How to setup Softether using TAP/local bridge?

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
Freek
Posts: 11
Joined: Tue Apr 09, 2013 8:07 pm

How to setup Softether using TAP/local bridge?

Post by Freek » Tue Apr 09, 2013 8:25 pm

Hello,

Could you please write a short guide/tutorial on how to setup Softether using TAP / local bridge instead of SecureNAT?
I am having issues setting it up. Here's what I did so far:

./vpscmd
natdisable, dhcpdisable, securenatdisable //Disable all the NAT stuff;
bridgecreate /DEVICE:tap0 /TAP:yes //If this doesn't work, try setting it up through Softether's Windows Management interface;
EXIT

run: ifconfig tap_tap0 192.168.1.254

edit: /etc/default/isc-dhcp-server
INTERFACES="tap_tap0"

apt-get install isc-dhcp-server apt-get install

edit: /etc/dhcp/dhcpd.conf
ddns-update-style none;
option domain-name "XXX";
option domain-name-servers 8.8.8.8, 8.8.4.4;
default-lease-time 600;
max-lease-time 7200;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option routers 192.168.1.254;
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.10 192.168.1.100;
range 192.168.1.150 192.168.1.200;
}

run: iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j SNAT --to-source VPS.IP.ADDRESS.HERE

Open the generated .OVPN file:
Change 'tun' to 'tap', as we've setup a TAP bridge.
Also, without doing this, I kept getting an authentication failure

Based upon:
http://www.lowendtalk.com/discussion/87 ... oftware/p2

After the above steps, I can connect via OpenVPN But I am not getting an IP.

Thanks in advance!

cedar
Site Admin
Posts: 1023
Joined: Sat Mar 09, 2013 5:37 am

Re: How to setup Softether using TAP/local bridge?

Post by cedar » Fri Apr 12, 2013 12:43 am

Was there any error message?
Please show result of each command.

Freek
Posts: 11
Joined: Tue Apr 09, 2013 8:07 pm

Re: How to setup Softether using TAP/local bridge?

Post by Freek » Fri Apr 12, 2013 5:14 am

Thanks for your reply.

I already fixed the problem.
Here's what I did:

Do not change the .OVPN file, leave 'tun' as is.

edit: /etc/sysctl.conf
net.ipv4.ip_forward=1

For XenPV VPS run these IPtable rules instead:
iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -s 192.168.1.0/24 -j ACCEPT
iptables -A FORWARD -j REJECT
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o eth0 -j MASQUERADE

Post Reply