Can't get SSL Certificate to renew Softether DDNS issue?

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
midiman
Posts: 2
Joined: Tue Sep 12, 2017 8:33 pm

Can't get SSL Certificate to renew Softether DDNS issue?

Post by midiman » Tue Sep 12, 2017 8:49 pm

Hi,

I have an issue and am wondering if its related to Softether. I had a VPN Server running on my Linux Server VM and, although I never used or specifically enabled the DDNS function of Softether, I believe it is somehow still running or there is a route I haven't found that is causing some problems. I am no longer running the VPN server on this VM (it has been moved to another VM on the same network). I am running Let's Encrypt on this server and many months ago, I had certificate renewals working fine. At this point, I cannot get it to renew as I am not receiving the correct response when the Certificate renewal is attempted. When I ping the domain name that is the actual internet domain needing renewed from the Linux VM, I receive a response from 'wan-ip' and in parenthesis it has the correct WAN IP Address from the ISP. When I attempt to renew the Certificate, it displays the response from the challenge is vpn6809xxxxx.softether.net, which I believe is Softether DDNS function, instead of the real domain name. This is, of course, running over port 443 to validate (which is port forwarded from this Internal IP to the internet). I need to know if there is something I can do to clear this or if there is something on Softether's side that could possible help to clear this record. I looked in the hosts file and found nothing related to the response 'wan-ip' from the ping. Lastly, only this machine responds with wan-ip on a ping, other machines on the same LAN respond properly to the ping (response is the real internet IP address as it should be and pining wan-ip does not resolve).

Any tips or help is greatly appreciated.

Thanks in advanced.

cedar
Site Admin
Posts: 800
Joined: Sat Mar 09, 2013 5:37 am

Re: Can't get SSL Certificate to renew Softether DDNS issue?

Post by cedar » Wed Sep 13, 2017 8:58 am

I guess your TCP/443 port is forwarded to SoftEther VPN Server.
If you access the WAN IP address by a browser from internet, what do you see?

midiman
Posts: 2
Joined: Tue Sep 12, 2017 8:33 pm

Re: Can't get SSL Certificate to renew Softether DDNS issue?

Post by midiman » Wed Sep 13, 2017 3:02 pm

cedar,

Thanks, that was indeed the issue, I had port forwarded 443 to the Softether VPN server (for no real reason) and instead it should've been going to the Let's Encrypt renewal machine. Once I changed that, it instantly fixed the problem. I think sometimes it takes a second pair of eyes to see something obvious.

Thanks again, I really appreciate it, this thread can be closed if needed.

Post Reply