SITE 2 SITE L3
Posted: Mon Mar 01, 2021 3:30 pm
Hello Team,
I've been trying to complete a project about a VPN solution than i found that softether vpn can do me more than i was wish
I liked to idee of this solution and i start working on it since 3 month ago i have create a remote access by L2. Now i'm trying to make a layer 3 connection between different sites and completed most of it,
1. I'm using an OVH cloud vps on a linux OS as the main softether vpn server
2. On my local site (SITE1) I'm using a windows 10 as a server manager and another pc as a bridge that cascading to a hub that I create on the server and the same configuration on the other site (SITE2).
Here is my configuration that i make so far
On The server side:
1. Virtual hubs :
1.1 for the virtual hub (SITE1)
* SECURENAT :Enabled
* ip address : 192.168.30.1/24
* DHCP range : 192.168.30.10/24 TO 200
* Lease time : 7200
* default Gateway : 192.168.30.1
* DNS server : 192.168.30.1
* MTU : 1500
* TCP session : 1800
* UDP session : 60
And for static route table to push i did add 192.168.40.0/255.255.255.0/192.168.30.254
1.2 for the virtual hub (SITE2)
* SECURENAT :Enabled
* ip address : 192.168.40.1/24
* DHCP range : 192.168.40.10/24 TO 200
* Lease time : 7200
* default Gateway : 192.168.40.1
* DNS server : 192.168.40.1
* MTU : 1500
* TCP session : 1800
* UDP session : 60
And for static route table to push i did add 192.168.30.0/255.255.255.0/192.168.40.254, 198.168.1.0/255.255.255.0/192.168.40.253
2. In Layer 3 switching setting i created one virtual layer 3 switch with two virtual interfaces for each virtual hub
* Virtual interface site 1 : 192.168.30.254/24
* Virtual interface site 2 : 192.168.40.254/24
with no routing table
3. for the local bridge setting i haven't add anything,
4. VPN azure is disable,
5. DDNS it enable,
6. IPsec / L2TP are enable
On the bridges side:
ON SITE1 :
1. Cascading :
On the bridge one virtual hub is created by default and i cascade from the virtual hub on bridge to the virtual hub that i create already on the server side
the configuration like this
* Setting name : site012hq
* Host name : SERVER IP
* Port number : 443
* virtual hub name : HQ
* user authentication : user created on the server site
The status is online
2. SECURENAT setting :
SECURENAT :Disabled
* ip address : 192.168.30.1/24
* DHCP range : 192.168.30.10/24 TO 200
* Lease time : 7200
* default Gateway : 192.168.30.1
* DNS server : 192.168.30.1
* MTU : 1500
* TCP session : 1800
* UDP session : 60
And for static route table to push i haven't add any static route table
3. LOCAL BRIDGE settings:
For the local bridge settings I add an usb network adapter and connect it to the internet, and the integrated adapter on the pc is connected from the pc to a switch POE and from that switch to the clients.
That all the configuration that i make i haven't add any port forward or static route on the router or the clients also on the firewall.
the problem is
1- when the clients are connect to vpn i can't access to my local device like i can't access to my router or printer ... but when i activate SECURENAT on bridge i can access to it but the IP address i get is ISP address.
2- when i activate the anti virus or firewall it stop the ping and communication between sites
3- i can' access to printer or dvr .... the only device i can access to is laptop
as i mention before i haven't make any configuration the router (port forwordig or static route) or firewall or clients
I really need your help. I spent a lot of time im soo close.
HERE IS SOME PICTURES : https://imgur.com/a/tNYnsAk
REGARDS
ELHELO
I've been trying to complete a project about a VPN solution than i found that softether vpn can do me more than i was wish
I liked to idee of this solution and i start working on it since 3 month ago i have create a remote access by L2. Now i'm trying to make a layer 3 connection between different sites and completed most of it,
1. I'm using an OVH cloud vps on a linux OS as the main softether vpn server
2. On my local site (SITE1) I'm using a windows 10 as a server manager and another pc as a bridge that cascading to a hub that I create on the server and the same configuration on the other site (SITE2).
Here is my configuration that i make so far
On The server side:
1. Virtual hubs :
1.1 for the virtual hub (SITE1)
* SECURENAT :Enabled
* ip address : 192.168.30.1/24
* DHCP range : 192.168.30.10/24 TO 200
* Lease time : 7200
* default Gateway : 192.168.30.1
* DNS server : 192.168.30.1
* MTU : 1500
* TCP session : 1800
* UDP session : 60
And for static route table to push i did add 192.168.40.0/255.255.255.0/192.168.30.254
1.2 for the virtual hub (SITE2)
* SECURENAT :Enabled
* ip address : 192.168.40.1/24
* DHCP range : 192.168.40.10/24 TO 200
* Lease time : 7200
* default Gateway : 192.168.40.1
* DNS server : 192.168.40.1
* MTU : 1500
* TCP session : 1800
* UDP session : 60
And for static route table to push i did add 192.168.30.0/255.255.255.0/192.168.40.254, 198.168.1.0/255.255.255.0/192.168.40.253
2. In Layer 3 switching setting i created one virtual layer 3 switch with two virtual interfaces for each virtual hub
* Virtual interface site 1 : 192.168.30.254/24
* Virtual interface site 2 : 192.168.40.254/24
with no routing table
3. for the local bridge setting i haven't add anything,
4. VPN azure is disable,
5. DDNS it enable,
6. IPsec / L2TP are enable
On the bridges side:
ON SITE1 :
1. Cascading :
On the bridge one virtual hub is created by default and i cascade from the virtual hub on bridge to the virtual hub that i create already on the server side
the configuration like this
* Setting name : site012hq
* Host name : SERVER IP
* Port number : 443
* virtual hub name : HQ
* user authentication : user created on the server site
The status is online
2. SECURENAT setting :
SECURENAT :Disabled
* ip address : 192.168.30.1/24
* DHCP range : 192.168.30.10/24 TO 200
* Lease time : 7200
* default Gateway : 192.168.30.1
* DNS server : 192.168.30.1
* MTU : 1500
* TCP session : 1800
* UDP session : 60
And for static route table to push i haven't add any static route table
3. LOCAL BRIDGE settings:
For the local bridge settings I add an usb network adapter and connect it to the internet, and the integrated adapter on the pc is connected from the pc to a switch POE and from that switch to the clients.
That all the configuration that i make i haven't add any port forward or static route on the router or the clients also on the firewall.
the problem is
1- when the clients are connect to vpn i can't access to my local device like i can't access to my router or printer ... but when i activate SECURENAT on bridge i can access to it but the IP address i get is ISP address.
2- when i activate the anti virus or firewall it stop the ping and communication between sites
3- i can' access to printer or dvr .... the only device i can access to is laptop
as i mention before i haven't make any configuration the router (port forwordig or static route) or firewall or clients
I really need your help. I spent a lot of time im soo close.
HERE IS SOME PICTURES : https://imgur.com/a/tNYnsAk
REGARDS
ELHELO