SoftEther VPN User Forum

SoftEther VPN User Forum
https://forum.vpngate.net/

Necessary ports for Softether

https://forum.vpngate.net/viewtopic.php?f=7&t=63756

Page 1 of 1

Necessary ports for Softether

Posted: Sun Dec 30, 2018 11:27 am
by zwingler
Hello,

I set up a VPN with softether on Layer 3 as described.
First it did not work probably. Ping was working 5 or 6 times then timeout and then working agian... and so on...

Then I opened completely my Firewall on google where my softether vpn server is located. Then it works perfect.

afterwords I reduced the firewall ports opend to tcp 5555 and udp 40000-65535. Everything is still working fine...but without udp open it is working bad again as described above.

Now my question: What ports has to be open for softether to work properly? Are they fix oder dynamic.
in documentation I only found something on the standard tcp ports... but without udp ports it is not working.

Any suggestions?

Thanks, Herbert

Re: Necessary ports for Softether

Posted: Sat Jan 19, 2019 2:43 pm
by zwingler
Does noone has the correct ports for softether? Unbelievable...

Re: Necessary ports for Softether

Posted: Sat Jan 19, 2019 10:33 pm
by ksuuk
From https://www.softether.org/4-docs/2-howt ... VPN_Server

"If your SoftEther VPN Server is behind the NAT or firewall, you have to expose the UDP port 500 and 4500. On the NAT, UDP 500 and 4500 should be transferred to the VPN Server. If any packet filters or firewalls are existing, open UDP 500 and 4500 ports."

If Your server is running on linux, then You can check what ports vpnserver is listen with command netstat -alnp | grep vpnserver, mine result is:

tcp 0.0.0.0:5555
udp 0.0.0.0:9601
udp 127.0.0.1:4500
udp external_ip:4500
udp 0.0.0.0:48048
udp 0.0.0.0:55357
udp 0.0.0.0:56523
udp 127.0.0.1:500
udp external_ip:500

So I'd say, that udp 500 and 4500 are correct ports.

Re: Necessary ports for Softether

Posted: Sun Jan 20, 2019 10:31 am
by zwingler
Thanks for your answer...

I saw this while implementing. But ist is not working with udp 500 and 4500 only...

I tried again and it failed...

I switched back to tcp 5555 and udp 40000-65535. Then it is working well again.

Only if I make a firewall rule with this ports it is possible to ping systems on remote site...

so the problem still the same... I have to open many many ports...

Can we specify it more precisely? in your list are also many ports above 40000 udp...

Re: Necessary ports for Softether

Posted: Thu Feb 21, 2019 6:27 am
by thisjun
UDP acceleration uses an ephemeral port which is provided by socket API.
So, used port depends on the environment.
I think you should disable UDP acceleration.
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/