Bridged network (without a bridge created)

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
ensemblebd
Posts: 3
Joined: Wed Apr 11, 2018 4:45 pm

Bridged network (without a bridge created)

Post by ensemblebd » Wed Apr 11, 2018 4:48 pm

I'm a bit confused on this.

I have installed the VPN Server on a linux machine in Amazon EC2.
It's on a private subnet. 10.0.0.0, and it has a public IP address which users connect to. (two interfaces on separate subnets)

I enabled the SecureNAT with defaults, which provision 192.168.30.0/24
But when VPN users connect (over L2TP), they can ping anything on the 192 range (good), AND on the private 10.0 range (BAD).

I realize fully that I can utilize the ACL to control packets. And intend to.
But I'm trying to understand why it would "bridge" the interfaces, when I 100% have not created a Local Bridge or configured any adapters for transparency(can't on Unix anyway). How is it that packets are reaching the 10.0 subnet?

tracert shows that it hits the default gateway (192.168.30.1), and then goes straight to the private subnet node.

Can someone shed some light on this? Is this normal?

thisjun
Posts: 2231
Joined: Mon Feb 24, 2014 11:03 am

Re: Bridged network (without a bridge created)

Post by thisjun » Wed May 16, 2018 7:28 am

SecureNAT has NAT router function.
Virtual NAT act like as transparent proxy.

Post Reply