L2TP vpn client report 720 Error when try to connect SoftEther VPN on OpenWrt

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
ollydbg
Posts: 12
Joined: Sat Jun 03, 2023 11:35 am

L2TP vpn client report 720 Error when try to connect SoftEther VPN on OpenWrt

Post by ollydbg » Sat Jun 03, 2023 12:28 pm

Hi, I have install the SoftEther VPN server on an OpenWrt 22.03, and after tweaking some setting, I can at least let the Windows VPN(L2TP) client to connect to the OpenWrt.

But at the last stage of the hand shake, I got an 720 error message, it looks like that the IP address of the vpn client can't be assigned.

When I looked at the system log of the OpenWrt, I see such lines:

Code: Select all

Sat Jun  3 20:03:27 2023 daemon.warn dnsmasq-dhcp[1]: DHCP packet received on tap_mytap which has no address
Sat Jun  3 20:03:29 2023 daemon.warn dnsmasq-dhcp[1]: DHCP packet received on tap_mytap which has no address
Sat Jun  3 20:03:30 2023 daemon.warn dnsmasq-dhcp[1]: DHCP packet received on tap_mytap which has no address
I don't have SecureNAT option enabled, I just normally tweak the options for enabling the virtual hub, and L2TP.

Any ideas on how to solve this issue?

Thanks.

For some details of my configuration, you can see here: How to tweak the firewall of OpenWrt 22.03 to support Softether VPN server - Installing and Using OpenWrt / Network and Wireless Configuration - OpenWrt Forum

Basically, I have OpenWrt 22.03.5, and I have installed the SoftEther VPN server version 4.x and the Management Tool 4.x is running under Windows. I have setting the firewall of the OpenWrt to let the 500, 4500 and 1701 port from the wlan to connect to the device.

solo
Posts: 1228
Joined: Sun Feb 14, 2021 10:31 am

Re: L2TP vpn client report 720 Error when try to connect SoftEther VPN on OpenWrt

Post by solo » Sat Jun 03, 2023 10:06 pm

ollydbg wrote:
Sat Jun 03, 2023 12:28 pm

Code: Select all

...dnsmasq-dhcp[1]: DHCP packet received on tap_mytap which has no address
Prep iptables and mod:

Code: Select all

nano /etc/dnsmasq.conf
interface=tap_mytap
dhcp-range=192.168.9.99,192.168.9.199,12h
dhcp-option=3,192.168.9.1
dhcp-option=6,1.1.1.1

ollydbg
Posts: 12
Joined: Sat Jun 03, 2023 11:35 am

Re: L2TP vpn client report 720 Error when try to connect SoftEther VPN on OpenWrt

Post by ollydbg » Sun Jun 04, 2023 12:57 am

Hi, thanks for the help. I have not tried your settings, will test this afternoon.

My openwrt router has 192.168.2.1 as LAN IP.

Can I set the ip such as 192.168.2.X to the VPN client? So that the VPN client and my local pc are in the same sub net.

ollydbg
Posts: 12
Joined: Sat Jun 03, 2023 11:35 am

Re: L2TP vpn client report 720 Error when try to connect SoftEther VPN on OpenWrt

Post by ollydbg » Sun Jun 04, 2023 4:52 am

Code: Select all

interface=tap_mytap
dhcp-range=192.168.2.99,192.168.2.199,12h
dhcp-option=option:router,192.168.2.1
dhcp-option=option:dns-server,192.168.2.1
This is the option I used. But after I run the command:

Code: Select all

/etc/init.d/dnsmasq reload
I see that the vpn client still has 720 error.

solo
Posts: 1228
Joined: Sun Feb 14, 2021 10:31 am

Re: L2TP vpn client report 720 Error when try to connect SoftEther VPN on OpenWrt

Post by solo » Sun Jun 04, 2023 11:07 am

solo wrote:
Sat Jun 03, 2023 10:06 pm
Prep iptables...
You must've missed that or whatever is iptables' equivalent on OpenWrt.

Look, for some inexplicable reason you've decided to not use SecureNAT nor direct bridge, therefore you're on your own with the soft tap. As it stands, the error has nothing to do with SoftEther, try a Linux forum instead.

ollydbg
Posts: 12
Joined: Sat Jun 03, 2023 11:35 am

Re: L2TP vpn client report 720 Error when try to connect SoftEther VPN on OpenWrt

Post by ollydbg » Sun Jun 04, 2023 1:34 pm

solo wrote:
Sun Jun 04, 2023 11:07 am
You must've missed that or whatever is iptables' equivalent on OpenWrt.
Hi, thanks for the reply. I really do not know what does your sentence "Prep iptables and mod:" mean.

I know iptables under a normal Linux(such as centos). Do you mean I have to first tweak the iptables to connect the tap device (tap_mytap) and the "br-lan"?

Look, for some inexplicable reason you've decided to not use SecureNAT nor direct bridge, therefore you're on your own with the soft tap. As it stands, the error has nothing to do with SoftEther, try a Linux forum instead.
About the SecureNAT, I have see this on the the SoftEther management tool GUI interface, it said unless I know much about the network, I can enable it. So, as I just leave it as disabled.

