SoftEther is a relatively new VPN project that helps people bypass Internet restrictions and surf the Internet more securely. This article explains what SoftEther VPN is and how to connect to a SoftEther server with various VPN protocols.
We live in a strange World (probably an understatement after surviving 2020). More and more restrictions are imposed on every level of our lives. And the Internet is no exception, and it has not been the exception during the last years.
Access to an open Internet must be everyone’s right. Thankfully, some technologies help us bypass abusively imposed rules. And SoftEther is one of the great ones.
This article takes a closer look at the SoftEther technology, presents its advantages (as well as disadvantages), explains how to connect using the SoftEther protocol, and lists several options on how to get started with SoftEther.
What is SoftEther VPN? The Transylvanian story.
You probably know already that in our fictitious realm (that we called Castlevania, and we virtually placed it in Transylvania, not such a fictitious place), a family of smart bats is running a small chocolate factory.
Their street shop has been heavily hit by the pandemic (as most small businesses have been), but they were able to adapt. TomBat rapidly set up an online shop, and bats all over the World started to order the fang-tastic chocolate made in Castlevania.
A problem soon became more stringent than the pandemic situation: how to properly wrap the chocolate to keep it fresh and maintain the strong cocoa taste (remember: bats do not use preservatives!). And how to maintain the cost low and remain competitive?
After some intensive brainstorming sessions led by GrandPaBat, they decided to split the orders depending on the delivery location, keep the existing wrapping for local orders, and use a new, performant packaging for long-distance orders. Thus, they were able to provide the best possible service and still keep the prices low.
Solution found! And they all lived happily ever after until the end of the pandemic!
Similarly, the SoftEther VPN server can wrap your data traffic into various packaging suitable in different scenarios, and the SoftEther protocol is the new and performant packaging.
And now, let’s talk tech!
What is SoftEther VPN?
Softether (Software Ethernet) is a project developed at the University of Tsukuba (Japan) by Daiyuu Nobori. It proposes a VPN protocol (Softether or SSL VPN) and the architecture of a VPN server capable of serving multiple VPN protocols (Softether, OpenVPN, SSTP, L2TP/IPSec) simultaneously.
Both the Softether protocol and the Softether server are open-sourced, free, and cross-platform. Softether is presented as an alternative to OpenVPN, and it is considered to be faster.
All the features SoftEther provides strengthen its ability to help users navigate safely and bypass any government firewall, making it a popular VPN (Virtual Private Network) protocol.
Several of the SoftEther important features are listed below:
- Available under GNU GPL license;
- Uses 256-bit AES encryption;
- Supports SSL VPN, OpenVPN, EtherIP, L2TP, L2TPv3, and Microsoft’s SSTP protocols;
- Supports IPV6, packet filtering, and dynamic DNS function;
- It accepts both TCP and UDP connections;
- SoftEther VPN uses RSA certificate authentication and deep inspect packet logging function;
- SoftEther VPN client software implements Virtual Network Adapter, and the SoftEther server implements Virtual Ethernet Switch (called Virtual Hub);
- It runs on Windows, macOS, Linux, FreeBSD, Solaris, iOS, and Android.
How does SoftEther work?
The SoftEther VPN server is the central piece of the SoftEther architecture. As listed above, it supports a lot of features, and it provides great performance. The most important aspect is the fact that the server supports multiple protocols: VPN over HTTPS (SoftEther), OpenVPN, SSTP, L2TP/IPSec. Thus, you may use a SoftEther server as a gateway for various devices (PC, Mac, iPhone/iPad, Android devices, etc.) and VPN tunnels.
The SoftEther protocol uses HTTPS to establish a VPN tunnel and port 443 on TCP/IP as the destination. This port is open for most of the firewalls, proxy servers, and NATs. The result is that the SoftEther protocol can be used for bypassing Internet censorship successfully.
Besides the SoftEther protocol, the SoftEther server supports L2TP/IPSec and exposes “clone functions” for OpenVPN and Microsoft SSTP VPN.
When to use the SoftEther VPN protocol?
Now that you know how SoftEther works, you are probably wondering when to use SoftEther. The SoftEther protocol is highly useful in certain scenarios:
- Bypass firewalls. As it works on HTTPS, the SoftEther VPN protocol can overcome internet censorship and bypass most firewalls, including the Great Wall of China.
- Bypass geo-restrictions. As you might already know, some content is accessible only for specific countries or regions. With SoftEther VPN, you can enjoy an awesome online experience without any restrictions.
