I always thought about setting up and using my VPN server was complicated, not that I use VPN that often but it can be put to great use for several things. The process of setting up an OpenVPN server in Windows is pretty straightforward but can’t quite guarantee the setup to go smoothly and without any headache.
The headache, I am referring to is specifically the NAT set up in my Windows server, didn’t have the administrative rights to set up the NAT routing for OpenVPN which halted my plan to setup a personal VPN server.
After a bit of searching, I came across SoftEther which is not a VPN solution per say but more of a compilation of multi-protocol VPN software that allows you to configure and run the VPN server of your choice and availability. Best thing about SoftEther is that it is completely free!
Installation of SoftEther is probably the easiest process, especially in Windows platform, you can simply download and install SoftEther VPN Server or go directly to the download page. Simply select the platform and runtime environment. Download and install, process is pretty simple and straight-forward.
Setting up SoftEther is pretty simple as well however it gets confusing sometimes.
- Run SoftEther VPN Server Manager and set up a new setting if nothing exists already. Secure your settings with a strong password if your server is shared among others.
- Press Connect and if no Virtual Hub exists, Create a Virtual Hub. Try and enter as strong password as possible.
- Once you have created and set up a Virtual Hub, click Manage Virtual Hub button.
- Create a new User with strong password (this username and password) can be used to authenticate to our server via. our OpenVPN client. Password Authentication is recommended.
- Once done with adding a new user, close the Create New User window and launch Virtual NAT1 and Virtual DHCP Server (SecureNAT) window from Management of Virtual Hub window. Enable SecureNAT.
This was the most important feature SoftEther provided in my situtation because I had almost no access to manage NAT in my Windows server.
- Head back to Manage Server window >
OpenVPN / MS-SSTP Settingand enable OpenVPN server. Feel free to generate sample configuration file for your OpenVPN clients from the same window to avoid returning.
- I used SoftEther’s
Dynamic DNS Settingto enable dynamic DNS2 function, free of charge. This is completely optional!
- That should be it for the VPN set up part.
Extract and open the sample configuration file we generated from
OpenVPN / MS-SSTP Settingwindow, there should be two files. Ignoring the PC Name from the filename
_openvpn_site_to_site_bridge_l2.ovpn. We need the first one for the remote access.
Open it with a text editor of your choice. The content inside is pretty clear and contains comment blocks to explain what the settings mean which you can refer to OpenVPN Documentation for further in-detail understanding.
The generated sample configuration file with
_openvpn_remote_access_l3.ovpnon its name will be our client configuration that you can download however, we need to edit our hostname in that file.
remote .. 1194to the dynamic DNS domain provided by SoftEther, e.g.
vpn8******.softether.netin our set-up process.
Once done, edit a field in the configuration file named
auth-user-pass auth.txt, rename the file to something simpler, for example
client.ovpnand download it to your client machine.
In the same directory where your
client.ovpn resides, create another file
auth.txt with the username and password you set up. Your
auth.txt content layout should have username in first line, password on the second, that’s all.
Connecting to our OpenVPN Server
Connecting to our OpenVPN server is quite simple, you can use an OpenVPN client to import your
client.ovpn or if you are a terminal preferring user like myself, a simple command like so can get the job done.
Good Luck & stay safe!
NAT refers to Network Address Translation is a method of remapping one IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device. Source: Wikipedia ↩
Dynamic DNS functionality refers to the method of assigning a permanent address to the dynamic hostname, acts like a pointer. ↩