SIGN IN / UP
      SIGN IN / UP

      We use cookies and similar technologies necessary for the site to function. Optional cookies from third parties are used to improve our service and to provide you with personalized content and advertising if you agree. You can freely opt out here or customize your choice of optional cookies by clicking "Additional settings". Please see our privacy policy and cookies policy for more information on what data is collected and how it is shared with our partners.

      Cookies Policy
      Marketing
      These cookies may be placed on the site by our advertising partners. These companies may use them to build a profile of your interests and show relevant ads on other sites. They do not store personal information directly, but are based on the unique identification of your browser and device online. If you do not allow these cookies, you will see fewer targeted ads.
      Functional
      These cookies allow the site to provide advanced features and personalization. They may be set by us or by third party providers whose services we have added to our pages. If you do not authorize the use of these cookies, some of our services may not work properly.
      Necessary
      These cookies allow us to count the number of visits and traffic sources to measure and improve the performance of our site. They help us to know which pages are the most or least popular and to see how many people are visiting the site. All information collected by these cookies is aggregated and therefore anonymous. If you do not authorize the use of these cookies, we will not know when you have visited our site and will not be able to track its performance.
      Cookies Policy
      opened image

      How to configure SSTP VPN server via SoftEther VPN in Docker

      Similar articles:
      Databases in cPanel Create MySQL/MariaDB database in Hestia panel Configuring Firewall with Centos 7 IPTables How to change and add DNS records in cPanel How to install and configure fail2ban in Ubuntu 20.04

      VPS

      FROM €3.96/MONTH

      Discount -20% for the first month

      SSTP (Secure Socket Tunneling Protocol) is a form of virtual private network (VPN) tunnel that provides a mechanism for passing PPP traffic over an SSL/TLS channel.

      SSL/TLS provides transport layer security with key negotiation, encryption, and traffic integrity checking.

       

      A fairly simple VPN, which was developed by Microsoft, has a number of advantages,

      such as no need to install additional software to work on Windows,

      supported right out of the box, easy to configure both on the server side and on the client side,

      the disadvantages are that this VPN is somewhat slow, has limitations in terms of configuration and does not know support the UDP protocol.

      Despite the rather large drawbacks, in some cases it can be useful.

       

      We will be installing an SSTP VPN server based on SoftEther VPN in Docker, which allows you to further simplify the installation of this software.

      A guide on how to connect to the SSTP VPN server after it's setup, can be found here:

      https://zomro.com/blog/faq/413-how-to-connect-to-sstp-vpn-from-windows-10

       

      SoftEther VPN also supports other protocols such as OpenVPN and L2TP/IPsec, but in this article we will focus only on SSTP.

       

      1. Docker installation

      Run the following commands to install and start the Docker service:

      wget -qO- https://get.docker.com/ | sh

systemctl start docker

systemctl enable docker

       

      2. Next, you need to open the port in firewall on which the VPN will work and save the setting permanently:

      iptables -I INPUT -p tcp -m tcp --dport 443 -j ACCEPT

service iptables save

      On different Linux distributives saving iptables rules may differ.

      Please note that if sites are running on your server, you will need to select a different port to avoid port conflicts.

       

      3. Issuance of a certificate.

      Now you need to issue a certificate that will be used to encrypt the connection, note that there is no need to set a password for it.

      We will also need a domain that will be used for connection to the server, the domain must be directed to the IP address of the server in DNS,

      replace the word MYDOMAIN in the following line with your domain name:

      openssl req -x509 -nodes -newkey rsa:4096 -keyout server_key.pem -out server_cert.pem -days 365 -subj "/C=XX/ST=XX/L=XX/O=XX/OU=XX/CN=MYDOMAIN/[email protected]"

       

      For example, I will specify the "example.com" domain, but you need to specify a real working domain, otherwise the VPN will not be able to connect.

       

      We get the secret key file "server_key.pem" and the certificate file "server_cert.pem" in the current folder.


       

      4. SoftEther VPN launch:

      Let's create a server password, that will be used only on the server and only for settings.

      Replace the word MYPASSWORD on the next line with your chosen password (password should be atleast 12 symbols and to consist of numbers and lowercase and uppercase letters) and then enter the following command in the console:

      SERVER_PASS='MYPASSWORD';

       

      Now let's create our user and it's password.

      This credentials will be used for connection, so write down this data somewhere, as we will need to enter it later on your computer:

      Replace the word MYUSER with your connection name and the word MYPASSWORD with your chosen password (password should be atleast 12 symbols and to consist of numbers and lowercase and uppercase letters) in next lines and then enter these lines in the console:

      CUSER='MYUSER';

CUSER_PASS='MYPASSWORD';

      I will use "client1" as the username.

       

      Download and run the container with SoftEther VPN, passing the previously specified parameters and attaching the previously created certificate, just run the following command:

      docker run --restart=always -d --name sstp-vpn --cap-add NET_ADMIN -p 443:443/tcp -e SSTP_ENABLED=1 -e USERNAME=${CUSER} -e PASSWORD=${CUSER_PASS} -e SERVER_PWD=${SERVER_PASS} -e CERT="$(cat server_cert.pem)" -e KEY="$(cat server_key.pem)" fernandezcuesta/softethervpn

       

      Let's check that our container is up and running:

      docker ps



       

      5. Create an additional user (optional)

      If you need to create a few more connections, then you need to run the following commands for each one:

      docker exec -it sstp-vpn ./vpncmd <MYDOMAIN> /SERVER /PASSWORD:"$SERVER_PASS" /ADMINHUB:DEFAULT /CSV /CMD UserCreate <USER_NAME> /GROUP:none /REALNAME:none /NOTE:none

docker exec -it sstp-vpn ./vpncmd <MYDOMAIN> /SERVER /PASSWORD:"$SERVER_PASS" /ADMINHUB:DEFAULT /CSV /CMD UserPasswordSet <USER_NAME> /PASSWORD:<PASSWORD>

      Where you need to replace:

      <MYDOMAIN> - replace with the domain name that you specified earlier in certificate issuing command

      <USER_NAME> - replace with the name of the new connection (user)

      <PASSWORD> - replace with the password of the new connection (user)


       

      On the server, the configuration is over, let's move on to the configuration guide on the client side in the next article:

      https://zomro.com/blog/faq/413-how-to-connect-to-sstp-vpn-from-windows-10

       




       

      Similar articles:
      Databases in cPanel Create MySQL/MariaDB database in Hestia panel Configuring Firewall with Centos 7 IPTables How to change and add DNS records in cPanel How to install and configure fail2ban in Ubuntu 20.04

      VPS

      FROM €3.96/MONTH

      Discount -20% for the first month