VPN setup question

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
kirkgroome
Posts: 2
Joined: Tue Nov 29, 2022 8:35 pm

VPN setup question

Post by kirkgroome » Tue Nov 29, 2022 10:04 pm

Hello All,
I want to setup a computer on a local network with Softether VPN and have multiple connections to it. I want to be able to get to that computer that is hosting the softether from the ones that connect but not to anything else on the network on ether side.
I think this can be done using secureNAT. I have a virtual hub that I have setup using 10.1.3.x my servers IP is 10.0.1.45. When I have the client connected it gets an IP of 10.1.3.10 and I can ping 10.1.3.1. What I don't understand is how to get the client where it can ping the 10.0.1.45 address.
Thanks
Kirk

solo
Posts: 607
Joined: Sun Feb 14, 2021 10:31 am

Re: VPN setup question

Post by solo » Tue Nov 29, 2022 10:58 pm

There are a few ways to accomplish your objectives. Your current setup could be modified with minimal effort as follows:
  • to be able to ping the server, simply change SecNAT's vDHCP mask to 255.0.0.0 and run: netsh advfirewall firewall set rule name="File and Printer Sharing (Echo Request - ICMPv4-In)" new enable=yes
  • to block clients from accessing remote internet, remove default gateway from SecNAT and also apply ACL for good measure

kirkgroome
Posts: 2
Joined: Tue Nov 29, 2022 8:35 pm

Re: VPN setup question

Post by kirkgroome » Wed Nov 30, 2022 8:39 pm

I did your steps and it still did not work.
How does the packet get from the secNAT of 10.1.3.x to the 10.0.1.x network?
I think I need to setup something in the local bridge or layer 3 switch. and then add something to the routing table but I'm just not getting it work.

If I setup hub and a bridge and don't use SecNAT then I get an can ping the server from the client.

Also a problem with changing the subnet as you suggest is I will at the end have many clients connecting to different hubs with SecNAT using 10.1.4.x and 10.1.5.x and want them to access the server but not each other.


Thanks
Kirk

solo
Posts: 607
Joined: Sun Feb 14, 2021 10:31 am

Re: VPN setup question

Post by solo » Wed Nov 30, 2022 10:17 pm

kirkgroome wrote:
Wed Nov 30, 2022 8:39 pm
How does the packet get from the secNAT of 10.1.3.x to the 10.0.1.x network?
via SecNAT's vNAT tap into the OS' TCP/IP stack

If you don't like the mask's change, then push a static route from SecNAT instead.

saiftech1
Posts: 1
Joined: Wed Dec 07, 2022 12:14 am

Re: VPN setup question

Post by saiftech1 » Wed Dec 07, 2022 12:41 am

Hello All,
I wanted to use SoftEther as my VPN to connect to a WAN Network within Nigeria, I plan to use a mobile Network and there will be a possibility I will use different mobile providers within some locations depending on network availability, I also don't have a static IP, was it possible to configure the VPN server on the server that I want to share some resources within the network? Was it going to be effective to use DHCP? I will appreciate support in any form that will enable me to archive that.
Thank you

Post Reply