Setting up softether vpn client
Solution 1
How to set up SoftEther VPN Client under Linux: Via vpngate.net
Client Set Up Procedure Under Linux
- Download VPN client from softether.org
- My platform is Debian 7 X64
- compile vpn client in your platform in the un-compressed vpn client directory
- just type "make" and accept all the license agreements and you should be O.K.
- start the vpnclient service as root
sudo ./vpnclient start
- connect to local vpnclient using "vpncmd" (normal user mode, no root privilege needed"), create a local virtual NIC.
vpncmd
VPN Client>remoteenable
RemoteEnable command - Allow Remote Management of VPN Client Service
The command completed successfully.
VPN Client>niccreate
NicCreate command - Create New Virtual Network Adapter
Virtual Network Adapter Name: se
The command completed successfully.
VPN Client>niclist
NicList command - Get List of Virtual Network Adapters
Item |Value
----------------------------+-----------------------------------
Virtual Network Adapter Name|se
Status |Enabled
MAC Address |00ACDD071970
Version |Version 2.00 Build 9387 (English)
The command completed successfully.
go to "vpngate.net", find an appropriate vpn server
Set up a vpn account in vpncmd.
I export the vpn account config file below, you can tailor it for your need.
VPN Client>accountimport
AccountImport command - Import VPN Connection Setting
Import Source File Name: /home/luke/japan0.vpn
The VPN Connection Setting "japan0" was imported.
The command completed successfully.
VPN Client>accountget japan0
AccountGet command - Get Setting of VPN Connection Setting
Item |Value
-----------------------------------------------------+------------------------
VPN Connection Setting Name |japan0
Destination VPN Server Host Name |222.228.120.128
Destination VPN Server Port Number |1950
Destination VPN Server Virtual Hub Name |vpngate
Proxy Server Type |Direct TCP/IP Connection
Verify Server Certificate |Disable
Device Name Used for Connection |se
Authentication Type |Anonymous Authentication
User Name |vpn
Number of TCP Connections to Use in VPN Communication|1
Interval between Establishing Each TCP Connection |1
Connection Life of Each TCP Connection |Infinite
Use Half Duplex Mode |Disable
Encryption by SSL |Enable
Data Compression |Disable
Connect by Bridge / Router Mode |Disable
Connect by Monitoring Mode |Disable
No Adjustment for Routing Table |Disable
Do not Use QoS Control Function |Disable
The command completed successfully.
VPN Client>accountlist
AccountList command - Get List of VPN Connection Settings
Item |Value
----------------------------+-----------------------------------------------
VPN Connection Setting Name |japan0
Status |Offline
VPN Server Hostname |222.228.120.128:1950 (Direct TCP/IP Connection)
Virtual Hub |vpngate
Virtual Network Adapter Name|se
The command completed successfully.
VPN Client>accountconnect japan0
AccountConnect command - Start Connection to VPN Server using VPN Connection Setting
The command completed successfully.
VPN Client>accountlist
AccountList command - Get List of VPN Connection Settings
Item |Value
----------------------------+-----------------------------------------------
VPN Connection Setting Name |japan0
Status |Connected
VPN Server Hostname |222.228.120.128:1950 (Direct TCP/IP Connection)
Virtual Hub |vpngate
Virtual Network Adapter Name|se
The command completed successfully.
the account export file "/home/luke/japan0.vpn":
