Android Native VPN Client connecting to SE VPN server

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
nmvpm001
Posts: 6
Joined: Wed Apr 14, 2021 3:04 am

Android Native VPN Client connecting to SE VPN server

Post by nmvpm001 » Mon Jun 07, 2021 9:16 am

I have a SE Server for remote access with authentication via RADIUS.

This setup works great on Windows 10 built-in VPN Client.

I would also like to connect from Android and iOS.
Have not been able to get android or iOS to connect when using RADIUS, just says Unsuccessful.
I do not believe Android supports PAP which SE needs to work with RADIUS. Correct me if I am wrong here.

Any recommendations on the simplest way to connect from Andriod and iOS to SE server that is set to use RADIUS.

nmvpm001
Posts: 6
Joined: Wed Apr 14, 2021 3:04 am

Re: Android Native VPN Client connecting to SE VPN server

Post by nmvpm001 » Tue Jun 08, 2021 5:31 am

Ok, I now have native VPN clients for Windows 10, Android and iOS working and authentication with Radius.

However I cannot get macOS Catalina 10.15.7 to connect. It does look like it is connecting to the SE server but failed user authentication.

Any suggestion on how to fix this is appreciated.

Server log entries below.

021-06-07 20:33:03.634 IPsec Client 92 (xxx.xxx.xxx.xxx:500 -> 10.0.10.4:500): A new IPsec client is created.
2021-06-07 20:33:03.634 IPsec IKE Session (IKE SA) 78 (Client: 92) (xxx.xxx.xxx.xxx:500 -> 10.0.10.4:500): A new IKE SA (Main Mode) is created. Initiator Cookie: 0xDF7E36D6E600008D, Responder Cookie: 0xC1D8E5EA79B98D9, DH Group: MODP 2048 (Group 14), Hash Algorithm: SHA-2-256, Cipher Algorithm: AES-CBC, Cipher Key Size: 256 bits, Lifetime: 4294967295 Kbytes or 3600 seconds
2021-06-07 20:33:03.933 IPsec Client 92 (xxx.xxx.xxx.xxx:4500 -> 10.0.10.4:4500): The port number information of this client is updated.
2021-06-07 20:33:03.933 IPsec Client 92 (xxx.xxx.xxx.xxx:4500 -> 10.0.10.4:4500):
2021-06-07 20:33:03.933 IPsec IKE Session (IKE SA) 78 (Client: 92) (xxx.xxx.xxx.xxx:4500 -> 10.0.10.4:4500): This IKE SA is established between the server and the client.
2021-06-07 20:33:04.726 IPsec IKE Session (IKE SA) 78 (Client: 92) (xxx.xxx.xxx.xxx:4500 -> 10.0.10.4:4500): The client initiates a QuickMode negotiation.
2021-06-07 20:33:04.726 IPsec ESP Session (IPsec SA) 122 (Client: 92) (xxx.xxx.xxx.xxx:4500 -> 10.0.10.4:4500): A new IPsec SA (Direction: Client -> Server) is created. SPI: 0x6D2FA7B5, DH Group: (null), Hash Algorithm: SHA-1, Cipher Algorithm: AES-CBC, Cipher Key Size: 256 bits, Lifetime: 4294967295 Kbytes or 3600 seconds
2021-06-07 20:33:04.726 IPsec ESP Session (IPsec SA) 122 (Client: 92) (xxx.xxx.xxx.xxx:4500 -> 10.0.10.4:4500): A new IPsec SA (Direction: Server -> Client) is created. SPI: 0xFEFC0BD, DH Group: (null), Hash Algorithm: SHA-1, Cipher Algorithm: AES-CBC, Cipher Key Size: 256 bits, Lifetime: 4294967295 Kbytes or 3600 seconds
