Search found 202 matches

by qupfer
Tue Aug 14, 2018 12:48 pm
Forum: SoftEther VPN General Discussion
Topic: Autostart VPN server at server reboot on Debian 8
Replies: 5
Views: 1765

Re: Autostart VPN server at server reboot on Debian 8

Debian 8 includes systemd? If yes, you should create a service file and enable it: qupfer@vpn ~ % cat /etc/systemd/system/vpn.service [Unit] Description=SoftEther VPN Server daemon After=network.target [Service] Type=forking ExecStart=/usr/local/bin/vpnserver start ExecStop=/usr/local/bin/vpnserver ...
by qupfer
Fri Aug 10, 2018 2:06 pm
Forum: SoftEther VPN General Discussion
Topic: Linux Client Configuration
Replies: 2
Views: 141

Re: Linux Client Configuration

I set vpnclient to auto-connect and use this bash script qupfer@yogaarch ~ % cat vpnstart.sh #!/bin/bash sudo vpnclient start sleep 1 sudo dhcpcd -B -G -C resolv.conf vpn_vpn #stops with ctrl+c sudo vpnclient stop Other solution should be to add a static route to your vpn-server. I think your proble...
by qupfer
Thu Jun 07, 2018 6:06 am
Forum: SoftEther VPN General Discussion
Topic: Site to Site VPN using Layer-3 switch issues
Replies: 10
Views: 840

Re: Site to Site VPN using Layer-3 switch issues

Retinaquester2 wrote: > Why is all the IP data stripped/missing? > ClientIP=0.0.0.0 YourIP=0.0.0.0 ServerIP=0.0.0.0 RelayIP=0.0.0.0,- Its not stripped/missing. Its just a DHCP Request, there is no assigned IP yet. So its Broadcast. I would think, you just miss the Routing entries in your local Gatew...
by qupfer
Tue Jun 05, 2018 6:49 am
Forum: SoftEther VPN General Discussion
Topic: Trouble seeing server folders
Replies: 3
Views: 436

Re: Trouble seeing server folders

This is not directly a VPN problem. As you can see, your virtual VPN interface has a IP address starting with 169.254, that means its a automatic generated IP (see https://en.wikipedia.org/wiki/Zero-configuration_networking). So you have to "fix" the IP settings on your client. You could set the IP ...
by qupfer
Tue Jun 05, 2018 6:37 am
Forum: SoftEther VPN General Discussion
Topic: Use 3-party SSL cert with SoftEther VPN server?
Replies: 6
Views: 554

Re: Use 3-party SSL cert with SoftEther VPN server?

I don't get, what your real problem/question is. You can import and use your comodo certficate via Cert Import function (see attached screenshot). But I think, this was also said in the last topic. After that, your server authenticates itself by this imported certificate and your clients can be sure...
by qupfer
Mon Jun 04, 2018 9:33 am
Forum: SoftEther VPN General Discussion
Topic: add my own ssl cert?
Replies: 3
Views: 489

Re: add my own ssl cert?

I use this command:

/home/qupfer/vpnserver/vpncmd localhost:5555 /SERVER /PASSWORD='mySecretPassword' /CMD ServerCertSet /LOADCERT:/Path/to/cert.cer /LOADKEY:/path/to//cert.key
by qupfer
Wed May 16, 2018 1:21 pm
Forum: SoftEther VPN General Discussion
Topic: Sharing a Port with SoftEther and a Web Server
Replies: 2
Views: 608

Re: Sharing a Port with SoftEther and a Web Server

On a linux system, you can try protocol multiplexer like "sslh". https://github.com/yrutschle/sslh For example, I have the domain mydomain.de, and the subdomain vpn.mydomain.de (which is just a CNMAE for mydomain.de) My sslh.cfg looks like: --- # Default Arch configuration # You can find more exampl...
by qupfer
Wed Feb 28, 2018 8:09 am
Forum: SoftEther VPN General Discussion
Topic: VPN Clients Can't Connect to Server when in VPN
Replies: 8
Views: 12758

Re: VPN Clients Can't Connect to Server when in VPN

Bind the vpn to a virtual interfact (tap_soft) and then use bridge utils and your network-configuration tool (like systemd-networkd) to create a bridge between the vpn/tap device and the physical device.
by qupfer
Thu Jan 18, 2018 6:48 pm
Forum: SoftEther VPN General Discussion
Topic: Setting up Azure with an FQDN
Replies: 4
Views: 1387

Re: Setting up Azure with an FQDN

PAP would be secured through the outer SSTP layer.
by qupfer
Wed Jan 17, 2018 8:12 pm
Forum: SoftEther VPN General Discussion
Topic: VPN Client connecting, ping working but browser not.
Replies: 4
Views: 1515

Re: VPN Client connecting, ping working but browser not.

Do you have any proxy configuration in your browser?
Tried you the private tab mode (to avoid some caching problems)?
You are sure, that hide.me is compatible with the SoftEther client? Or why not just using the official app (or the working SSTP?)
by qupfer
Wed Jan 17, 2018 7:49 pm
Forum: SoftEther VPN General Discussion
Topic: ip neigh -> fe80::2ae:ebff:fe00:aeeb dev vpn_vpn FAILED
Replies: 2
Views: 881

Re: ip neigh -> fe80::2ae:ebff:fe00:aeeb dev vpn_vpn FAILED

Your post is not very informatively. I even didn't know what your problem is? The fe80 Address? It's a self-assigned LinkLocal IPv6-Address. Absolute normally in IPv6 environments. If you want to "fix that" disable IPv6. But I would guess, your problem is that you are unable to setup your Ubuntu 14....
by qupfer
Mon Jan 15, 2018 8:23 am
Forum: SoftEther VPN General Discussion
Topic: Help setting up home VPN server
Replies: 1
Views: 909

