No send recive

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
n1986
Posts: 5
Joined: Sun Jan 22, 2023 10:25 am

No send recive

Post by n1986 » Sun Jan 22, 2023 10:32 am

hello,
i have one server as bridge connected to edge server with cascade , becuse of restrictions we use icmp dns request enable on edge server,
i set custom dhcp server for nat on edge,

problem is , 70% of times client connect with openvpn to bridge have internet access and good speed but some times when connect not access to internet and send recive is below 20KB/s need to reconnect to resolve it , where is problem and how i can fix this, appologize for bad english

shakibamoshiri
Posts: 68
Joined: Wed Dec 28, 2022 9:10 pm

Re: No send recive

Post by shakibamoshiri » Sun Jan 22, 2023 1:28 pm

n1986 wrote:
Sun Jan 22, 2023 10:32 am
hello,
i have one server as bridge connected to edge server with cascade , becuse of restrictions we use icmp dns request enable on edge server,
i set custom dhcp server for nat on edge,

problem is , 70% of times client connect with openvpn to bridge have internet access and good speed but some times when connect not access to internet and send recive is below 20KB/s need to reconnect to resolve it , where is problem and how i can fix this, appologize for bad english
When does this issue happen?
- e.g. when +100 users are connected?
- e.g. when most users are OepnVPN not others (there is a bug about OpenVPN in stable version - search github)

Plus share your CC (cascade connection) configuration.

For a few users, CC can be good and performative but for many users Port Forwarding could be better to use maximum capacity of your hop-1 (= bridge server)

See VPN Azure on Github
https://github.com/SoftEtherVPN/SoftEth ... s-Testers)

n1986
Posts: 5
Joined: Sun Jan 22, 2023 10:25 am

Re: No send recive

Post by n1986 » Mon Jan 23, 2023 6:43 am

tnx for ur help, but

my clients connected to bridge server always lower than 50 , 90% connected with open vpn and 10% with l2tp

beacuse of country restriction i cant cascade normal and must enable icmp dns capability of edge server , and this way bridge connected just with
two tcp connection to edge server,

port of bridge and edge are about 500Mb/s and must not any problem with 50 clients , i attached config on both client and bridge ,

I would be grateful if you could provide a suitable solution that has a good speed and solves the problem of not sending and receiving

n1986
Posts: 5
Joined: Sun Jan 22, 2023 10:25 am

Re: No send recive

Post by n1986 » Mon Jan 23, 2023 6:47 am

shakibamoshiri wrote:
Sun Jan 22, 2023 1:28 pm
n1986 wrote:
Sun Jan 22, 2023 10:32 am
hello,
i have one server as bridge connected to edge server with cascade , becuse of restrictions we use icmp dns request enable on edge server,
i set custom dhcp server for nat on edge,

problem is , 70% of times client connect with openvpn to bridge have internet access and good speed but some times when connect not access to internet and send recive is below 20KB/s need to reconnect to resolve it , where is problem and how i can fix this, appologize for bad english
When does this issue happen?
- e.g. when +100 users are connected?
- e.g. when most users are OepnVPN not others (there is a bug about OpenVPN in stable version - search github)

Plus share your CC (cascade connection) configuration.

For a few users, CC can be good and performative but for many users Port Forwarding could be better to use maximum capacity of your hop-1 (= bridge server)

See VPN Azure on Github
https://github.com/SoftEtherVPN/SoftEth ... s-Testers)
tnx for ur help, but

my clients connected to bridge server always lower than 50 , 90% connected with open vpn and 10% with l2tp

beacuse of country restriction i cant cascade normal and must enable icmp dns capability of edge server , and this way bridge connected just with
two tcp connection to edge server,

port of bridge and edge are about 500Mb/s and must not any problem with 50 clients , i attached config on both client and bridge ,

I would be grateful if you could provide a suitable solution that has a good speed and solves the problem of not sending and receiving
You do not have the required permissions to view the files attached to this post.
Last edited by n1986 on Mon Jan 23, 2023 8:03 am, edited 2 times in total.

solo
Posts: 619
Joined: Sun Feb 14, 2021 10:31 am

Re: No send recive

Post by solo » Mon Jan 23, 2023 7:02 am

For privacy reasons please re-post the data without server passwords, hashes, keys and certificates.

EDIT

Also remove "HashedPassword".

n1986
Posts: 5
Joined: Sun Jan 22, 2023 10:25 am

Re: No send recive

Post by n1986 » Mon Jan 23, 2023 8:41 am

done

solo
Posts: 619
Joined: Sun Feb 14, 2021 10:31 am

Re: No send recive

Post by solo » Tue Jan 24, 2023 10:17 pm

shakibamoshiri wrote:
Sun Jan 22, 2023 1:28 pm
share your CC (cascade connection) configuration.
After a few rounds of redacting, you got it.

shakibamoshiri
Posts: 68
Joined: Wed Dec 28, 2022 9:10 pm

Re: No send recive

Post by shakibamoshiri » Wed Jan 25, 2023 9:09 pm

solo wrote:
Mon Jan 23, 2023 7:02 am
For privacy reasons please re-post the data without server passwords, hashes, keys and certificates.

