ip address routing

SoftEther VPN に関するご質問はこのフォーラムにお気軽にご投稿ください。
Post Reply
althaf
Posts: 44
Joined: Mon Aug 28, 2017 12:50 pm

ip address routing

Post by althaf » Tue Sep 19, 2017 8:39 am

please find the the my diagram
this diagram is one location

vpn client can connected the server is getting ip address 192.168.30.10, vpn client need access the other network (10.10.10.X / 10.10.20.X)

how can route the ip address
You do not have the required permissions to view the files attached to this post.

cedar
Site Admin
Posts: 2070
Joined: Sat Mar 09, 2013 5:37 am

Re: ip address routing

Post by cedar » Tue Sep 19, 2017 10:09 am

Please add routing entry to the classless static routes in DHCP setting.

althaf
Posts: 44
Joined: Mon Aug 28, 2017 12:50 pm

Re: ip address routing

Post by althaf » Wed Sep 20, 2017 4:29 am

i need the dhcp ip address this location its correct ?
You do not have the required permissions to view the files attached to this post.

cedar
Site Admin
Posts: 2070
Joined: Sat Mar 09, 2013 5:37 am

Re: ip address routing

Post by cedar » Wed Sep 20, 2017 4:35 am

If you need to add entries of routing table in client, yes.

althaf
Posts: 44
Joined: Mon Aug 28, 2017 12:50 pm

Re: ip address routing

Post by althaf » Wed Sep 20, 2017 4:37 am

thanks for knowledge sharing
i will try ok

cedar
Site Admin
Posts: 2070
Joined: Sat Mar 09, 2013 5:37 am

Re: ip address routing

Post by cedar » Wed Sep 20, 2017 9:30 am

Ketnel-mode and RawIP-mode virtual NAT can't recognize router which isn't connected to internet.
Please disable these mode.
(Route pushing may not be needed.

althaf
Posts: 44
Joined: Mon Aug 28, 2017 12:50 pm

Re: ip address routing

Post by althaf » Sun Sep 24, 2017 7:49 am

Hi both

i done both way this not ping ip address

client ip address 192.168.30.10/24
client need to access ip address 10.10.32.0/24

same diagram

please advice to me
You do not have the required permissions to view the files attached to this post.

althaf
Posts: 44
Joined: Mon Aug 28, 2017 12:50 pm

Re: ip address routing

Post by althaf » Mon Sep 25, 2017 8:26 am

hi there!
i enter the static routing table to push

10.10.10.0/255.255.255.0/192.168.30.1

but still not pinging

vpn client can access the 10.70.116.10

but other network ip address can't access

please can any once help me
You do not have the required permissions to view the files attached to this post.

cedar
Site Admin
Posts: 2070
Joined: Sat Mar 09, 2013 5:37 am

Re: ip address routing

Post by cedar » Mon Sep 25, 2017 9:06 am

Does the OS which VPN Server runs on know the route to 10.10.10.x?

althaf
Posts: 44
Joined: Mon Aug 28, 2017 12:50 pm

Re: ip address routing

Post by althaf » Mon Sep 25, 2017 9:26 am

Hi

10.10.10.X is a separate network in the location OS is windows 7

One virtual server manager

two nic card
1. 192.168.3.3/24 WAN
2. 10.70.116.10 /24 LOCAL

i can access the remote local ip address, i need access separate network into is address 10.10.10.X

eg
one network
116 vlan server
10 vlan sale dep
20 vlan support dep

please advice to me

cedar
Site Admin
Posts: 2070
Joined: Sat Mar 09, 2013 5:37 am

Re: ip address routing

Post by cedar » Mon Sep 25, 2017 9:34 am

Is the S/W in the picture a L3SW?
Does the S/W have a gateway IP address in segment 10.70.116.x?

