SoftEther VPN

An open-source, free, cross-platform multi-protocol VPN program

SoftEther VPN is a free, open-source multi-protocol VPN software from the University of Tsukuba. It supports SSL-VPN, OpenVPN, L2TP/IPsec, MS-SSTP, L2TPv3, and EtherIP, offering high-speed throughput, NAT-traversal, and firewall-resistant remote-access and site-to-site VPN connections.

Personal VPN Self-Hosted VPN Business VPN Enterprise VPN Privacy-Focused VPN Open Source VPN Censorship-Bypass VPN

Visit websiteAlternatives →

SoftEther VPN Project - Homepage Screenshot

Description

SoftEther VPN ("Software Ethernet") is a free, open-source multi-protocol VPN software developed as an academic project at the University of Tsukuba (Apache License 2.0). It virtualizes Ethernet devices to enable flexible virtual private networks for both remote-access and site-to-site VPN topologies.

Supported Protocols

It supports SSL-VPN (Ethernet over HTTPS), OpenVPN, L2TP/IPsec, MS-SSTP, L2TPv3, and EtherIP — ensuring interoperability with virtually any VPN client, including built-in clients on Windows, Mac, iOS, and Android.

Key Capabilities

Firewall resistance: SSL-VPN over HTTPS penetrates NATs and firewalls; VPN over ICMP and VPN over DNS work in extremely restrictive environments.
High performance: 1Gbps-class throughput with low memory/CPU usage and parallel TCP optimization.
Strong security: AES 256-bit and RSA 4096-bit encryption, TLS 1.3, RADIUS/NT Domain/AD authentication, and X.509 certificate support.
Cross-platform: Server runs on Windows, Linux, FreeBSD, Solaris, and Mac. Clients for Windows, Linux, Mac, iOS, and Android.
OpenVPN clone function: Legacy OpenVPN clients connect directly for smooth migration.
Dynamic DNS & NAT-traversal: No static IP required; servers work behind NAT without port forwarding.

Use Cases

Remote-access VPN, site-to-site LAN bridging, cloud VPN integration (AWS, Azure), and network testing/simulation with built-in QoS controls.

Highlights

Pros

Free and open-source software under Apache License 2.0, developed at the University of Tsukuba, with full source code publicly available on GitHub for transparency and community auditing.
Supports six major VPN protocols — SSL-VPN, OpenVPN, L2TP/IPsec, MS-SSTP, L2TPv3, and EtherIP — all in a single VPN server, plus an OpenVPN clone function for legacy client compatibility.
SSL-VPN over HTTPS passes undetected through deep-packet inspection firewalls, and built-in NAT traversal eliminates the need to open ports or configure firewalls on the server-side network.
High-performance architecture delivers 1Gbps-class throughput with low memory and CPU usage, using parallel TCP optimization; academic testing showed throughput 13 times faster than OpenVPN.
VPN over ICMP and VPN over DNS features enable tunnel connectivity even on networks that block all TCP/UDP traffic and only permit ping or DNS queries.
Server runs on Windows, Linux, FreeBSD, Solaris, and macOS, while clients support Windows, Linux, macOS, Android, and iOS — all manageable via GUI tools or a command-line utility.

Cons

Lacks built-in privacy extras such as ad blocking, tracker blocking, or an automatic kill switch — these must be implemented separately by the administrator.
The VPN Gate community server network offers no quality or security guarantees — volunteer-hosted servers can vary wildly in reliability and trustworthiness.
Setup and configuration are complex and geared toward IT professionals, with no guided wizard or one-click deployment for non-technical users.
Self-hosted only — users must set up and maintain their own VPN server infrastructure, requiring technical expertise and a dedicated machine, unlike turnkey VPN services.
No dedicated SoftEther VPN client app for iOS or Android — mobile users must connect via the operating system's built-in L2TP/IPsec client, losing advanced features.
No dedicated customer support — help is limited to community forums and documentation, with no paid support plans, live chat, or phone assistance available.