SoftEther VPN User Forum

Hi,

I've been trying to connect 2 computers with different external ip address.
1 computer is the one who runs the SoftEther VPN Server manager and the other one is the client.
I set-up the server and created a certificate. I copied the certificate to the other pc (which has a different external IP) and used the certificate on user authentication settings on client manager. The hostname that I used to setup a new vpn connection was the 'DDNS Hostname' which is vpn(seriesofnumbers).softether.net > Clicked OK > Connect.
When I connect, an error appears that says
Error (Error Code 1):
"Connection to the server failed. Check network connection and make sure that address and port number of destination server are correct."

Now, I tried to connect it to a similar external ip address with the server and it did not encounter this kind of error.
Did I miss something up?
I'm new to setting this up and I'm honestly not sure what i'm doing.
Would appreciate some help.

Thanks.

Hi,


did you forward the port what is used for the vpn connection in the router?

GL

Hi,

Yes I did, I used port 5555 to port forward, also used that on the server in creating the hub, but I was not able to restart the modem/router since everyone here is using it, is it required to restart the router after port forwarding?

i'm about 98% sure you can't use the same Sever/Client certificate for the user certificate. Your going to have to make a new cert for the user... The way you wrote your opening post, it sounds like that's what you did.

When I created the server it asked me to create a user which I then created, there's an option there called 'Individual Certificate Authentication Settings' under Create New User and that's where I created the certificate for the user and used that certificate on the client computer.

Update:

Should I be using my external IP as VPN Server Hostname or my internal IP address? I port forwarded the ports that SoftEther suggested (5555, 1194, 992, 443) and restarted the router but still no effect. What did I do wrong?

If you left the dynamic DNS server enabled you can use the dns host name. Other than that, use the external (public) ip. If you enable SecureNAT it should punch a hole in whatever firewall is blocking you if that's your issue.

Hi,

Tried all of those things but still has this error:

Hi guys,

Been testing things for days now, still nothing works. Any recommendations, solutions?

Want is the server software running on? Windows, or Linux?

If you want to make things easy you should start out the fresh server install by doing it like this tutorial. And using Passwd Auth... There is a lot of different ways to do it but this way seems to always work for me no matter what's in between the server and client.

https://forum.icoexist.io/t/how-to-conf ... manager/32

Do what you want with the L2TP/IPsec OpenVPN and MS-SSTP settings, I disable everything but OpenVPN.

Hi,

Okay i'll try to follow the link that you gave me.

Do what you want with the L2TP/IPsec OpenVPN and MS-SSTP settings, I disable everything but OpenVPN.

Sorry i'm not familiar with these terms, but, what I know is I also disabled everything (firewalls, etc..). The only tool that I use is SoftEther VPN. I'm not using OpenVPN

They are different VPN protocols. Which will allow you to connect to the VPN with different VPN clients. Ie. there is no SoftEther client that works for iOS or Android without root. So you would have to use L2TP/IPsec or OpenVPN since there are clients for those protocols.

Hi,

So I tried the instructions on the link that was provided and I still got the same error.
NOTE:
I'm trying to connect a vpn from one place to another, that IS possible, right?
Also using both PC and SoftEther VPN Client on the client's side, i'm not using OpenVPN.

Are you able to connect to the VPN server manager from outside your LAN? Is the server software on Linux or Windows?

Can you open a Command Prompt in Windows and ping your dns hostname from outside and inside the network?

ping -4 vpn(seriesofnumbers).softether.net

cmd wh0ami wrote: ↑

Mon Oct 22, 2018 3:41 pm

Are you able to connect to the VPN server manager from outside your LAN? Is the server software on Linux or Windows?

Can you open a Command Prompt in Windows and ping your dns hostname from outside and inside the network?

ping -4 vpn(seriesofnumbers).softether.net

No I'm unable to connect to the VPN server manager outside my lan. Server is on Windows 10.

I could ping my dns hostname inside my network but not outside my network.

I think i'm missing something, is there anything I did wrong?

Yea, your firewall on the router to the WAN is blocking you.

You need to open up at least tcp port 443 on the router and forward it to the local ip of you vpn server. You should be able to do that while its being used. if it does go down it will only be for a second and no one would know the difference...

I just find it really had to believe that if you enabled SecureNAT it wont punch a hole in the firewall for you. You didn't disable NAT-T on the client did you?

No I believe I did not touch any settings on the client, I just set it up normally, input my username/password and virtual hub. That's it.
I'll try and forward the port on the router see if it works.

As first, let's isolate the problem

Do a client or a server manager can connect the VPN server from the same LAN?
If it fails, the cause of the problem may be the personal firewall.

I could ping my dns hostname inside my network but not outside my network.

What error did you see?
Was the ddns name resolved?

Can the client connect to another VPN server?