SSL-VPN

[items]

I installed softether vpn server on my home computer and forwarded port 443 from the router to the computer.
the client on my computer works great when I'm outside home connecting via softether vpn client.

when I'm at the office I cannot connect back home.
browser doesn't use proxy and I can go to https sites without any problems but softether vpn doesn't connect.
Any ideas?
How can I troubleshoot this?

[thisjun]

What error code did you get?
Did you check the server log?

[items]

the client cannot connect.
The server was never reached by the client.

[moatazelmasry]

Just to avoid any misunderstanding:

You setup SE on a PC at home. Then forwarded port 443 on the router to this PC

When you are outside, using another PC/Laptop, you can connect to your home server

Only when you are at the office, you can not connect to your SE server? So this problem is only related to connections coming out of the work network??

[items]

Correct.
only from the office I cannot connect

[moatazelmasry]

I can only imagine that this problem is related somehow to the firewall.

Could you try the following:
nc -z -v [HOME_IP] 443

It could be that your work is monitoring HTTPS connections. I know of some practices where companies/countries allow https communication to big sites like ebay,facebook etc.., but slow/disable https for unknown sites

[items]

What do you mean by nc ?

[fenice]

items wrote:
> What do you mean by nc ?

It's a linux command. :) If it's not installed on your distribution then install it with your package manager.

[moatazelmasry]

as fenice said, it is a linux command

could be installed via package name "netcat"

This is like telnet but for sending UDP packets and it would show whether you can reach port 443 on your machine via UDP

[items]

OK, I will install a linux VM on my laptop and try it when I get back to the office next week, I will update.

Just to clarify, I'm using windows to windows connection.
my softether is windows, my laptop is windows.

Thanks

[moatazelmasry]

There are netcat similar tools for windows, just a quick google search:
https://eternallybored.org/misc/netcat/

[items]

symantec AV just flagged both nc anc nc64 as security risk and quarantined them.
I had a linux VM so I will use that one

[dust_at_SE]

I have same problem. And i install VPN gate on my office PC try to figure out the problem and get some idea. the interesting thing is, some server from VPN gate i can connect some can't. And while i enable Azure function on my VPN server, i can connect to my VPN server via Azure hostname,(xxxx.vpnazure.net). anyone have other idea to understand what happen on my office firewall or my VPN server setting problem?(Sorry about my pool english :-) )

[items]

I gave it a try from windows vm box and from linux vm box on my laptop from the office, both succeeded
D:\netcat-win32-1.12>nc -z -v xxx.xxx.xxx.xxx 443
[xxx.xxx.xxx.xxx] 443 (https) open
Still I cannot connect using softether vpn client using the same computer I ran the nc test from

[items]

I was able to figure out what is wrong.
out company is using proxy which is not part of the browser.
I added the proxy to softether and it is working.
How do I disable the default gateway from the client?
I want to have one profile with default gateway and one without.

[items]

I figured it out
I had to create to virtual hubs, each one with different configuration.

[dust_at_SE]

items wrote:
> I figured it out
> I had to create to virtual hubs, each one with different configuration.

I still no idea what happened. Now i am using vpnazure. Can you share your experience? I try many different config but still can't find out. (create proxy, put the server on DMZ, create cluster server... etc.)

[items]

my configuration id different
I use a router with DD-WRT installed, I enabled softether vpn and it was easy to configure the vpn through windows client connected.
The challenge was create to profiles that one will work with default gateway and the other without