Application can't run through VPN and works when on native network.

[Pablito]

Hello Everyone,
I have small problem for which I could not find any solution so far.
Let me describe this the best I can.

I have network where there is application server and client's computer. Everything connected in one single workgroup. User is starting application on client and this application is connecting with application server through some TCP port. Everything works.

Now I have built small linux-based computer where SoftEther VPN has been installed and configured. For user I created an account with password-protected certificate. Everything works fine. User can connect using SoftEther Client. Can dig through network shares, see the printers and so on. The problem is that the application which need to connect to application server can not connect.

I have checked the ports on app server (netstat) and seems that client's computer is connecting to the app server as there is connection established. Seems that the problem might be that server can not communicate to the client's computer.

Do anyone have an idea what can be wrong? Maybe there is some settings which I forgot to set or something. I even tried to build temporarily a standard Windows VPN over PPTP protocol and application worked fine on this. But we know that PPTP is terrible secured. Please help me.

PS. It's the first time I'm using SoftEther solution and Linux for this. If you have any clue please describe it to me as I was beginner :) Thank you in advance.

[Afakename]

Hi Pablito,

Configure SEVPN bridging.

[Pablito]

Thank for tip I will check that. Could you tell me little bit more? :)
I have Local Bridge configured like this:

Capture.PNG

I made simple image of how it looks.
So people which are directly inside network can pass through router and can access any data in application server and can connect with their databases etc.
Those which are outside need to connect with VPN and then VPN works as a "broker". They can access data from application server but it is extremely slow and disconnects almost in every second. For file accessing I made small workaround. I mapped folders from application server on linux where VPN is deployed and then share them through samba (works like a charm). But don't know how let them access databases when it works like this. VPN is configured that it gives IP's from the same pool (it relies on router). I don't know what is wrong with it. If it's linux issue or softether.

Capture2.PNG

[Afakename]

Looks like you configured the bridge, and the status is operational.

post output of

ifconfig -a
netstat -rn

[Pablito]

ifconfig
-----------
eno1: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST> mtu 1986
inet 192.168.159.68 netmask 255.255.255.0 broadcast 192.168.159.255
inet6 fe80::f53d:e533:f679:98e prefixlen 64 scopeid 0x20<link>
ether 6c:4b:90:01:3a:1d txqueuelen 1000 (Ethernet)
RX packets 3701738 bytes 1003274845 (1.0 GB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2883627 bytes 948585424 (948.5 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 16 memory 0xdf000000-df020000

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 87269 bytes 7758542 (7.7 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 87269 bytes 7758542 (7.7 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0


netstat
-----------
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.159.159 0.0.0.0 UG 0 0 0 eno1
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eno1
192.168.159.0 0.0.0.0 255.255.255.0 U 0 0 0 eno1

[Afakename]

the information you provided appears to be incomplete.

is the VPN client in connected state?

[Pablito]

I double checked that I have at least one client connected to VPN. The output is still similar:

IFCONFIG
eno1: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST> mtu 1986
inet 192.168.159.68 netmask 255.255.255.0 broadcast 192.168.159.255
inet6 fe80::f53d:e533:f679:98e prefixlen 64 scopeid 0x20<link>
ether 6c:4b:90:01:3a:1d txqueuelen 1000 (Ethernet)
RX packets 4796554 bytes 1129190740 (1.1 GB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3863630 bytes 1371853375 (1.3 GB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 16 memory 0xdf000000-df020000

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 117807 bytes 10529011 (10.5 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 117807 bytes 10529011 (10.5 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

NETSTAT
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.159.159 0.0.0.0 UG 0 0 0 eno1
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eno1
192.168.159.0 0.0.0.0 255.255.255.0 U 0 0 0 eno1