Hi dear guys and @solo
In Iran the ultimate censorship is running already. Everything you are thinking about it, becoming to be censored and filtered, it seems they are trying to use whitelist on their firewall.
BTW i can access to Europe location server only by cascade connection through 2 softether servers.
VPS1=IRAN
VPS2=TURKEY
VPS1 can access to VPS2 throughout the cascade connection.
I can access to VPS1 by L2TP connection and at final get VPS2 ip.
Unfortunately openvpn server that integrated with SE doesnt work and can't connect.
I have to install Angristan auto script version of openvpn server on VPS1.
OVPNServer= Angristan openserver script on VPS1
The question is how to route the OVPNServer to access VPS2 from VPS1?
Is the way to access to this scehmatic
Clients > OVPNServer > VPS1 [cascaded] VPS2
When clients connected to OVPNServer, they will get VPS2 ip?
Thanks in advance
Howto Route Other VPN Servers to Connect SoftEther Server
-
- Posts: 28
- Joined: Fri Nov 25, 2022 6:08 am
-
- Posts: 1272
- Joined: Sun Feb 14, 2021 10:31 am
Re: Howto Route Other VPN Servers to Connect SoftEther Server
Hello @mjthelearner, what's the problem with "openvpn server that integrated with SE"? Apart from the known scalability issue, it works fine (for me). Post server/client logs.
As for the Angristan openvpn-install script, it sets up "dev tun" routed IP tunnel, but you'd need "dev tap0" to bridge it with SoftEther. Simply use Linux bridge of OVPN "dev tap0" with SE soft tap for this OVPN/SE hybrid server.
"When clients connected to OVPNServer, they will get VPS2 ip?"
yes
As for the Angristan openvpn-install script, it sets up "dev tun" routed IP tunnel, but you'd need "dev tap0" to bridge it with SoftEther. Simply use Linux bridge of OVPN "dev tap0" with SE soft tap for this OVPN/SE hybrid server.
"When clients connected to OVPNServer, they will get VPS2 ip?"
yes
-
- Posts: 28
- Joined: Fri Nov 25, 2022 6:08 am
Re: Howto Route Other VPN Servers to Connect SoftEther Server
Thank you solo for responding 🙏
This is the OpenVPN log on mobile client side
Use as TCP
Changed real ip to x.x.x.x
Use as UDP
____________
For run SE with tap adapter as local bridge, i did on two side VPSs ,
What i did
VPS1 [IRAN], created local bridge and set the ip pool for soft_tap as 12.0.0.1/24
VPS2 [TURKEY], created local bridge and set the ip pool for soft_tap as 13.0.0.1/24
VPS1 > cascaded to > VPS2
When client is connected to VPS1, it will get the ip from VPS2 ip pool range and doesn't take it from VPS1 ip range and its the matter.
I had to write all my config step here, right?
This is the OpenVPN log on mobile client side
Use as TCP
Changed real ip to x.x.x.x
Code: Select all
03:45:38.667 -- EVENT: RECONNECTING
03:45:38.672 -- EVENT: RESOLVE
03:45:38.677 -- Contacting x.x.x.x:1195 via TCPv4
03:45:38.679 -- EVENT: WAIT
03:45:38.852 -- Transport Error: TCPv4 connect error on 'x.x.x.x.:1195' (x.x.x.x:1195): Connection refused
03:45:38.861 -- Client terminated, restarting in 2000 ms...
03:45:40.852 -- EVENT: RECONNECTING
03:45:40.858 -- EVENT: RESOLVE
03:45:40.864 -- Contacting x.x.x.x.:1195 via TCPv4
03:45:40.864 -- EVENT: WAIT
03:45:40.923 -- Transport Error: TCPv4 connect error on 'x.x.x.x:1195): Connection refused
03:45:40.924 -- Client terminated, restarting in 2000 ms...
Use as UDP
Code: Select all
03:55:47.666 -- Server poll timeout, trying next remote entry...
03:55:47.667 -- EVENT: RECONNECTING
03:55:47.671 -- EVENT: RESOLVE
03:55:47.676 -- Contacting x.x.x.x.:1195 via UDP
03:55:47.677 -- EVENT: WAIT
03:55:47.681 -- Connecting to [x.x.x.x]:1195 (x.x.x.x) via UDPv4
03:55:57.667 -- Server poll timeout, trying next remote entry...
03:55:57.669 -- EVENT: RECONNECTING
03:55:57.674 -- EVENT: RESOLVE
03:55:57.677 -- Contacting x.x.x.x:1195 via UDP
03:55:57.678 -- EVENT: WAIT
03:55:57.692 -- Connecting to [x.x.x.x]:1195 (x.x.x.x) via UDPv4
____________
For run SE with tap adapter as local bridge, i did on two side VPSs ,
What i did
VPS1 [IRAN], created local bridge and set the ip pool for soft_tap as 12.0.0.1/24
VPS2 [TURKEY], created local bridge and set the ip pool for soft_tap as 13.0.0.1/24
VPS1 > cascaded to > VPS2
When client is connected to VPS1, it will get the ip from VPS2 ip pool range and doesn't take it from VPS1 ip range and its the matter.
I had to write all my config step here, right?
-
- Posts: 1272
- Joined: Sun Feb 14, 2021 10:31 am
Re: Howto Route Other VPN Servers to Connect SoftEther Server
Re: internal OVPN SE server
- on the SE hub set: Log Save Setting / Save Packet Log: ON / ICMP Packet: Header Only
- briefly disable all firewalls
- try a VPN connection from a Windows OVPN client
Post server/client logs.
Re: external OVPN hybrid server
Assuming the "how to make a Tunnel" network topology, try this:
- on VPS1 aka "blocked country" change from "no bridge" to a bridge with Linux tap
- using bridge-utils bridge the SE tap with OVPN tap0
That's it, no IP assignments or any other setup required, very easy.
It's also possible to route between the servers but it's complex and I don't support it :-)
- on the SE hub set: Log Save Setting / Save Packet Log: ON / ICMP Packet: Header Only
- briefly disable all firewalls
- try a VPN connection from a Windows OVPN client
Post server/client logs.
Re: external OVPN hybrid server
Assuming the "how to make a Tunnel" network topology, try this:
- on VPS1 aka "blocked country" change from "no bridge" to a bridge with Linux tap
- using bridge-utils bridge the SE tap with OVPN tap0
That's it, no IP assignments or any other setup required, very easy.
It's also possible to route between the servers but it's complex and I don't support it :-)