Setting Up SoftEther VPN on AlmaLinux 9 for Secure Remote Access Print

  • SoftEther VPN, Server Management, VPN, Security, Networking, AlmaLinux, Linux, ECC
  • 0

 

Establish a secure VPN server on AlmaLinux 9 using SoftEther VPN to provide remote access for your network.

In this guide, we will walk you through setting up SoftEther VPN on AlmaLinux 9, a versatile and high-performance VPN solution that supports multiple protocols, including OpenVPN, L2TP/IPsec, and SSTP. SoftEther VPN is known for its flexibility, making it an excellent choice for creating secure remote access solutions.

Step 1: Install Required Dependencies

Before installing SoftEther VPN, ensure your system is up to date and install the necessary dependencies:

sudo dnf update -y
sudo dnf install -y gcc make zlib-devel readline-devel ncurses-devel

Step 2: Download and Install SoftEther VPN

Download the latest version of SoftEther VPN from the official website:

wget https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/releases/download/v4.38-9760-beta/softether-vpnserver-v4.38-9760-beta-2021.06.04-linux-x64-64bit.tar.gz

Extract the downloaded tarball:

tar -xvzf softether-vpnserver-*.tar.gz

Navigate to the extracted directory and compile the source code:

cd vpnserver
make

After compiling, move the SoftEther VPN server files to the appropriate directory:

sudo mv vpnserver /usr/local/

Set the necessary permissions:

sudo chmod 600 /usr/local/vpnserver/*
sudo chmod 700 /usr/local/vpnserver/vpncmd
sudo chmod 700 /usr/local/vpnserver/vpnserver

Step 3: Configure SoftEther VPN Server

Start the SoftEther VPN server:

sudo /usr/local/vpnserver/vpnserver start

To configure the server, use the `vpncmd` tool:

sudo /usr/local/vpnserver/vpncmd

Select `1` to manage the VPN server, and then connect to the local server by pressing Enter. Create a new Virtual Hub:

HubCreate MyVPNHub

Set an administrator password for the Virtual Hub:

Hub MyVPNHub
SetHubPassword

Next, enable SecureNAT, which allows the VPN clients to connect to the network:

SecureNatEnable

Step 4: Configure VPN Protocols

SoftEther VPN supports multiple VPN protocols. Here’s how to enable OpenVPN, L2TP/IPsec, and SSTP:

ListenerCreate 1194
ListenerCreate 1701
ListenerCreate 443

Enable L2TP/IPsec:

IPsecEnable /L2TP:yes /L2TPRAW:no /ETHERIP:no /PSK:your_pre_shared_key

Enable SSTP:

SstpEnable yes

Step 5: Set Up User Accounts

Create user accounts for VPN clients:

UserCreate vpnuser
UserPasswordSet vpnuser

Repeat the above steps to create additional users as needed.

Step 6: Configure the Firewall

Ensure the firewall allows traffic on the ports used by SoftEther VPN:

sudo firewall-cmd --add-port=1194/udp --permanent
sudo firewall-cmd --add-port=1701/udp --permanent
sudo firewall-cmd --add-port=443/tcp --permanent
sudo firewall-cmd --reload

Step 7: Start and Enable SoftEther VPN Server

Create a systemd service file to manage the SoftEther VPN server:

sudo nano /etc/systemd/system/vpnserver.service

Add the following content:

[Unit]
Description=SoftEther VPN Server
After=network.target

[Service]
ExecStart=/usr/local/vpnserver/vpnserver start
ExecStop=/usr/local/vpnserver/vpnserver stop
Type=forking

[Install]
WantedBy=multi-user.target

Save the file and enable the service:

sudo systemctl daemon-reload
sudo systemctl enable vpnserver
sudo systemctl start vpnserver

Troubleshooting Common SoftEther VPN Issues

Here are some common issues you might encounter and how to resolve them:

  • **Cannot connect to the VPN**: Ensure the VPN server is running and that the firewall is configured to allow traffic on the correct ports.
  • **Client cannot authenticate**: Verify that the correct username and password are being used, and check the Virtual Hub settings.
  • **Slow VPN connection**: This could be due to network latency or insufficient server resources. Consider optimizing the server settings or upgrading hardware.

Supplementary Information

For enhanced security and performance, consider the following supplementary practices:

  • **Use strong encryption**: Configure the VPN server to use strong encryption protocols to protect data in transit.
  • **Monitor VPN usage**: Set up monitoring to track VPN usage and detect any unusual activity.
  • **Regularly update SoftEther**: Keep SoftEther VPN up to date to benefit from the latest security patches and features.
    sudo dnf update -y

Conclusion

By following this guide, you have successfully set up SoftEther VPN on AlmaLinux 9, providing secure remote access to your network. Regular monitoring and updates will help ensure the continued security and performance of your VPN server. For more tutorials and guides, visit ECC (Emmanuel Corels Creatives).


Was this answer helpful?

« Back