althaf
Posts: 44
Joined: Mon Aug 28, 2017 12:50 pm

Re: ip address routing

Post by althaf » Mon Sep 25, 2017 9:55 am

Hi

Yes cisco Layer3 switch management ip 10.10.2.250

NIC 1 GW 192.168.3.1

NIC 2 10.70.116.1 GW only one server windows

VALN10 GW 10.10.10.1
VALN20 GW 10.10.20.1

althaf
Posts: 44
Joined: Mon Aug 28, 2017 12:50 pm

Re: ip address routing

Post by althaf » Mon Sep 25, 2017 10:00 am

HI

I try to normal switch also

cedar
Site Admin
Posts: 2070
Joined: Sat Mar 09, 2013 5:37 am

Re: ip address routing

Post by cedar » Mon Sep 25, 2017 10:10 am

In User mode SecureNAT, the VPN server process act as transparent proxy for the virtual NAT.
Therefore, the VPN server process should be able to access to the destination network.

If your network policy allows, you can use localbridge to NIC2 instead of virtual NAT. It may have good performance.

althaf
Posts: 44
Joined: Mon Aug 28, 2017 12:50 pm

Re: ip address routing

Post by althaf » Mon Sep 25, 2017 10:11 am

please advice to me normal switch

NIC 1 192.168.3.3/24 GW 192.168.3.1
NIC 2 10.70.116.10/24 GW10.70.116.1

SALE DEP 10.10.10.x/24 GW 10.10.10.1
SUPPORT 10.10.20.X/24 GW 10.10.20.1

I CAN REMOTE ACCESS IP ADDRESS 10.70.112.10/24 THIS THOUGTH ACCESS THE SALE 10.10.10.x AND SUPPORT 10.10.20.x

cedar
Site Admin
Posts: 2070
Joined: Sat Mar 09, 2013 5:37 am

Re: ip address routing

Post by cedar » Mon Sep 25, 2017 10:19 am

If you localbridged to NIC2, please disable virtual NAT and enable only virtual DHCP server.

The DHCP server should assign 10.70.116.X and provide the route information as following.

10.10.10.0/255.255.255.0/10.70.116.1
10.10.20.0/255.255.255.0/10.70.116.1

althaf
Posts: 44
Joined: Mon Aug 28, 2017 12:50 pm

Re: ip address routing

Post by althaf » Mon Sep 25, 2017 1:09 pm

hi

DHCP server then assign 10.70.116.X then client are getting ip address this range its correct ?

if need client ip address different range what can do ?

cedar
Site Admin
Posts: 2070
Joined: Sat Mar 09, 2013 5:37 am

Re: ip address routing

Post by cedar » Mon Sep 25, 2017 7:51 pm

How the clients with different IP range can acccess to the cisco?

althaf
Posts: 44
Joined: Mon Aug 28, 2017 12:50 pm

Re: ip address routing

Post by althaf » Tue Sep 26, 2017 7:05 am

HI

i try still not working

please find the attachment

disable virtual NAT client getting ip address 169.

noted

i need nc 2 ip address server only 10.70.116.10
You do not have the required permissions to view the files attached to this post.

althaf
Posts: 44
Joined: Mon Aug 28, 2017 12:50 pm

Re: ip address routing

Post by althaf » Tue Sep 26, 2017 8:35 am

Hi there

i need to softether server like a router

any idea

please help me

cedar
Site Admin
Posts: 2070
Joined: Sat Mar 09, 2013 5:37 am

Re: ip address routing

Post by cedar » Tue Sep 26, 2017 9:43 am

You can use virtual L3 switch.

