SoftEther VPN Serverクラスターへの接続失敗についてお教え願えますでしょうか。

SoftEther VPN に関するご質問はこのフォーラムにお気軽にご投稿ください。
Post Reply
pojiro
Posts: 5
Joined: Tue Jul 28, 2020 5:09 am

SoftEther VPN Serverクラスターへの接続失敗についてお教え願えますでしょうか。

Post by pojiro » Thu Aug 20, 2020 2:40 am

以下画像の構成でクラスターを構成しています。
clustering structure.png
このとき、以下の設定でクライアントの接続がメンバーに引き継がれず失敗してしまいます。
考えられる原因をお教え願えますでしょうか。
なお、Public IP Addressを空、Controller IP Addressをグローバルに設定し、スイッチを経由させなくすると問題なくメンバーに引き継がれるようになります。
failed config.png
コントローラー側ログが以下です。

Code: Select all

2020-08-20 11:03:34.428 On the TCP Listener (Port 443), a Client (IP address x.x.x.x, Host name "example.com", Port number 47992) has connected.
2020-08-20 11:03:34.596 [HUB "dev"] Connection "CID-157": Successfully authenticated as user "usr".
2020-08-20 11:03:34.596 [HUB "dev"] Connection "CID-157": The cluster controller is deciding the destination cluster member of this client.
2020-08-20 11:03:34.596 Connection "CID-157": The server "dev01" has been decided as a destination cluster member server. Instructing clients to redirect connection to this server.
2020-08-20 11:03:34.596 A new client authentication ticket has been issued for cluster member "dev01". Virtual Hub "dev", User name "usr" ("usr"), Session name "SID-USR-129", Ticket "F39769ED6A7D8D92F752BD490269B8845EB9ACC4"
2020-08-20 11:03:34.656 Connection "CID-157" terminated by the cause "No error." (code 0).
2020-08-20 11:03:34.656 Connection "CID-157" has been terminated.
2020-08-20 11:03:34.656 The connection with the client (IP address x.x.x.x, Port number 47992) has been disconnected.
2020-08-20 11:03:54.916 On the TCP Listener (Port 443), a Client (IP address x.x.x.x, Host name "example.com", Port number 47996) has connected.
2020-08-20 11:03:54.916 For the client (IP address: x.x.x.x, host name: "example.com", port number: 47996), connection "CID-158" has been created.
2020-08-20 11:03:54.988 SSL communication for connection "CID-158" has been started. The encryption algorithm name is "TLS_AES_256_GCM_SHA384".
2020-08-20 11:03:55.084 [HUB "dev"] The connection "CID-158" (IP address: x.x.x.x, Host name: example.com, Port number: 47996, Client name: "SoftEther VPN Server (Cascade Mode)", Version: 4.34, Build: 9745) is attempting to connect to the Virtual Hub. The auth type provided is "Password authentication" and the user name is "usr".
2020-08-20 11:03:55.084 [HUB "dev"] Connection "CID-158": Successfully authenticated as user "usr".
2020-08-20 11:03:55.084 [HUB "dev"] Connection "CID-158": The cluster controller is deciding the destination cluster member of this client.
2020-08-20 11:03:55.084 Connection "CID-158": The server "dev01" has been decided as a destination cluster member server. Instructing clients to redirect connection to this server.
2020-08-20 11:03:55.084 A new client authentication ticket has been issued for cluster member "dev01". Virtual Hub "dev", User name "usr" ("usr"), Session name "SID-USR-130", Ticket "1CCB51F24EC05D9B0EDE421421B7B0A393195B60"
2020-08-20 11:03:55.144 Connection "CID-158" terminated by the cause "No error." (code 0).
2020-08-20 11:03:55.144 Connection "CID-158" has been terminated.
2020-08-20 11:03:55.144 The connection with the client (IP address x.x.x.x, Port number 47996) has been disconnected.
2020-08-20 11:04:13.336 On the TCP Listener (Port 443), a Client (IP address x.x.x.x, Host name "example.com", Port number 48000) has connected.
2020-08-20 11:04:13.336 For the client (IP address: x.x.x.x, host name: "example.com", port number: 48000), connection "CID-159" has been created.
2020-08-20 11:04:13.408 SSL communication for connection "CID-159" has been started. The encryption algorithm name is "TLS_AES_256_GCM_SHA384".
2020-08-20 11:04:13.504 [HUB "dev"] The connection "CID-159" (IP address: x.x.x.x, Host name: example.com, Port number: 48000, Client name: "SoftEther VPN Server (Cascade Mode)", Version: 4.34, Build: 9745) is attempting to connect to the Virtual Hub. The auth type provided is "Password authentication" and the user name is "usr".
2020-08-20 11:04:13.504 [HUB "dev"] Connection "CID-159": Successfully authenticated as user "usr".
2020-08-20 11:04:13.504 [HUB "dev"] Connection "CID-159": The cluster controller is deciding the destination cluster member of this client.
2020-08-20 11:04:13.504 Connection "CID-159": The server "dev01" has been decided as a destination cluster member server. Instructing clients to redirect connection to this server.
2020-08-20 11:04:13.504 A new client authentication ticket has been issued for cluster member "dev01". Virtual Hub "dev", User name "usr" ("usr"), Session name "SID-USR-131", Ticket "F18F6FAAB1610F8D5A88FFD10A26AFEE2FC88F1B"
2020-08-20 11:04:13.564 Connection "CID-159" terminated by the cause "No error." (code 0).
2020-08-20 11:04:13.564 Connection "CID-159" has been terminated.
2020-08-20 11:04:13.564 The connection with the client (IP address x.x.x.x, Port number 48000) has been disconnected.
2020-08-20 11:04:32.240 On the TCP Listener (Port 443), a Client (IP address x.x.x.x, Host name "example.com", Port number 48004) has connected.
2020-08-20 11:04:32.240 For the client (IP address: x.x.x.x, host name: "example.com", port number: 48004), connection "CID-160" has been created.
2020-08-20 11:04:32.312 SSL communication for connection "CID-160" has been started. The encryption algorithm name is "TLS_AES_256_GCM_SHA384".
2020-08-20 11:04:32.396 [HUB "dev"] The connection "CID-160" (IP address: x.x.x.x, Host name: example.com, Port number: 48004, Client name: "SoftEther VPN Server (Cascade Mode)", Version: 4.34, Build: 9745) is attempting to connect to the Virtual Hub. The auth type provided is "Password authentication" and the user name is "usr".
2020-08-20 11:04:32.396 [HUB "dev"] Connection "CID-160": Successfully authenticated as user "usr".
2020-08-20 11:04:32.396 [HUB "dev"] Connection "CID-160": The cluster controller is deciding the destination cluster member of this client.
2020-08-20 11:04:32.396 Connection "CID-160": The server "dev01" has been decided as a destination cluster member server. Instructing clients to redirect connection to this server.
2020-08-20 11:04:32.396 A new client authentication ticket has been issued for cluster member "dev01". Virtual Hub "dev", User name "usr" ("usr"), Session name "SID-USR-132", Ticket "22151F3F30316D8F8B652C69B7CE351A56034380"
2020-08-20 11:04:32.456 Connection "CID-160" terminated by the cause "No error." (code 0).
2020-08-20 11:04:32.456 Connection "CID-160" has been terminated.
2020-08-20 11:04:32.456 The connection with the client (IP address x.x.x.x, Port number 48004) has been disconnected.
メンバー側ログが以下です。

