I would like to set up Softether VPN server (Amazon AWS) and have different remote sites connect to Softether using Microtik routers to create a vpn tunnel so that the remote sites can access the Amazon servers in the same subnet as the Softether vps. Not only will I have networks trying to remotely connect but I may have individual clients that require connection. I would like to use L3 routing to keep traffic and ip management down.
If this is possible can anyone tell me how I need to accomplish this?
1) Does Softether need to be set up in bridge mode or vpn server mode?
2) How do I configure Softether for these multiple site to site connections?
3) If anyone knows the microtik, whats required on that (policy,proposal etc) to connect to softether.
I really need some guidance as I really love softether but have been at this for a couple of weeks now and haven't made much progress. Most of the documentation is in regards to softether bridges to softether vpn servers. What about vpn routers, like the microtik or sonicwall etc.
Thank you very much in advance
Softether VPN Server and Microtik
-
- Posts: 6
- Joined: Mon Oct 23, 2017 8:10 pm
Re: Softether VPN Server and Microtik
I see from previous posts that quick replies are not the norm. I'm really hoping someone will be kind enough to reply.
I also see a lot of spam/junk posts....such a shame.
I also see a lot of spam/junk posts....such a shame.
-
- Posts: 32
- Joined: Mon Dec 01, 2014 2:09 am
Re: Softether VPN Server and Microtik
You would need a softether vpn server (not bridge) on the amazon server.
Unfortunately, I am not familiar with Microtik routers. If that's a physical machine, you could set-up a windows/linux/other machine as a VPN Bridge (connecting to the Amazon Server) with a local bridge to an ethernet port which the router could be hooked to.
amazon (vpn server + securenat) --> internet --> vpn bridge (another server-like machine with softether bridge) --> localbridge to ethernet card --> Microtik routers
Not the clearest I can be, but hope that helps.
Unfortunately, I am not familiar with Microtik routers. If that's a physical machine, you could set-up a windows/linux/other machine as a VPN Bridge (connecting to the Amazon Server) with a local bridge to an ethernet port which the router could be hooked to.
amazon (vpn server + securenat) --> internet --> vpn bridge (another server-like machine with softether bridge) --> localbridge to ethernet card --> Microtik routers
Not the clearest I can be, but hope that helps.
-
- Posts: 6
- Joined: Mon Oct 23, 2017 8:10 pm
Re: Softether VPN Server and Microtik
I was actually hoping to get a way with NOT setting up any machines.
Microtiks are physical routers. Not sure if allowed to post links.
They run RouterOS which allows for IPSEC, GRE, SSTP or OVPN connections.
Microtiks are physical routers. Not sure if allowed to post links.
They run RouterOS which allows for IPSEC, GRE, SSTP or OVPN connections.
-
- Posts: 32
- Joined: Mon Dec 01, 2014 2:09 am
Re: Softether VPN Server and Microtik
Then keep what I said about the amazon server side, just connect the router to openvpn and it should do the rest itself
-
- Posts: 6
- Joined: Mon Oct 23, 2017 8:10 pm
Re: Softether VPN Server and Microtik
Thank you so much for replying:
Let me explain what I currently have.
Home:
Local router
LAN 192.168.5.1/24
Public WAN: whatever the isp's handing out
Behind local router
Microtik
Lan: 10.1.1.1/24
WAN: 192.168.5.x (whatever the local router is handing out)
DHCP Server: 10.1.1.100-200
Softether
ETH0: 172.30.1.65/24
Tunnel: (192.168.99.x/24)
Server I need to get to: 172.30.1.80/24
Here is my current issue.
I created an OpnVPN connection from Microtik and SoftEther. That works great. Connection Established.
I had to create a route on Microtik: 172.30.1.0/24 GW SSTP-Out1 in order for the Microtik to be able to ping 172.30.1.x network (from terminal).
Problem:
I cannot ping from 10.1.1.x to 172.30.1.0/24
So I thought the reason why was because the server doesn't know how to route back so on the 172.30.1.80 I added a route 10.1.1.0/24 gw 172.30.1.65.
Still doesn't work. Any help GREATLY appreciated.
Let me explain what I currently have.
Home:
Local router
LAN 192.168.5.1/24
Public WAN: whatever the isp's handing out
Behind local router
Microtik
Lan: 10.1.1.1/24
WAN: 192.168.5.x (whatever the local router is handing out)
DHCP Server: 10.1.1.100-200
Softether
ETH0: 172.30.1.65/24
Tunnel: (192.168.99.x/24)
Server I need to get to: 172.30.1.80/24
Here is my current issue.
I created an OpnVPN connection from Microtik and SoftEther. That works great. Connection Established.
I had to create a route on Microtik: 172.30.1.0/24 GW SSTP-Out1 in order for the Microtik to be able to ping 172.30.1.x network (from terminal).
Problem:
I cannot ping from 10.1.1.x to 172.30.1.0/24
So I thought the reason why was because the server doesn't know how to route back so on the 172.30.1.80 I added a route 10.1.1.0/24 gw 172.30.1.65.
Still doesn't work. Any help GREATLY appreciated.
-
- Posts: 2458
- Joined: Mon Feb 24, 2014 11:03 am
Re: Softether VPN Server and Microtik
Do you use SecureNAT?