2021-06-07 20:33:04.804 IPsec ESP Session (IPsec SA) 122 (Client: 92) (xxx.xxx.xxx.xxx:4500 -> 10.0.10.4:4500): This IPsec SA is established between the server and the client.
2021-06-07 20:33:04.804 IPsec Client 92 (xxx.xxx.xxx.xxx:4500 -> 10.0.10.4:4500): The L2TP Server Module is started.
2021-06-07 20:33:04.944 L2TP PPP Session [xxx.xxx.xxx.xxx:1701]: A new PPP session (Upper protocol: L2TP) is started. IP Address of PPP Client: xxx.xxx.xxx.xxx (Hostname: " MacBook-Pro.local"), Port Number of PPP Client: 1701, IP Address of PPP Server: 10.0.10.4, Port Number of PPP Server: 1701, Client Software Name: "L2TP VPN Client", IPv4 TCP MSS (Max Segment Size): 1314 bytes
2021-06-07 20:33:05.098 On the TCP Listener (Port 0), a Client (IP address xxx.xxx.xxx.xxx, Host name "rrcs-xxx.xxx.xxx.xxx.west.biz.rr.com", Port number 1701) has connected.
2021-06-07 20:33:05.098 For the client (IP address: xxx.xxx.xxx.xxx, host name: "rrcs-xxx.xxx.xxx.xxx.west.biz.rr.com", port number: 1701), connection "CID-88-1113E9A812" has been created.
2021-06-07 20:33:05.098 SSL communication for connection "CID-88-1113E9A812" has been started. The encryption algorithm name is "(null)".
2021-06-07 20:33:05.098 [HUB "SoftEtherHUB"] The connection "CID-88-1113E9A812" (IP address: xxx.xxx.xxx.xxx, Host name: rrcs-xxx.xxx.xxx.xxx.west.biz.rr.com, Port number: 1701, Client name: "L2TP VPN Client", Version: 4.34, Build: 9745) is attempting to connect to the Virtual Hub. The auth type provided is "External server authentication" and the user name is " test".
2021-06-07 20:33:15.101 [HUB "SoftEtherHUB"] Connection "CID-88-1113E9A812": User authentication failed. The user name that has been provided was "test".
2021-06-07 20:33:15.133 Connection "CID-88-1113E9A812" terminated by the cause "User authentication failed." (code 9).
2021-06-07 20:33:15.133 Connection "CID-88-1113E9A812" has been terminated.
2021-06-07 20:33:15.133 The connection with the client (IP address xxx.xxx.xxx.xxx, Port number 1701) has been disconnected.
2021-06-07 20:33:15.227 IPsec ESP Session (IPsec SA) 122 (Client: 92) (xxx.xxx.xxx.xxx:4500 -> 10.0.10.4:4500): This IPsec SA is deleted.
2021-06-07 20:33:15.227 IPsec IKE Session (IKE SA) 78 (Client: 92) (xxx.xxx.xxx.xxx:4500 -> 10.0.10.4:4500): This IKE SA is deleted.
2021-06-07 20:33:15.227 IPsec ESP Session (IPsec SA) 122 (Client: 92) (xxx.xxx.xxx.xxx:4500 -> 10.0.10.4:4500): This IPsec SA is deleted.
2021-06-07 20:33:15.416 L2TP PPP Session [xxx.xxx.xxx.xxx:1701]: A PPP protocol error occurred, or the PPP session has been disconnected.
2021-06-07 20:33:25.350 IPsec Client 92 (xxx.xxx.xxx.xxx:4500 -> 10.0.10.4:4500): This IPsec Client is deleted.

