Table of Contents
What you will read?
- 1 Step 1: Update Your System
- 2 Step 2: Install Required Packages
- 3 Step 3: Download the Latest SoftEther VPN Source Code
- 4 Step 4: Compile the SoftEther VPN Server
- 5 Step 5: Configure the VPN Server
- 6 Step 6: Enable SoftEther VPN Server on Boot
- 7 Step 7: Create and Configure a Virtual Hub
- 8 Step 8: Configure Firewall and Open Required Ports
- 9 Step 9: Optional – Enable OpenVPN Support
- 10 Step 10: Verify Everything Is Working
The first thing you need to do before installing any package is update your CentOS 8 system to the latest version.
Step 1: Update Your System
Open your terminal and run the following commands:
sudo dnf update -y
sudo dnf install epel-release -ySoftEther VPN might require certain dependencies, and it’s always a good idea to have everything up to date before proceeding.
Step 2: Install Required Packages
Before we compile and install SoftEther VPN, let’s install the necessary tools and libraries. These will help us compile the SoftEther source code without any errors.
sudo dnf groupinstall "Development Tools" -y
sudo dnf install ncurses-devel readline-devel openssl-devel -yThis will take a few moments. Once completed, your system is ready to compile from source.
Step 3: Download the Latest SoftEther VPN Source Code
Head over to the official SoftEther VPN GitHub repository and grab the latest release. You can clone it directly using git:
cd /usr/local/src
sudo git clone https://github.com/SoftEtherVPN/SoftEtherVPN.git
cd SoftEtherVPNThen checkout the latest stable release (you can replace the tag with the latest one if needed):
sudo git checkout stableStep 4: Compile the SoftEther VPN Server
Now let’s compile SoftEther. This step can take a few minutes depending on your server specs.
sudo ./configure
sudo make
sudo make installWhen the compilation is done, you’ll see a successful build message. This means SoftEther VPN Server is now installed on your CentOS 8 system.
Step 5: Configure the VPN Server
After installation, let’s initialize and configure the server.
First, navigate to the installation path and start the VPN server:
cd /usr/vpnserver
sudo ./vpnserver startNow set permissions to make sure the binaries are executable:
sudo chmod 600 *
sudo chmod 700 vpnserver
sudo chmod 700 vpncmdYou can then start the configuration tool:
sudo ./vpncmdChoose the first option (1 – Management of VPN Server or VPN Bridge) and press Enter. When prompted for a hostname, just hit Enter again to use localhost.
Now set the admin password:
ServerPasswordSetEnter your desired password and hit Enter.
Step 6: Enable SoftEther VPN Server on Boot
To make sure the VPN server starts on boot, let’s create a systemd service.
Create a new file:
sudo nano /etc/systemd/system/vpnserver.servicePaste the following content:
[Unit]
Description=SoftEther VPN Server
After=network.target
[Service]
Type=forking
ExecStart=/usr/vpnserver/vpnserver start
ExecStop=/usr/vpnserver/vpnserver stop
ExecReload=/usr/vpnserver/vpnserver restart
Restart=on-failure
[Install]
WantedBy=multi-user.targetSave the file and then reload systemd:
sudo systemctl daemon-reexec
sudo systemctl daemon-reload
sudo systemctl enable vpnserver
sudo systemctl start vpnserverVerify it’s running:
sudo systemctl status vpnserverIf all is green, the server is active and working.
Step 7: Create and Configure a Virtual Hub
Once the server is running, you need to set up a Virtual Hub. Go back into the vpncmd tool:
sudo /usr/vpnserver/vpncmdInside the tool:
HubCreate VPN
Hub VPN
UserCreate yourusername
UserPasswordSet yourusername
SecureNatEnableThis will set up a basic hub with SecureNAT (acts like a NAT gateway).
Step 8: Configure Firewall and Open Required Ports
By default, CentOS 8 runs firewalld. You’ll need to open these ports:
-
443 (SSL VPN)
-
992 (VPN over HTTPS)
-
1194 (OpenVPN)
-
5555 (SoftEther VPN)
Run:
sudo firewall-cmd --permanent --add-port=443/tcp
sudo firewall-cmd --permanent --add-port=992/tcp
sudo firewall-cmd --permanent --add-port=1194/udp
sudo firewall-cmd --permanent --add-port=5555/tcp
sudo firewall-cmd --reloadYou can verify if the ports are open:
sudo firewall-cmd --list-allStep 9: Optional – Enable OpenVPN Support
If you want OpenVPN compatibility for connecting with standard OpenVPN clients:
OpenVpnEnableYou can also download the configuration file for OpenVPN:
cd /usr/vpnserver
sudo ./vpncmdInside the tool:
Hub VPN
OpenVpnMakeConfig openvpn_config.zipExtract and use the .ovpn file in your OpenVPN client.
Step 10: Verify Everything Is Working
Use the vpncmd to run this:
StatusGetAlso, from your local machine, try connecting using SoftEther VPN Client Manager. Enter your server’s public IP, port 443, and the username/password you set.
You’re now good to go with a fully working SoftEther VPN Server on CentOS 8.
