[SOLVED] SoftEther VPN: A replacement for openVPN?

Started by phoenix, July 11, 2015, 06:54:50 PM

Previous topic - Next topic
Print
Go Down Pages1 2
User actions
July 11, 2015, 06:54:50 PM Last Edit: September 10, 2015, 04:54:40 PM by franco
Hi everyone

I'm not sure if this is the correct forum for my post so please move it if it's more appropriate in another forum.

I'd also like to congratulate the team on getting this fork up and running in such a short time and with such a good UI, I'm looking forward to further developments. :)

I'm just a home user of pfSense (at the moment) after just converting from Endian Firewall a few months ago. I also have several servers that I need to access remotely and I've been trying to get openVPN running, I did eventually but a recent change seems to have broken it again (it seems extremely fragile to me) and I'm not really very experienced with the openVPN server. :( Despite being a pfSense user I'm running OPNsense in a test environment with the intention of converting to it soon.

To the point, at last. :)  I decided to abandon using openVPN and use a VPN server behind the firewall and after searching for a while I found a product called SoftEther VPN (http://www.softether.org/). It's easy to set up, light on system resources, you can also clone the functions of an openVPN server and seems pretty good to me - would it be possible to consider this for inclusion in a future version of OPNsense?

Regards

Bill
Regards


Bill
July 15, 2015, 07:14:44 AM #1
Hi there,

I haven't seen SoftEther in the FreeBSD ports collection, but that doesn't mean we can't put it in there. I will do the following: see what it takes to get a port running and if it works provide it as an optional build, maybe even pushing it to FreeBSD ports mid-term.

I can't promise any GUI , but once the daemon is in it would be relatively easy for others to get started on this using our new MVC infrastructure.

See: https://github.com/opnsense/ports/issues/11

How does that sound? :)


Cheers,
Franco
July 15, 2015, 08:37:54 AM #2
Thanks for your reply, your answer sounds great to me. :) I was thinking it might be more of a long term addition to OPNsense. Unfortunately I don't think anyone is building it for any distribution at the moment. It's fairly trivial to configure and manage from the command line or from a windows machine with their configuration tool. By "trivial to manage..." I am, of course, talking about my fairly simple needs.
Regards


Bill
July 15, 2015, 09:14:45 PM #3
I took a peek and setting up the port seems like jumping through a few weird hoops regarding their versioning scheme and mirror layout. Pulling it through GitHub from FreeBSD ports seems like a more sensible approach. All in all, that'll take longer than initially expected.
July 15, 2015, 09:54:31 PM #4
That's no problem for me, as I said I was expecting this for a longer term implementation in OPNsense. I have a version of SoftEtherVPN running on a CentOS server behind the firewall. I'll continue testing OPNsense for the moment and just switch over when I feel comfortable with it and continue my current VPN server setup. Thanks again for your prompt help with this and all your work on it, I look forward to future releases. :)
Regards


Bill
September 10, 2015, 06:04:32 AM #5
Someone stepped up to the challenge and pushed SoftEther to FreeBSD ports. Initial builds look good for both OpenSSL and LibreSSL so the package will be available from the mirror starting with 15.7.12.

Yay for community work. :)
September 10, 2015, 07:02:38 AM #6
Quote from: franco on September 10, 2015, 06:04:32 AM
Someone stepped up to the challenge and pushed SoftEther to FreeBSD ports. Initial builds look good for both OpenSSL and LibreSSL so the package will be available from the mirror starting with 15.7.12.
That's fantastic, I look forward to testing it. I assume there's no OPNsense GUI component for configuring it at the moment? It's trivial to use the SoftEther Windows server manager to do those tasks or even the command line. :)

Quote from: franco on September 10, 2015, 06:04:32 AMYay for community work. :)
Yes indeed, well done and many thanks from me to whoever did the work. :)
Regards


Bill
September 10, 2015, 04:56:15 PM #7
Indeed, package only first. If the plugin is easy then all the better. steps on how to get softether up and running would be welcome, as it would allow others to pick it up without the full knowledge and get it into a testable state leading to a finished feature at some point. :)
April 25, 2017, 04:27:57 AM #8
Is this going to be a package on opnsense ?
April 26, 2017, 03:06:24 AM #9
I'm following this project. I don't think FreeBSD is supported yet but might be in the future.

Sounds like an interesting replacement for openvpn.

https://www.wireguard.io/
April 26, 2017, 03:14:59 AM #10
This means it has been ported right?

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=188437

April 26, 2017, 06:11:33 AM #11
# pkg install softether

There is no GUI plugin though.

As the thread suggest, all of this happened in 2015 ;)

https://github.com/opnsense/tools/commit/7e3f8cd9c


Cheers,
Franco
April 26, 2017, 08:43:49 AM #12
Such a shame.  The more I read about it the more it looks like the best vpn option out there!
April 26, 2017, 08:48:27 AM #13
A shame? Why? It installs in a heartbeat, configuration is easy enough from the command line. I'm sure Bill can elaborate if asked nicely. :)


Cheers,
Franco
May 03, 2017, 06:19:10 AM #14
Hi there,

Since digging up this thread is fun I use it as a way of letting you guys know that starting with 17.1.6, we also ship a package for the "development" version of SoftEther, which is a newer than the other one:

# pkg install softether-devel


Cheers,
Franco
Print
Go Up Pages1 2
User actions