SoftEther VPN User Forum

SoftEther VPN User Forum
https://forum.vpngate.net/

LT2P via DDNS and NAT-T

https://forum.vpngate.net/viewtopic.php?f=7&t=65618

Page 1 of 1

LT2P via DDNS and NAT-T

Posted: Sun May 17, 2020 10:56 am
by peted
Hi, We have an operational vpn server with several windows client all using the softether client. the server is making use of the DDNS and NAT-T functions and we have nothing set up on our firewall. All is OK.

We now need to allow a copy of mac users to connect. I have enabled LT2P on the server, but nothing can connect to this, it just times out (mac or windows). should this work through DDNS and NAT-T?

Also I know the there is a mac client, but it is command line, but i can not find any instructions on how to configure this, can any one point me in the right direction?

Many Thanks

Re: LT2P via DDNS and NAT-T

Posted: Mon May 18, 2020 12:51 pm
by centeredki69
L2TP/IPsec requires that you open/ forward ports UDP 500 & UDP 4500 to the SE server host. Also you would need to activate the L2TP/IPsec feature on the SE server. See Link for setup. Port info is at bottom of the page
https://www.softether.org/4-docs/2-howt ... VPN_Server

Re: LT2P via DDNS and NAT-T

Posted: Tue May 19, 2020 10:24 am
by peted
We are unable to use port forwarding, we are behind a managed firewall/router, and if we set up port forwarding, the ISP says we have to specify a source IP. As these is for remote access, this will be different most of the time. So Port forward is out of the question.

So i need to know how we can enable macs access through the NAT-T Feature.

Any Advice would be great.

Re: LT2P via DDNS and NAT-T

Posted: Tue May 19, 2020 7:20 pm
by centeredki69
You could try the MAC client although SE themselves recommends you do not use it. I have no knowledge of how to implement it. However, one solution you could use is to install another "SE-SERVER" at a second location ie. house, 2nd office or even be a cloud hosted VM. The location of course would need to have the ability to open/forward the proper L2TP/IPsec ports. The "office" SE-Server would make and maintain an outbound "cascade connection" to the "offsite" location. The MAC clients would connect to the "offsite" SE-server and have access to the Office through the "cascade connection".
relay.jpg

Re: LT2P via DDNS and NAT-T

Posted: Thu May 21, 2020 9:18 am
by fordmurphy
I am unable to use port forwarding...

Re: LT2P via DDNS and NAT-T

Posted: Tue May 26, 2020 11:49 pm
by drkrool
I'm not quite sure this would be a reliable solution if you are talking about doing this in a buisness.

Is the port issue with the firewall only on port 500 or can any other port be opened?
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/