I was having a lot of issues with SecureNAT so I decided to disable it and go without it. But when I turn off SecureNAT's virtual DHCP, I cannot get my clients to get IP address from the local DHCP server on the same box. Physical devices on the network are getting IPs from this DHCP server just fine, and I made sure of that by checking the local bridge's IP Address Table List under Manage Sessions window. Everything seems to be working fine except, it's not getting IP from the DHCP.
And the funny thing is when I turn on SecureNAT and Virtual DHCP server (with a different subnet than the local DHCP of course which is serving to my local network), SoftEther's Virtual DHCP was intercepting local network's DHCPREQESTs and distributing IPs (from the VPN subnet) to the local physical clients on the network, which was breaking everything for them.
Oh one last question, if I have SecureNAT and virtual DHCP on, everything seems to work for a while but after some time like a few hours or after a day or so, I don't know if the NAT table is running out or sometihng, it just stops the virtual NAT function and all I can do to reset is disable the SecureNAT and re-enable it. Then it starts working again, until next time it gets stuck.
Any ideas what am I be missing here with the DHCP issue?
DHCP issues
-
- Posts: 329
- Joined: Wed Sep 18, 2013 1:49 pm
Re: DHCP issues
Is Softether Server HOST a Windows or Linux OS? Is it a Virtual Machine or a physical PC?
To verify, the SE-Server is running on a Host that is also your DHCP server?
To verify, the SE-Server is running on a Host that is also your DHCP server?
-
- Posts: 8
- Joined: Wed Jul 15, 2020 2:38 pm
Re: DHCP issues
SecureNAT is only useful really if you want to run in userspace
The best thing is for you to
1. deploy a linux box (centos or others)
2. disable secure nat
3. Enable ip routing in the linux kernel
4. deploy a DHCP server in your linux box such as dnsmasq
You can get at least 10x performance boost compared to SecureNAT that way
The best thing is for you to
1. deploy a linux box (centos or others)
2. disable secure nat
3. Enable ip routing in the linux kernel
4. deploy a DHCP server in your linux box such as dnsmasq
You can get at least 10x performance boost compared to SecureNAT that way