SE VPN Server Ports.

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
goomba
Posts: 9
Joined: Sun Feb 10, 2019 8:25 pm

SE VPN Server Ports.

Post by goomba » Mon Aug 28, 2023 3:35 pm

We are a little frustrated with settings for the VPN server.

These are the ports we have open on our internet facing inbound router firewall rules;

TCP:
443,992,1194, 8443

UDP:
1701,500,555

Additionally, we have allowed all connections in Windows 10 Firewall for the above ports and also a rule for the VPN Server Application as well (this is a default setting).

Yet our users always get a message regarding "Punch Through???" and when connecting to the VPN server it is slow and we periodically get disconnected.

We have ran External Internet Port checkers and they all report that none of our ports are open, but internal port scans and using telnet we can confirm connecting to each specific TCP ports.

We have tried turning of the WINDOWS firewall and still have the same issue.

We also setup a Ubuntu server with the same configuration and still same results.

Users can connect, just making sense to us.

Any Ideas???

solo
Posts: 1486
Joined: Sun Feb 14, 2021 10:31 am

Re: SE VPN Server Ports.

Post by solo » Mon Aug 28, 2023 3:50 pm

goomba wrote:
Mon Aug 28, 2023 3:35 pm
These are the ports we have open on our internet facing inbound router firewall rules
...
We have ran External Internet Port checkers and they all report that none of our ports are open
You need to FORWARD these ports. Also your ISP may not allow incoming connections.

goomba
Posts: 9
Joined: Sun Feb 10, 2019 8:25 pm

Re: SE VPN Server Ports.

Post by goomba » Mon Aug 28, 2023 4:13 pm

Sorry, when I say OPEN, I mean FORWARDED.

All our clients have static IP and nothing blocked.

We have rhe same issue with our internal VPN Server and we host Mail, Web and a host of other services and we know for sure nothing is blocked. Same thing with clients.

Any other ideas?

solo
Posts: 1486
Joined: Sun Feb 14, 2021 10:31 am

Re: SE VPN Server Ports.

Post by solo » Mon Aug 28, 2023 6:45 pm

https://www.vpnusers.com/viewtopic.php? ... 513#p99915

EDIT

"we host Mail, Web" - so forwarding TCP 443 to SE is not interfering with the web server?

goomba
Posts: 9
Joined: Sun Feb 10, 2019 8:25 pm

Re: SE VPN Server Ports.

Post by goomba » Mon Aug 28, 2023 7:45 pm

We have 4 statics, our web email etc are all on different servers, different front facing routers.

This is purely a SE issue, he is on a different ip and different router.

Even so, does not explain why this happens with clients, some of which only have ports/traffic sent to se server.

solo
Posts: 1486
Joined: Sun Feb 14, 2021 10:31 am

Re: SE VPN Server Ports.

Post by solo » Tue Aug 29, 2023 4:06 am

goomba wrote:
Mon Aug 28, 2023 7:45 pm
This is purely a SE issue, he is on a different ip and different router.
No, let's make a quick test - on the SE server PC enable RDP, forward its port and try to connect from one of those clients.

goomba
Posts: 9
Joined: Sun Feb 10, 2019 8:25 pm

Re: SE VPN Server Ports.

Post by goomba » Tue Aug 29, 2023 12:58 pm

Yes they ALL can.

solo
Posts: 1486
Joined: Sun Feb 14, 2021 10:31 am

Re: SE VPN Server Ports.

Post by solo » Tue Aug 29, 2023 2:02 pm

https://www.vpnusers.com/viewtopic.php? ... 372#p89372

Is it the same server? What was the SE problem in that RDP case?

Post Reply