Absolutely newb here. Please. Help.

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
koen
Posts: 3
Joined: Tue Jun 05, 2018 3:59 pm

Absolutely newb here. Please. Help.

Post by koen » Tue Jun 05, 2018 4:13 pm

Okay, I will say this straight.
- Been using computers since the age of 4.
- Worked as a developer, sysadmin, network admin.
- Never brag about it, but I feel like I can learn a software.
- Used countless VPN solutions in the past 10 years.

Yet. I just cannot tame SoftEther, no matter what.
All I want - to at least start out - is a simple link between my server and a client PC to reach the network share. Just to start, to start learning.

So, of course, I read the manuals, tutorials, all the documentation which is very well written by the way. Still, I am lost where I may have gone wrong.

Server: Windows Server 2016 [ 1 adapter, ipv4 ]
Client: Windows 10 Home [ 1 adapter, ipv4 ]

- Installed software on both (well, duh).
- Server:
-- Set "SecureNat and DHCP" setting to use 192.168.9.1 IP address, DHCP to give out 192.168.9.10-100 IPs, etc. Nothing fancy there.
-- SecureNAT is OFF, did not touch it.
-- That's about it, I added a new user and not much else.
- Client:
-- Set the client network interface in Windows to use 192.168.9.5 IP, gateway to 192.168.9.1, etc. Nothing fancy here either.
-- Connection works fine, it connects to a server.

Yet, I cannot ping my server IP [ 192.168.9.1 ] nor I can reach the share on it.
If I enable "SecureNAT", I can ping, but still, no network share. And the docs say I should not use that continuously anyhow.

=======================
tl;dr:
- want to learn SoftEther
- want dead simple link between server and PC (no internet reroute, like a "hide my traffic" way, just to reach network share)
- no matter what I do, it just refuses to work
=======================


Not that it helps, but on OpenVPN I just used the EasyRSA script, spat out the cert, wrote a few lines in config and it works like magic. What am I doing wrong? :(

cedar
Site Admin
Posts: 2066
Joined: Sat Mar 09, 2013 5:37 am

Re: Absolutely newb here. Please. Help.

Post by cedar » Thu Jun 07, 2018 9:26 am

Why did you choice "SecureNat and DHCP" with "SecureNAT is OFF"...?

If there is DHCP service on server side LAN, simply turn on localbridge to the LAN.
Then VPN client should use DHCP setting.

koen
Posts: 3
Joined: Tue Jun 05, 2018 3:59 pm

Re: Absolutely newb here. Please. Help.

Post by koen » Thu Jun 07, 2018 9:35 am

Well I disabled SecureNAT ( as the document says people should not use it ).
And DHCP... well, it's enabled in the settings, but unless I enable SecureNAT, the client will not get an IP.

Now what I tried since.
- Kept SecureNAT off as recommended per guide.
- Made sure NOT to tick "No adjustments of Routing Table".
- Used Interface Metric of 100 for VPN interface on client, and 1 for internet.
- Tried removing gateway from the IPv4 interface.
- Tried removing the bridge function/adapter on the server.

Still, nothing. No ping, no share. No matter what I do. There is nothing at all.

And if I enable SecureNAT (and either disable NAT or enable it, does not matter), I can finally ping 192.168.9.1 (my host IP), and that's it.
I cannot reach the host's network share this way either. (I guess since it gets further NAT'ed), but yea, it just does not work.

koen
Posts: 3
Joined: Tue Jun 05, 2018 3:59 pm

Re: Absolutely newb here. Please. Help.

Post by koen » Thu Jun 07, 2018 10:05 am

Well, found the issue. Cannot believe it myself either.

Basically, I had the server set up, and thought the SecureNAT is where you set IP address and all. Like OpenVPN, Windows Server VPN, just like any other VPN. You have one server, and you connect, and basically the server has a default adapter for the network. So I thought.

Not with SoftEther. You need a Client AND a Server installed on the server, if you wish to use it for network share, or any other resources.
That's the answer. Maybe I just "work different", no clue.

centeredki69
Posts: 329
Joined: Wed Sep 18, 2013 1:49 pm

Re: Absolutely newb here. Please. Help.

Post by centeredki69 » Thu Jun 07, 2018 10:30 pm

If you want clients that connect to the server to access local resources on your servers network you need to set up a local bridge. Then any shares will be available to client connecting.

You do not have to install the client and server software on the same PC/SERVER to get this to work properly.

1) Log onto the softether VPN server VIA the "Softether server manager" and you will see your virtual HUB or HUBs in the main window.
2)Look down, " local bridge settings" is in the lower left corner. Click "Local bridge settings".
3)In "local bridge settings" Choose the virtual HUB you want to allow local access, then choose the adapter you want to use for the bridge most likely there will only be one listed unless you have multiple NICs installed.
4) Hit create local bridge and it will give some warning acknowledge the warning then it should start working.

5)You will then NEED to disable secure NAT on this "newly bridged" virtual HUB if you still have it running because any clients that connect now will receive an IP address from the same DHCP server that the local Server network uses.

Now any client connecting with the Softether client software, OpenVPN, or ipsec/L2tp, MS-SSTP ( if you activated those options) to this HUB will have access to local resources.



Also see below for more info

https://www.softether.org/4-docs/1-manu ... al_Bridges

Post Reply