nmvpm001
Posts: 6
Joined: Wed Apr 14, 2021 3:04 am

Re: Android Native VPN Client connecting to SE VPN server

Post by nmvpm001 » Tue Jun 08, 2021 6:25 am

I now have native client for Windows 10 , Android and iOS/iPhone connecting to SE server with Radius authentication.

However I cannot get macOS Cataline to connect.

Any input on how to resolve this is greatly appreciated. Server log below.

021-06-07 20:33:03.634 IPsec Client 92 (xxx.xxx.xxx.xxx:500 -> 10.0.10.4:500): A new IPsec client is created.
2021-06-07 20:33:03.634 IPsec IKE Session (IKE SA) 78 (Client: 92) (xxx.xxx.xxx.xxx:500 -> 10.0.10.4:500): A new IKE SA (Main Mode) is created. Initiator Cookie: 0xDF7E36D6E600008D, Responder Cookie: 0xC1D8E5EA79B98D9, DH Group: MODP 2048 (Group 14), Hash Algorithm: SHA-2-256, Cipher Algorithm: AES-CBC, Cipher Key Size: 256 bits, Lifetime: 4294967295 Kbytes or 3600 seconds
2021-06-07 20:33:03.933 IPsec Client 92 (xxx.xxx.xxx.xxx:4500 -> 10.0.10.4:4500): The port number information of this client is updated.
2021-06-07 20:33:03.933 IPsec Client 92 (xxx.xxx.xxx.xxx:4500 -> 10.0.10.4:4500):
2021-06-07 20:33:03.933 IPsec IKE Session (IKE SA) 78 (Client: 92) (xxx.xxx.xxx.xxx:4500 -> 10.0.10.4:4500): This IKE SA is established between the server and the client.
2021-06-07 20:33:04.726 IPsec IKE Session (IKE SA) 78 (Client: 92) (xxx.xxx.xxx.xxx:4500 -> 10.0.10.4:4500): The client initiates a QuickMode negotiation.
2021-06-07 20:33:04.726 IPsec ESP Session (IPsec SA) 122 (Client: 92) (xxx.xxx.xxx.xxx:4500 -> 10.0.10.4:4500): A new IPsec SA (Direction: Client -> Server) is created. SPI: 0x6D2FA7B5, DH Group: (null), Hash Algorithm: SHA-1, Cipher Algorithm: AES-CBC, Cipher Key Size: 256 bits, Lifetime: 4294967295 Kbytes or 3600 seconds
2021-06-07 20:33:04.726 IPsec ESP Session (IPsec SA) 122 (Client: 92) (xxx.xxx.xxx.xxx:4500 -> 10.0.10.4:4500): A new IPsec SA (Direction: Server -> Client) is created. SPI: 0xFEFC0BD, DH Group: (null), Hash Algorithm: SHA-1, Cipher Algorithm: AES-CBC, Cipher Key Size: 256 bits, Lifetime: 4294967295 Kbytes or 3600 seconds
2021-06-07 20:33:04.804 IPsec ESP Session (IPsec SA) 122 (Client: 92) (xxx.xxx.xxx.xxx:4500 -> 10.0.10.4:4500): This IPsec SA is established between the server and the client.
2021-06-07 20:33:04.804 IPsec Client 92 (xxx.xxx.xxx.xxx:4500 -> 10.0.10.4:4500): The L2TP Server Module is started.
2021-06-07 20:33:04.944 L2TP PPP Session [xxx.xxx.xxx.xxx:1701]: A new PPP session (Upper protocol: L2TP) is started. IP Address of PPP Client: xxx.xxx.xxx.xxx (Hostname: " MacBook-Pro.local"), Port Number of PPP Client: 1701, IP Address of PPP Server: 10.0.10.4, Port Number of PPP Server: 1701, Client Software Name: "L2TP VPN Client", IPv4 TCP MSS (Max Segment Size): 1314 bytes
2021-06-07 20:33:05.098 On the TCP Listener (Port 0), a Client (IP address xxx.xxx.xxx.xxx, Host name "rrcs-xxx.xxx.xxx.xxx.west.biz.rr.com", Port number 1701) has connected.
2021-06-07 20:33:05.098 For the client (IP address: xxx.xxx.xxx.xxx, host name: "rrcs-xxx.xxx.xxx.xxx.west.biz.rr.com", port number: 1701), connection "CID-88-1113E9A812" has been created.
2021-06-07 20:33:05.098 SSL communication for connection "CID-88-1113E9A812" has been started. The encryption algorithm name is "(null)".
2021-06-07 20:33:05.098 [HUB "SoftEtherHUB"] The connection "CID-88-1113E9A812" (IP address: xxx.xxx.xxx.xxx, Host name: rrcs-xxx.xxx.xxx.xxx.west.biz.rr.com, Port number: 1701, Client name: "L2TP VPN Client", Version: 4.34, Build: 9745) is attempting to connect to the Virtual Hub. The auth type provided is "External server authentication" and the user name is " test".
2021-06-07 20:33:15.101 [HUB "SoftEtherHUB"] Connection "CID-88-1113E9A812": User authentication failed. The user name that has been provided was "test".
2021-06-07 20:33:15.133 Connection "CID-88-1113E9A812" terminated by the cause "User authentication failed." (code 9).
2021-06-07 20:33:15.133 Connection "CID-88-1113E9A812" has been terminated.
2021-06-07 20:33:15.133 The connection with the client (IP address xxx.xxx.xxx.xxx, Port number 1701) has been disconnected.
2021-06-07 20:33:15.227 IPsec ESP Session (IPsec SA) 122 (Client: 92) (xxx.xxx.xxx.xxx:4500 -> 10.0.10.4:4500): This IPsec SA is deleted.
2021-06-07 20:33:15.227 IPsec IKE Session (IKE SA) 78 (Client: 92) (xxx.xxx.xxx.xxx:4500 -> 10.0.10.4:4500): This IKE SA is deleted.
2021-06-07 20:33:15.227 IPsec ESP Session (IPsec SA) 122 (Client: 92) (xxx.xxx.xxx.xxx:4500 -> 10.0.10.4:4500): This IPsec SA is deleted.
2021-06-07 20:33:15.416 L2TP PPP Session [xxx.xxx.xxx.xxx:1701]: A PPP protocol error occurred, or the PPP session has been disconnected.
2021-06-07 20:33:25.350 IPsec Client 92 (xxx.xxx.xxx.xxx:4500 -> 10.0.10.4:4500): This IPsec Client is deleted.

Post Reply