A while ago, I wanted a secure way to access my home server when I was away. I wanted it to feel like I was still at home, even when I wasn’t. After trying a few tools, I found something called SoftEther VPN, and wow—it really worked.
If you’ve never heard of SoftEther, don’t worry. It stands for Software Ethernet, and it’s a free, open-source VPN system that lets you connect to your private network from anywhere on the internet. Think of it as your own secret tunnel that keeps your data safe as it travels online.
In this guide, I’ll show you how I set it up on my CentOS server. I’ll explain everything in a way that’s easy to follow, even if you’re new to Linux. If I can do it, you can too.
What Is SoftEther VPN?
Let me explain it like this: a VPN (Virtual Private Network) lets your device pretend it’s on another network. It helps you stay safe and hidden online.
SoftEther is a type of VPN software. Unlike some others I’ve tried, it supports many VPN protocols like:
- L2TP/IPSec
- OpenVPN
- SSTP (used by Windows)
- SoftEther’s own protocol
This means you can connect from almost any device—Windows, macOS, Linux, Android, or iPhone.
CentOS is a Linux operating system, often used for servers. It’s like the stable, no-nonsense older cousin of Fedora.
Why I Picked SoftEther (And Maybe You Should Too)
I’ve tried other VPNs before. Some were too complicated. Others were too slow. SoftEther was different. Here’s what I liked:
- It’s fast. I could watch videos and download files without buffering.
- It works with many devices.
- It has a nice control panel (no guessing which file to edit).
Plus, I like that it’s open source—people can see the code. That makes it safer and more trustworthy, in my opinion.
Now, let’s jump into the setup.
Before You Begin
Let’s make sure you have the right tools:
What You’ll Need:
- A CentOS server (I used CentOS 7, but newer should work too)
- A user account with sudo (admin) access
- Internet connection (unless you’re trying to time travel)
- Some patience (no coffee spills, please)
Optional but Useful:
- A domain name pointing to your server
- Firewall knowledge (or at least a willingness to learn)
Step 1: Update Your Server
Old packages can cause problems. Let’s make sure everything’s fresh.
sudo yum update -y
This command updates all installed software. It may take a while, depending on your connection.
Step 2: Install Required Tools
SoftEther needs a few tools to build from source.
sudo yum install gcc make zlib-devel readline-devel ncurses-devel -y
These tools help compile the program. If you skip this, you’ll get errors later—and probably a headache.
Step 3: Download SoftEther
Let’s grab the latest version from the official website.
Go to: https://www.softether-download.com
Choose SoftEther VPN Server → Linux → Download the source code.
Or, if you want to be quick, use wget:
wget https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/releases/download/v4.43-9799-beta/softether-vpnserver-v4.43-9799-beta-2021.08.17-linux-x64-64bit.tar.gz
(Tip: This link might change. Always check the latest version.)
Step 4: Extract and Compile
Let’s unzip and build it.
tar xzvf softether-vpnserver-*.tar.gz
cd vpnserver
make
When you run make, it will ask you to read and agree to a license. Type 1, 1, 1 to agree.
That’s three yeses. It feels like a polite robot interview.
Step 5: Move Files and Set Permissions
Let’s move the files where they belong:
cd ..
sudo mv vpnserver /usr/local/
cd /usr/local/vpnserver
sudo chmod 600 *
sudo chmod 700 vpncmd vpnserver
This step is like putting your shoes in the right place and locking the door.
Step 6: Start the VPN Server
Now the fun part—let’s start SoftEther:
sudo ./vpnserver start
If you see “The VPN Server has started,” give yourself a little dance.
Now let’s configure it.
Step 7: Configure with vpncmd
vpncmd is SoftEther’s command-line tool. Run it like this:
sudo ./vpncmd
Choose 1 for “Management of VPN Server or VPN Bridge”, then press Enter.
You’ll be asked for the hostname—just press Enter for localhost.
Now you’re inside the SoftEther shell.
Step 8: Set Admin Password
The first thing I do is set a password so no one else gets in:
ServerPasswordSet
Type your password. Choose something you’ll remember but others won’t guess. No “password123,” okay?
Step 9: Create a Virtual Hub
A hub is like a virtual switch that connects VPN users.
HubCreate myhub
You’ll be asked to set a hub password. You can leave it blank if you want, but I recommend setting one.
Then set your hub as the current one:
Hub myhub
Step 10: Create a User
Let’s add a user so we can log in later:
UserCreate vpnuser
Then set the password:
UserPasswordSet vpnuser
Easy, right?
Step 11: Enable L2TP/IPSec
This makes it easier to connect from phones and laptops.
IPsecEnable
Set:
- L2TP over IPsec: Yes
- Raw L2TP: Yes
- EtherIP / L2TPv3: No (unless you know you need them)
- Pre-shared key: makeoneup123 (change this)
- Default hub: myhub
Step 12: Set It to Run at Boot
You don’t want to start SoftEther manually every time the server reboots. Let’s fix that.
Create a systemd service file:
sudo nano /etc/systemd/system/vpnserver.service
Paste this:
[Unit]
Description=SoftEther VPN Server
After=network.target
[Service]
Type=forking
ExecStart=/usr/local/vpnserver/vpnserver start
ExecStop=/usr/local/vpnserver/vpnserver stop
[Install]
WantedBy=multi-user.target
Save and close (Ctrl+O, Enter, Ctrl+X).
Now enable it:
sudo systemctl daemon-reexec
sudo systemctl enable vpnserver
sudo systemctl start vpnserver
Step 13: Open Firewall Ports
Let’s open the doors so clients can connect.
sudo firewall-cmd --permanent --add-port=500/udp
sudo firewall-cmd --permanent --add-port=4500/udp
sudo firewall-cmd --permanent --add-port=1701/udp
sudo firewall-cmd --permanent --add-port=443/tcp
sudo firewall-cmd --reload
These ports are like keys. Without them, no one can come in.
Tips and Troubleshooting
Here are a few tips I learned from trial and error (and some mild yelling at my screen):
- Can’t connect? Check the firewall and make sure IPsec is enabled.
- Slow speed? Try switching protocols. I found L2TP was faster for me.
- Connection drops? Make sure your device doesn’t go to sleep or cut the VPN off in the background.
Summary: What You Did
Here’s a quick summary of everything we did:
- Installed tools and downloaded SoftEther
- Compiled the server
- Created users and a virtual hub
- Enabled L2TP/IPSec
- Made it start at boot
- Opened firewall ports
Reasons to Use SoftEther VPN
Still unsure if it’s worth it? Here’s what I like about it:
- Free and open-source: No fees, no spying
- Multi-platform: Works with Windows, Mac, Android, Linux, even your toaster (okay, maybe not)
- Fast and secure: Keeps your data away from snoopers
Final Thoughts
Setting up SoftEther on CentOS felt like assembling IKEA furniture without losing any screws. At first, it looked confusing, but once I followed each step, it came together.
I hope this guide made things easier for you. If something goes wrong, don’t give up. Sometimes the best way to learn is to break stuff and fix it again (I sure did).
Have you tried other VPNs? How does SoftEther compare for you?
Let me know, and remember: a VPN a day keeps the snoopers away.
