SoftEther VPN User Forum

On the proxmox server (debian 10), he created a virtual machine with a VPN softether server. Created the Hub and the user in it (certificate login), TAP interface.
BridgeCreate MyHub -device:vpn -tap:yes
Assigned IP TAP to an interface.
ifconfig tap_vpn 192.168.50.15
Prescribed routes.
From a remote client over a VPN link, I cannot ping the proxmox server interface. At the same time, all tap and other interfaces inside the virtual machine itself are available. Firewalls are off.
Perhaps these are restrictions
3.6.11 Points to Note when Local Bridging in Linux, FreeBSD, Solaris or Mac OS X
https://www.softether.org/4-docs/1-manu ... Access_VPN
I prescribed a rule that did not have an effect.
iptables -t nat -A POSTROUTING -s '192.168.50.0/24' -o ens18 -j MASQUERADE

How do I set up ping?

To work around the Linux kernel VPN ping limitation you need to double-bridge: brctl addif br0 tap_vpn

(BTW, WTF do you redact private-range IPs?)

solo wrote: ↑

Fri Apr 07, 2023 2:21 pm

To work around the Linux kernel VPN ping limitation you need to double-bridge: brctl addif br0 tap_vpn

(BTW, WTF do you redact private-range IPs?)

Not works (( No ping to ip proxmox server
/etc/network/interfaces
----
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
allow-hotplug ens18
iface ens18 inet static
address 192.168.1.15
netmask 24
gateway 192.168.1.1
auto br0
iface br0 inet manual
bridge_ports none
bridge_stp off
bridge_waitport 0
bridge_fd 0
-----

brctl addif br0 tap_art_simple

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
inet 127.0.0.1/8 scope host lo
2: ens18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
inet 192.168.1.15/24 brd 192.168.1.255 scope global ens18
3: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
inet 192.168.50.15/24 brd 192.168.50.255 scope global br0
4: tap_art_simple: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UNKNOWN group default qlen 1000

Add route
default via 192.168.1.1 dev ens18 onlink
192.168.1.0/24 dev ens18 proto kernel scope link src 192.168.1.15
192.168.40.0/24 via 192.168.50.15 dev br0
192.168.43.0/24 via 192.168.50.15 dev br0
192.168.50.0/24 dev br0 proto kernel scope link src 192.168.50.15



ps
do you redact private-range IPs?

For better security (

solo wrote: ↑

Fri Apr 07, 2023 10:49 pm

https://www.vpnusers.com/search.php?key ... mit=Search

What do you mean by double bride?
I don`t uderstand. Search only gives out garbage

sergey113 wrote: ↑

Fri Apr 07, 2023 1:07 pm

How do I set up ping?

Like this https://www.vpnusers.com/viewtopic.php? ... 366#p98366

solo wrote: ↑

Sat Apr 08, 2023 2:14 pm

sergey113 wrote: ↑

Fri Apr 07, 2023 1:07 pm

How do I set up ping?

Like this https://www.vpnusers.com/viewtopic.php? ... 366#p98366

does not work (

I make:
----------
ip link add dum0 type dummy
brctl addbr br0
brctl addif br0 dum0 tap_art_simple
ifconfig br0 192.168.100.15 netmask 255.255.255.0 promisc arp up
ip route add 192.168.43.0/24 via 192.168.100.15 dev br0
ip route add 192.168.40.0/24 via 192.168.100.15 dev br0
---------
Interface SE server ens18 have IP 192.168.1.15 he does ping.
Interface proxmox server have IP 192.168.1.10 and and he does not ping

SE is poorly compatible with Linux and better look towards other VPNs?

I set up a connection in the form of two bridge servers, but this did not help