EDIT

Also remove "HashedPassword".
PLEASE NEVER SHARE THIS WHOLE CONFIGURATION

You could just tell the main options or share like this

Code: Select all

			declare CascadeList
			{
				declare Cascade0
				{
					bool CheckServerCert false
					bool Online true

					declare ClientAuth
					{
						uint AuthType X
						byte HashedPassword
						string Username bridge
					}
					declare ClientOption
					{
						string AccountName netherlands2
						uint AdditionalConnectionInterval 1
						uint ConnectionDisconnectSpan 0
						string DeviceName _SEHUBLINKCLI_
						bool DisableQoS false
						bool HalfConnection false
						bool HideNicInfoWindow false
						bool HideStatusWindow false
						string Hostname XXX.XXX.XXX.XXX
						string HubName VPN
						uint MaxConnection 32
						bool NoRoutingTracking true
						bool NoTls1 false
						bool NoUdpAcceleration false
						uint NumRetry 4294967295
						uint Port 1886
						uint PortUDP 0
						string ProxyName $
						byte ProxyPassword $
						uint ProxyPort 0
						uint ProxyType 0
						string ProxyUsername $
						bool RequireBridgeRoutingMode true
						bool RequireMonitorMode false
						uint RetryInterval 10
						bool UseCompress false
						bool UseEncrypt false
					}
					declare Policy
					{
						bool ArpDhcpOnly false
						bool CheckIP false
						bool CheckIPv6 false
						bool CheckMac false
						bool DHCPFilter false
						bool DHCPForce false
						bool DHCPNoServer false
						bool DHCPv6Filter false
						bool DHCPv6NoServer false
						bool FilterIPv4 false
						bool FilterIPv6 false
						bool FilterNonIP false
						uint MaxDownload 0
						uint MaxIP 0
						uint MaxIPv6 0
						uint MaxMac 0
						uint MaxUpload 0
						bool NoBroadcastLimiter false
						bool NoIPv6DefaultRouterInRA false
						bool NoIPv6DefaultRouterInRAWhenIPv6 false
						bool NoServer false
						bool NoServerV6 false
						bool RAFilter false
						bool RSandRAFilter false
						uint VLanId 0
					}
				}
			}
please completely remove your txt uploaded.
I masked your string Hostname XXX.XXX.XXX.XXX

As I said you have two options for hop-1 (to hop-2)
- relying on a tunnel (e.g. SSTP, IPv6-over-IPv4, OpenConnect)
- Port Forwarding

if you can do Port Forwarding , it is better
1. to use the whole capacity of your server and network
2. no need to install SE server on hop-1 (your bridge) since traffic for 443 will be redirected to 443 on hop-2 (your edge)

NOTE
Port Forwarding (or Redirecting Traffic) does not work with all ISPs or DataCenters) you have to test some different servers.
If for any reasons this method did not work or you did not want to use, use method 1 (= CC)

Better CC
- Use an IP instead of Domain in case of not facing DNS name resolving issue
- Use port 443
- Go to Advanced Setting and
--- set TCP connected to 32
--- Enable "Use Half Duplex Mode"
--- Enable "Use Data Comparison"
--- You can disable "Encrypt VPN session with SSL" based on your condition (Be careful with this option)
and OK it
Then in you server hop-1 (= Edge) run the following to check

Code: Select all

lsof -ni :443 | grep <YOU EDGE IP ADDRESS> | nl  -w 2 -n rz
and you should see 32 lines of 443 connections

n1986
Posts: 5
Joined: Sun Jan 22, 2023 10:25 am

Re: No send recive

Post by n1986 » Wed Feb 01, 2023 6:38 am

i can't connect direct without enable icmp dns on edge server, so i create a kcptun and now bridge connected with 32 connection and half duplex and compress enabled as u say , but port i use is 1886 beacuse 443 taked by softether for administration and cant be tunnel over kcptun,

but i capture traffic and i see bandwidth not go above 50Mb/s after that throttle and slow down, its runing on ubuntu,
is need any config or i must upgrade to developer edition any bug or any, what can i do

shakibamoshiri
Posts: 68
Joined: Wed Dec 28, 2022 9:10 pm

Re: No send recive

Post by shakibamoshiri » Wed Feb 01, 2023 8:18 am

n1986 wrote:
Wed Feb 01, 2023 6:38 am
i can't connect direct without enable icmp dns on edge server, so i create a kcptun and now bridge connected with 32 connection and half duplex and compress enabled as u say , but port i use is 1886 beacuse 443 taked by softether for administration and cant be tunnel over kcptun,

but i capture traffic and i see bandwidth not go above 50Mb/s after that throttle and slow down, its runing on ubuntu,
is need any config or i must upgrade to developer edition any bug or any, what can i do
First, I do not have experience with "kcptun".
Second it might be the "ICMP" limitation using it as tunnel as stated on Windows GUI when you enable it.
So hope others give you a guidance on this.

Post Reply