Create 2 virtual hubs and bridge one to NIC2 and make virtual interfaces of virtual L3SW on each hubs.
Push routes to 10.10.10-20.X via virtual L3SW to clients.
Add routes to 10.10.10-20.X via 10.70.116.1 into virtual L3SW.

althaf
Posts: 44
Joined: Mon Aug 28, 2017 12:50 pm

Re: ip address routing

Post by althaf » Wed Sep 27, 2017 7:50 am

hi

done in order but 10.10.10.X its ping plug cable also other ip address
not ping 10.10.20.X and 10.70.116 its ping can remote access alos


note

local bridge created by virtual main hub (VPN)

please find the attachment
You do not have the required permissions to view the files attached to this post.

althaf
Posts: 44
Joined: Mon Aug 28, 2017 12:50 pm

Re: ip address routing

Post by althaf » Wed Sep 27, 2017 7:50 am

cont..
You do not have the required permissions to view the files attached to this post.

althaf
Posts: 44
Joined: Mon Aug 28, 2017 12:50 pm

Re: ip address routing

Post by althaf » Wed Sep 27, 2017 8:12 am

hi there
sorry
done in order but 10.10.10.X its ping unplug cable

cedar
Site Admin
Posts: 2070
Joined: Sat Mar 09, 2013 5:37 am

Re: ip address routing

Post by cedar » Wed Sep 27, 2017 8:16 am

Why L3SW is isolated?

I would like to try to figure it out.
VPN clients(192.168.30.X) - hub"VPN" - (192.168.30.250)L3SW(10.70.116.250) - hub"LocalBridge" -localbridge(NIC2:10.70.116.1) - (10.70.116.1)Cisco(10.10.10.1) - SaleLAN

althaf
Posts: 44
Joined: Mon Aug 28, 2017 12:50 pm

Re: ip address routing

Post by althaf » Wed Sep 27, 2017 8:29 am

hi there

hub"LocalBridge" -localbridge(NIC2:10.70.116.1) - (10.70.116.1)Cisco(10.10.10.1) - SaleLAN


please correct to me
1. need to create the hub for LocalBridge ?

2. already
NIC 2 10.70.116.10/24 GW10.70.116.1

3. What is
(10.70.116.1)Cisco(10.10.10.1) - SaleLAN

please advice to me

althaf
Posts: 44
Joined: Mon Aug 28, 2017 12:50 pm

Re: ip address routing

Post by althaf » Wed Sep 27, 2017 8:30 am

cont..
You do not have the required permissions to view the files attached to this post.

cedar
Site Admin
Posts: 2070
Joined: Sat Mar 09, 2013 5:37 am

Re: ip address routing

Post by cedar » Wed Sep 27, 2017 8:37 am

> althaf

> 1. need to create the hub for LocalBridge ?

If you want "i need to softether server like a router", it's necessary to separate client and NIC2.

If VPN client access the Cisco router directly, the VPN server doesn't need to do routing.

> 3. What is
> (10.70.116.1)Cisco(10.10.10.1) - SaleLAN

It figures existing router and network.(not VPN setting)

althaf
Posts: 44
Joined: Mon Aug 28, 2017 12:50 pm

Re: ip address routing

Post by althaf » Wed Sep 27, 2017 8:58 am

hi

not allowed directly VPN client access the Cisco router.

i need softether server like a router

softether server two NIC

1. WAN 192.168.3.3/24
2. LAN 10.70.116.10/24 GW 10.70.116.1

TWO Dep
Sale / support

* WAN connected direct ADSL
* SW connected the softhether server 10.70.116.10/24 / Sale pc 10.10.10. x /24 Support 10.10.20.x/24

VPN client 192.168.30.11/24 , now client access the softether server

i need to softher server like a router

VPN client 192.168.30.11/24 need to access the sale and support

please advice to me

cedar
Site Admin
Posts: 2070
Joined: Sat Mar 09, 2013 5:37 am

Re: ip address routing

Post by cedar » Wed Sep 27, 2017 9:13 am

Please try like this.
> VPN clients(192.168.30.X) - hub"VPN" - (192.168.30.250)L3SW(10.70.116.250) - hub"LocalBridge" -localbridge(NIC2:10.70.116.1) -
(10.70.116.1)Cisco(10.10.10.1) - SaleLAN

althaf
Posts: 44
Joined: Mon Aug 28, 2017 12:50 pm

Re: ip address routing

Post by althaf » Wed Sep 27, 2017 9:26 am

Please advice to me

hub"LocalBridge" -localbridge(NIC2:10.70.116.1) - (10.70.116.1)Cisco(10.10.10.1) - SaleLAN

i need to create hub called LocalBridge ?

