VPN server on PC that have two network adapters

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
designermix
Posts: 11
Joined: Wed Aug 30, 2023 11:16 am

VPN server on PC that have two network adapters

Post by designermix » Wed Aug 30, 2023 11:58 am

Hello, i installing SoftEther at PC that have two network adapters.

1-st connect at router that connected to the inernet and it have:
IP: 192.168.1.10
Mask: 255.255.255.0
gateway: 192.168.1.1 (router)
First DNS: 10.5.0.1 (from l2tp)
Second DNS: 192.168.1.1 (for internet)

2-nd connect to mikrotik that have l2tp connection through router (with ip 192.168.1.1) and it have:
IP: 10.131.5.99
Mask: 255.255.255.0
Gateway: none
DNS: 10.5.0.1

I made two static routes at PC:
route -p ADD 10.0.0.0 mask 255.0.0.0 10.131.5.253 metric 1 (10.131.5.253 this is IP of mikrotik)
route -p ADD 0.0.0.0 mask 0.0.0.0 192.168.1.1 metric 2

And with this configuration you can use local network through l2tp when you trying to acess local DNS or local ip that start from 10. This is for understanding of my configuration.

What is my question:
When i connect to VPN that i created through port 5555 form other pc through inernet - it connectd normally, i configure SecureNAT and DHCP 192.168.30.1 (default at server side for clients), i add static route 10.0.0.0/255.0.0.0/192.168.30.1 so at client side internet didnt work through VPN and only local ip start from 10. BUT when i trying to acess to 10.131.5.99 from client side of softeather vpn i can't acess it bc tracerout show that:
traceroute.png
So the question: How can i pick default network adapter that will accept packets from 192.168.30.1? I want pick router 10.131.5.253. Is there any way to do it? Or maybe other way to route trafic from vpn client to that network adapter?

Thanks!!!
You do not have the required permissions to view the files attached to this post.

solo
Posts: 1196
Joined: Sun Feb 14, 2021 10:31 am

Re: VPN server on PC that have two network adapters

Post by solo » Wed Aug 30, 2023 1:08 pm

Go: Manage VPN Server > Virtual Hub Name > VPN > Properties > Edit Virtual Hub Extended Option List:
set DisableKernelModeSecureNAT to 1
net stop sevpnserver
net start sevpnserver

designermix
Posts: 11
Joined: Wed Aug 30, 2023 11:16 am

Re: VPN server on PC that have two network adapters

Post by designermix » Wed Aug 30, 2023 1:24 pm

solo wrote:
Wed Aug 30, 2023 1:08 pm
Go: Manage VPN Server > Virtual Hub Name > VPN > Properties > Edit Virtual Hub Extended Option List:
set DisableKernelModeSecureNAT to 1
net stop sevpnserver
net start sevpnserver
Work like a charm!!! Wow, i never found it myself. I was in this section before but didn't understand how it work.

I gonna test it more, have some issues but i think i figure out now.

Thank you!!!

designermix
Posts: 11
Joined: Wed Aug 30, 2023 11:16 am

Re: VPN server on PC that have two network adapters

Post by designermix » Wed Aug 30, 2023 2:11 pm

This is probably offtopic, but it look interesting to me:

This is tracert from PC that connected to softeather VPN:
my.png
This is tracert from PC that connected to local network (pc connect to mikrotik (10.131.5.253) i describe it in first post):
fix.png
When i connected to VPN as client and i use DNS name instead of IP - it open in browser normally. When i open it from IP in browser it didn't work because it go for some other server. Look strange to me. Whend i disconnect from VPN and acessing DNS name ml.fix... it didn't open (i just say it for understanding that it acessible only from VPN)
You do not have the required permissions to view the files attached to this post.

designermix
Posts: 11
Joined: Wed Aug 30, 2023 11:16 am

Re: VPN server on PC that have two network adapters

Post by designermix » Wed Aug 30, 2023 3:12 pm

I figure it out! My guess was that router look at origin ip so i change it at securenat dhcp and now everything work fine to me
photo_2023-08-30_18-08-48 (2).jpg
You do not have the required permissions to view the files attached to this post.

designermix
Posts: 11
Joined: Wed Aug 30, 2023 11:16 am

Re: VPN server on PC that have two network adapters

Post by designermix » Wed Aug 30, 2023 10:02 pm

Ok, last problem that i met in my configuration:

i need to force site xxx-api.fix-price.ru to use 10.5.x.x IP because of error that i see in google chrome console "has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource."

if i didnt force it in windows hosts file with this string: 10.5.x.x xxx-api.fix-price.ru site didn't work well because somehow it use another IP to load content.

Is any way to change ip for this speceific url on server side or should i do it on client?

PS: ofc dns for client of vpn set as 10.5.0.1 (and it work for other url's)

Post Reply