VPN- Client connected, but no access to the server itself
-
- Posts: 7
- Joined: Fri Dec 13, 2013 2:23 pm
VPN- Client connected, but no access to the server itself
Hi @ all.
I have setup the vpn- server on a Netgear ReadyNAS RN104 with OS6.
The connection of VPN- Clients is successfull and i have access to all computers and routers of the NAS- Network.
But i have no access to the NAS itself over VPN.
Please help me...
I have setup the vpn- server on a Netgear ReadyNAS RN104 with OS6.
The connection of VPN- Clients is successfull and i have access to all computers and routers of the NAS- Network.
But i have no access to the NAS itself over VPN.
Please help me...
-
- Posts: 551
- Joined: Wed Jul 24, 2013 12:09 pm
-
- Posts: 65
- Joined: Sun Dec 15, 2013 8:34 am
Re: VPN- Client connected, but no access to the server itsel
You can't connect to server's virtual address.
You have to create local bridge on internal netcard and virtual hub.
Than connect to internal real address.
You have to create local bridge on internal netcard and virtual hub.
Than connect to internal real address.
-
- Posts: 7
- Joined: Fri Dec 13, 2013 2:23 pm
Re: VPN- Client connected, but no access to the server itsel
UkrZilla wrote:
> You can't connect to server's virtual address.
> You have to create local bridge on internal netcard and virtual hub.
> Than connect to internal real address.
I have created a Local Bridge on the NAS VPN Server to eth1 where no cable is connected and to eth0 where the LAN cable is connected but i don't have access to the Local Internal IP 192.168.0.2 of the NAS over the VPN connection.
Do you have any idea?
Screenshots below
> You can't connect to server's virtual address.
> You have to create local bridge on internal netcard and virtual hub.
> Than connect to internal real address.
I have created a Local Bridge on the NAS VPN Server to eth1 where no cable is connected and to eth0 where the LAN cable is connected but i don't have access to the Local Internal IP 192.168.0.2 of the NAS over the VPN connection.
Do you have any idea?
Screenshots below
You do not have the required permissions to view the files attached to this post.
-
- Posts: 65
- Joined: Sun Dec 15, 2013 8:34 am
Re: VPN- Client connected, but no access to the server itsel
XxX_Cobra_XxX, where did you get ip address from?
From buid-in DHCP in SoftEther or from you local net connected to eth1?
Anyway ip address on vpn session has to be in same subnet with eth1 - 192.168.0.0
From buid-in DHCP in SoftEther or from you local net connected to eth1?
Anyway ip address on vpn session has to be in same subnet with eth1 - 192.168.0.0
-
- Posts: 7
- Joined: Fri Dec 13, 2013 2:23 pm
Re: VPN- Client connected, but no access to the server itsel
UkrZilla wrote:
> XxX_Cobra_XxX, where did you get ip address from?
> From buid-in DHCP in SoftEther or from you local net connected to eth1?
> Anyway ip address on vpn session has to be in same subnet with eth1 -
> 192.168.0.0
Hi UkrZilla, i get the ip adress from my local net that is connected to eth1 (192.168.0.0) and i can access all other computers in the real local network but not the NAS.
The status of the VPN- Connection shows the ip 192.168.0.4 but the subnetmask is 255.255.255.255
> XxX_Cobra_XxX, where did you get ip address from?
> From buid-in DHCP in SoftEther or from you local net connected to eth1?
> Anyway ip address on vpn session has to be in same subnet with eth1 -
> 192.168.0.0
Hi UkrZilla, i get the ip adress from my local net that is connected to eth1 (192.168.0.0) and i can access all other computers in the real local network but not the NAS.
The status of the VPN- Connection shows the ip 192.168.0.4 but the subnetmask is 255.255.255.255
-
- Posts: 65
- Joined: Sun Dec 15, 2013 8:34 am
Re: VPN- Client connected, but no access to the server itsel
Hi XxX_Cobra_XxX
I think problem not in SothEther Server.
What about firewall?
How do you check access to NAS?
Can you temporary flush iptables rules in all chunks?
I think problem not in SothEther Server.
What about firewall?
How do you check access to NAS?
Can you temporary flush iptables rules in all chunks?
-
- Posts: 7
- Joined: Fri Dec 13, 2013 2:23 pm
Re: VPN- Client connected, but no access to the server itsel
UkrZilla wrote:
> Hi XxX_Cobra_XxX
> I think problem not in SothEther Server.
> What about firewall?
> How do you check access to NAS?
> Can you temporary flush iptables rules in all chunks?
I have only enabled the firewall on the router behind the NAS. But i have forwarded all VPN ports to the NAS.
I check the access to the NAS in different ways.
I put the local IP from the NAS (192.168.0.2) in the browser --> no access
I check it with the explorer \\192.168.0.2 --> no access
I ping the ip with cmd of windows ping 192.168.0.2 --> no answere
Sorry, but what do you mean with temporary flush iptables?
> Hi XxX_Cobra_XxX
> I think problem not in SothEther Server.
> What about firewall?
> How do you check access to NAS?
> Can you temporary flush iptables rules in all chunks?
I have only enabled the firewall on the router behind the NAS. But i have forwarded all VPN ports to the NAS.
I check the access to the NAS in different ways.
I put the local IP from the NAS (192.168.0.2) in the browser --> no access
I check it with the explorer \\192.168.0.2 --> no access
I ping the ip with cmd of windows ping 192.168.0.2 --> no answere
Sorry, but what do you mean with temporary flush iptables?
