Linux VPN Client - DHCP problem

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
B0GDI
Posts: 9
Joined: Tue May 19, 2020 10:44 am

Linux VPN Client - DHCP problem

Post by B0GDI » Fri May 29, 2020 2:39 pm

Hi guys,

I'm trying to use the VPN client on a Raspberry Pi and some really weird things happen when trying to get an IP.
Everything works up till the point when I connect the client to the server. Running vpncmd/AccountList shows that my client is connected. The VPN server show the session as active (IPv6 address assigned). IPv4 forwarding is active on the Pi. But when I run sudo dhclient vpn_intf the vpn server is assigning me an IP but drops it together with the session a few moments later. The client disconnects and then gets stuck in Connecting phase.

The message from the DHCP process is "Too few arguments."

Any ideas what may cause this?
Cheers!

drkrool
Posts: 47
Joined: Mon May 25, 2020 4:38 am
Location: Quebec, Canada

Re: Linux VPN Client - DHCP problem

Post by drkrool » Fri May 29, 2020 10:35 pm

I'm guessing the dhcp is on the same host as the sofether server? You either need to use local bridge as a TAP or use a 2nd nic if you are using linux version of softether and wish to talk to the host server

B0GDI
Posts: 9
Joined: Tue May 19, 2020 10:44 am

Re: Linux VPN Client - DHCP problem

Post by B0GDI » Sat May 30, 2020 8:28 am

I'm using Softether's virtual DHCP function. It works fine with all my other clients (L2TP Android and Windows and OVPN) which get IPs assigned but the Linux client gets an IP and then gets dropped after few seconds. I dug a bit into the server logs and found this:

2020-05-30 01:33:39.542 [HUB "VPN"] SecureNAT: The DHCP entry 98928 has been created. MAC address: "client", IP address: 192.168.30.10, host name: raspberrypi, expiration span: 604800 seconds
2020-05-30 01:33:39.542 [HUB "VPN"] Session "SID-SECURENAT-1": The DHCP server of host "server" (192.168.30.1) on this session allocated, for host "SID-ABC-58" on another session "X", the new IP address 192.168.30.10.

I saw a thread on this forum with the same issue, sadly I didn't see it before opening this thread.

https://www.vpnusers.com/viewtopic.php?t=64067

The solution was to add the route to the VPN server statically in advance. I tried to do this, but I may have done it wrong (I'm not a linux expert)

B0GDI
Posts: 9
Joined: Tue May 19, 2020 10:44 am

Re: Linux VPN Client - DHCP problem

Post by B0GDI » Tue Jun 02, 2020 6:33 pm

Just realized that when running sudo dhclient vpnSE there are 3 entries in VPN server's IP address table, the first is the ipv6 addr which gets assigned initially, the second is the DHCP assigned ipv4 address from the virtual SE DHCP server and the third is the ipv4 address of the wifi interface. However everything drops and the client disconnects.

Any ideas?

Thanks

ziddey
Posts: 16
Joined: Sat May 09, 2020 6:42 pm

Re: Linux VPN Client - DHCP problem

Post by ziddey » Tue Jun 02, 2020 9:08 pm

I had a similar issue on a rpi. Can't remember how I solved it, but you've got many options.

It sounds like a route/metric issue where your connection to the vpn server is now trying to route through the vpn connection itself.

Code: Select all

$ ip r

B0GDI
Posts: 9
Joined: Tue May 19, 2020 10:44 am

Re: Linux VPN Client - DHCP problem

Post by B0GDI » Wed Jun 03, 2020 8:02 am

So the problem would be that there's no metric set for the fourth entry?

Code: Select all

pi@raspberrypi:~ $ ip r
default via 192.168.30.1 dev vpn_vpnse
default via 192.168.2.1 dev wlan0 proto dhcp src 192.168.2.218 metric 303
192.168.2.0/24 dev wlan0 proto dhcp scope link src 192.168.2.218 metric 303
192.168.30.0/24 dev vpn_vpnse proto kernel scope link src 192.168.30.10
192.168.30.1 via 192.168.30.10 dev vpn_vpnse

ziddey
Posts: 16
Joined: Sat May 09, 2020 6:42 pm

Re: Linux VPN Client - DHCP problem

Post by ziddey » Wed Jun 03, 2020 11:09 pm

No, the issue is that softether isn't creating a route for your vpn server's ip using your actual gateway. As a result, it'll attempt to route to the vpn server via the vpn's gateway, which is obviously impossible.

B0GDI
Posts: 9
Joined: Tue May 19, 2020 10:44 am

Re: Linux VPN Client - DHCP problem

Post by B0GDI » Sun Jun 07, 2020 9:02 am

ziddey wrote:
Wed Jun 03, 2020 11:09 pm
No, the issue is that softether isn't creating a route for your vpn server's ip using your actual gateway. As a result, it'll attempt to route to the vpn server via the vpn's gateway, which is obviously impossible.
Yup, this worked. Added a route to SE VPN server through the gateway and now it doesn't disconnect anymore.

Something strange happened over the night though. In the morning I couldn't seem to be able to connect to the client anymore. Some ping values were normal, others were quite high and a lot were failing. After finally being able to ssh into the client and resetting the Pi things got back to normal when checking it with RealVNC. Re-started the vpn client and the connection appears to be OK. What could trigger this kind of behavior?

B0GDI
Posts: 9
Joined: Tue May 19, 2020 10:44 am

Re: Linux VPN Client - DHCP problem

Post by B0GDI » Tue Jun 09, 2020 9:16 pm

I guess it was because two default routes appeared after connecting to the VPN server and this was a bit confusing when routing the packets. After removing the one going through the VPN everything was ok.
Can I use some feature of SE to prevent this route to be created when connecting the client?

ziddey
Posts: 16
Joined: Sat May 09, 2020 6:42 pm

Re: Linux VPN Client - DHCP problem

Post by ziddey » Wed Jun 10, 2020 6:14 am

B0GDI wrote:
Tue Jun 09, 2020 9:16 pm
I guess it was because two default routes appeared after connecting to the VPN server and this was a bit confusing when routing the packets. After removing the one going through the VPN everything was ok.
Can I use some feature of SE to prevent this route to be created when connecting the client?
Yes, that is an option if you're not trying to route all traffic over the vpn, and everything you're trying to access via vpn is on-link. Attached is the option via the client manager. You can find similar in vpncmd.
You do not have the required permissions to view the files attached to this post.

B0GDI
Posts: 9
Joined: Tue May 19, 2020 10:44 am

Re: Linux VPN Client - DHCP problem

Post by B0GDI » Wed Jun 10, 2020 11:01 am

Unfortunately this option is grayed out for me. Can it be due to the client version?

Image

drazde
Posts: 8
Joined: Sat Mar 07, 2020 5:56 pm

Re: Linux VPN Client - DHCP problem

Post by drazde » Thu Jun 11, 2020 9:56 am

I think I have the same issue,
I also "resolve" execute dhclient and setting manually the routing table.

But why? for several week I haven't to do this, I don't change my configurations (i don't know if the server as well, I'm not the administrator)

B0GDI
Posts: 9
Joined: Tue May 19, 2020 10:44 am

Re: Linux VPN Client - DHCP problem

Post by B0GDI » Sun Jun 14, 2020 8:49 am

I will try the newest version of the client. What I installed was the latest stable version.

Post Reply