i not get this

localbridge(NIC2:10.70.116.1) - (10.70.116.1)Cisco(10.10.10.1) - SaleLAN

cedar
Site Admin
Posts: 2070
Joined: Sat Mar 09, 2013 5:37 am

Re: ip address routing

Post by cedar » Wed Sep 27, 2017 9:34 am

You can use any virtual hub name as long as it is different from the hub to which the clients connect to.

althaf
Posts: 44
Joined: Mon Aug 28, 2017 12:50 pm

Re: ip address routing

Post by althaf » Wed Sep 27, 2017 9:51 am

hi

hub sale need to connect into vpn client

i already created the this hub and virtual interface
You do not have the required permissions to view the files attached to this post.

cedar
Site Admin
Posts: 2070
Joined: Sat Mar 09, 2013 5:37 am

Re: ip address routing

Post by cedar » Wed Sep 27, 2017 9:59 am

Why the hub sales is needed?

client passes packets to L3SW.
L3SW passes it to cisco router.
hub sales is not related

althaf
Posts: 44
Joined: Mon Aug 28, 2017 12:50 pm

Re: ip address routing

Post by althaf » Wed Sep 27, 2017 10:11 am

vpn client ----------> softether server -----------> Sale /Support
192.168.30.11 10.70.116.10 10.10.10 x 10.10.20.x
need act the router

now vpn client access 10.70.116.10

with out cisco router

please advice to me step

cedar
Site Admin
Posts: 2070
Joined: Sat Mar 09, 2013 5:37 am

Re: ip address routing

Post by cedar » Wed Sep 27, 2017 10:20 am

The vpn server isn't connected to the sales segment directly.
client can't access the segment without cisco router

althaf
Posts: 44
Joined: Mon Aug 28, 2017 12:50 pm

Re: ip address routing

Post by althaf » Wed Sep 27, 2017 10:37 am

hi

i try cisco router working fine , but same segment using the normal netgear switch

because i need to softether like a router, two nic using for server nic 1 connected switch and nic1 ISP

one uplink into other netgear switch (Sale dep 1st floor) another uplink into other netgear switch (support dep 2nd floor)

which department connect two pcs and 4 pcs

softether server like a router !

cedar
Site Admin
Posts: 2070
Joined: Sat Mar 09, 2013 5:37 am

Re: ip address routing

Post by cedar » Wed Sep 27, 2017 10:56 am

I'm confused.
You add additional 2 NICs to the vpn server for connecting sales/support segment?
Could you draw a fugure?

althaf
Posts: 44
Joined: Mon Aug 28, 2017 12:50 pm

Re: ip address routing

Post by althaf » Wed Oct 04, 2017 6:09 am

Hi

This new diagram and questions

All are Cisco switches all can communicated which other without VPN client

question

1. How to communicated VPN client in servers 10.70.112.X/24
2. How to communicated VPN client in Vlan 40 10.10.40./24

how many hub need create ?
we need many layers 3 switch setting ?

Please advice to me step ?
You do not have the required permissions to view the files attached to this post.

althaf
Posts: 44
Joined: Mon Aug 28, 2017 12:50 pm

Re: ip address routing

Post by althaf » Wed Oct 04, 2017 6:10 am

--cont...

we need to route route ip address

althaf
Posts: 44
Joined: Mon Aug 28, 2017 12:50 pm

Re: ip address routing

Post by althaf » Wed Oct 04, 2017 7:07 am

HI
i create the Hub and Virtual interface

how router l3 layer setting routes ip address and which hub create local Bridget

please find the attachments

please idea to me
You do not have the required permissions to view the files attached to this post.

althaf
Posts: 44
Joined: Mon Aug 28, 2017 12:50 pm

Re: ip address routing

Post by althaf » Thu Oct 05, 2017 4:22 am

hi cedar

can you help me flow setp

Post Reply