Configure Softnet ethernet VPN server on Azure step by step

blog.payperitem.com,

o set up a SoftEther VPN Server on Azure, using a Windows VM, here’s a complete step-by-step guide to get it running securely and efficiently.

🛠️ Overview

  • VPN Server: SoftEther VPN (an open-source, multi-protocol VPN)
  • Cloud Platform: Microsoft Azure
  • OS: Windows Server (or Windows 10/11)
  • Scenario: You want to securely connect remote clients to Azure over VPN.

🔧 Prerequisites

  1. Azure subscription
  2. A Windows VM deployed in Azure
  3. Basic networking knowledge (ports, IPs)
  4. RDP access to the VM
  5. Optional: Dynamic DNS if your IP changes

🧱 Step-by-Step Setup

✅ Step 1: Create a Windows VM in Azure

  1. Go to Azure Portal
  2. Create a new Windows Server 2019/2022 or Windows 10/11 Pro VM
  3. Choose a region and instance size (e.g., B2s is fine for testing)
  4. In Networking, enable port 443, 5555, and optionally 992, UDP 500 and 4500 (for L2TP/IPSec)
  5. Allow RDP (port 3389) to connect

✅ Step 2: Connect to the VM

  1. Use Remote Desktop (mstsc) to log into the VM using its public IP
  2. Once logged in, install all Windows updates

✅ Step 3: Download & Install SoftEther VPN Server

  1. Go to: https://www.softether-download.com/
  2. Choose:
    • SoftEther VPN Server
    • Windows
  3. Download the installer and install it on the VM
  4. During install:
    • Choose SoftEther VPN Server
    • Launch SoftEther VPN Server Manager after install

✅ Step 4: Configure VPN Server

4.1. Launch VPN Server Manager

  • When prompted, set a strong admin password
  • Connect to “localhost” using “Administrator” mode

4.2. Create a Virtual Hub

  • Click “Create Virtual Hub”
  • Give it a name (e.g., azurehub)
  • Set hub admin password

4.3. Enable SecureNAT (for DHCP/NAT)

  • Select your virtual hub
  • Click “Manage Virtual Hub” → “SecureNAT Configuration”
  • Enable SecureNAT to automatically provide DHCP and NAT

✅ Step 5: Configure User Authentication

  1. Inside your virtual hub settings, go to:
    • “Manage Users” → “Create User”
  2. Enter:
    • Username (e.g., vpnuser)
    • Auth Type: Password
    • Set a strong password

✅ Step 6: Enable VPN Protocols

In the main SoftEther Server Manager window:

  1. Click “Enable VPN Azure” (optional cloud relay)
  2. Click “Manage Server Settings”
    • Enable protocols:
      • L2TP/IPSec (enter a shared secret)
      • OpenVPN clone support
      • SoftEther VPN Protocol
    • Make sure:
      • Port 443, 992, 5555 are open
      • UDP 500, 4500 are allowed (for L2TP)

✅ Step 7: Firewall and Azure NSG Rules

  1. Open Windows Defender Firewall
    • Allow inbound TCP ports: 443, 5555, 992
    • Allow UDP ports: 500, 4500
  2. In Azure Portal:
    • Go to the VM → Networking
    • Add Inbound Port Rules for:
      • TCP 443, 5555, 992
      • UDP 500, 4500

✅ Step 8: Install SoftEther VPN Client (on local machine)

  1. Download from SoftEther download site
  2. Choose SoftEther VPN Client
  3. Install and:
    • Create new connection to your Azure VM public IP
    • Choose SoftEther VPN Protocol
    • Enter the username/password from Step 5
    • Connect!

✅ Optional: OpenVPN Support

  • SoftEther can auto-generate an openvpn_config.zip
    • In VPN Server Manager → Virtual Hub → OpenVPN / MS-SSTP Setting
    • Download config and use it in any OpenVPN-compatible client

✅ Optional: Dynamic DNS (DDNS)

SoftEther supports built-in DDNS:

  1. Enable DDNS via the VPN Server Manager
  2. It will give you a domain like: xxxx.softether.net
  3. Use this instead of your public IP

Active Directory Azure Cloud Security Server 2025 VPN Windows

Related Posts