How to setup a VPN using SoftEther on Centos 7
This article will show how you can set up a VPN server on Centos 7 using SoftEther.
SoftEther is a solid choice for anyone wishing to quickly and easily set up a VPN server on a VPS or Dedicated server, allowing you to connect with most modern devices.
This will be configured to use L2TP over IPSec, and we will be installing this on a fresh Centos 7 server. Here are the requirements before setting this up:
- A public IP address
- At least 512MB of RAM
- A reasonable dual or quad core processor
- Centos, RHEL or Fedora operating system
For this setup, we have installed the operating system and established an SSH connection through which we will input the setup commands.
Server Preparation
First we need to update our server’s components to the latest version, and install some extra tools. This can be done with the following commands:
yum -y update yum -y install epel-release yum -y groupinstall "Development Tools"
Installing VPN Server
Before installing the VPN server we want to navigate to the /usr/local directory. This can be done with the following command:
cd /usr/local
Now that we’re in the correct directory, we can proceed with downloading the installation archive of SoftEther from their website using Wget (you may want to look on their website for the latest version):
wget -c http://www.softether-download.com/files/softether/v4.22-9634-beta-2016.11.27-tree/Linux/SoftEther_VPN_Server/64bit_-_Intel_x64_or_AMD64/softether-vpnserver-v4.22-9634-beta-2016.11.27-linux-x64-64bit.tar.gz
We need to now extract the archive we’ve just downloaded in the /usr/local directory:
tar -xvf softether-vpnserver-v4.22-9634-beta-2016.11.27-linux-x64-64bit.tar.gz
If this has been successful, you should see an output like this:
The final step of installing the VPN server is navigating to the new vpnserver directory, and using the make command to compile the installation:
cd /usr/local/vpnserver ; make
If this has been successful then you will see the following:
From here you want to select 1 and agree to the license agreement. You will then see some output referring to the installation progress and file checking.
If you’ve reached this point, then your VPN server has now been successfully installed.
Enabling At Startup
In order to enable the VPN server at startup, this can be done with the following:
nano /etc/init.d/vpnserver
We then need to paste the following information in:
#!/bin/sh
# chkconfig: 2345 99 01
# description: SoftEther VPN Server
DAEMON=/usr/local/vpnserver/vpnserver
LOCK=/var/lock/subsys/vpnserver
test -x $DAEMON || exit 0
case "$1" in
start)
$DAEMON start
touch $LOCK
;;
stop)
$DAEMON stop
rm $LOCK
;;
restart)
$DAEMON stop
sleep 3
$DAEMON start
;;
*)
echo "Usage: $0 {start|stop|restart}"
exit 1
esac
exit 0
Save this, and then enter the following commands:
mkdir /var/lock/subsys
chmod 755 /etc/init.d/vpnserver && /etc/init.d/vpnserver start
chkconfig --add vpnserver
The VPN server is now configured to start at boot.
We can now move on to configuring the VPN server.
Configuring VPN Server
Opening the command-line tool for SoftEther can be done with the following command:
./vpncmd
You should now see the following options:
We want to press 1, and then enter twice – this allows us to connect to the server in admin mode.
It’s advisable to change the admin password before you proceed with the following command:
ServerPasswordSet
Creating The Virtual Hub
Now that we’re in the administrative mode we need to first create the virtual hub for our VPN. This can be done with the HubCreate command (VPN is used as the name for the example virtual hub here):
HubCreate VPN
You will be prompted to enter a password for the server, after this has been done we can access the Virtual Hub:
Hub VPN
We’re now controlling the virtual hub we have created.
Creating Users
Now that we’re in the virtual hub we need to create some users. This is done with the UserCreate command, here we have used ukhost4u as an example user:
UserCreate
You can skip the group and name prompts by hitting enter a few times.
We now need to set a password which is done with UserPasswordSet:
UserPasswordSet ukhost4u
Our first user has now been created, we can now move on to enabling L2TP over IPSec functionality.
Enabling L2TP over IPSec
This is done by entering the following command in the hub administrative mode:
IPsecEnable
This is where we need to create a Pre Shared Key to connect to our VPN with.
Once this has been entered, we are finished with the configuration of the server.
Note that you can choose to configure SSL certificates for authentication on the server, however this will not be covered in this guide.
Connecting to the VPN server
In this example we will be connecting to the VPN server with Windows 10.
First, go to the Settings and navigate to Network & Internet, and then VPN.
There we need to select Add a VPN Connection.
You’ll then see a form with the following options, here we have used “testvpn.ukhost4u.com” as the connection name, with “ukhost4u” as the test user.
The “Server name or address” field needs to be filled in with the IP address of the server you’ve set up.
As you can see, we need to be using L2TP/IPSec with pre-shared key as the VPN type.
In the “Pre-shared” key field, we must enter the Pre-shared key which we created earlier.
Now you know how to set up a VPN on Centos 7, you might be wondering where you can find the right package to host this.
Our Virtual Private Server and Dedicated Server packages will provide you with the right server setup without breaking the bank!
Visit our website to see our other offers, including our Autumn Domain Promotion with domain names for as low as £2.50!