Install SoftEther VPN Server on Ubuntu 16.04

0
2486

In the previous post was compared 5 different Free Open Source VPN servers, and easily was defined top 3 solutions. They include OpenVPN;  SoftEther VPN; Libreswan. By the functions, SoftEther was much interesting from them. This solution supports OpenVPN protocol, IPsec, L2TPv3. I must note, that OpenVPN is much easier in the installation process on Ubuntu 16.04. But I decided to install SoftEther VPN and got more functions instead of installing speed.

Types of possible installations

I googling and found 3 types of installation SoftEther VPN Server on Ubuntu 16.04:

I preferred the first approach but Kawin’s bash-script also useful, especially for automatization. In reason save information in one place, I added the manual installation steps below.

Preparing

Upgrade the system

# apt-get update && apt-get -y upgrade

Install (if it’s not installed yet) build-essential for compilation purpose

# apt-get -y install build-essential

And other required packages

# apt-get -y install wget curl gcc make wget tzdata git libreadline-dev libncurses-dev libssl-dev zlib1g-dev

Installing SoftEther VPN

Download the last stable version (marked rtm) or stable-beta, and save it in /tmp

# wget "https://www.softether-download.com/files/softether/v4.25-9656-rtm-2018.01.15-tree/Linux/SoftEther_VPN_Server/64bit_-_Intel_x64_or_AMD64/softether-vpnserver-v4.25-9656-rtm-2018.01.15-linux-x64-64bit.tar.gz" -O /tmp/softether-vpnserver.tar.gz

Uncompress the sources

# tar -xzvf /tmp/softether-vpnserver.tar.gz -C /usr/local/

Remove unused file

# rm /tmp/softether-vpnserver.tar.gz

Install from the sources

# cd /usr/local/vpnserver/
# make

During the installation process, we will have to type 1 to read the Licence Agreement, type 1 again to confirm that we have read the License Agreement and finally type 1 to agree with the License Agreement.

Kawin uses key i_read_and_agree_the_license_agreement, that does not require confirmation

# make i_read_and_agree_the_license_agreement

Change file permission

# chmod 0600 * 
# chmod 0700 vpnserver 
# chmod 0700 vpncmd

Server checking

Before going further, let’s check that the VPN server can operate normally
To do that run the vpncmd command and use the check VPN tool.

Service configuration

Link binary files

# ln -s /usr/local/vpnserver/vpnserver /usr/local/bin/vpnserver 
# ln -s /usr/local/vpnserver/vpncmd /usr/local/bin/vpncmd

Create the file /lib/systemd/system/vpnserver.service

# vim /lib/systemd/system/vpnserver.service

and add following

[Unit]
Description=SoftEther VPN Server
After=network.target
ConditionPathExists=!/usr/local/vpnserver/do_not_run
[Service]
Type=forking
ExecStart=/usr/local/vpnserver/vpnserver start
ExecStop=/usr/local/vpnserver/vpnserver stop
KillMode=process
Restart=on-failure
WorkingDirectory=/usr/local/vpnserver
# Hardening
PrivateTmp=yes
ProtectHome=yes
ProtectSystem=full
ReadOnlyDirectories=/
ReadWriteDirectories=-/usr/local/vpnserver
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYS_ADMIN CAP_SETUID
[Install]
WantedBy=multi-user.target

Now the VPN server starts automatically on boot, and we are able to manage the vpnserver using systemctl

# systemctl start vpnserver
# systemctl status vpnserver
# systemctl stop vpnserver

Reload, enable and start the service

# systemctl daemon-reload
# systemctl enable vpnserver
# systemctl restart vpnserver

Set an admin password for VPNCMD

# cd /usr/local/vpnserver
# ./vpncmd

At the VPN command prompt, we type ServerPasswordSet

ServerPasswordSet yourPassword

SoftEther configuration

You can use SoftEther VPN Server Manager is an administration utility for Windows.

There is SoftEther VPN Server Manager for Mac OS X (Ver 4.21, Build 9613, beta)

SoftEther offers many use cases: Ad-hoc VPN, Remote access to LAN, LAN to LAN bridge, etc. In this article, we are configuring it for “Remote access to LAN” use. You can find detailed information in the manual: 1.4 VPN Processing Principle and Communication Method
You also can find different examples of Building VPN Networks

If you have found a spelling error, please, notify us by selecting that text and pressing Ctrl+Enter.

LEAVE A REPLY

Please enter your comment!
Please enter your name here