-
- Posts: 65
- Joined: Sun Dec 15, 2013 8:34 am
Re: VPN- Client connected, but no access to the server itsel
1. Try to get adress from build-in in SoftEther DHCP server.
2. Reboot NAS.
3. On Windows Server 2008 SE works very fine, predictable, without surprises.
4. Does your vpn user have any active security policy?
5. Does your virtual hub have any access list?
2. Reboot NAS.
3. On Windows Server 2008 SE works very fine, predictable, without surprises.
4. Does your vpn user have any active security policy?
5. Does your virtual hub have any access list?
-
- Posts: 65
- Joined: Sun Dec 15, 2013 8:34 am
Re: VPN- Client connected, but no access to the server itsel
XxX_Cobra_XxX,
http://www.softether.org/4-docs/1-manua ... _SecureNAT
If you are using Linux or Solaris, you can communicate within the Virtual Hub (VPN) from the network adapter connected to by the local bridge to the LAN, but you can not communicate to the network adapter itself. This is a restriction imposed by the Linux kernel.
http://www.softether.org/4-docs/1-manua ... _SecureNAT
If you are using Linux or Solaris, you can communicate within the Virtual Hub (VPN) from the network adapter connected to by the local bridge to the LAN, but you can not communicate to the network adapter itself. This is a restriction imposed by the Linux kernel.
-
- Posts: 7
- Joined: Fri Dec 13, 2013 2:23 pm
Re: VPN- Client connected, but no access to the server itsel
UkrZilla wrote:
> XxX_Cobra_XxX,
>
>
> http://www.softether.org/4-docs/1-manua ... _SecureNAT
>
> If you are using Linux or Solaris, you can communicate within the Virtual
> Hub (VPN) from the network adapter connected to by the local bridge to the
> LAN, but you can not communicate to the network adapter itself. This is a
> restriction imposed by the Linux kernel.
Hy UkrZilla,
and there is no way to solve or change this on the linux kernel?
> XxX_Cobra_XxX,
>
>
> http://www.softether.org/4-docs/1-manua ... _SecureNAT
>
> If you are using Linux or Solaris, you can communicate within the Virtual
> Hub (VPN) from the network adapter connected to by the local bridge to the
> LAN, but you can not communicate to the network adapter itself. This is a
> restriction imposed by the Linux kernel.
Hy UkrZilla,
and there is no way to solve or change this on the linux kernel?
-
- Posts: 65
- Joined: Sun Dec 15, 2013 8:34 am
Re: VPN- Client connected, but no access to the server itsel
I'll check how to resolve this problem.
I've installed Ubuntu Server and SE works fine.
Now I'm testing this.
I've installed Ubuntu Server and SE works fine.
Now I'm testing this.
-
- Posts: 7
- Joined: Fri Dec 13, 2013 2:23 pm
Re: VPN- Client connected, but no access to the server itsel
UkrZilla wrote:
> I'll check how to resolve this problem.
> I've installed Ubuntu Server and SE works fine.
> Now I'm testing this.
Hy UkrZilla
Wow! You are the best! Thank you very much!!!
> I'll check how to resolve this problem.
> I've installed Ubuntu Server and SE works fine.
> Now I'm testing this.
Hy UkrZilla
Wow! You are the best! Thank you very much!!!
-
- Posts: 65
- Joined: Sun Dec 15, 2013 8:34 am
Re: VPN- Client connected, but no access to the server itsel
So, after small investigation I can say that you have only one workaround:
1. Both cards from your NAS you have to connect to switch/router.
First with assigned address from 192.168.0.0 and second without address - we will use it for local bridge with virtual hub.
2. Make local bridge between virtual hub and second card.
3. Make port redirecting on your router to NAS - tcp:443/5555/1194.
After connect you can access to NAS by address from first netcard.
1. Both cards from your NAS you have to connect to switch/router.
First with assigned address from 192.168.0.0 and second without address - we will use it for local bridge with virtual hub.
2. Make local bridge between virtual hub and second card.
3. Make port redirecting on your router to NAS - tcp:443/5555/1194.
After connect you can access to NAS by address from first netcard.
-
- Posts: 7
- Joined: Fri Dec 13, 2013 2:23 pm
Re: VPN- Client connected, but no access to the server itsel
UkrZilla wrote:
> So, after small investigation I can say that you have only one workaround:
> 1. Both cards from your NAS you have to connect to switch/router.
> First with assigned address from 192.168.0.0 and second without address -
> we will use it for local bridge with virtual hub.
> 2. Make local bridge between virtual hub and second card.
> 3. Make port redirecting on your router to NAS - tcp:443/5555/1194.
>
> After connect you can access to NAS by address from first netcard.
Hy UkrZilla,
i have to assign the ip from the first network card from the router via dhcp and specify the ip from the second card manual in the same subnet, is that right?
> So, after small investigation I can say that you have only one workaround:
> 1. Both cards from your NAS you have to connect to switch/router.
> First with assigned address from 192.168.0.0 and second without address -
> we will use it for local bridge with virtual hub.
> 2. Make local bridge between virtual hub and second card.
> 3. Make port redirecting on your router to NAS - tcp:443/5555/1194.
>
> After connect you can access to NAS by address from first netcard.
Hy UkrZilla,
i have to assign the ip from the first network card from the router via dhcp and specify the ip from the second card manual in the same subnet, is that right?
-
- Posts: 65
- Joined: Sun Dec 15, 2013 8:34 am
Re: VPN- Client connected, but no access to the server itsel
Hello XxX_Cobra_XxX!
Second card has to be without any ip. This card you have to use to make local bridge, not first card.
Second card has to be without any ip. This card you have to use to make local bridge, not first card.
-
- Posts: 65
- Joined: Sun Dec 15, 2013 8:34 am
Re: VPN- Client connected, but no access to the server itsel
You have to assign the ip from the first network card from the router via static.
So, you can know this address)
So, you can know this address)