Re: Help setting up home VPN server

[quote=LeoBloom post_id=67297 time=1515984656 user_id=18377] • I don’t like to DMZ to a computer (was just using this to test). Should I forward the default ports (and which ones would these be)? Should I forward the TCP (443, 992, etc…) or UDP (500, 4500)? Is there any security advantage to connect...
by qupfer
Sun Jan 07, 2018 10:15 pm
Forum: SoftEther VPN General Discussion
Topic: start VPNserver on reboot
Replies: 10
Views: 2578

Re: start VPNserver on reboot

Never used the Windows Server, but i would just create a planed task at startup.
Win+R --> Taskschd.msc
by qupfer
Thu Jan 04, 2018 10:06 pm
Forum: SoftEther VPN General Discussion
Topic: SITE TO SITE trouble
Replies: 5
Views: 1348

Re: SITE TO SITE trouble

If you want Help, you should give more informations, Like networkplan, server and client configuration and all Others possible usefull informations.
by qupfer
Thu Jan 04, 2018 2:45 pm
Forum: SoftEther VPN General Discussion
Topic: Installing SoftEther VPN on Linux Mint
Replies: 2
Views: 1488

Re: Installing SoftEther VPN on Linux Mint

Don't mix up vpngate and SoftEther VPN....they are different projects. If you want to use vpngate (free proxy) you dont need the SoftEther VPN software.
Also the linux version does not include a GUI, just commandline tools.
by qupfer
Thu Jan 04, 2018 2:38 pm
Forum: SoftEther VPN General Discussion
Topic: Problem installing on Debian 9
Replies: 3
Views: 2281

Re: Problem installing on Debian 9

sudo -s
apt-get update
apt-get install build-essential libreadline-dev libssl-dev libncurses-dev zlib1g-dev git
git clone https://github.com/SoftEtherVPN/SoftEtherVPN.git

cd SoftEtherVPN # :-)

./configure
make
make install
vpnserver start
by qupfer
Tue Jan 02, 2018 9:35 am
Forum: SoftEther VPN General Discussion
Topic: Problem installing on Debian 9
Replies: 3
Views: 2281

Re: Problem installing on Debian 9

If you take a look in the version history (https://www.softether.org/5-download/history) you will see, that since mid october 2017 the code is compatible with Openssl 1.1. So you should not change the Network.c file. (the sed command) Tested on a new debian9 vm as root: apt-get update apt-get instal...
by qupfer
Wed Jul 05, 2017 2:39 pm
Forum: SoftEther VPN General Discussion
Topic: Compiling on Arch Linux (switch back to openssl 1.0)
Replies: 1
Views: 2123

Compiling on Arch Linux (switch back to openssl 1.0)

I'm trying to compile SoftEther on an archlinux system. The default openssl version of arch is openssl1.1, but as far as i know, SoftEther needs openssl1.0. So I installed additional the openss1.0 package, where are the header files in: /usr/include/openssl-1.0/openssl/ and the libs: /usr/lib/openss...
by qupfer
Tue Apr 11, 2017 6:47 am
Forum: SoftEther VPN General Discussion
Topic: pushing WINS server address(es) to openvpn client
Replies: 5
Views: 3263

Re: pushing WINS server address(es) to openvpn client

Do you use the layer2 ovpn configuration for your clients?
by qupfer
Mon Apr 10, 2017 7:51 am
Forum: SoftEther VPN General Discussion
Topic: Dynamic DNS using my own domain name
Replies: 3
Views: 2272

Re: Dynamic DNS using my own domain name

Sure you can use your own domain.

a) just create a cname record with your vpn.domain refer to the abcd.softether.net domain.
by qupfer
Sat Oct 22, 2016 5:02 pm
Forum: SoftEther VPN General Discussion
Topic: this is the slowest VPN I have ever seen
Replies: 2
Views: 2143

Re: this is the slowest VPN I have ever seen

Ricci66 wrote:
> This VPN is the slowest I have ever seen.

Do you speak about the public "vpngate" service?
In this case....you are not the only user....100 Users with 5 MBit/s --> 2 x 500 MBit/s --> 1 GBit/s
So you can pay for a commercial service or be happy with 5 MBit/s
by qupfer
Mon Aug 29, 2016 5:36 pm
Forum: SoftEther VPN General Discussion
Topic: softether client android
Replies: 4
Views: 3625

Re: softether client android

SSTP use TCP at Port 443. So you could try to use OpenVPN in TCP-Mode at Port 443. Let the Windows-GUI create a example-config and eidt the hostname_openvpn_remote_access_l3.ovpn Replace "proto udp" with "proto tcp" and "remote hostname 1194" with "remote hostname 443" EDIT: Okay, I thought SSTP wor...
by qupfer
Mon Aug 15, 2016 6:36 pm
Forum: SoftEther VPN General Discussion
Topic: When SoftEther drops connection, how to prevent Win10 from..
Replies: 3
Views: 3743

Re: When SoftEther drops connection, how to prevent Win10 fr

Just a few thoughts...not tested! I think the easiest way would be to make your "real" network unusable. You may use the windows firewall and block the nework 0.0.0.0/0 for your physical interface and create a second rule (with higher priority) that allow only the connection to your vpn server. You ...
by qupfer
Sat Jun 25, 2016 12:42 pm
Forum: SoftEther VPN General Discussion
Topic: Why in the WORLD does it say connected when ip NOT assigned
Replies: 22
Views: 24176

