- Install Azure Stack HCI Single-Node Cluster - Mon, Jul 4 2022
- Network management software from Auvik: Cloud-based and easy to use - Thu, Jun 23 2022
- Secure email and privacy in the cloud with Proton for Business - Tue, Jun 21 2022
SoftEther provides a suitable alternative VPN technology to OpenVPN and Microsoft Windows VPN Server installed using the Routing and Remote Access Role in Windows Server. It has many strengths, including fast throughput, low latency, and firewall resistance.
Features of SoftEther ^
Note some of the features of the SoftEther VPN platform:
- Free and open source
- Allows creating site-to-site and remote-access VPN connections
- Access highly network-restricted public Wi-Fi networks through VPN over ICMP and VPN over DNS
- Perform Ethernet bridging and Layer 3 over VPN
- Dynamic DNS and NAT traversal are embedded
- Strong AES 256-bit and RSA 4096-bit encryption capability
- Logging and firewall features in the VPN tunnel
- Supports multiple operating systems: Windows, Linux, Mac, Android, iPhone, iPad, and Windows Mobile
- Supports multiple underlay protocols: OpenVPN, IPsec, L2TP, MS-SSTP, L2TPv3, and EtherIP
- Clone OpenVPN connections
- Dual IPv4 and IPv6 stack capable
- GUI configuration
- RADIUS/NT Domain user authentication
SoftEther architecture ^
SoftEther relies on a unique architecture that resembles the physical network card, Ethernet cable, and Ethernet switch. The name SoftEther comes from how the VPN solution virtualizes Ethernet devices to create a software-based virtual private network tunnel.
The SoftEther VPN provisions a virtual network adapter as a software-emulated Ethernet network adapter. The Virtual Ethernet Switch emulates a traditional Ethernet switch, called a Virtual Hub in SoftEther terminology, and the VPN session is instantiated as a virtual Ethernet cable between the virtual network adapter and the emulated virtual switch.
SoftEther VPN traffic is encrypted using SSL. In addition, it uses what they call VPN over HTTPS technology, making it highly resilient to overly intrusive firewalls between the VPN client and the VPN server.
Installing the SoftEther VPN Server ^
In the following walkthrough, I will set up the SoftEther VPN Server on a Windows Server virtual machine. But first, you need to download the SoftEther VPN installation. You can find the download here.
The installation of the SoftEther VPN server is straightforward. A more detailed configuration takes place after installation.
Choose the VPN Server option. The Server Manager is automatically installed with either the VPN Server or VPN Bridge options.
Choose the installation directory, and click Next to begin the installation of SoftEther VPN Server.
After the installation finishes, you will see a screen stating, "The setup process of SoftEther VPN Server has completed successfully." You can leave the checkbox checked to start the VPN Server Manager. Click Finish.
Configuring SoftEther Server ^
After installation, there are a few configuration items that you need to take care of to allow remote connections. To avoid the point of confusion I had when configuring, instead of clicking the Edit Setting button, you need to double-click the localhost entry in the VPN Server list to set up the VPN connection.
This launches the SoftEther VPN Server / Bridge Easy Setup wizard. I am testing the Remote Access VPN Server. Place a check in the role you want to configure for the VPN server.
After you click Next, you will see a message to initialize the server. Click Yes.
You will be asked to name the SoftEther Virtual Hub.
As part of the SoftEther VPN solution, you will be provided a Dynamic DNS name you can use to connect to your remote host if needed.
The VPN Easy Setup Tasks screen launches after you view the above dialog boxes. You will see the three-step process defined on the Easy Tasks Setup screen. First, you need to create VPN users to connect to the solution.
Below is an example of the Create New User screen. SoftEther provides myriad authentication options that can be used for the VPN connection.
If you are not creating a site-to-site VPN, Step 2 is grayed out. You then need only set the local bridge connection. Choose the network adapter in the drop-down menu.
SoftEther indicates that if you are using a virtual machine for your SoftEther VPN server, you may need to enable promiscuous mode for the vSwitch connected to the SoftEther VM.
Installing and connecting the SoftEther VPN client ^
First, download the SoftEther VPN Client. Again, you can find the download here.
In the first step of the setup, choose to install the SoftEther VPN Client.
Click Next through the EULA and informational screens until the solution is installed.
After installation, I simply double-clicked Add VPN Connection.
However, SoftEther will let you know that you need to create a virtual network adapter. Click Yes.
Name the VPN connection. From the message SoftEther displays, you need to name the connection VPN, along with a number of multiple VPN connections.
After creating the virtual network adapter in SoftEther, you can view your network connections and see the new virtual network adapter listed. Note that it shows "unplugged" since we are not connected to a VPN.
Now that we have the virtual network adapter created, we can double-click the Add VPN Connection once again.
This launches the New VPN Connection Setting Properties dialog box. You will need to enter the details for the SoftEther VPN server, including the hostname, port number, and Virtual Hub name. Also, make sure you choose the type of authentication configured for the new user created during the SoftEther VPN Server configuration.
Now, the VPN connection is successfully created, but it is offline. It is expected to be offline since we are not yet connected to the VPN Server.
Simply double-click the VPN connection, and it will automatically establish a connection to your SoftEther VPN server.
Wrapping up and final thoughts ^
The SoftEther VPN solution is an obscure but fully featured VPN solution that offers a unique take on VPN connections, site-to-site VPN, and VPN bridges.
We only scratched the surface of the configuration options in the walkthrough. There are plenty of settings for connectivity and authentication embedded in the solution, making traversing edge firewalls and other connectivity challenges much easier.
Subscribe to 4sysops newsletter!
You can learn more about SoftEther and download the solution here.