Has anybody the SoftEther VPN suite running on Leap 15?

Hello,

I have three servers running on OpenSuse Leap 15 and there will soon be more. VPN to VMs running on these servers is an essential features for us.

The SoftEther VPN suite (see https://www.softether.org) seems to me the most sophisticated package but there is almost no mentioning with OpenSuse. We had bad experiences with openVPN and want to get away from it.

Has any OpenSuse user experiences with SoftEther? I would very much appreciate a short comment.

Thank you in advance.
Best regards
Frank

Hi
I see an OBS user has it packaged up;
https://build.opensuse.org/package/show/home%3Admacvicar/softether

Build from source?
https://github.com/SoftEtherVPN/SoftEtherVPN/releases

Ask the OBS user to update to the latest release for openSUSE?

Hello Malcolm,

thank you for your reply, that was my idea anyway, but before bothering others, I was curious if EtherSoft works at all and properly and reliably on openSuSe, i.e. for experiences. It is mentioned only very rarely in conjunction with SuSe. I made intensive searches before posting here.

About your proposal to “Build from source?”:

Despite my >35 years of full time experience in software development, most if which since 1986 in Smalltalk (which isn’t trivial, really), I have no practical experience with compiling as this was never needed. So I would expect Murphy’s law to fully apply.

Best regards
Frank

General addition to this subject:

The EtherSoft build referenced above by Malcom was new to me as it was NOT brought up by any of my searches:

• in the forum searching “All types” was no reference
• in the openSuSe package search no refererence was shown either](https://software.opensuse.org/)

](https://software.opensuse.org/)In my view, this is clearly “sub-optimal”.

Therefore, again my thanks to Malcolm for pointing me there.

Best regards
Frank

Apparently you are the first one mentioning this on the Forums, so I see this as normal.

• in the openSuSe package search no refererence was shown either](https://software.opensuse.org/)

](https://software.opensuse.org/)In my view, this is clearly “sub-optimal”.

Choosing “ALL Distributions” in the Settings dropdown finds 6 packages, not shown by the default “openSUSE LEAP 15.0” setting.
I may agree that this is sub-optimal, but maybe this hint might help other readers.

Hi
I use osc for my searches (need an OBS account though);

 osc se softether

No matches found for 'softether' in projects
####################################################################
matches for 'softether' in packages:

# Project       # Package
home:dmacvicar  softether

I’ve added a comment in the OBS project asking for it to be updated…

After visiting the softether download page,
I don’t see what might be troubling you.

First,
I’d recommend you disregard anything that might be built in OBS, unless it’s been rebuilt <very> recently it can’t be better than what you’d get from softether directly.

All the Linux packages from softether appear to be compiled binaries that should run on any distro, they’re all distributed as TAR files and not packaged for specific package managers.

You can download from a number of different servers, the following link is to an Azure server… which is fine because that’s just the server and has nothing to do with the files that are served or specific target install platforms.

https://www.softether.org/5-download

If you choose to compile your own from source, that looks easy, too. This is not recommended for non-Developers because although it’s extremely uncomplicated, it’s just not necessary compared to what is available above.

1. Clone the github source from the following page
   https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/
2. Follow the instructions to build on the following page, substitute “zypper” for the “yum” commands
   https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/blob/master/BUILD_UNIX.TXT

The only thing I can see that might be a hang-up for Users is the wide variety of different VPN components available, so it seems that softether supports a number of different scenarios. Unless you just want to install the simple x64 or x86 or ARM clients (depending on your client machine’s architecture), you’ll just have to read the documentation to understand what else there is you may want to install.

If you have questions about installing one of these binaries, I guess you can post a specific question to this Forum or to softether support, but I don’t think there should be any doubt whatsoever what the best option is for installing… Use the softether binaries.

TSU

Hello tsu,

thank you for pointing me to the original SoftEther download page where there are the Linux bianries.

I am not sure if it’s only my stupidity to have chosen the download from cnet.com where only Windows binaries are available and/or a somwhat insufficient and misleading user interface on the first SoftEther download page.

If you choose to compile your own from source, that looks easy, too. This is not recommended for non-Developers

Well, I have been a full-time developer for more than 35 years but since 1986 only in pure oject-oriented Smalltalk (where true compiling is neither necessary nor possible) and I have never compiled anything myself and avoided any language that needs to be compiled as I regard this as far outdated and antique when developing application software (OS and system stuff is another subject). I remember the huge hassle we had with Objective-C between 1987 and 91 where I was the architect and project manager. Debugging etc was a nightmare! Still, we finished the project and got it to work.I

If you knew the capabilities of the ingenious Smalltalk debugger you’d understand my point.

So developing and the need to compile are entirely separate things!

the wide variety of different VPN components available, so it seems that softether supports a number of different scenarios

Well, that is exactly what attracts me! Beyond the bad experiences with openVPN. SoftEther seems to be an ingenious concept offering many opportunities in today’s Orwellian times.

Best regards

Hello tsu again,

well, you were wrong and so was I in my previous post, because SoftEther claims to offer “builds” in the list of donwloads but what one gets are only the sources, no binaries, no rpm, which I find very misleading to call the sources “builds”.

To make things worse, the binaries that I downloaded from the SuSe build page and member dmacvicar cannot be installed. YaST stops with an undefined error message (says only: Error loading package list) and Discover even hangs (repeatedly) and must be killed.

