SoftEtherVPN Configuration/Installation

A quick lookup page for me to install softether vpn server on Ubuntu 16.04 since the apt version no longer work properly (17-01-2020)

Original apt version
https://launchpad.net/~paskal-07/+archive/ubuntu/softethervpn

Requirements

apt-get install -y build-essential make gcc

Download

wget -O /tmp/softether-vpnserver.tar.gz https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/releases/download/v4.32-9731-beta/softether-vpnserver-v4.32-9731-beta-2020.01.01-linux-x64-64bit.tar.gz

Extract

tar xfz /tmp/softether-vpnserver.tar.gz -C /usr/local

Compile

cd /usr/local/vpnserver
make

Method 1: Non-root User

Note that local bridge setting will not work, so you will need to use SecureNAT

Adding a service account for softether

sudo useradd --system --no-create-home softether

Permissions

chown -R softether:softether /usr/local/vpnserver

find /usr/local/vpnserver -type f -exec chmod 600 {} \;
find /usr/local/vpnserver -type d -exec chmod 700 {} \;

chmod +x /usr/local/vpnserver/vpncmd 
chmod +x /usr/local/vpnserver/vpnserver

Create /etc/systemd/system/softether.service

[Unit]
Description=SoftEther VPN Server
After=network.target auditd.service
ConditionPathExists=!/usr/local/vpnserver/do_not_run

[Service]
Type=forking
TasksMax=16777216
User=softether
Group=softether
ExecStart=/usr/local/vpnserver/vpnserver start
ExecStop=/usr/local/vpnserver/vpnserver stop
KillMode=process
Restart=on-failure

# Hardening
PrivateTmp=yes
ProtectHome=yes
ProtectSystem=full
ReadOnlyDirectories=/
ReadWriteDirectories=/usr/local/vpnserver
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYSLOG CAP_SETUID

[Install]
WantedBy=multi-user.target

Allow vpnserver to bind to local ports despite being run by softether user (non-root)

sudo setcap CAP_NET_BIND_SERVICE=+eip /usr/local/vpnserver/vpnserver

Start service

systemctl daemon-reload
systemctl start softether.service
systemctl enable softether.service

Method 2: Root User

Permissions

chown -R root:root /usr/local/vpnserver

find /usr/local/vpnserver -type f -exec chmod 600 {} \;
find /usr/local/vpnserver -type d -exec chmod 700 {} \;

chmod +x /usr/local/vpnserver/vpncmd 
chmod +x /usr/local/vpnserver/vpnserver

Create /etc/systemd/system/softether.service

cat > /lib/systemd/system/softether.service << EOF
[Unit]
Description=SoftEther VPN Server
After=network.target auditd.service
ConditionPathExists=!/usr/local/vpnserver/do_not_run

[Service]
Type=forking
ExecStart=/usr/local/vpnserver/vpnserver start
ExecStop=/usr/local/vpnserver/vpnserver stop
KillMode=process
Restart=on-failure

[Install]
WantedBy=multi-user.target
EOF

Run

Enable and start the Service

systemctl daemon-reload
systemctl start softether.service
systemctl enable softether.service

Clean up

rm -f /tmp/softether-vpnserver.tar.gz

Full Script

apt-get update
apt-get install -y build-essential make gcc

curl -s https://api.github.com/repos/SoftEtherVPN/SoftEtherVPN_Stable/releases/latest \
| grep "softether-vpnserver.*linux-x64-64bit.tar.gz" \
| cut -d : -f 2,3 \
| tr -d \" \
| wget -O /tmp/softether-vpnserver.tar.gz  -i -

tar xfz /tmp/softether-vpnserver.tar.gz -C /usr/local
cd /usr/local/vpnserver
make

chown -R root:root /usr/local/vpnserver

find /usr/local/vpnserver -type f -exec chmod 600 {} \;
find /usr/local/vpnserver -type d -exec chmod 700 {} \;

chmod +x /usr/local/vpnserver/vpncmd 
chmod +x /usr/local/vpnserver/vpnserver

cat > /lib/systemd/system/softether.service << EOF
[Unit]
Description=SoftEther VPN Server
After=network.target auditd.service
ConditionPathExists=!/usr/local/vpnserver/do_not_run

[Service]
Type=forking
ExecStart=/usr/local/vpnserver/vpnserver start
ExecStop=/usr/local/vpnserver/vpnserver stop
KillMode=process
Restart=on-failure

[Install]
WantedBy=multi-user.target
EOF

systemctl daemon-reload
systemctl start softether.service
systemctl enable softether.service
rm -f /tmp/softether-vpnserver.tar.gz

You can find the script in https://github.com/adjscent/softether_installer.

6 thoughts on “SoftEtherVPN Configuration/Installation”

Natalia Jordan says:

July 21, 2025 at 7:23 am

I like the efforts you have put in this, regards for all the great content.

Maximo Fields says:

August 3, 2025 at 5:42 am

I felt like this was written just for me.

ary sports live says:

August 7, 2025 at 1:21 pm

You’re so awesome! I don’t believe I have read a single thing like that before. So great to find someone with some original thoughts on this topic. Really.. thank you for starting this up. This website is something that is needed on the internet, someone with a little originality!

Luz Stout says:

August 9, 2025 at 2:55 am

Well explained and easy to follow.

Abraham Quinn says:

August 9, 2025 at 7:50 am

One of the best reads I’ve had this week.

Alaina Fuller says:

August 12, 2025 at 9:54 am

I learned something new today.