Installing SoftEther
SoftEther is a performant VPN server package that is my preferred VPN software. There are not packages directly available for Fedora, so it is necessary to download it from the SoftEther website. It can be installed by following the steps below.
Install Dependencies
Download
wget https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/releases/download/v4.25-9656-rtm/softether-vpnserver-v4.25-9656-rtm-2018.01.15-linux-x64-64bit.tar.gz
tar xvfz softether-vpnserver-v4.25-9656-rtm-2018.01.15-linux-x64-64bit.tar.gz
Compile
cd vpnserver
make
Move
cd ..
mv vpnserver /usr/local/
Set Permissions
cd /usr/local/vpnserver
chmod -R 600
chmod 700 vpnserver
chmod 700 vpncmd
Disable SELinux
vi /etc/selinux/config
Update the following line:
SELINUX=disabled
Reboot the computer. Now, create a systemd file:
vi /etc/systemd/system/vpnserver.service
Add the following contents:
[Unit]
Description=SoftEther VPN Server
After=network.target auditd.service
ConditionPathExists=!/usr/local/vpnserver/do_not_run
[Service]
Type=forking
EnvironmentFile=-/usr/local/vpnserver
ExecStart=/usr/local/vpnserver/vpnserver start
ExecStop=/usr/local/vpnserver/vpnserver stop
KillMode=process
Restart=on-failure
# Hardening
PrivateTmp=yes
ProtectHome=yes
ProtectSystem=full
ReadOnlyDirectories=/
ReadWriteDirectories=-/usr/local/vpnserver
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYS_ADMIN CAP_SETUID
[Install]
WantedBy=multi-user.target
Enable and Start the Service
systemctl enable vpnserver
systemctl start vpnserver
