Client Bridge with VPN Server on Windows Server 2016 Amazon VM

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
Gallifrey
Posts: 4
Joined: Fri May 18, 2018 8:44 am

Client Bridge with VPN Server on Windows Server 2016 Amazon VM

Post by Gallifrey » Fri May 18, 2018 9:25 am

Hello,

Has anyone got VPN Server working on a Amazon VM using Client Bridge with Windows Server 2016 to be able to browse internet through the established tunnel? It works with Virtual NAT enabled but not with Client mode enabled with the only ethernet adapter available selected. I've tried from both a Mac and iPhone with L2TP over IPSec. There is a Linux public image on Amazon but have not tried it as the softether docs recommends Windows over Linux as Softether has been built for Windows. There seem to be conflicting sources on whether or a Client Bridge should be setup on an Amazon VM.

Many thanks for any help!

1. The Firewall is disabled on the VM and I've allowed All Inbound Traffic to the VM from my IP address.
2. The VM is setup with an elastic IP (public IP)
3. Source/Destination Check is disabled.
4. Any VPC this instance is using is the default one with default settings.

By using virtual NAT and virtual DHCP Server I've been able to connect by both an iPhone and Mac. and browse the internet through the VPN tunnel with Virtual NAT and Virtual DHCP enabled but not if Virtual NAT is disabled with the client bridge set to the only ethernet adapter showing. Without Virtual NAT internet won't work and without the virtual DHCP server the iPhone or Mac won't connect with L2TP over IPSec even wth setting up the DHCP in Windows Server 2016 (not sure if I configured it properly)

1. All options under IPSec/L2TP are checked.
2 The virtual NAT and virtual DHCP Server are enabled.

Virtual Host network settings are: IP Address 192.168.30.1 and Subnet mask 255.255.255.1
Use Virtual Nat is checked with default values.
Use Virtual DHCP Server function is checked with Distributes IP Addresses 192.168.30.10 to 192.168.30.200 and subnet 255.255.255.1 with a Lease Limit of 7200 seconds.
Option applied to clients (optional) has the Gateway and DNS server set to 192.168.30.1

3. A client bridge is set between the virtual hub (named VPN) and the ethernet adapter named "Ethernet (Xen Project ID=xxxxxxx)", removing the client bridge doesn't seem to make any difference but disabling Virtual NAT results in no internet browsing on the VPN client.

Would very much like to get Client Bridge working since it is faster. Thanks for reading this and for any help!




Windows IP Configuration is:

Ethernet adapter Ethernet:

Connection-specific DNS Suffix . : us-east-2.compute.internal
Link-local IPv6 Address . . . . . : fe80::f477:da18:dc14:b5ac%3
IPv4 Address. . . . . . . . . . . : 172.31.19.179
Subnet Mask . . . . . . . . . . . : 255.255.240.0
Default Gateway . . . . . . . . . : 172.31.16.1

Tunnel adapter isatap.us-east-2.compute.internal:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : us-east-2.compute.internal

Tunnel adapter Local Area Connection* 3:

Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:1440:2d13:ed24:3b0
Link-local IPv6 Address . . . . . : fe80::1440:2d13:ed24:3b0%8
Default Gateway . . . . . . . . . : ::



Route:


Windows IP Configuration


Ethernet adapter Ethernet:

Connection-specific DNS Suffix . : us-east-2.compute.internal
Link-local IPv6 Address . . . . . : fe80::f477:da18:dc14:b5ac%3
IPv4 Address. . . . . . . . . . . : 172.31.19.179
Subnet Mask . . . . . . . . . . . : 255.255.240.0
Default Gateway . . . . . . . . . : 172.31.16.1

Tunnel adapter isatap.us-east-2.compute.internal:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : us-east-2.compute.internal

Tunnel adapter Local Area Connection* 3:

Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:1440:2d13:ed24:3b0
Link-local IPv6 Address . . . . . : fe80::1440:2d13:ed24:3b0%8
Default Gateway . . . . . . . . . : ::

thisjun
Posts: 2458
Joined: Mon Feb 24, 2014 11:03 am

Re: Client Bridge with VPN Server on Windows Server 2016 Amazon VM

Post by thisjun » Fri Jun 01, 2018 5:52 am

I think bridging isn't allowed on AWS.

Post Reply