softether always send my private information back

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
oakridge
Posts: 2
Joined: Fri Jun 02, 2017 5:15 am

softether always send my private information back

Post by oakridge » Fri Jun 02, 2017 5:29 am

Softether is a great VPN server to use, but I noticed recently that, it periodically send my private information back to 130.158.6.116 UDP port 5004, which is owned by University of Tsukuba. The information dump make me nervous because it contains my server's:
1. hostname
2. machine_key
3. my private_ip
4. my private_port
5. session_key
6. token
... etc.
it also periodically send small packet to 130.158.6.56 UDP port 80
has anyone noticed this?
why Softether send those information back to a server owned by University of Tsukuba?

any insight would be appreciated!

thisjun
Posts: 2462
Joined: Mon Feb 24, 2014 11:03 am

Re: softether always send my private information back

Post by thisjun » Thu Jun 15, 2017 5:20 am

These information is sent to NAT-T broker server.
The server is operated by University of Tsukuba.

oakridge
Posts: 2
Joined: Fri Jun 02, 2017 5:15 am

Re: softether always send my private information back

Post by oakridge » Thu Jun 15, 2017 6:13 am

thisjun wrote:
> These information is sent to NAT-T broker server.
> The server is operated by University of Tsukuba.

Thank you for the insight!
in this case, does it means that, if I block those traffic, softether won't be able to work as a site to site VPN if both side of the VPN tunnel sit behind NAT gateway, because UDP hole punch won't work without a broker?

For other use case which don't need UDP hole punch, blocking those traffic won't affect softether VPN ?
if so, does softether provide any software package for user to setup their own UDP hole punching broker?

thanks

thisjun
Posts: 2462
Joined: Mon Feb 24, 2014 11:03 am

Re: softether always send my private information back

Post by thisjun » Thu Jun 29, 2017 7:39 am

> in this case, does it means that, if I block those traffic, softether won't be able
> to work as a site to site VPN if both side of the VPN tunnel sit behind NAT gateway,
> because UDP hole punch won't work without a broker?

No. NAT-T doesn't work.
However, VPN session can be made with TCP port forwarding.

> For other use case which don't need UDP hole punch, blocking those traffic won't
> affect softether VPN ?

If you use DDNS or VPN Azure, it affects them..

> if so, does softether provide any software package for user to setup their own UDP
> hole punching broker?

Now, SoftEther project doesn't provide such software.

Post Reply