This script provides a solution for setting up L2TP/OpenVPN/SSTP server via "SoftEther" and tunnel via "Rathole+Tun2socks+Xray" in restricted locations (e.g., Iran, China).
- L2TP
- L2TP/IPSec
- OpenVPN
- SSTP
- Radius (For Advanced Account Management)
We need two servers: one for incoming L2TP/OpenVPN/SSTP connections and SoftEther to deploy and the other as the endpoint of our connection. The first server (Tunnel Server) will be considered a server with no limit on incoming L2TP/OpenVPN/SSTP traffic, unlike the Edge Server, which we cannot connect to directly.
The Edge Server establishes the first connection to the Tunnel Server in reverse tunnel(rathole) via a VLESS + WebSocket (WS) configuration from Xray-core, exposing a SOCKS5 proxy on the Tunnel Server. We then use tun2socks to route traffic from the SOCKS5 proxy into a virtual interface.
Finally, we use Policy-Based Routing (PBR) to route SoftEther incoming connections to the tun2socks interface.
🔹USDT-TRC20: TEUsjU22rAb3TZNaecEBJAhZXQsFZYU7vv
🔹TRX: TEUsjU22rAb3TZNaecEBJAhZXQsFZYU7vv
🔹LTC: LS7rJ6nMWwgw9FWpMjSnYa1bAPdzK7bJLM
🔹BTC: 1D4cSHY95FoHExSicKYmjeVzdLLxhjTTqs
🔹ETH: 0x03fde84612e0d572db7a18efeeec590ad3fa5dfb
https://www.youtube.com/watch?v=TbIPd9ni1PU
sh -c "$(wget https://raw.githubusercontent.com/Sir-MmD/RTX-VPN/v2/rtxvpn_v2.sh -O -)"This script can be run on all Debian-based distributions that use systemd
The OpenVPN client configuration file provided by SoftEther uses an outdated cipher. To fix this issue, please add the following line below cipher AES-128-CBC in your configuration file:
data-ciphers AES-128-CBC:AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305Additionally, it is recommended to replace remote address with your actual IP or personal domain
- Disable DDNS:
declare DDnsClient: bool Disabled true - Disable WebUI:
bool DisableJsonRpcWebApi true - Remove Unnecessary Ports
This script uses 'VLESS + WS' as the default connection for Xray-core. You can configure your desired settings in /opt/rtxvpn_v2/edge/edge.json for the Edge Server and /opt/rtxvpn_v2/tunnel/tunnel.json for the Tunnel Server
You can also modify the Rathole configuration in /opt/rtxvpn_v2/edge/edge.toml for the Edge Server and /opt/rtxvpn_v2/tunnel/tunnel.toml for the Tunnel Server."
RTX-VPN (Rathole + Xray): rtxvpn.service
RTX-VPN (Rathole + Tun2socks + Xray + PBR): rtxvpn.service
SoftEther: softether.service
Dnsmasq: dnsmasq.service
SoftEther: https://www.softether.org
Rathole: https://github.com/rapiz1/rathole
Tun2socks: https://github.com/bedefaced/vpn-install
Xray-Core: https://github.com/XTLS/Xray-core