Re: Why in the WORLD does it say connected when ip NOT assig

No ideas, but an (inaccurate) explanation. Softether comes from Software-Ethernet. And if you take a look in the OSI Model (https://en.wikipedia.org/wiki/OSI_model) you will see, that Ethernet is "Layer-2" but IPs exist only in Layer-3. Or simple sad. The message, that you are connected, is correct ...
by qupfer
Fri May 13, 2016 6:00 pm
Forum: SoftEther VPN General Discussion
Topic: Startup Script for vpnserver on Ubuntu 16.04
Replies: 2
Views: 4927

Re: Startup Script for vpnserver on Ubuntu 16.04

I use a "quick & dirty" systemd service. (to activate: "sudo systemctl enable vpn" to start once: "sudo systemctl start vpn") qupfer@vpnpi:~ $ cat /etc/systemd/system/vpn.service [Unit] Description=SoftEther VPN Server daemon After=network.target [Service] Type=forking ExecStart=/usr/bin/vpnserver s...
by qupfer
Sun May 08, 2016 6:11 pm
Forum: SoftEther VPN General Discussion
Topic: How do I upgrade linux vpn server from tar?
Replies: 3
Views: 4810

Re: How do I upgrade linux vpn server from tar?

if you installed via "make install" you can just download new tar, run configure, make and make install again.
The install script does not touch the configuration file. So if this exist, its still exist after the re-install and will be used.
by qupfer
Sat Mar 05, 2016 10:46 am
Forum: SoftEther VPN General Discussion
Topic: Prevent internet traffic from passing through VPN
Replies: 11
Views: 13802

Re: Prevent internet traffic from passing through VPN

baldowl wrote: > Just wondering... > > Is there no way of customizing the routes via some sort of config file? SofEther is a Layer2 VPN (like openvpn in tap-mode). You can imagine it like a virtual wire between two virtual interfaces. Thats all. And now you have to configure it, like you have two "r...
by qupfer
Sat Mar 05, 2016 10:39 am
Forum: SoftEther VPN General Discussion
Topic: Problem with routing
Replies: 3
Views: 4444

Re: Problem with routing

Tomek wrote: > I had in Dnsmasq setting - dhcp-option=option:router > But I'm still not sure why it works this way. With "-dhcp-option=option:router" you say your DHCP Client, that the default gateway is "empty" or in other words: no gateway. Nothing is going throug vpn as long no special route exis...
by qupfer
Wed Mar 02, 2016 6:34 pm
Forum: SoftEther VPN General Discussion
Topic: Problem with routing
Replies: 3
Views: 4444

Re: Problem with routing

Tomek wrote: > I need make possible for clients to add their own routes in addition > to default routes from Dnsmasq I know, not a nice answer but; Just do it, its possible. If this doesn't work, I would say you have a problem in your network setup...not direct related to softether. But if you want ...
by qupfer
Sun Feb 07, 2016 9:29 pm
Forum: SoftEther VPN General Discussion
Topic: Site to Site tunnel with Cisco VPN
Replies: 1
Views: 3186

Re: Site to Site tunnel with Cisco VPN

MkTNa wrote: > How should I setup my softether server so that it would replace the netgear vpn transparently > (without further modification on infrastructure) ? You should install strongSwan :-) SoftEther use and can only L2TP/IPsec (its a Layer2 VPN). You use "direct" IPsec (its a Layer3 VPN). You...
by qupfer
Sun Feb 07, 2016 9:22 pm
Forum: SoftEther VPN General Discussion
Topic: Prevent internet traffic from passing through VPN
Replies: 11
Views: 13802

Re: Prevent internet traffic from passing through VPN

On windows
route /?

On linux:
man ip
---

remove default route
add route for lan B
add new default route


Or disable DHCP and set IP manual without a gateway
by qupfer
Sun Feb 07, 2016 9:15 pm
Forum: SoftEther VPN General Discussion
Topic: Connect to a SoftEtherVPN using a Windows connection.
Replies: 1
Views: 2855

Re: Connect to a SoftEtherVPN using a Windows connection.

Yes you can, but there are some pitfalls :-)

You have to "correct" the vpn-type from automatic to SSTP (or IPsec/L2TP).
The used Server-Certificate must match the used domain and also be trusted on client...
by qupfer
Sun Feb 07, 2016 9:08 pm
Forum: SoftEther VPN General Discussion
Topic: L2TP/IPSec on Systems with Shared IP Only
Replies: 4
Views: 7029

Re: L2TP/IPSec on Systems with Shared IP Only

501ari5 wrote: > Umm... Hope the support for L2TP/IPSec on shared IP environment could be accomplished > eventually. I would say no chance or it would be a "new" kind of VPN. IPsec doesn't like NAT in so many ways. You could try on a (linux) client with iptables to re-write the destination address f...
by qupfer
Tue Dec 29, 2015 9:52 pm
Forum: SoftEther VPN General Discussion
Topic: Use DHCP allocation for VPN client but hide from LAN
Replies: 19
Views: 30527

Re: Use DHCP allocation for VPN client but hide from LAN

in this case, i would: - install a linux server ;-) - bridge vpn-hub to phys. device *1 - use iptables on "eth0" to block dhcp reply (dhcpoffer/dhcpnak) packages from "your" dhcp (on windows, use windows firewall or somethin similar. DHCP reply packets have destination port 68 and source port 67.) -...
by qupfer
Tue Dec 29, 2015 4:09 pm
Forum: SoftEther VPN General Discussion
Topic: Use DHCP allocation for VPN client but hide from LAN
Replies: 19
Views: 30527

Re: Use DHCP allocation for VPN client but hide from LAN

Yeah....i'm not sure I understand your problem correctly, but just some comments :-) I would recommend you switch first to linux, because even if you find a nice solution, you will get this problems again. It's related to the kind of VPN that softether creates. Its a virtual Layer-2 ("Ethernet") con...
by qupfer
Mon Dec 21, 2015 9:08 am
Forum: SoftEther VPN General Discussion
Topic: Ban VPN-Gate IPs on my server
Replies: 4
Views: 7789

Re: Ban VPN-Gate IPs on my server

http://www.vpngate.net/api/iphone/

Edit: a quick and (very) dirty python-script for extracting the IPs.
It create a "ips.txt" file, just containing the IPs (one per line)
http://pastebin.com/j0qckVHj
by qupfer
Sun Dec 20, 2015 10:56 pm
Forum: SoftEther VPN General Discussion
Topic: Routing of non VPN traffic - a solution
Replies: 3
Views: 4482

Re: Routing of non VPN traffic - a solution

This may be a "solution" but a more elegant one is a proper configuration of the used dhcp server.

