VPN Site to Site by 3G/4G
-
- Posts: 8
- Joined: Mon Sep 26, 2022 4:57 pm
VPN Site to Site by 3G/4G
Hello everyone,
I am new to Softether but I have the following problem to make a bridge connection between my main site and a branch.
Site1 - Main
192.168.0.2
Windows Server 2016
Site2 - Branch
192.168.1.2
Windows Server 2016
The requirement is that I have to connect the entire main network to at least the server of site 2. Branch 2 needs to be connected via VPN to the main branch via a 3G/4G connection which does not allow to open any ports.
Usually it is through a regular ISP connected by IPSec, but when there are failures with the service we will need to use the 3G/4G connection to access the branch network.
Greetings from Mexico
I am new to Softether but I have the following problem to make a bridge connection between my main site and a branch.
Site1 - Main
192.168.0.2
Windows Server 2016
Site2 - Branch
192.168.1.2
Windows Server 2016
The requirement is that I have to connect the entire main network to at least the server of site 2. Branch 2 needs to be connected via VPN to the main branch via a 3G/4G connection which does not allow to open any ports.
Usually it is through a regular ISP connected by IPSec, but when there are failures with the service we will need to use the 3G/4G connection to access the branch network.
Greetings from Mexico
-
- Posts: 1265
- Joined: Sun Feb 14, 2021 10:31 am
Re: VPN Site to Site by 3G/4G
Hello, please clarify...
"Branch 2 needs to be connected via VPN to the main branch via a 3G/4G connection which does not allow to open any ports"
- can you invest in a VPS with a SE server inter-connecting "gateway" for the sites?
- can you tolerate a low speed, high latency SE VPN Azure option?
"Usually it is through a regular ISP connected by IPSec"
- since the sites are on different subnets, what's the current Layer 3 networking setup?
"Branch 2 needs to be connected via VPN to the main branch via a 3G/4G connection which does not allow to open any ports"
- can you invest in a VPS with a SE server inter-connecting "gateway" for the sites?
- can you tolerate a low speed, high latency SE VPN Azure option?
"Usually it is through a regular ISP connected by IPSec"
- since the sites are on different subnets, what's the current Layer 3 networking setup?
-
- Posts: 8
- Joined: Mon Sep 26, 2022 4:57 pm
Re: VPN Site to Site by 3G/4G
Yes, sorry.
Currently branch 2 is connected to 4 other branches in addition to the main office via IPSec VPN. I have the main problem in branch 2 because there is only one WAN in the population. The idea is to connect it through a 3G/4G mobile internet.
I have done the corresponding tests making the connection through the 3G/4G modem with success with the client/server configuration, but the main idea is to do it in LAN to LAN mode so that the computers in Site 1 can see at least Site 2 or the server.
When I do the bridge connection test between two computers with two different networks I only get IPv6 connection. I need them to use IPv4 since the configuration runs on IPv4. and from the main site to the test computer it does give me the IP of the other network but I can't connect the computers.
Currently branch 2 is connected to 4 other branches in addition to the main office via IPSec VPN. I have the main problem in branch 2 because there is only one WAN in the population. The idea is to connect it through a 3G/4G mobile internet.
I have done the corresponding tests making the connection through the 3G/4G modem with success with the client/server configuration, but the main idea is to do it in LAN to LAN mode so that the computers in Site 1 can see at least Site 2 or the server.
When I do the bridge connection test between two computers with two different networks I only get IPv6 connection. I need them to use IPv4 since the configuration runs on IPv4. and from the main site to the test computer it does give me the IP of the other network but I can't connect the computers.
-
- Posts: 8
- Joined: Mon Sep 26, 2022 4:57 pm
Re: VPN Site to Site by 3G/4G
Add a configuration images from the actual connection.
Site1 - Main
192.168.0.x
Site2 - Test
192.168.6.x
Site1 - Main
192.168.0.x
Site2 - Test
192.168.6.x
You do not have the required permissions to view the files attached to this post.
-
- Posts: 1265
- Joined: Sun Feb 14, 2021 10:31 am
Re: VPN Site to Site by 3G/4G
Use Layer 3 switch.
-
- Posts: 8
- Joined: Mon Sep 26, 2022 4:57 pm
Re: VPN Site to Site by 3G/4G
Thank you @solo.
I already did the configuration via Switch Layer 3 with the instructions and examples in the link, but I still can't connect one network segment to the other.
I attach my screenshots from both the main site and the test site.
I already did the configuration via Switch Layer 3 with the instructions and examples in the link, but I still can't connect one network segment to the other.
I attach my screenshots from both the main site and the test site.
You do not have the required permissions to view the files attached to this post.
-
- Posts: 8
- Joined: Mon Sep 26, 2022 4:57 pm
Re: VPN Site to Site by 3G/4G
Test site
You do not have the required permissions to view the files attached to this post.
-
- Posts: 1265
- Joined: Sun Feb 14, 2021 10:31 am
Re: VPN Site to Site by 3G/4G
All good, now add a few static routes by following this example.
-
- Posts: 8
- Joined: Mon Sep 26, 2022 4:57 pm
Re: VPN Site to Site by 3G/4G
Thanks for the tip.
I was testing again following the example you mention, but just as it appears there the connection is made but it is not stable.
I changed the interfaces as follows:
Site1-Main
Server 192.168.0.191
Mask 255.255.255.0
Gateway 192.168.0.1
route -p add 192.168.6.0 mask 255.255.255.255.0 192.168.0.254
Site2-Testing
Bridge 192.168.6.70
Mask 255.255.255.255.0
Gateway 192.168.6.1
route -p add 192.168.0.0.0 mask 255.255.255.255.0 192.168.6.254
The virtual interfaces are left as 192.168.6.254 and 192.168.0.254 respectively.
There is nothing in the routing tables section.
For the tests I am currently running I am using different 100Mbps fiber optic connections. The cellular connection I plan to use once everything is working.
I add the pings capture, it is the same for both sites.
I was testing again following the example you mention, but just as it appears there the connection is made but it is not stable.
I changed the interfaces as follows:
Site1-Main
Server 192.168.0.191
Mask 255.255.255.0
Gateway 192.168.0.1
route -p add 192.168.6.0 mask 255.255.255.255.0 192.168.0.254
Site2-Testing
Bridge 192.168.6.70
Mask 255.255.255.255.0
Gateway 192.168.6.1
route -p add 192.168.0.0.0 mask 255.255.255.255.0 192.168.6.254
The virtual interfaces are left as 192.168.6.254 and 192.168.0.254 respectively.
There is nothing in the routing tables section.
For the tests I am currently running I am using different 100Mbps fiber optic connections. The cellular connection I plan to use once everything is working.
I add the pings capture, it is the same for both sites.
You do not have the required permissions to view the files attached to this post.
-
- Posts: 1265
- Joined: Sun Feb 14, 2021 10:31 am
Re: VPN Site to Site by 3G/4G
Yeah, I was debating L3 stability with the OP but he never updated us after improving his comparison method.sistemascg wrote: ↑Tue Oct 04, 2022 11:32 pmit appears there the connection is made but it is not stable...
...route -p add 192.168.0.0.0 mask 255.255.255.255.0 192.168.6.254
You have too many zeros there :-)