About the direct bridge. I'm OK with this option. I mean my guess is that the "br-lan" has the IP address 192.168.2.1, and when I setup the VPN server, I would like to see all the vpn client assigned the 192.168.2.x IP address. So, do you mean I should "remove" the "soft tap"? Which will make things much simple.

solo
Posts: 1228
Joined: Sun Feb 14, 2021 10:31 am

Re: L2TP vpn client report 720 Error when try to connect SoftEther VPN on OpenWrt

Post by solo » Sun Jun 04, 2023 1:37 pm

yes

ollydbg
Posts: 12
Joined: Sat Jun 03, 2023 11:35 am

Re: L2TP vpn client report 720 Error when try to connect SoftEther VPN on OpenWrt

Post by ollydbg » Sun Jun 04, 2023 1:43 pm

Hi, I believe that you have said yes means I have to use a direct bridge to the "br-lan". I just remove the tap device, and use a direct bridge, see the image below:
2023-06-04 21 40 40.png
But I still got the 720 error in my vpn client after those settings.
You do not have the required permissions to view the files attached to this post.

solo
Posts: 1228
Joined: Sun Feb 14, 2021 10:31 am

Re: L2TP vpn client report 720 Error when try to connect SoftEther VPN on OpenWrt

Post by solo » Sun Jun 04, 2023 1:58 pm

Bridge it to WAN interface, presumably "eth0.x".

ollydbg
Posts: 12
Joined: Sat Jun 03, 2023 11:35 am

Re: L2TP vpn client report 720 Error when try to connect SoftEther VPN on OpenWrt

Post by ollydbg » Sun Jun 04, 2023 2:40 pm

solo wrote:
Sun Jun 04, 2023 1:58 pm
Bridge it to WAN interface, presumably "eth0.x".
Good, I just did what you said, and I see my vpn client can correctly got an IP address from the vpn server.

One issue remains: I see the vpn client got an IP as 192.168.1.x, which is not the subnet of the "br-lan"(192.168.2.x).

Is it possible to assign the 192.168.2.x to the vpn client? Thanks!

ollydbg
Posts: 12
Joined: Sat Jun 03, 2023 11:35 am

Re: L2TP vpn client report 720 Error when try to connect SoftEther VPN on OpenWrt

Post by ollydbg » Sun Jun 04, 2023 10:20 pm

Another issue about this 192.168.1.x assignment for the VPN client is that: I have two vpn client connect with the SoftEther server, they have IP 192.168.1.5 and 192.168.1.6. They can ping each other, and access each other.

But it looks like my Local PC behind the router can't access them. I mean my LAN has many PCs which has IP 192.168.2.x, can they access the vpn client?

Thanks.

solo
Posts: 1228
Joined: Sun Feb 14, 2021 10:31 am

Re: L2TP vpn client report 720 Error when try to connect SoftEther VPN on OpenWrt

Post by solo » Sun Jun 04, 2023 10:34 pm

Ensure that "br-lan" is "UP" and "PROMISC", and check iptables. The above-linked OpenWrt forum will help you with it.

ollydbg
Posts: 12
Joined: Sat Jun 03, 2023 11:35 am

Re: L2TP vpn client report 720 Error when try to connect SoftEther VPN on OpenWrt

Post by ollydbg » Sun Jun 04, 2023 11:52 pm

solo wrote:
Sun Jun 04, 2023 10:34 pm
Ensure that "br-lan" is "UP" and "PROMISC", and check iptables. The above-linked OpenWrt forum will help you with it.
Hi, solo, thanks for the help.

I will ask such issue in the OpenWrt forum.

BTW: I see this [OpenWrt Wiki] SoftEther VPN, but it looks like the SoftEther Server page is missing. If I got fully success, I'm considering wrote that missing page.

solo
Posts: 1228
Joined: Sun Feb 14, 2021 10:31 am

Re: L2TP vpn client report 720 Error when try to connect SoftEther VPN on OpenWrt

Post by solo » Mon Jun 05, 2023 12:17 am

Great, let us know about your final setup and update later on the wiki page.

ollydbg
Posts: 12
Joined: Sat Jun 03, 2023 11:35 am

Re: L2TP vpn client report 720 Error when try to connect SoftEther VPN on OpenWrt

Post by ollydbg » Mon Jun 05, 2023 1:37 am

Hi, solo, thanks!

I have post a new question in OpenWrt forum:

How to let the SoftEther VPN client users access LAN PCs behind OpenWrt router

I hope I can got help there, but it looks like the OpenWrt forum is not interested in the SoftEther related question, I post the original question there with many screen cast, but I got no replies there yet.

Here in the vpnusers forum, you give me many help! Thanks.

ollydbg
Posts: 12
Joined: Sat Jun 03, 2023 11:35 am

Re: L2TP vpn client report 720 Error when try to connect SoftEther VPN on OpenWrt

Post by ollydbg » Mon Jun 05, 2023 11:06 am

Here are some good news, I have totally solved the problem by the help of OpenWrt forum user pavelgl

See his replies here: How to let the SoftEther VPN client users access LAN PCs behind OpenWrt router

ollydbg
Posts: 12
Joined: Sat Jun 03, 2023 11:35 am

Re: L2TP vpn client report 720 Error when try to connect SoftEther VPN on OpenWrt

Post by ollydbg » Wed Jun 14, 2023 1:36 pm

I'm sorry that I have no way to become a wiki editor in the openwrt wiki, not sure how to contribute.

Post Reply