Public | Automated Build

Last pushed: a year ago
Short Description
Full Description


Thanks to


$ docker pull chenhw2/softethervpn

$ sysctl -w net.ipv4.ip_forward=1
$ docker run -d --cap-add NET_ADMIN --device=/dev/net/tun \
    --env-file /etc/vpn.env -p 500:500/udp -p 4500:4500/udp \
    -p 1701:1701/tcp -p 1701:1701/udp -p 5555:5555/tcp \

Mix and match published ports:

  • -p 500:500/udp -p 4500:4500/udp -p 1701:1701/tcp for L2TP/IPSec
  • -p 1194:1194/udp for OpenVPN.
  • -p 443:443/tcp for OpenVPN over HTTPS.
  • -p 5555:5555/tcp for SoftEther VPN (recommended by vendor).
  • -p 992:992/tcp is also available as alternative.


All optional:

  • -e PSK: Pre-Shared Key (PSK), if not set: "notasecret" (without quotes) by default.
  • -e USERS: Multiple usernames and passwords may be set with the following pattern: username:password;user2:pass2;user3:pass3. Username and passwords are separated by :. Each pair of username:password should be separated by ;. If not set a single user account with a random username ("user[nnnn]") and a random weak password is created.
  • -e SPW: Server management password. :warning:
  • -e HPW: "DEFAULT" hub management password. :warning:

Examples (assuming bash; note the double-quotes " and backticks `):

  • -e CERT="`cat server.crt`" -e KEY="`cat server.key`"
  • -e CERT="MIIDp..b9xA=" -e KEY="MIIEv..x/A=="
  • --env-file /path/to/envlist

env-file template can be generated by:

docker run --rm siomiz/softethervpn gencert > /path/to/envlist

The output will have CERT and KEY already filled in. Modify PSK/USERS.

Docker Pull Command
Source Repository