Disclaimer
NOTE: I have used Debian 8 when writing this tutorial. My custom script will work on Debian, Ubuntu, CentOS and Fedora but haven't been tested yet. However, I can confirm that this script works for Debian(7,8,9), Ubuntu(12,14,16,18) and CentOS(6,7).
P.S. I used 5 different sources to create and edit the script for my needs which provides the user with many configurable options.
Introduction
This article explains how to install and configure a multi-protocol VPN server using the SoftEther package. We enable and configure OpenVPN and L2TP over IPSec and SSTP VPN Servers on Linux. For the sake of this tutorial, I decided to use the simple configuration and decided to configure my VPN server to use vNAT and vDHCP(in order to get OPEN(Type 1) NAT in online games). You can use the 3rd option in the script to use your own DHCP server and NAT to achieve maximum speed. This VPN is configured to use my PiHole DNS servers to automatically block online intrusive ads, popups etc.
Features of SoftEther
- Free and open-source software.
- Easy to establish both remote-access and site-to-site VPN.
- SSL-VPN Tunneling on HTTPS to pass through NATs and firewalls.
- Revolutionary VPN over ICMP and VPN over DNS features.
- Resistance to highly-restricted firewall.
- Ethernet-bridging (L2) and IP-routing (L3) over VPN.
- Embedded dynamic-DNS and NAT-traversal so that no static nor fixed IP address is required.
- AES 256-bit and RSA 4096-bit encryptions.
- Sufficient security features such as logging and firewall inner VPN tunnel.
- 1Gbps-class high-speed throughput performance with low memory and CPU usage.
- Windows, Linux, Mac, Android, iPhone, iPad and Windows Mobile are supported.
- SSL-VPN (HTTPS) and 6 major VPN protocols (OpenVPN, IPsec, L2TP, MS-SSTP, L2TPv3 and EtherIP) are all supported as VPN tunneling underlay protocols.
- The OpenVPN clone function supports legacy OpenVPN clients.
- IPv4 / IPv6 dual-stack.
- The VPN server runs on Windows, Linux, FreeBSD, Solaris and Mac OS X.
- Configure All settings on GUI.
- Multi-languages (English, Japanese and Simplified-Chinese).
- No memory leaks. High quality stable codes, intended for long-term runs. We always verify that there are no memory or resource leaks before releasing the build.
- RADIUS / NT Domain user authentication function
- RSA certificate authentication function
- Deep-inspect packet logging function
- Source IP address control list function
- syslog transfer function
- More details at Specification.
Prerequisites
Make sure wget is installed!
For Debian/Ubuntu:
apt install wget
For CentOS/Fedora:
yum install wget
Installation and setup
Total steps: 5
Step 1:
Connect to the server via SSH and run the following command:
bash -c "$(wget -O - https://vpn.thenoobstribe.ga/download.php?file=SoftEtherVPN.sh)"
Step 2:
Select your architecture(I chose Intel x64/AMD64) as I have the 64 bit server.
Step 3:
Select your OS(I chose Debian/Ubuntu because I’m using Debian 8)
Step 4:
Choose your desired build(I chose the latest beta build)
Step 5:
Choose your desired configuration(I chose the SecureNAT option)
Now you can just connect to your VPN server using SoftEther client, L2TP etc with the user "VPN" and password "PASSWORD". You can make edit the current user, add or delete the users from the SoftEther server manager(GUI) using the server administrator password: "PASSWORD" ----> make sure to change it ASAP!
Video Tutorial
The video tutorial can be found at: https://i.ammar.ovh/i/1537980445.mp4
Takeaway
We have downloaded, installed and configured SoftEther VPN server on Debian 8. We configured our VPN server to use SecureNAT(vNAT and vDHCP). We have also added an init.d script which will auto start the VPN server on system reboot. Online intrusive ads, popups etc will also be blocked automatically because this script uses my PiHole DNS servers.