It should serve a
- empty "DHCP Option 3" (--> no default Gateway --> nothing goes over vpn by default)
- correct route via "DHCP Option 121" (--> only this routed traffic goes through vpn)
by qupfer
Sat Dec 19, 2015 9:36 am
Forum: SoftEther VPN General Discussion
Topic: Only softether client software can connect to server
Replies: 13
Views: 13327

Re: Only softether client software can connect to server

Petrol wrote: > Hello, > > For the L2TP protocol to work (the built in windows, IOS, android clients), > you also need to open the UDP port 1701. No, its not. 1701 is for L2TP. But the "L2TP-Traffic" is encapsulated in IPSec. Just UDP 500 and UDP 4500 is needed. Can you post your ovpn-config file? A...
by qupfer
Sat Dec 19, 2015 9:23 am
Forum: SoftEther VPN General Discussion
Topic: Unavailability of RADIUS Authentication
Replies: 3
Views: 4590

Re: Unavailability of RADIUS Authentication

maybe your vpnsmgr is 4.19, but not your server itself?
Please check server version
https://usa.07q.de/version.png
by qupfer
Sat Dec 19, 2015 9:17 am
Forum: SoftEther VPN General Discussion
Topic: vpncmd on linux
Replies: 3
Views: 6578

Re: vpncmd on linux

did you try to set your path in quotation marks ("")?
by qupfer
Wed Dec 16, 2015 11:41 pm
Forum: SoftEther VPN General Discussion
Topic: replacing SecureNAT with local bridge?
Replies: 13
Views: 14791

Re: replacing SecureNAT with local bridge?

please post the output of
"cat /proc/sys/net/ipv4/ip_forward"
and
"sudo iptables -t nat -L -v"

That you get an IP from dnsmasq is good sing, because that mean your VPN itself is working.
by qupfer
Tue Dec 15, 2015 6:23 pm
Forum: SoftEther VPN General Discussion
Topic: replacing SecureNAT with local bridge?
Replies: 13
Views: 14791

Re: replacing SecureNAT with local bridge?

xodc wrote: > I have seen online guides with references to a "tap device", and was beginning to > suspect that its absence in my configuration was to blame. The TAP-Device is easy to create :-) https://usa.07q.de/tap.png For enabling NAT, maybe this helps (I just forget the link in my first answer^^...
by qupfer
Tue Dec 15, 2015 1:42 pm
Forum: SoftEther VPN General Discussion
Topic: replacing SecureNAT with local bridge?
Replies: 13
Views: 14791

Re: replacing SecureNAT with local bridge?

Softether is a so called "Layer-2-VPN" protocoll (Layer2 is for example Ethernet). If you "bridge direct to your server NIC", its like you put a cable between your vpn-client and the (virtual) switchport of your server. I would say, amazon did not like that. From the view of amazon, its a bit like y...
by qupfer
Thu Oct 22, 2015 7:59 pm
Forum: SoftEther VPN General Discussion
Topic: Use VPN only for Internet access and not LANs
Replies: 4
Views: 3705

Re: Use VPN only for Internet access and not LANs

slym wrote:

> Is there a way to do that without changing managing manually the routes ?

Short Answer: No

Long Answer: No, but maybe you could use instead of VirtuaNAT a "bridge" and a own DHCP server, which is serving correct routes.
by qupfer
Mon Oct 05, 2015 4:21 pm
Forum: SoftEther VPN General Discussion
Topic: Autoconfigure IP on SoftEther server Linux tap device
Replies: 8
Views: 7958

Re: Autoconfigure IP on SoftEther server Linux tap device

if just access to the vpn-server itsel is needed, I think this sould be enough: ==> /etc/systemd/network/eth0.network <== [Match] Name=eth0 [Network] DHCP=yes ==> /etc/systemd/network/tap.network <== [Match] Name=tap_soft [Network] Address=10.10.10.100/16 Gateway=10.10.10.10 DNS=10.10.10.10 If confi...
by qupfer
Mon Oct 05, 2015 10:14 am
Forum: SoftEther VPN General Discussion
Topic: Use SoftEther VPN as Site to Site IP Sec Initiator
Replies: 3
Views: 4033

Re: Use SoftEther VPN as Site to Site IP Sec Initiator

Hi,

no, this will not work.
Softether use L2TP/IPsec with IKEv1. (Layer2 Tunnel, secured with IPsec)
gateprotect use "direct" IPsec (Layer3).
by qupfer
Sun Oct 04, 2015 4:53 pm
Forum: SoftEther VPN General Discussion
Topic: Autoconfigure IP on SoftEther server Linux tap device
Replies: 8
Views: 7958

Re: Autoconfigure IP on SoftEther server Linux tap device

you just need follow your linux distribution manual. I mean how should anybody help, if you nearly tell nothinh -.- I have a "double bridge" ("softether" bridged to "tap" and tap bridged to "eth0") and running debian jessie (any other systemd enabled linux should work in a similar way) qupfer@rpi7 /...
by qupfer
Fri Jul 31, 2015 7:57 pm
Forum: SoftEther VPN General Discussion
Topic: openvpn support
Replies: 4
Views: 4604

Re: openvpn support

Maybe I'm blind, but I can't see anything thats refer to OpenVPN 1.3.