Code: Select all

2020-08-20 11:03:34.597 仮想 HUB "dev" を開始しました。
2020-08-20 11:03:34.597 仮想 HUB "dev" の MAC アドレスは "00-AE-E8-76-F8-A1" です。
2020-08-20 11:03:34.597 [HUB "dev"] 仮想 HUB がオンラインになりました。
2020-08-20 11:03:34.597 クラスタコントローラから新しいクライアント認証チケットを受領しました。仮想 HUB "dev", ユーザー名 "usr" ("usr"), セッション名 "SID-USR-129", チケット "F39769ED6A7D8D92F752BD490269B8845EB9ACC4", 有効期限 60 秒
2020-08-20 11:03:55.076 クラスタコントローラから新しいクライアント認証チケットを受領しました。仮想 HUB "dev", ユーザー名 "usr" ("usr"), セッション名 "SID-USR-130", チケット "1CCB51F24EC05D9B0EDE421421B7B0A393195B60", 有効期限 60 秒
2020-08-20 11:04:13.496 クラスタコントローラから新しいクライアント認証チケットを受領しました。仮想 HUB "dev", ユーザー名 "usr" ("usr"), セッション名 "SID-USR-131", チケット "F18F6FAAB1610F8D5A88FFD10A26AFEE2FC88F1B", 有効期限 60 秒
2020-08-20 11:04:32.392 クラスタコントローラから新しいクライアント認証チケットを受領しました。仮想 HUB "dev", ユーザー名 "usr" ("usr"), セッション名 "SID-USR-132", チケット "22151F3F30316D8F8B652C69B7CE351A56034380", 有効期限 60 秒
2020-08-20 11:04:40.068 [HUB "dev"] 仮想 HUB がオフラインになりました
You do not have the required permissions to view the files attached to this post.

cedar
Site Admin
Posts: 1407
Joined: Sat Mar 09, 2013 5:37 am

Re: SoftEther VPN Serverクラスターへの接続失敗についてお教え願えますでしょうか。

Post by cedar » Thu Aug 20, 2020 10:39 am

メンバサーバーの Public IP Address の設定がプライベート IP アドレスとなっているようです。
ここには、クライアントからアクセスできるアドレスを設定する必要があります。

pojiro
Posts: 5
Joined: Tue Jul 28, 2020 5:09 am

Re: SoftEther VPN Serverクラスターへの接続失敗についてお教え願えますでしょうか。

Post by pojiro » Thu Aug 20, 2020 11:40 am

早速のご回答ありがとうございます。

私が根本的に使い方を間違っていたということですね。
ありがとうございます。構成を修正いたします。

Post Reply