# VPN Client VPN Connection Setting File
#
# This file is exported using the VPN Client Manager.
# The contents of this file can be edited using a text editor.
#
# When this file is imported to the Client Connection Manager
# it can be used immediately.
declare root
{
bool CheckServerCert false
uint64 CreateDateTime 0
uint64 LastConnectDateTime 0
bool StartupAccount false
uint64 UpdateDateTime 0
declare ClientAuth
{
uint AuthType 0
string Username vpn
}
declare ClientOption
{
string AccountName japan0
uint AdditionalConnectionInterval 1
uint ConnectionDisconnectSpan 0
string DeviceName se
bool DisableQoS false
bool HalfConnection false
bool HideNicInfoWindow false
bool HideStatusWindow false
string Hostname 222.228.120.128
string HubName vpngate
uint MaxConnection 1
bool NoRoutingTracking false
bool NoTls1 false
bool NoUdpAcceleration false
uint NumRetry 4294967295
uint Port 1950
uint PortUDP 0
string ProxyName $
byte ProxyPassword $
uint ProxyPort 0
uint ProxyType 0
string ProxyUsername $
bool RequireBridgeRoutingMode false
bool RequireMonitorMode false
uint RetryInterval 15
bool UseCompress false
bool UseEncrypt true
}
}
- Now the vpn account is connected. Under Linux, the routing table is not modified automatically as under Windows. We need to manually tweak routing information to make SoftEther VPN work.
- The key point here is : DHCP the virtual NIC to obtain virtual IP from VPN Server; add a route to VPN server via your original normal gateway, and modify the default route to use the VPN NIC and VPN gateway( the virtual address).
Before we tweak the routing table, enable ip forward in "/etc/sysctl.conf"
net.ipv4.ip_forward=1
and load it by:
sysctl -p
Now we are going to change the routing table.
luke@luke-debian:~$ ip addr show vpn_se
10: vpn_se: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 500
link/ether 00:ac:dd:07:19:70 brd ff:ff:ff:ff:ff:ff
inet6 fe80::2ac:ddff:fe07:1970/64 scope link
valid_lft forever preferred_lft forever
luke@luke-debian:~$ sudo dhclient vpn_se
luke@luke-debian:~$ ip addr show vpn_se
10: vpn_se: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 500
link/ether 00:ac:dd:07:19:70 brd ff:ff:ff:ff:ff:ff
inet 10.211.1.63/16 brd 10.211.255.255 scope global vpn_se
inet6 fe80::2ac:ddff:fe07:1970/64 scope link
valid_lft forever preferred_lft forever
luke@luke-debian:~$ ip neigh
192.168.100.1 dev wlan0 lladdr 00:1c:f0:4d:a0:a8 REACHABLE
10.211.254.254 dev vpn_se lladdr 00:ac:50:16:c8:27 REACHABLE
172.31.224.99 dev vpn_se lladdr 00:ae:df:62:34:d9 STALE
After the dhcp process, vpn_se acquires an virtual ip address "inet 10.211.1.63/16" from vpn server, and we can see from "ip neigh" that the virtual IP address of vpn server is "10.211.254.254".
Now we are going to add two routes to facilitate all traffic through new create VPN. My laptop is connected to router 192.168.100.1 via wireless "wlan0".
$ ip route
default via 192.168.100.1 dev wlan0
10.211.0.0/16 dev vpn_se proto kernel scope link src 10.211.1.63
169.254.0.0/16 dev wlan0 scope link metric 1000
172.16.125.0/24 dev vmnet1 proto kernel scope link src 172.16.125.1
192.168.86.0/24 dev vmnet8 proto kernel scope link src 192.168.86.1
192.168.100.0/24 dev wlan0 proto kernel scope link src 192.168.100.101
$ sudo ip route add 222.228.120.128/32 via 192.168.100.1 dev wlan0
$ sudo ip route del default
$ sudo ip route add default via 10.211.254.254 dev vpn_se
$ ip route show
default via 10.211.254.254 dev vpn_se
10.211.0.0/16 dev vpn_se proto kernel scope link src 10.211.1.63
192.168.100.0/24 dev wlan0 proto kernel scope link src 192.168.100.101
222.228.120.128 via 192.168.100.1 dev wlan0
luke@luke-debian:~$ ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_req=1 ttl=47 time=263 ms
64 bytes from 8.8.8.8: icmp_req=2 ttl=47 time=270 ms
^C
--- 8.8.8.8 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 263.462/266.788/270.114/3.326 ms
$ ping youtube.com
PING youtube.com (74.125.235.201) 56(84) bytes of data.
