Here are the symptoms:
1,Individual certificate authentication doesn't work. Settings can not be saved. Even when I edit the config file manually, it will be replaced with password authentication.
2,Clients can't receive ip addresses form virtual dhcp as well as pushed routes.
Everything works fine on windows, so I don't think it has anything to do with the server.
Here are my clients' environments.
1. Operating system name and the type of CPU-bits
arm linux 3.4 and openwrt AA 12.9
2. The result of "ifconfig –a" (UNIX) or "ipconfig /all" (Windows)
eth0 Link encap:Ethernet HWaddr 00:24:8c:02:75:70
inet addr:192.168.100.250 Bcast:192.168.100.255 Mask:255.255.255.0
inet6 addr: fe80::224:8cff:fe02:7570/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1807256 errors:0 dropped:385 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:531355795 (506.7 MiB) TX bytes:644812156 (614.9 MiB)
tunl0 Link encap:IPIP Tunnel HWaddr
NOARP MTU:1480 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
vpn_net0 Link encap:Ethernet HWaddr 00:ac:5e:94:b9:53
inet addr:192.168.10.2 Bcast:192.168.10.255 Mask:255.255.255.0
inet6 addr: fe80::2ac:5eff:fe94:b953/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3918 errors:0 dropped:0 overruns:0 frame:0
TX packets:3639 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:244986 (239.2 KiB) TX bytes:262262 (256.1 KiB)
I added that ip to vpn_net0 manually.
4. The build number of SoftEther VPN
4.06-9437-beta-2014.04.09 for arm linux and 4.06-9435 for openwrt
6. Whether or not there is a NAT or Firewall between your VPN server and the Internet.
no
7. Are you using SecureNAT?
Yes
Problems with securenat and authentication
-
- Posts: 2458
- Joined: Mon Feb 24, 2014 11:03 am
Re: Problems with securenat and authentication
Do you use SoftEther in China?
If you use in China, Individual certificate authentication is currently disabled by default.
Please read here http://www.softether.org/5-download/history
-------------------------------------------------------------------
On VPN Servers in People's Republic of China, the above five functions are currently disabled by default, under the orders from Beijing. Although Chinese users can enable these functions manually, Enterprise users in People's Republic of China are recommended to use these enterprise functions with PacketiX VPN Server 4.0 Chinese Edition.
-----------------------------------------------------------------
If you use in China, Individual certificate authentication is currently disabled by default.
Please read here http://www.softether.org/5-download/history
-------------------------------------------------------------------
On VPN Servers in People's Republic of China, the above five functions are currently disabled by default, under the orders from Beijing. Although Chinese users can enable these functions manually, Enterprise users in People's Republic of China are recommended to use these enterprise functions with PacketiX VPN Server 4.0 Chinese Edition.
-----------------------------------------------------------------
-
- Posts: 5
- Joined: Fri Apr 11, 2014 7:16 am
Re: Problems with securenat and authentication
Hi thisjun,
Thanks for the reminder. I modified the source code, and CA is working now, but still no luck with DHCP. As I mentioned before, windows version worked fine. Is there something else I missed?
Thanks for the reminder. I modified the source code, and CA is working now, but still no luck with DHCP. As I mentioned before, windows version worked fine. Is there something else I missed?
-
- Posts: 2458
- Joined: Mon Feb 24, 2014 11:03 am
Re: Problems with securenat and authentication
Which client do you use in Linux?
-
- Posts: 5
- Joined: Fri Apr 11, 2014 7:16 am
Re: Problems with securenat and authentication
4.06-9437-beta-2014.04.09 for arm linux and 4.06-9435 for openwrt
They both had the same result.
They both had the same result.