SoftEther: An amazing free VPN server

The-Sentinel · March 9, 2025, 4:09pm

Anonymous · March 9, 2025, 4:09pm

Reason 2: Copyright Problem (Big Problem)

In fact our work has several related people and institutions. We have to take the agreement to disclosure the entire source-code. Otherwise copyright legal issue will occur. If one of our related copyright-holder will deny the disclousing his source-code, we have to exclude the affected parts.
We are trying to resolve the above two reason as soon as possible, and aiming to release the source code of SoftEther VPN in middle of 2013 or earlier.

So that’s never going to happen

SickWilly · March 9, 2025, 4:09pm

Why is there a fork bomb in the banner for “VPN for IT Professionals?”

saeraphas · March 9, 2025, 4:09pm

This may be a fantastic alternative to OpenVPN or myriad other VPN models, but I lost interest at this part right here:

Built-in NAT-traversal penetrates your network admin’s troublesome firewall for overprotection. You can setup your own VPN server behind the firewall or NAT in your company, and you can reach to that VPN server in the corporate private network from your home or mobile place, without any modification of firewall settings.

Stop. Don’t do this. If you need access, put in a request to your friendly neighborhood sysadmin. If you need remote access to the company network to do your job, please just ask me. I promise I’ll help.

I might even go out of my way to help with a personal tech support issue if you ask nicely and it doesn’t negatively affect work use. But if you go installing rogue VPN clients on my network, I will bring the hammer down.

Speaking only for myself, I implement network security policies because I have a legal and moral obligation to protect my employers’ sensitive data. Even if a data breach or security vulnerability isn’t my fault, it’s still my responsibility. Those policies are in place for a reason, so if you’ve got a problem with how I manage my network, take it up with the appropriate chain of command.

I HATE playing technology police, but don’t think that I won’t find out what you’re up to just because I can’t use deep packet inspection. It’s my job to know the condition of my network and my equipment, and I am good at my job. I have automated agents that report what applications are installed on your computer and what executable processes you’re running in your session. I have monitoring systems that report how much data you’re using. I’ll review your company laptop when it crosses my desk for service, or when I issue new computers to your department, or when you turn it in when you leave. Eventually, I WILL find out, and I WILL turn you in to HR.

There are many other things I would rather do than pursue violations of technology policy. Like research and design. Like automation. Hell, even writing budget and grant proposals. Or reddit!

I’m here to help. Please don’t try to circumvent me.

pwnies_gonna_pwn · March 9, 2025, 4:09pm

oh boy.

i see that on any company computer and there will be some budget item for fire wood for a stake…

IPsec-based VPN protocols which are developed on 1990’s are now obsoleted. IPsec-based VPN are not familiar with most of firewalls, NATs or proxies. Unlike IPsec-based VPN, SoftEther VPN is familiar with any kind of firewalls.

however, the amount of bs on that site is unbearable.

JESUS FUCK.

bloodygonzo · March 9, 2025, 4:09pm

So it is an SSL VPN. What is new and amazing about it?

stozinho · March 9, 2025, 4:09pm

who are you aiming this at, or are you just showing off?

Natrox · March 9, 2025, 4:09pm

I know this is an ancient post, but there’s some context to wanting to bypass your admins. It’s Japanese software, aimed at Japanese companies, notoriously bureaucratic and multi-layered making it quite annoying to try and coax IT to do anything - especially opening up ports (they’ll shudder and go “… that might be hard” because nobody wants to take responsibility if a breach happens). So, in certain situations, and in accordance with the culture, it may be more acceptable to bypass the admins.

Really, turn them in to HR? Reporting someone to HR is a pretty drastic action. Give them a stern warning first, block the SoftEther domains, you’re done for the day. If you act like this to your colleagues, I wouldn’t be surprised if they try to bypass you. Being a sysadmin does not make you the tech god or something, you’re still dealing with humans. Better to be forgiving than to be seen as an asshole. Repeat offenders are a different story - and I do think the circumstances also matter (e.g. if the VPN was set up to bridge with the local network allowing one to access other PCs than the server host, that’s much worse than if it’s just one access point for remote desktop).

Also, this feature is useful for home users like myself. I don’t have the luxury of opening up my network to the outside. My ISP just doesn’t give me the option to forward ports - so a VPN that is able to do this is the easiest solution for me. In any case, the service relies on “vpnazure.net”, so if you want to stop people from using that feature, just block the domain.

mr_dave · March 9, 2025, 4:09pm

And cablefailed.

saeraphas · March 9, 2025, 4:09pm

I’m remembering two past users specifically.

One brought in a dumb switch and a personal laptop to download things from usenet via SSL using the company’s internet connection and lied to me about having done it until I showed his supervisor the traffic stats from the port in his office. When a port on the thin client VLAN starts moving 60GB+ over the weekend, it’s kind of a no-brainer that something needs to be investigated.

At another job, a staff had used SSH (actually, probably WinSCP/FileZilla) to download ~10GB of porn on his work computer. I actually might not have noticed, but for he put in a ticket complaining of slow logoff and long offline files sync times. A TreeSize of his server-side redirected folders showed the 10GB folder full of .AVI files.

I truly don’t care if people want to watch porn or download movies or music. As long as they do it at home. I HATE turning people in to HR. A couple of people have gotten fired as a result of things I’ve found on their work computers, and it truly feels awful to be involved in that process, even though I’m just the messenger. HATE it.

The junior high kids who wanted a Minecraft server? They got it.

saeraphas · March 9, 2025, 4:09pm

Thank you for your comment. This was indeed an ancient post, and if nothing else it’s interesting to reflect on the attitudes I used to hold.

I had not considered the origin of the software, or the societal context from which other people would have appraised its value. My perspective then was based on my experience as the solo sysadmin at a small nonprofit, naïve and eager to prove my own value to that organization.

My remark about turning someone in to HR was based on what - at the time - had been a recent interaction with one particular staff who was a repeat offender well past the informal “hey, please don’t do that in the office” stage, and generally a problematic staff for other reasons. I would have still taken the same actions today, though I wouldn’t have trumpeted it on the internet to make myself feel important.

What’s more, you’re right - I did think of myself as the tech god, or something. Years of making mistakes have done much to shatter that illusion. These days I just try to remind myself and others that my role is to be here to help.

Thank you again, /u/Natrox.

Natrox · March 9, 2025, 4:09pm

Hey, glad I could help. 9 years is a lot of time! Regarding that staff, it sounds like you made the right call. If people can’t adjust their behavior via a warning, sometimes you just have to resort to more serious consequences.

Hope you’re doing well for yourself!