I love this project and it's flexibility. Thank You!
But I'm new to SoftEther and currently using OpenVPN with SOCAT, what drives me crazy...
I have a system at a central location which must communicate with systems on several remote locations... bidirectional.
My remote locations are behind ISP's NAT routers and my central system has a public IP address.
Remote locations must not communicate to each other.
The central system is Linux based, remote location's systems are Linux too, but the remote's SE client may be Windows or Linux.
I think I'd get this running as of the tutorials.
Challenge A) systems at different remote locations have similar IP address spaces.
Challenge B) systems at remote locations are only allowed to communicate to IP addresses, assigned by the remote's local admin. Luckily, this admin is friendly and will configure the routing for this particular addresses remote's SE client's internal IP address.
My envisioned setup for discussion:
Central site must address all remote systems using virtual IP addresses to overcome the duplicates among the remote locations.
IPs Central site:
Public IP e.g. 188.8.131.52
Internal IP address, where the packets will be sent from: 10.255.1.10
IPs Remote A:
System_1: 10.1.1.20 (virtual 184.108.40.206)
System_2: 10.1.1.30 (virtual 220.127.116.11)
SE Client: 10.1.1.10
Central System's virtual IP 18.104.22.168
Host routing on System_1 and _2: "22.214.171.124 mask 255.255.255.255 gateway 10.1.1.10"
IPS Remote B:
System_1: 10.1.1.20 (virtual 126.96.36.199)
System_2: 10.1.1.30 (virtual 188.8.131.52)
SE Client: 10.1.1.10
Central System's virtual IP 184.108.40.206
Host routing on System_1 and _2: "220.127.116.11 mask 255.255.255.255 gateway 10.1.1.10"
I'm building a static pool of remote system's relations of real addresses to virtual addresses.
I think I need to NAT on SE client to allow virtual IP addresses for their related remote systems as well as allowing the remote systems to address the central system using a local define IP (virtual) address.
The NAT Process must act like this:
Packets from central to remote
--> SCR 10.255.1.10 DST 18.104.22.168
--> Routing: packet to be forwarded to SE client on Remote A (host routing to remote system's virtual IP address)
--> on SE client at Remote A: NAT SCR 10.255.1.10 DST 22.214.171.124 into SCR 126.96.36.199 DST 10.1.1.20
Packets from remote to central
<-- SCR 10.1.1.20 DST 188.8.131.52
<-- NAT SCR 10.1.1.20 DST 184.108.40.206 into SRC 220.127.116.11 DST 10.255.1.10
<-- Packet to be forwarded to SE server on central site
<-- send Packet to 10.255.1.10 (SRC 18.104.22.168 DST 10.255.1.10)
How can I do this with SoftEther?
Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
1 post • Page 1 of 1