SoftEther VPN server on Azure Windows VM, possible ?

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
pm92
Posts: 3
Joined: Thu Mar 05, 2020 11:29 am

SoftEther VPN server on Azure Windows VM, possible ?

Post by pm92 » Thu Mar 05, 2020 11:52 am

Hi,

I've just discovered Softether and before going on working on I would like to check if the following architecture can be done :

- SoftEther VPN Server on Windows 2016 Server (Azure VM)
- Remote network connected over plain IPSEC VPN (Firewall Sonicwall)

Main thoughts:

- Promiscuous mode not supported on Azure, so may be SoftEther not working ?
- SoftEther on Windows 2016 package offered on Azure marketplace , so seems possible to install however ?
- SoftEther Azure VPN Relay : useful in my case ?

Thank you for your hints.
PM.

centeredki69
Posts: 257
Joined: Wed Sep 18, 2013 1:49 pm

Re: SoftEther VPN server on Azure Windows VM, possible ?

Post by centeredki69 » Fri Mar 06, 2020 5:09 pm

- SoftEther VPN Server on Windows 2016 Server (Azure VM) ***** This will work fine
- Remote network connected over plain IPSEC VPN (Firewall Sonicwall) ****** This should work if you enable the IPSEC option on the "SE server"
- Promiscuous mode not supported on Azure, so may be SoftEther not working ? ***** You will need to enable and use the "SecureNAT" feature and NOT" local bridge"
- SoftEther on Windows 2016 package offered on Azure marketplace , so seems possible to install however ? ***** I install from the Official SE Website
- SoftEther Azure VPN Relay : useful in my case ? **** SE Azure is only need if you are restricted from opening/forwarding firewall ports. It is called "AzureVPN" because SoftEther choose to host their free relay services on "MS Azure servers" when they created the software. Not a requirement but can be used. https://www.softether.org/4-docs/2-howt ... .VPN_Azure

pm92
Posts: 3
Joined: Thu Mar 05, 2020 11:29 am

Re: SoftEther VPN server on Azure Windows VM, possible ?

Post by pm92 » Sat Mar 07, 2020 12:23 am

Thank you for these details.

I've just given a try to SoftEther on Windows 2016.

It seems that plain IPSEC (IKEv2 IPSEC site to site tunnel with Sonicwall) is not really supported, rather than L2TP/IPSEC.
I managed to get IPSEC phase 1 going through, but no more.

Configuration seems to insist on having username/password to authenticate connection, but an IPSEC
tunnel is based on other parameters to identify the client side (IKE ID, IP, authentication protocols,...).

Logging is also a bit limited to be able to debug what's going on.

If you (or someone else) have some hints, they are welcomed.
Thank you.
PM.

pm92
Posts: 3
Joined: Thu Mar 05, 2020 11:29 am

Re: SoftEther VPN server on Azure Windows VM, possible ?

Post by pm92 » Mon Mar 16, 2020 6:53 pm

After some thoughts and tries, I don't think this IPSEC configuration would ever work between Sonicwall and SE.

I end up setting up a Linux VM on Azure side, with strongswan installed.
Worked immediatly...

PM.

Post Reply