SoftEther VPN User Forum

Hello,

I have OpenVPN setup via SoftEtherVPN, and it seemed to be working perfectly for us. From our android/iOS devices we are able to connect to the VPN and then remote to the machines that we need to from there.
However, when we connect the OpenVPN from a windows machine we are unable to access the same local devices. This includes pinging devices.

We have SecureNAT setup, as it doesn't allow us to connect to the VPN without it. I have attached an imagine our the settings for that.

I have setup a local bridge as well. It did give me a warning about running from a Hyper-V VM and using "promiscuous mode", which I believe I have enabled by enabling "Mac Address Spoofing" for the network adapter in my Hyper-V VM.

Any advice would be immensely appreciated!

As an update to this, I have tested the connection via the SoftEther VPN Client from the same machine and it connects and does allow me to ping servers and RDP to them.

I read that OpenVPN needs a flag enabling in the server config for "Client to Client" is that possibly what is stopping the connections and if so where would I change that?

Although I am able to ping 1.1.1.1 from CMD but not able to ping a machine on 192.168.1.30. Could it be a DNS issue?

Seems to be multiple people with this same issue all whom never got it resolved:
https://forum.vpngate.net/viewtopic.php?t=65489

I've now noticed that the DHCP server within "SecureNAT" has been causing issues on our network. It appears to be giving out IP addresses, how is that even possible??

Is anyone able to provide me with any advice for the 2 issues i've got, ive found multiple people with the same issue all who didn't get it resolved and i'm assuming gave up

On any single "virtual HUB" you should use either the "SecureNAT" feature or the "Local Bridge" feature NOT both.

The "Local Bridge" feature connects the "Virtual HUB" to the same network the "SE-Server Host" is connected to. VPN-clients would receive an IP address from the Local DHCP server ( the same DHCP server the SE-Host received its IP address from) and become part of the local network ( I believe in your case based on your DNS servers 192.168.1.X) VPN-Clients and Local Clients would have two way communication. With virtual machines like your Hyper-V "promiscuous mode"/ "Mac Address Spoofing" is required for this to work properly.

The "SecureNAt" feature functions like a "Basic Virtual SOHO router" that sits behind the local network router. Its like being double Nated. VPN-clients would connect to and receive their IP address from the "SecureNat" DHCP server ( in your case 192.168.30.X). The VPN-Clients traffic flows out the SecureNat gateway(192.168.30.1) and into the Local network (192.168.1.X) and out the local networks gateway (192.168.1.1) and out to the internet if allowed.

By default the VPN-clients should have access to the 192.168.30.X network and the 192.168.1.X network. But the local (192.168.1.X) is blocked from the (192.168.30.X) network due to the NAT on the Secure NAT virtual router.
When both "localbridge" and SecureNAT" on the Same "Virtual HUB" you are connecting both network together, not one behind the other. So both DHCP server spilling over onto each others network.

I always use the SE-client or the built in windows VPN client on Windows machines. I decided to try the OpenVPN client to help trouble shoot your issue . I also cannot seem to get it to work correctly although the mobile versions I have used with SE-Servers for years.