NAT Traversal *** How does this work ?

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
centeredki69
Posts: 329
Joined: Wed Sep 18, 2013 1:49 pm

NAT Traversal *** How does this work ?

Post by centeredki69 » Wed Sep 25, 2013 6:35 pm

Thank you for providing this wonderful VPN software!

I am unclear how NAT Traversal works. How does the client or cascade connection know where the VPN server is behind my Router/NAT firewall. If I don't open and forward the port on the Router to the local softether VPN server IP address. How will it find it ?

I am currently using port 5555 on a Server to Bridge setup. (It is running great)

However when I don't open and forward port 5555 on the Router/NAT the Server is behind to the server local IP the Bridge cannot connect.

I would love to close all ports and still have the VPN connection.

I appreciate your help and direction on setting up NAT Traversal.

Thank you

kh_tsang
Posts: 551
Joined: Wed Jul 24, 2013 12:09 pm

Re: NAT Traversal *** How does this work ?

Post by kh_tsang » Thu Sep 26, 2013 11:50 am

When I do a packet capturing on the network adapter, it show that NAT Traversal is using UDP.

The listening ports are TCP ports and HTTPS is used, you must open the ports for TCP connections like a normal HTTPS web server.

centeredki69
Posts: 329
Joined: Wed Sep 18, 2013 1:49 pm

Re: NAT Traversal *** How does this work ?

Post by centeredki69 » Thu Sep 26, 2013 2:40 pm

Thank you for your reply.

So I would only need to open the TCP listening ports on the Server Firewall ie: the PC/Server the VPN is installed on.

I do not need to open the ports on the Router-NAT/Firewall.

I have tested this and it does work.

Thank you for your help.

dnobori
Posts: 228
Joined: Tue Mar 05, 2013 10:04 am

Re: NAT Traversal *** How does this work ?

Post by dnobori » Sat Sep 28, 2013 5:21 am

Hi.

You can disable the NAT Traversal function on the VPN Server by followings:

1. Stop vpnserver service.
2. Open vpn_server.config by your text editor.
3. Modify the field:
bool DisableNatTraversal false -> true
4. Start vpnserver service.

Post Reply