Or do you mean: OPENVPN_L3??? I pretty sure, this stands for OpenVPN Layer 3 Mode (aka TUN Mode).
by qupfer
Sun Jul 19, 2015 4:58 pm
Forum: SoftEther VPN General Discussion
Topic: Slow speed compared to Openvpn
Replies: 2
Views: 3998

Re: Slow speed compared to Openvpn

you are sure, that your OpenVPN traffic was routed through the VPN-Server? Because 50 mbps looks high for OpenVPN on a VPS. But obviously, I don't know your VPS specs.

And please post something about your used Configs.
by qupfer
Mon Jul 06, 2015 4:43 pm
Forum: SoftEther VPN General Discussion
Topic: VPN Android (Unsuccessful)
Replies: 7
Views: 13670

Re: VPN Android (Unsuccessful)

I have a Sony Xperia Z3 (Android Lollipop) and L2TP/IPsec and OpenVPN works as expected. So I think you have still a configuration error your client is behind a restricted firewall (blocking IPsec). Did you forward Port 500 and 4500 as UDP or TCP? (UDP is needed). Did have "Client-Network" and "Home...
by qupfer
Sun Jun 28, 2015 6:59 pm
Forum: SoftEther VPN General Discussion
Topic: Client Source
Replies: 3
Views: 4168

Re: Client Source

by qupfer
Sat Jun 27, 2015 6:37 pm
Forum: SoftEther VPN General Discussion
Topic: "showallinterfaces" not in options
Replies: 1
Views: 4134

Re: "showallinterfaces" not in options

ifconfig is depreceated, please use "ip" ('ip a' in your case) And i think the "error message" is pretty clear. "No physical network adapters[...]" I can see only virtual network adapters. Probably possible, you can bridge to a TAP-Device and bridge it to your venet0 or using NAT (maybe helpful: htt...
by qupfer
Fri Jun 19, 2015 8:42 am
Forum: SoftEther VPN General Discussion
Topic: Fritzbox connecting to Softether IPsec
Replies: 3
Views: 6638

Re: Fritzbox connecting to Softether IPsec

einmalacht wrote: > I think i need L2TP with Xauth ... is Softether able to use Xauth ? You think wrong ;-) L2TP/IPsec with Xauth is supported by SoftEther but not by FritzBox. AVM use only "direct" IPsec, without L2TP. So, with the offical firmware, you can't use a FritzBox as Client (or server) fo...
by qupfer
Thu May 07, 2015 4:56 pm
Forum: SoftEther VPN General Discussion
Topic: SoftEther VPN on my Nas
Replies: 15
Views: 22496

Re: SoftEther VPN on my Nas

texas_72 wrote: > With Softether server started: > http: //192.x.x.x/zm/ -> not found > http://192.xxx/serviio/console/ -> not found > any ideas? > > thanks First: "Hiding" IPs from the private range (like 192.168.0.0/16, 10.0.0.0/8 or 172.16.0.0/12) is not helping and unnecessary. So "we" must gues...
by qupfer
Thu May 07, 2015 4:42 pm
Forum: SoftEther VPN General Discussion
Topic: Can't get OpenVPN to work- certificate error
Replies: 3
Views: 3667

Re: Can't get OpenVPN to work- certificate error

Did you change your cert in SoftEther? If yes, you have to re-generate your openvpn "example" config.
by qupfer
Sun May 03, 2015 9:49 pm
Forum: SoftEther VPN General Discussion
Topic: Can't connect server manager after rebooting server
Replies: 6
Views: 5481

Re: Can't connect server manager after rebooting server

Just copy the "byte HashedPassword XXXXXXXXXXXXXXXXX" value from your new config to your old one, and replace the new with the old. Now you should have your old config with your new (well known) password.
by qupfer
Thu Apr 23, 2015 9:04 pm
Forum: SoftEther VPN General Discussion
Topic: SoftEther on Windows Server - Static IP?
Replies: 10
Views: 10228

Re: SoftEther on Windows Server - Static IP?

vix wrote: > oh wow wish it had that, would make it so much easier SoftEther is a "Layer2" VPN, so its just a virtual "cable". IPs and so on are not Part of the VPN. Just some additional "compfort" function for the software. So the best way is to useSoftEther vpn just like a "cable" and do all other...
by qupfer
Thu Apr 23, 2015 8:48 pm
Forum: SoftEther VPN General Discussion
Topic: Softether VPN Server and OpenElec OpenVPN client
Replies: 1
Views: 3413

Re: Softether VPN Server and OpenElec OpenVPN client

You can try to combine all "certs" and the config in one *.ovpn File. Just Copy & Paste the certs to the config-file.
by qupfer
Thu Apr 16, 2015 7:07 pm
Forum: SoftEther VPN General Discussion
Topic: Low speed issue in one direction using Bridge
Replies: 4
Views: 6053

Re: Low speed issue in one direction using Bridge

ixlabs wrote: > Well, there is a difference of x 20 times S-L-O-W-E-R > Now, in your opinion: this is the normal behavior? No, but what want you hear? That SoftEther is crap? It isn't. But with your given informations, nobody can really help you. You have to be exactly as possible. Which subnet do y...
by qupfer
Thu Apr 16, 2015 5:59 pm
Forum: SoftEther VPN General Discussion
Topic: PC-to-LAN connection ok, but can't ping VPN server
Replies: 8
Views: 28569