- Browse safely while using a public Wi-Fi network. Public Wi-fi networks are real threats. It would help if you always think twice before choosing to connect to one without using any protection. Due to its high encryption, SoftEther is a good option as it is secure and fast.
Advantages and disadvantages of SoftEther
Just like any other thing on this planet, SoftEther has its advantages and disadvantages. Let’s take a closer look at the strengths of this technology.
Advantages of using SoftEther
Softether has some important benefits:
- The Softether VPN project is open-source. Thus, free and constantly updated.
- The Softether protocol is fast, as it provides exceptional throughput and low latency.
- The Softether traffic can penetrate highly-restricted firewalls.
- The protocol uses high-level encryption (AES 256-bit and RSA 4096-bit).
- Softether fully supports both IPv4 and IPv6.
- No static nor fixed IP is required for Softether as it supports dynamic-DNS and the NAT traversal function.
- The SoftEther server software can successfully replace expensive Cisco routers.
- The SoftEther server may provide remote access to LAN or a remote location network with the SoftEther VPN Bridge module.
Disadvantages of using SoftEther
The SoftEther technologies has several drawbacks:
- To benefit from the SoftEther protocol’s advantages, users must install and run the SoftEther apps on intended devices.
- The macOS compatibility is not great.
- It is a pretty new technology compared to other protocols (OpenVPN, L2TP, SSTP).
- The SoftEther server does not (yet?) support the WireGuard protocol.
SoftEther vs. other protocols
SoftEther has often been compared to other similar VPN technologies, especially to OpenVPN. Take a look below to understand how SoftEther is related to other VPN protocols.
SoftEther vs. OpenVPN
OpenVPN is considered the de-facto standard when it comes to VPN protocols. However, SoftEther technology brings in useful features and high performance:
- According to some tests, the SoftEther protocol is faster than OpenVPN.
- SoftEther VPN server is multi-protocol. It is also a big plus compared to OpenVPN.
- All operating systems which support OpenVPN (e.g., Windows, Linux, macOS, Linux, iOS, and Android) can connect to the SoftEther VPN server.
- The configuration of the SoftEther server is more straightforward than the one of the OpenVPN server.
- User admin settings can be configured by GUI (graphical user interface) tools.
I believe that the strongest point of SoftEther is that it can “clone” the OpenVPN server and, additionally, offers access to other VPN protocols. Thus, you may replace your existing OpenVPN servers, keep your existing VPN client settings, and still get access to the SoftEther protocol for future network development.
SoftEther seems to be a solid technology and, it may, in time, replace OpenVPN. However, there are no guarantees that this will happen. Only time will tell.
SoftEther vs. L2TP/IPSec (Layer 2 Tunneling Protocol)
L2TP/IPSec is a popular VPN protocol supported by all operating systems and by the majority of VPN providers. With acceptable speed and great encryption, L2TP is a good option to secure your Internet traffic. Operating systems offer access to built-in VPN clients for L2TP/IPSec, making the VPN connection setup easy.
However, the SoftEther protocol is superior both as to speed and encryption. Additionally, the SoftEther server supports L2TP/IPSec and provides easier integration from mobile phones or devices that can not, for various reasons, install the SoftEther client software.
SoftEther vs. SSTP (Secure Socket Tunneling Protocol)
The SSTP protocol, created by Microsoft, provides great security and performance, but its usage is limited to Windows devices (with some exceptions).
SoftEther comes with similar encryption and speed, and it can integrate (clone) the SSTP server. Thus, you may benefit from the SoftEther advantages and still offer SSTP to a slice of your VPN users. That means easier server administration, more flexibility, and lower costs (as you don’t need to purchase the expensive Windows Server operating system).
SoftEther vs. WireGuard
WireGuard is the new kid on the block when it comes to VPN protocol. Everybody is amazed by its simplicity, by its performances, and by its security features. WireGuard seemed to be faster than OpenVPN in our tests, but we have not (yet) performed any side-by-side comparison between WireGuard and SoftEther.
It is hard to compare WireGuard and SoftEther. The first one has chosen the simplicity path implementing the “less is more” principle. In contrast, the second one integrates more features than any other VPN protocol, and it may be regarded as a super VPN technology.
Again, time will tell which of these protocols will benefit from larger adoption.
SoftEther vs. PPTP
PPTP (Point to Point Tunneling Protocol) is an outdated VPN protocol known to have security issues. It is no longer supported on iOS and macOS. By design, the SoftEther server does not offer the possibility to connect to it using the PPTP protocol, probably for the same reasons.