As in some way a Unix veteran (since 1986) I must state that very little has improved as far as the usability is concerned over the past 30+ years. The pure developer sort of “hacker” attitude seems still to be predominant and this attitude is generally the opposite of user-friendly. I have managed projects of together over 150 men years, all succesfully, and therefore I do know what I am talking about.

Very frustrating!

Best regards

I’d never heard of SoftEther VPN before this thread, but out of interest, I decided to have a brief attempt at building the stable version using the instructions given in the README, but I encountered a fatal error during the make step. If I was serious (and I’m not) about making progress with this I’d probably post the error I got in their user forum for advice…

http://www.vpnusers.com/

Hi
Sounds like you may have some other issues lurking?

Anyway, package has been updated to latest stable release, lets test installing…

 zypper ref
Repository 'openSUSE-Leap-15.0-Oss' is up to date.                                                                                                                                        
Repository 'openSUSE-Leap-15.0-Update' is up to date.                                                                                                                                     
All repositories have been refreshed.

zypper in https://download.opensuse.org/repositories/home:/dmacvicar/openSUSE_Leap_15.0/x86_64/softether-4.27.9668-lp150.1.1.x86_64.rpm

Loading repository data...
Reading installed packages...
Resolving package dependencies...

The following NEW package is going to be installed:
  softether

1 new package to install.
Overall download size: 2.4 MiB. Already cached: 0 B. After the operation, additional 9.4 MiB will be used.
Continue? [y/n/...? shows all options] (y): 
Retrieving package softether-4.27.9668-lp150.1.1.x86_64                                                                                              (1/1),   2.4 MiB (  9.4 MiB unpacked)
softether-4.27.9668-lp150.1.1.x86_64.rpm:
    Header V3 DSA/SHA1 Signature, key ID 4b8b0a41: NOKEY
    V3 DSA/SHA1 Signature, key ID 4b8b0a41: NOKEY

softether-4.27.9668-lp150.1.1.x86_64 (Plain RPM files cache): Signature verification failed [4-Signatures public key is not available]
Abort, retry, ignore? [a/r/i] (a): i <<==== select ignore....

Checking for file conflicts: .......................................................................................................................................................[done]
(1/1) Installing: softether-4.27.9668-lp150.1.1.x86_64 .............................................................................................................................[done]
Additional rpm output:
warning: /var/cache/zypper/RPMS/softether-4.27.9668-lp150.1.1.x86_64.rpm: Header V3 DSA/SHA1 Signature, key ID 4b8b0a41: NOKEY

Looks all good to me…

I just downloaded and installed the Linux vpn client.

As described, the download is little more than binaries, or at least is the bare minimum to create the binaries.

Am running the vpn client without issue on LEAP 15 although it’s configured only with defaults… ie. it launches without reporting an error.

Here are the steps…
Download the Linux VPN client package from the Azure server, the 640bit client should be the following file as of today
softether-vpnclient-v4.27-9668-beta-2018.05.29-linux-x64-64bit.tar.gz

Extract it with the following command

tar -xf softether-vpnclient-v4.27-9668-beta-2018.05.29-linux-x64-64bit.tar.gz

Install prerequisites. Make should already be installed by default. Maybe none of the following is required at all, but I installed them anyway as my SOP.
Or, skip this step and run the make command (described next) to verify you aren’t really compiling anything.

zypper in kernel-devel kernel-default-devel gcc

If your terminal isn’t already where you extracted the vpn client files, cd to the directory.

The makiefile doesn’t appear to compile anything, it’s used to walk the User through a series of agreements
Execute make to install (no make install needed). Choose option 1 for every question. When completed, (in a split second which likely means only copying and no building), you will find two new executables, vpnclient and vpncmd.

make

Now, execute your vpn client to test

./vpnclient start

Although I installed all those prerequisites for compiling, I suspect they’re unneeded.

HTH,
TSU

Just a FYI -
Although there are no install instructions for Linux, I was able to figure out the install in the following way…

Start with deownloading and extracting the tar file.
That’s the first clue, anything distributed as a tar is generally meant to be a universal package and what you’ll likely find within should work on any machine and not restricted to what a package manager can support (ie no rpm, deb or other similar packages).

Upon extraction, you’ll find a makefile.
That will tell you that you’ll likely need to run “make” to build from source following the intructions in your makefiles, and then install in a separate step.
In this case though, if you open the makefile in a text editor, you’ll find it’s curiously very short and contins some menu Q&A.
You’ll also find two directories, src and library.
And, you’ll find some INSTALL files in 3 different languages. Uusally, you’ll start here but if you read any of these in your text editor you won’t find any build instructions, only documentation about the overall parts of the softether suite.

So, with no build instructions you should guess what needs to be done…
NOT open in YaST.
When you see a makefile, you should run “make” in that directory.
I don’t know if any of the prerequisites I described in my prior post are needed, but those are typical if anything needs to be built, and if any kernel modules need to be built.

When you run “make” you will find a series of licensing compliance questions, then a successful completion.
Follow the instructions, and you’ shouldn’t have a problem.

HTH,
TSU

Upfront just a quick thank you all very much for your help!
I am extremely impressed!

I come back to solve this for me important problem ASAP.
Unfortunately, customers keep me away for the moment.
And I will report here about my success or failure.

Best regards