Re: PC-to-LAN connection ok, but can't ping VPN server

on windows, you could "brigde" directly. on linux, you have no other change than a "double" bridge if you want the same subnet. SoftEther-Hub <-Bridge-> tap_soft <-Bridge-> eth0. I would try it first "step by step". get a "life insurance", like - shutdown -r 30 (reboot in 30 minutes....just in cause...
by qupfer
Thu Apr 16, 2015 5:30 pm
Forum: SoftEther VPN General Discussion
Topic: Low speed issue in one direction using Bridge
Replies: 4
Views: 6053

Re: Low speed issue in one direction using Bridge

ixlabs wrote: > I dont wat to imagine what should happen if someone tries to provide more than "casual" > vpn connections with this software and it turns no one offer any kind of clue, idea > or support. If someone tries to provide more than "casual", he read the documentation and know, what SecureN...
by qupfer
Wed Apr 15, 2015 6:01 pm
Forum: SoftEther VPN General Discussion
Topic: not workin "no adjustment of rroute table"
Replies: 4
Views: 4282

Re: not workin "no adjustment of rroute table"

Its not the SoftEther Client that will change your routes. It's Windows (or whatever you use) ;-) SoftEther creates a so called "Layer 2" vpn, which mean its a virtual LAN-Cable and Device. If you are conected, it looks for Windows (or other) like you have pluged in a new cable. And windows run a dh...
by qupfer
Wed Apr 15, 2015 5:30 pm
Forum: SoftEther VPN General Discussion
Topic: Softether VPN source code in Android
Replies: 2
Views: 3038

Re: Softether VPN source code in Android

or the internal ipsec implementation....the advertisement image was not created for no reason ;-)
https://www.softether.org/@api/deki/files/4/=1.2.jpg
by qupfer
Wed Apr 15, 2015 5:25 pm
Forum: SoftEther VPN General Discussion
Topic: PC-to-LAN connection ok, but can't ping VPN server
Replies: 8
Views: 28569

Re: PC-to-LAN connection ok, but can't ping VPN server

RTFM! (3.6.11) https://www.softether.org/4-docs/1-manual/3._SoftEther_VPN_Server_Manual/3.6_Local_Bridges If you want to reach your "server" through the VPN, you need either two real network-interfaces or you bridge to a virtual tap-device. If you are using a tap device, you need further steps to ac...
by qupfer
Wed Apr 15, 2015 4:28 pm
Forum: SoftEther VPN General Discussion
Topic: VPN Server Manager for Linux?
Replies: 5
Views: 5009

Re: VPN Server Manager for Linux?

brianmullan wrote: > Over 80% of ALL Cloud Servers are linux and that has been growing. Is the Server > Manager open source so developers could take a look at porting it to linux? 99,9% of ALL Linux Servers doesn't run a graphical interface and most admins prefer a scriptable commandline-toll instea...
by qupfer
Fri Mar 06, 2015 9:46 am
Forum: SoftEther VPN General Discussion
Topic: Access List problem
Replies: 4
Views: 4681

Re: Access List problem

Mhm0ud wrote: > Create access list on Hub to pass only to user1 to connect to file server > only with priority 900, and create access list to discard all connection to > any ip in internal network with priority 1000. > > --------------------------------------------------------------- > Update : > An...
by qupfer
Wed Feb 18, 2015 11:30 am
Forum: SoftEther VPN General Discussion
Topic: Softether VPN over CDN
Replies: 6
Views: 6729

Re: Softether VPN over CDN

You know what a VPN is? It's a (virtuell) connection between two points. Call them A and B. If you are connected to your server, you have a connection between A and B, like A <-----------> B. What happens, if you use a CDN. You have a third-party-"device" in your connection, like A<-----------> C <-...
by qupfer
Mon Feb 16, 2015 9:08 am
Forum: SoftEther VPN General Discussion
Topic: Can't ping clients from VPN Server
Replies: 3
Views: 5366

Re: Can't ping clients from VPN Server

Check your Windows Firewall settings. In the default settings, Windows doesn't response to Pings. Go to the advanced firewall settings, create a new inbound rule. Select "Custum rule", all Programs, Protocoll ICMPv4, go to ICMP-Settings and activate "Echorequest" (the correct english name may be a b...
by qupfer
Fri Feb 13, 2015 1:22 pm
Forum: SoftEther VPN General Discussion
Topic: Set Pre Shared Key (PSK) with vpncmd on Ubuntu
Replies: 2
Views: 6029

Re: Set Pre Shared Key (PSK) with vpncmd on Ubuntu

You have a thinking error ;) vpncmd is the configuration-tool for the SoftEther Client, which is only a Client for SoftEthers own VPN-Protocol (Ethernet over https). It doesn't use a PreShared key, so you can't set one. If you want to use IPsec, you need a IPsec Client. But you can use the SofEther-...
by qupfer
Tue Feb 10, 2015 3:26 pm
Forum: SoftEther VPN General Discussion
Topic: Windows Phone 8.1 L2TP/ipsec connection
Replies: 7
Views: 13741

Re: Windows Phone 8.1 L2TP/ipsec connection

Dazu einfach Server beenden und die Konfig abändern und ein "true" daraus machen:

declare DDnsClient
{
bool Disabled false --------> bool Disabled true


Was passiert, wenn du den Link vom Screenshot folgst (SSL-VPN im Appstore)?
by qupfer
Tue Feb 10, 2015 12:43 pm
Forum: SoftEther VPN General Discussion
Topic: Windows Phone 8.1 L2TP/ipsec connection
Replies: 7
Views: 13741