64 bytes from kix01s01-in-f9.1e100.net (74.125.235.201): icmp_req=1 ttl=55 time=209 ms
64 bytes from kix01s01-in-f9.1e100.net (74.125.235.201): icmp_req=2 ttl=55 time=214 ms
64 bytes from kix01s01-in-f9.1e100.net (74.125.235.201): icmp_req=3 ttl=55 time=253 ms
64 bytes from kix01s01-in-f9.1e100.net (74.125.235.201): icmp_req=4 ttl=55 time=207 ms
luke@luke-debian:~$ traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
1 * * *
2 * * *
3 * * *
4 * * *
5 * * *
6 *^C
After the route is set up correctly, we can see the default routing has been directed to VPN tunnel. We can confirm this from the output of "traceroute" since all hops could not be displayed any more.
A bash script will save lots of typing.
$ cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
auto-hotplug vpn_se
iface vpn_se inet dhcp
$ cat route.sh
#!/bin/bash
if [ "x$2" == "x" ];
then
echo "vpn server ip missing! ./route.sh add/del vpn_server_ip "
else
case "$1" in
add)
# restore default route to home network
ip route delete default
ip route add default via 192.168.100.1 dev wlan0
# obtain ip address for vpn_se
ifdown vpn_se
ifup vpn_se
# add route to vpn server
ip route add $2/32 via 192.168.100.1 dev wlan0
ip route delete default
ip route add default via 10.211.254.254 dev vpn_se
;;
del)
ip route del $2/32
ip route del default
ip route add default via 192.168.100.1 dev wlan0
ifdown vpn_se
;;
esac
fi
Solution 2
Even I faced the same problem but following step by step on this reference made my day. Inside .vpn file small changes need to be made, like, your account information and remote server you wish to route the traffic from and to. Choose from many remote server and create account by visiting this page. Adding my custom server configuration for clarification sake.
declare root
{
bool CheckServerCert false
uint64 CreateDateTime 0
uint64 LastConnectDateTime 0
bool StartupAccount false
uint64 UpdateDateTime 0
declare ClientAuth
{
uint AuthType 1
string Username fastssh.com-server-sp
}
declare ClientOption
{
string AccountName se-singapore
uint AdditionalConnectionInterval 1
uint ConnectionDisconnectSpan 0
string DeviceName se
bool DisableQoS false
bool HalfConnection false
bool HideNicInfoWindow false
bool HideStatusWindow false
string Hostname se-singapore.serverip.co
string HubName FastSSH
uint MaxConnection 1
bool NoRoutingTracking false
bool NoTls1 false
bool NoUdpAcceleration false
uint NumRetry 4294967295
uint Port 443
uint PortUDP 0
string ProxyName $
byte ProxyPassword $
uint ProxyPort 0
uint ProxyType 0
string ProxyUsername $
bool RequireBridgeRoutingMode false
bool RequireMonitorMode false
uint RetryInterval 15
bool UseCompress false
bool UseEncrypt true
}
}
Hope this helps!!
Related videos on Youtube
bluesquare
I'm a very very new user of Linux and Ubuntu. And the good thing is that I have started liking this. This is awesome especially for everything.
Updated on September 18, 2022Comments
-
bluesquare almost 2 years
I downloaded the softether vpn client for my xubuntu 14.04 (32 bit) but after that I am unable to proceed further.
And they also don't have the installation guide for vpnclient ( they have for server).
So please guide me in how to successfully set up the softether vpnclient?
Thank you.
-
bluesquare almost 9 yearsDear Sir, first of all thank you. I select the vpn option from the Network manager but then in the window where I have to write VPN Gateway...user name and password etc..i flinch because i don't know what to put in the VPN gate way section?
-
bluesquare almost 9 yearssir please see the edited comment..
-
bluesquare almost 9 yearsOkay, I want to use the free VPN service but do i need to Google them or I need to add something in my system for that...and also do i need to set my username and password then and there only?
-
-
Fabby over 8 yearsWelcome to Ask Ubuntu! *;-) Please visit the Ask Ubuntu Tour to better understand how this site works, as it is quite different from a forum and also review the editing help to improve the readability of your answers in the future... ;-)