The SoftEther protocol is considered safe, and if you can choose between PPTP and SoftEther, you should definitely choose the latter one.
SoftEther VPN compatibility
The SoftEther VPN client can be installed on Windows, Linux, Mac, Android, iOS, and Windows Mobile.
On macOS, there is no simple way to connect to a SoftEther VPN server with the SoftEther protocol: you may install the SoftEtherVPN GUI outdated app or use the official, but not recommended, SoftEther VPN software app. You may read more about using SoftEther on Mac here.
The SoftEther VPN server runs on Windows, Linux, FreeBSD, Solaris, and Mac OS.
How to set up SoftEther VPN on your devices
The next question to be answered is how to use the SoftEther VPN technology.
If you are the administrator of a server network or want to test SoftEther, you need to install the SoftEther VPN server first. It supports Windows (2000 or later), Linux, macOS, FreeBSD, and Solaris.
Alternatively, you may get started with SoftEther by testing VPN services exposed by the VPN Gate project.
Secondly, you need to connect to the SoftEther server with a VPN client. A SoftEther VPN server can “speak” multiple protocols such as Softether VPN/SSL VPN, OpenVPN, L2TP/IPSec, L2TPv3/IPSec, or SSTP. To connect to such a server, you have the following options:
- Connect using the Softether VPN protocol:
- Option 1: Set up the official SoftEther client app on your device and connect to the VPN server.
- Option 2: Use a third-party software app that can use the Softether protocol.
- Connect using OpenVPN:
- Install an OpenVPN client app and connect to the SoftEther server using the OpenVPN protocol.
- Connect using the L2TP/IPSec protocol:
- Set up an L2TP connection using the built-in VPN client available on your device.
- Connect using SSTP:
- For devices that support the SSTP protocol (Windows-based), you may use the built-in VPN client and connect to the SoftEther server.
All these options are further presented below.
Connect using the SoftEther VPN protocol
For connecting to a SoftEther server, it is recommended to use the SoftEther protocol as it is faster and more secure than the other ones.
The most straightforward option for all operating systems (except for macOS) is to download and install the official SoftEther VPN client apps and set up the connection.
For example, on Windows, you may proceed as follows:
- Go to the SoftEther official download page.
- Select the component as SoftEther VPN Client.
- Select the platform (Windows in our case).
- Choose your CPU depending on your device.
- Download the latest build.
- Run the installer and open the SoftEther VPN client.
- The next step is to create a new Virtual Network Adapter. Click on the Add VPN Connection and, then, the Yes button.
- Choose the name of the adapter (it has to start with VPN) and click OK. You will have to wait for several seconds, up to a minute, to get the adapter creation completed.
- Next, click again on the Add VPN Connection and fill in the connection settings (connection name, VPN server IP address or hostname, connection port, user authentication properties). You may choose from Anonymous Authentication, Radius or NT Domain Authentication, Client Certificate Authentication, and Smart Card Authentication for authentication type.
- To connect to the SoftEther server using the SSL VPN protocol, double-click the name of the VPN connection or right-click and choose Connect.
- You are now connected.
- To disconnect, right-click on the name of the active VPN connection and choose Disconnect.
Alternatively, you may import SoftEther config files (.vpn) provided by the server administrator (right-click in the SoftEther VPN Client Manager app and choose Import VPN Connection Setting).
For macOS, the official SoftEther client is not recommended as it does not provide a graphical user interface. However, you may try using the third-party SoftEther GUI app, as explained here.
Connect using OpenVPN
Another option to connect to a Softether VPN server is to use the popular OpenVPN protocol. To do that, you need an OpenVPN configuration file (.ovpn) from the SoftEther server administrator containing the connection properties (server address, username, password, other settings). Download it from your email or the URL sent by the administrator.
The process of setting up the connection consists of downloading the OpenVPN client app (it is preferred that you use the official OpenVPN apps), load the config files, and connect.
For Mac, you may install Tunnelblick or Viscosity, and proceed in a similar manner.
Connect using the L2TP/IPSec protocol
To connect to a SoftEther server using the L2TP/IPSec protocol, you need to create a manual connection using the built-in VPN client available on all popular operating systems (Windows, macOS, Linux, Android, iOS).
Depending on your device you may follow one of the tutorials listed below (you will need to fill in the SoftEther server info, as well as the authentication data):
- How to set up an L2TP connection on Windows
- How to connect on L2TP from macOS
- How to use L2TP on Linux
- How to set up L2TP on Android
- How to create an L2TP connection on iOS.