Re: Windows Phone 8.1 L2TP/ipsec connection

Because of your name and your router modell, I assume you are german? So I switch to it ;) ------------------------------------------------- Hi, für L2TP/IPsec werden die UDP-Ports 500 und 4500 benötigt. Diese müssen 1zu1 weitergeleitet werden. Also bei der Fritzbox den Port UDP 500 an den Windows 7...
by qupfer
Mon Feb 09, 2015 8:28 pm
Forum: SoftEther VPN General Discussion
Topic: Acces the VPN Server through VPN with only one eth-device?
Replies: 9
Views: 7874

Re: Acces the VPN Server through VPN with only one eth-devic

GreenUser wrote: > Have you been able to bridge the hub directly to eth0 AND have clients successfully > routed to the internet? Yes. On Windows with the offical Softetether client and just connect. On Linux I set a static route to the vpn server to avoid connection loss and then I run dhcpcd (or an...
by qupfer
Mon Feb 09, 2015 8:57 am
Forum: SoftEther VPN General Discussion
Topic: Acces the VPN Server through VPN with only one eth-device?
Replies: 9
Views: 7874

Re: Acces the VPN Server through VPN with only one eth-devic

GreenUser wrote: > Good luck, and if you find a way to do this, please let me know. A "double-bridge" will work, but its ugly. I mean bridge the vpn-hub to a tap device and then bridge the bridged-tap-device to eth0. I prefer to bridge the hub directly to eth0, but in this case, you can't reach the ...
by qupfer
Mon Feb 09, 2015 8:50 am
Forum: SoftEther VPN General Discussion
Topic: SoftEther Not Designed for Bridge Mode via TAP device
Replies: 2
Views: 3701

Re: SoftEther Not Designed for Bridge Mode via TAP device

Briding to tap works great, but If you don't like NAT, you have to set routing rules on BOTH sides of the network. And the performance loss should not be huge, if doing NAT by iptables.
by qupfer
Sun Feb 08, 2015 10:21 pm
Forum: SoftEther VPN General Discussion
Topic: Acces the VPN Server through VPN with only one eth-device?
Replies: 9
Views: 7874

Acces the VPN Server through VPN with only one eth-device?

Hi, I know that I can't reach the local vpn-server-IP through the VPN from a client, if I bridge the vpn-hub directly to eth0. But I seem to remember, that a workaround was something like create a additionaly tap-device and do some IP/routing commands and stuff like that. Can somebody give me these ...
by qupfer
Sun Jan 18, 2015 10:53 am
Forum: SoftEther VPN General Discussion
Topic: Selective Routing for VPN - Remote PC to LAN Configuration
Replies: 7
Views: 17877

Re: Selective Routing for VPN - Remote PC to LAN Configurati

maybe, you clould run a "dnsmasq" or alternaitve dhcp server on server-side, listen only on the bridge-deivce. (take a look at this tutorial, if you know what i mean^^ http://blog.lincoln.hk/blog/2013/05/17/softether-on-vps-using-local-bridge/ ) With the following modifications (for dnsmasq.conf), y...
by qupfer
Fri Dec 05, 2014 4:08 pm
Forum: SoftEther VPN General Discussion
Topic: VPN client creates default route - any way to disable it?
Replies: 16
Views: 30925

Re: VPN client creates default route - any way to disable it

mesa57 wrote: > The default route has nothing to do with DHCP servers. thats not completely true. Most DHCP-Servers send a default-gateway (dhcp-option 3) to the client --> client overrides I didn't read the other answers, but I will post my solution for this problem. Maybe its helpfull. My homentwo...
by qupfer
Fri Dec 05, 2014 3:40 pm
Forum: SoftEther VPN General Discussion
Topic: MS-SSTP connection
Replies: 4
Views: 6189

Re: MS-SSTP connection

I don't know. Maybe I'm wrong and its not possible :( I just find a way to disable the revocation check. http://support.microsoft.com/kb/947054/en-us But I would try to install the certificate. This post may help: http://www.vpnusers.com/viewtopic.php?f=7&t=2710&p=5580&hilit=mmc#p5580 But give atten...
by qupfer
Fri Dec 05, 2014 3:11 pm
Forum: SoftEther VPN General Discussion
Topic: MS-SSTP connection
Replies: 4
Views: 6189

Re: MS-SSTP connection

mostly, its a problem with the certificate validation. SoftEther creats (by default) a self-signet cert for its dyndomain (something like vpn123456.softether.com). And normaly, windows doesn't trust selfsignet certs. So you have to disable the cert-check in windows or create a new self-signed cert f...
by qupfer
Thu Oct 30, 2014 9:07 am
Forum: SoftEther VPN General Discussion
Topic: problem with set proxy server
Replies: 2
Views: 3930

Re: problem with set proxy server

you could try proxifier (40$ :( ) or the free (but very old) widecap to "force" proxy usage.

http://www.proxifier.com/
http://widecap.ru/en/
by qupfer
Thu Oct 30, 2014 8:51 am
Forum: SoftEther VPN General Discussion
Topic: Selecting external ip for SoftEther Server
Replies: 10
Views: 15256

Re: Selecting external ip for SoftEther Server

paulalt wrote: > Any suggestion how to make it work for only one external ip out of four? I'm not sure if I understand your problem correctly, but this is what i would try: Let SoftEther listen on a very unusual port like 23456 or anything else. Using iptables to redirect incomming traffic on the wa...
by qupfer
Wed Oct 29, 2014 8:21 pm
Forum: SoftEther VPN General Discussion
Topic: Using SoftEther Client with ProXPN OpenVPN server
Replies: 4
Views: 4453

Re: Using SoftEther Client with ProXPN OpenVPN server

jemxpat wrote:
> Is this correct?

