Acces the VPN Server through VPN with only one eth-device?

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
qupfer
Posts: 202
Joined: Wed Jul 10, 2013 2:07 pm

Acces the VPN Server through VPN with only one eth-device?

Post by qupfer » Sun Feb 08, 2015 10:21 pm

Hi,

I know that I can't reach the local vpn-server-IP through the VPN from a client, if I bridge the vpn-hub directly to eth0.

But I seem to remember, that a workaround was something like create a additionaly tap-device and do some IP/routing commands and stuff like that.

Can somebody give me these informations?

GreenUser
Posts: 12
Joined: Tue Feb 03, 2015 3:21 am

Re: Acces the VPN Server through VPN with only one eth-devic

Post by GreenUser » Sun Feb 08, 2015 11:42 pm

Good luck, and if you find a way to do this, please let me know.

I've spent three weeks on trying to create a functional tap / tun device based on the limited information that is available on this.

I am running CentOS 6 on a VPS and it simply doesn't work. Reluctantly, I will continue to use NAT as it seems that SoftEther is primarily designed for use with NAT.

The ideal setup would obviously be a clustered configuration with a bridge device to the gateway but again, I've spend three weeks on this and cannot get it to work, and I'm not a novice either.

If you are interested, here are a couple links to look at (I've tried these to no avail):
http://blog.lincoln.hk/blog/2013/03/19/ ... er-on-vps/
http://www.scribd.com/doc/187770965/Loc ... -on-CENTOS

qupfer
Posts: 202
Joined: Wed Jul 10, 2013 2:07 pm

Re: Acces the VPN Server through VPN with only one eth-devic

Post by qupfer » Mon Feb 09, 2015 8:57 am

GreenUser wrote:
> Good luck, and if you find a way to do this, please let me know.

A "double-bridge" will work, but its ugly.
I mean bridge the vpn-hub to a tap device and then bridge the bridged-tap-device to eth0.

I prefer to bridge the hub directly to eth0, but in this case, you can't reach the vpn-server through the VPN.
And if I remember correctly, a other solution was a quite different "double-bridige". Bridge vpn-hub to etho and also bridge vpn-hub to a tap-device.

GreenUser
Posts: 12
Joined: Tue Feb 03, 2015 3:21 am

Re: Acces the VPN Server through VPN with only one eth-devic

Post by GreenUser » Mon Feb 09, 2015 6:36 pm

Yes, that does sound messy. I am looking into using IPTables to solve this problem, so I will keep you posted on what I find.

Have you been able to bridge the hub directly to eth0 AND have clients successfully routed to the internet?

qupfer
Posts: 202
Joined: Wed Jul 10, 2013 2:07 pm

Re: Acces the VPN Server through VPN with only one eth-devic

Post by qupfer » Mon Feb 09, 2015 8:28 pm

GreenUser wrote:

> Have you been able to bridge the hub directly to eth0 AND have clients successfully
> routed to the internet?

Yes.
On Windows with the offical Softetether client and just connect.
On Linux I set a static route to the vpn server to avoid connection loss and then I run dhcpcd (or any other dhcp client) on tap0.
Client got IP, Gatway, DNS etc. from my gateway (home router) and it works.

Or did you try to bridge to eth0 on a hosted (v)server?

GreenUser
Posts: 12
Joined: Tue Feb 03, 2015 3:21 am

Re: Acces the VPN Server through VPN with only one eth-devic

Post by GreenUser » Mon Feb 09, 2015 9:46 pm

Yes, I tried bridging the hub to eth0 on a VPS (Vserver) and it did not work. I am assuming this is because the bridge would request an additional address from the hosts dhcp server.

I understand you were able to get the bridge working from your home setup. Have you worked with SoftEther on a VPS? If so, were you able to get things running?

thisjun
Posts: 2458
Joined: Mon Feb 24, 2014 11:03 am

Re: Acces the VPN Server through VPN with only one eth-devic

Post by thisjun » Wed Feb 18, 2015 8:17 am

I think some VPS don't allow promiscuous mode.
So, you should use tap mode localbridge on VPS.

mesa57
Posts: 153
Joined: Fri Oct 11, 2013 4:00 pm
Location: Netherlands

Re: Acces the VPN Server through VPN with only one eth-devic

Post by mesa57 » Sat Feb 21, 2015 10:33 am

Is there anywhere some tutorial how to use TAP mode bridge on a VPS/Linux ?

qupfer
Posts: 202
Joined: Wed Jul 10, 2013 2:07 pm

Re: Acces the VPN Server through VPN with only one eth-devic

Post by qupfer » Mon Feb 23, 2015 7:42 pm

mesa57 wrote:
> Is there anywhere some tutorial how to use TAP mode bridge on a VPS/Linux ?


http://blog.lincoln.hk/blog/2013/05/17/ ... al-bridge/
(http://blog.lincoln.hk/blog/2013/03/19/ ... er-on-vps/)

mesa57
Posts: 153
Joined: Fri Oct 11, 2013 4:00 pm
Location: Netherlands

Re: Acces the VPN Server through VPN with only one eth-devic

Post by mesa57 » Mon Feb 23, 2015 8:59 pm

Thank you :)

Post Reply