Page 1 of 1

Both local bridge and SecureNAT

Posted: Wed Nov 09, 2016 6:30 pm
by Oriai
Hi
I configured SoftEther VPN server and enabled SecureNAT, dhcp i set range 192.168.1.10 - 100
and i enable local bridge function and set created tap adapter ip 192.168.1.5 , all working very good,
but i had seen one page in internet
https://www.scribd.com/doc/187770965/Lo ... -on-CENTOS
where say "DO NOT enable BOTH LOCAL BRIDGE and SecureNAT at the same time !!"

tell me please, enable both this services (local bridge and SecureNAT) is a danger or not?

Re: Both local bridge and SecureNAT

Posted: Mon Nov 28, 2016 6:17 am
by thisjun
If the tap device get a default gateway from virtual DHCP, loop can occur.

Re: Both local bridge and SecureNAT

Posted: Thu Dec 01, 2016 9:06 am
by Oriai
thank you, i set ip and network mask in my tap interface manually, gateway is not set

Can you please tell, when i ping my public ip from its same VPS where installed softether vpn i get duplicate of ping answer

ping 1.1.1.1 (1.1.1.1 for example my public ip)

64 bytes from 1.1.1.1: icmp_seq=18 ttl=64 time=0.049 ms
64 bytes from 1.1.1.1: icmp_seq=18 ttl=128 time=0.227 ms (DUP!)
64 bytes from 1.1.1.1: icmp_seq=19 ttl=64 time=0.064 ms
64 bytes from 1.1.1.1: icmp_seq=19 ttl=128 time=0.272 ms (DUP!)
64 bytes from 1.1.1.1: icmp_seq=20 ttl=64 time=0.070 ms
64 bytes from 1.1.1.1: icmp_seq=20 ttl=128 time=0.258 ms (DUP!)
64 bytes from 1.1.1.1: icmp_seq=21 ttl=64 time=0.063 ms
64 bytes from 1.1.1.1: icmp_seq=21 ttl=128 time=0.248 ms (DUP!)

how it fix?

Re: Both local bridge and SecureNAT

Posted: Fri Dec 02, 2016 9:32 pm
by Oriai
i fix it! )))

disable secure nat
enable only bridge and set ip for tap adapter
install dhcp server and configure it with tap adapter
configure NAT from iptables
and all work fine )