Yes ;)
by qupfer
Wed Oct 08, 2014 5:52 pm
Forum: SoftEther VPN General Discussion
Topic: DNS hostname change
Replies: 5
Views: 7388

Re: DNS hostname change

I'm hope, my answer is correct ;) In your old config, you will have a part like declare DDnsClient { bool Disabled false byte Key YourDDNSKEY string LocalHostname pi string ProxyHostName $ uint ProxyPort 0 uint ProxyType 0 string ProxyUsername $ } The "bye Key" is what you are looking for. Just copy...
by qupfer
Tue Oct 07, 2014 8:39 am
Forum: SoftEther VPN General Discussion
Topic: DNS hostname change
Replies: 5
Views: 7388

Re: DNS hostname change

If you have your old config file, you can restore a "key" and use the old hostname again. If you haven't your config file anymore, your hostname is gone. As an alternative, you could use a other domain (or free subdomain) which link to the "cryptic" softether hostname. Just take a look at http://fre...
by qupfer
Sun Sep 28, 2014 10:47 pm
Forum: SoftEther VPN General Discussion
Topic: IP Public
Replies: 3
Views: 4464

Re: IP Public

Sorry, if my post sounded rude. It was not intended. But, if I or anybody else should help, you must post more detailed information. How looks your client-side network, how looks your server-side network. Which OS you are using for server and client, do you use the windows GUI or vpncmd and stuff li...
by qupfer
Sat Sep 27, 2014 7:02 pm
Forum: SoftEther VPN General Discussion
Topic: IP Public
Replies: 3
Views: 4464

Re: IP Public

Where is the NAT, you are speaking about? On Client side? Basicly, you should bridge (on server side) the vpn-hub to the phys. ethernet-adapter and check, that Secure-NAT is disabled. On client side, you set IP/netmask manual and maybe add/modify some routes on the client. Alternativ, you bridge to ...
by qupfer
Thu Sep 25, 2014 8:33 pm
Forum: SoftEther VPN General Discussion
Topic: Feature request
Replies: 8
Views: 8852

Re: Feature request

And again, what is the "feature" you want?
Combined Cert and password authentication??

I would simply set a passphrases for the cert. So, only entering the username is missing.
by qupfer
Thu Sep 25, 2014 8:14 pm
Forum: SoftEther VPN General Discussion
Topic: No Certificate Authorization
Replies: 3
Views: 4982

Re: No Certificate Authorization

Do you life in china?

As I remember, is in the chinese version the cert-authorization disabled.
You have to download the source code, modify some things and compile it.
by qupfer
Tue Sep 23, 2014 11:07 pm
Forum: SoftEther VPN General Discussion
Topic: Installing vpn clone client on ubuntu 14.04 LTS
Replies: 1
Views: 2921

Re: Installing vpn clone client on ubuntu 14.04 LTS

You are on the wrong place.
Take a look here: http://www.vpngate.net/en/

The OpenVPN Clone function is for people, who want to host their own VPN server on their own personal server. Not for "public" access.
by qupfer
Tue Sep 23, 2014 10:55 pm
Forum: SoftEther VPN General Discussion
Topic: softether with VPN Tracker 7
Replies: 2
Views: 2810

Re: softether with VPN Tracker 7

Use the build-in client?
by qupfer
Tue Sep 23, 2014 8:20 pm
Forum: SoftEther VPN General Discussion
Topic: Router PORT With ICMP VPN
Replies: 1
Views: 2846

Re: Router PORT With ICMP VPN

ICMP is not TCP/UDP and ICMP is not Port-Based. So, if your router hasn't a ICMP forward option, you can only try something like Exposed Host (sometimes (wrongly) named DMZ) But why you want to do that? Normally it's more practicable to set the vpn-server listen on tcp/443 (https), because https is ...
by qupfer
Sun Sep 21, 2014 7:45 am
Forum: SoftEther VPN General Discussion
Topic: Extremely slow site 2 site scp speeds. (solved).
Replies: 27
Views: 36645

Re: Extremely slow site 2 site scp speeds between 2 location

gct wrote: > And should ALL nics 4 in this case be set to 1472 or 1473? Never set it (without a very good reason) to 1473. This was a bad example. Sorry. A ICMP-Package (ping is icmp) with a size of 1472 Byte will result in an ethernet package with a payload of 1500 Byte (the default MTU for Etherne...
by qupfer
Sun Sep 21, 2014 7:06 am
Forum: SoftEther VPN General Discussion
Topic: "double bridge" setup will only work for 5 minutes
Replies: 10
Views: 12161

Re: "double bridge" setup will only work for 5 minutes

Yep, the restarted bridge was stable all night long. So, I have my workaround....
by qupfer
Sat Sep 20, 2014 10:47 pm
Forum: SoftEther VPN General Discussion
Topic: "double bridge" setup will only work for 5 minutes
Replies: 10
Views: 12161

Re: "double bridge" setup will only work for 5 minutes

dajhorn wrote: > > Can you please explain how? > > This depends on the Linux distro. (Debian, Ubuntu, something else?) Debian, but I disabled it compleate ;) > * The man page suggests that "hwaddress ether" is incorrect syntax. On my > personal computer, I use the "hwaddress AA:BB:CC:DD:EE:FF" form....
by qupfer
Sat Sep 20, 2014 9:26 pm
Forum: SoftEther VPN General Discussion
Topic: "double bridge" setup will only work for 5 minutes
Replies: 10
Views: 12161

Re: "double bridge" setup will only work for 5 minutes

dajhorn wrote: > Do this: > > 1. Configure ifplugd to ignore the 'tap_soft' interface. Can you please explain how? Edit: I did. It "removes" the ifplugd syslog messages, but after the first start of the bridge, it will go to the disabled state after a few minutes..... > 2. Disable the OpenVPN daemon...