Connect using the SSTP protocol
Similarly to L2TP/IPSec, a connection to the SoftEther server using the SSTP (Secure Socket Tunneling Protocol) protocol is possible from devices using Windows. Configure the built-in VPN client and select SSTP as the VPN Type.
VPN services that offer access to the SoftEther protocol
Besides installing your own SoftEther VPN server or getting access from a network administrator, there are still options to use the SoftEther protocol.
The first one is to connect to servers from the VPN Gate network. VPN Gate is a project (created by the same university that created SoftEther) that manages a network of SoftEther servers. Volunteers from all over the World provide the servers. That means that (1) you may use them free of charge and (2) you don’t know who is behind a certain server and if your private data is really safe. The VPN Gate architecture seems to be strong and secure, but you may still consider that your data travels unregulated servers.
To get started with VPN Gate, install the SoftEther client app (as described above), choose a VPN server from the VPN Gate server list, and fill in the server’s connection data to the VPN program app.
A safer solution is to subscribe to a commercial VPN service that exposes SoftEther servers. One of these services, and there are not many, is CactusVPN.
CactusVPN offers access to the SoftEther protocol on all its servers. If you are interested, create a CactusVPN account and fill in the provided server credentials into the SoftEther client software.
Is SoftEther VPN free?
SoftEther VPN is open source. Thus, you may benefit from the SoftEther technology (SoftEther server and VPN clients) for any personal or commercial use free of charge.
Is SoftEther safe?
The SoftEther protocol uses high-level encryption, and its security is considered extremely reliable. For example, SoftEther prevents Man-in-the-Middle attacks by design.
What is the difference between the SoftEther VPN and VPN Gate?
VPN Gate is a project developed and maintained by the same university that developed the SoftEther technology (University of Tsukuba, Japan). The main objective of VPN Gate is to create a global network of VPN servers publicly available. The servers are SoftEther-based, and they are provided by volunteers around the World.
The call for help from people living in countries where censorship is a real problem is currently answered with solutions like the SoftEther VPN protocol.
The censorship problem walks hand in hand with the threats users face while surfing the web unprotected. The awareness of this problem is not at the highest point, as it should be, but we are more than sure that all the internet surfers will realize the dangers they might face if no encryption is used for their connection.
With the SoftEther VPN technology, you can solve two problems at once – browse the Internet freely and 100% safely.
Finally, please subscribe to our newsletter (below), and we promise to keep you updated with news and tutorials on how to use the SoftEther protocol. Plus, you will make a Transylvanian baby-bat very happy. 😃
Good article howver
The problem with SoftEther is:
1 it has not been audited.
2 The founder is NOT part Tsukuba U and is totally unreachable.
3 You have to disconnect a number of thing because the server connects automatically with Japan AND China .
4 vpngate keeps a log of all ip connected.
Hi, John. Thank you for reading my article.
1. You are right: there is no evidence that an independent party had audited SoftEther.
2. Daiyuu Nobori is an Associate Professor at the University of Tsukuba (http://dnobori.cs.tsukuba.ac.jp/en/), at least so it seems.
3. I have not experienced this behavior, but you may be right.
4. Yes, VPN Gate keeps logs. That information is public, and all servers from the list show their logging policy (usually, two weeks).
Hi, Vlad Thank your for your answer. The following does not require publication bu FYI:
2 – Regarding your answer to my initial statement I am aware of the bio pages it seems to be ” a made up page with no contact” since Tsukuba U research does not show anybody by the name of Daiyuu Nobori as an Associate Professor or, softether or as an ongoing project by giving a 404 to any inquiry https://www.tsukuba.ac.jp/inquiry/ which is odd considering that it’s stated as an active project.
2 Why a japanese company would need to open a special site in China knowing that any vpn usage is strictly forbidden there !
If in the config file you deactivate the automatic ip creation in japan and use any kind of outside cert then all the sudden the vpn does not work well!!
Last how odd that the last update is quite recent and that no contact can be found for any interaction as a developer with the project ? Working with others as dev in the U environment I find it very strange and odd.
I have no answer maybe a “collective development” ?
As to Vpngate keeping limited logs ? A bit like the other “commercial “vpn guarantee acting as honeypot for the 9yes ..
Indeed, these are serious concerns. I still consider SoftEther an innovative project, but, as you mentioned, there are important red flags to be counted.