Hi, I’ve got a site using old/outdated free VPN and I’ve seen softether mentioned a few times recently (www.softether.org - sorry on mobile not sure of formatting). Anyone used it? Is it secure? Was planning on using wireguard but waiting for officials windows support thanks
Why wouldn’t you just drop a proper router or two in each location and run IPSec like a civilized technologist?
I’ve never heard of this, but it describes itself as an alternative to OpenVPN. I wonder what would be the pros of SoftEther vs OpenVPN?
OpenVPN has been through a security audit, not sure about softether. Also OpenVPN is free. Are.you talking about Site-Site VPN? Remote users connecting in? Either way OpenVPN has clients for all the things (win, mac, lin, ios, android, etc…)
If you mean for a privacy vpn, neither of those will work without you setting up a backend for it somewhere
I have used Softether for many years at work to provide remote connectivity for roadwarriors or remote office.
It was workign very well and it can run inside a VM without any problems.
The only issue that we had and we was unable to solve is how to push static routes to the clients.
I hope they solved it with last releases.
SoftEther works, it allows clients to use their native/built-in L2TP VPN client, from pretty much any platform.
At least try it before you bash it, it works very very well, and easy to manage.
You can easily slap on radius or AD authentication.
Server runs in a VM environment, can run on Windows or Linux.
If you are going to bash it, at least put some effort in and tell me what the limitations are, because I haven’t found any.
I have used it, but I dont think its been used by many in the enterprise conditions. Go with Wireguard on linux if you want It cheap or setup some boxes for old school site-to-site.
That’s interesting thanks, it does look good and I’ll definitely have a play with it first.
For remote users connecting in, I’m sure OpenVPN would work but we always found it a bit of a pain to setup and support.
+1 for open vpn. Simple to set up for remote access, and there’s a ton of documentation.
Softether is an excellent software and will most likely outperform any other solution.
It is secure, easy to configure, versatile and extremely fast.
Don’t let people make you think that hardware or proprietary solutions will be better, they’re not.
We do run full hardware solution for all offices - it would just be for the road warriors.
Yes - me too to be honest
Push static routes work just fine! Not sure how you are using it. Static routes work with both L2TP, and Softether Client, probably other methods as well. the trick is to use their securenat feature, there is an option to push routing table.
will most likely outperform any other solution.
LOL
Don’t let people make you think that hardware or proprietary solutions will be better, they’re not.
LOL
Found the guy who works for softether
Proprietary solutions aren’t the best but SoftEther isn’t either. If you want fucking fast, wireguard or go home.
the trick is to use their securenat feature, there is an option to push routing table.
We do many trials just with securenat and never reach the goal. It was 5 years ago, then maybe it was just a problem of older versions.
Yes, his response is laughable. We are a Cisco shop, and are looking to leverage SGT with AnyConnect via ISE. There is no way we would migrate to an open source client such as softether.
OP should probably have described what type of environment he has campus side and to what granular degree policies need enforced, if at all. That is usually a better indicator of what the front end client needs to support.
Drink more Cisco cool-aid.