Softether to Routerboard site-to-site
Posted: Thu Sep 19, 2019 8:38 pm
Hi everyone,
For some years I've running a few Softether (SE) servers configured as SSTP site-to-site vpn's and SSTP-vpn servers for windows clients.
This works well....
Recently I'm trying to set up a SSTP-site-to-site tunnel from (or to) a Mikrotik Routerboard (RB) device.
Windows clients (build in client) can connect to both types without a problem.
The RB-client CAN connect to the RB-sstp-server and,
the Softether client CAN connect to the Softhether SSTP server.
But they have trouble connecting to each other directly (RB-client->SE-server or SE-client->RB-server).
If you let a RB-SSTP-client connect to the Softether server, it connect ONLY with RC4 encryption (apparently the only cypher they can both agree on).
If you let a Softhether-client (or cascade) connect to the RB-sstp-server, it will fail completely since it NEEDS a hub-name entered before you can "OK" the settings. The RB-server however does not work with (virtual)hubs.
Is there a way to allow a higher cipher (AES256 >) for the combination RB-client -> Softeher-server?
Or
Is there a way to persuade the Softether-client (cascade) NOT to enter a hub and still connect to the RB-server?
I love the "Softether-way", but unfortunately I am not in charge of all remote sites, and they may choose different products like the RB.
We however still need to create secure tunnels between them.
Hope to hear if there is a way to fix this.
Thank You.
For some years I've running a few Softether (SE) servers configured as SSTP site-to-site vpn's and SSTP-vpn servers for windows clients.
This works well....
Recently I'm trying to set up a SSTP-site-to-site tunnel from (or to) a Mikrotik Routerboard (RB) device.
Windows clients (build in client) can connect to both types without a problem.
The RB-client CAN connect to the RB-sstp-server and,
the Softether client CAN connect to the Softhether SSTP server.
But they have trouble connecting to each other directly (RB-client->SE-server or SE-client->RB-server).
If you let a RB-SSTP-client connect to the Softether server, it connect ONLY with RC4 encryption (apparently the only cypher they can both agree on).
If you let a Softhether-client (or cascade) connect to the RB-sstp-server, it will fail completely since it NEEDS a hub-name entered before you can "OK" the settings. The RB-server however does not work with (virtual)hubs.
Is there a way to allow a higher cipher (AES256 >) for the combination RB-client -> Softeher-server?
Or
Is there a way to persuade the Softether-client (cascade) NOT to enter a hub and still connect to the RB-server?
I love the "Softether-way", but unfortunately I am not in charge of all remote sites, and they may choose different products like the RB.
We however still need to create secure tunnels between them.
Hope to hear if there is a way to fix this.
Thank You.