included with this software. Use at your risk, responsibility for damages (if any) to anyone resulting from the use of this software rest entirely with the user. The author is not responsible for any damage that its use could cause.

Avatar for Andrew Fitzgerald
Andrew Fitzgerald

Cloud Solution Architect. Helping customers transform their business to the cloud. 20 years experience working in complex infrastructure environments and a Microsoft Certified Solutions Expert on everything Cloud.

5 1 vote
Article Rating
Notify of
Inline Feedbacks
View all comments
Would love your thoughts, please comment.x