Page 1 of 1
How to configure LAN to LAN using Softether VPN
Posted: Tue Mar 05, 2024 6:40 am
by jufirst
Hi
I attempt to setup LAN to LAN using softether vpn
I try to the topolozy of network
192.168.2.2(PC) <-----wired----->192.168.2.1(vpnbridge), another NIC<----wireless(internet zone)------>220.XX.XX.XX,192.168.1.1(vpnserver)<-----wired--->192.168.1.2
I configured regard as se manual of Lan to Lan.
1. I installed vpnbridge and setting local bridge NIC of (192.168.2.1)
2. I installed vpnserver and setting local bridge NIC of(192.168.1.1)
3. I tried local bridge or secure nat of vpnserver machine
4. I connected from vpnbridge to vpnserver using cascade connection of account that created in vpnserver for connect from vpnbridge
There are two things I'm curious about:
First, in order to connect to the VPNbridge from a client, should it be done through VPNClient? So what are the specific methods?
Destination address is vpnserver? Or vpnbridge, it seems that accounts can only be created on vpnserver.
Second, if I don't need vpnclient, what additional work do I need to do to configure LAN to LAN with softether VPN, and how should I test the connection?
Which case or status that I confirm the success of connection and configure of topolozy?
What I inspect for success?
I searched by any days , But I can't the solution of them.
Thank you.
Re: How to configure LAN to LAN using Softether VPN
Posted: Tue Mar 05, 2024 7:20 am
by jufirst
If I don't need the vpnclient to connect vpnbridge, Why listen the port of vpnbridge(443,5555,etc)
Re: How to configure LAN to LAN using Softether VPN
Posted: Tue Mar 05, 2024 7:49 am
by solo
Re: How to configure LAN to LAN using Softether VPN
Posted: Tue Mar 05, 2024 8:47 am
by jufirst
Is it only one NIC ?
Can't I success with 2 NIC (vpnbridge side and vpnserver side) ?
What is role of vpn connection in LAN to LAN, If cant connect two site of internet ( Can't I use public ip address ? or port forwarding of pub IP) ?
Can't I setup LAN to LAN on server that have two NIC (Server Zone is DMZ)
Posted: Thu Mar 07, 2024 12:21 am
by jufirst
Hello
When I setup LAN to LAN ( 2 sites), Can't I Use 2 Network Interface Card in (vpnbridge or vpnserver PC )
Reply that wrote by softether community say only 1 NIC (Connect to internet by Network Address Translation), But I try to 2 NIC.
2 NIC is followed
One NIC is connected internal network(can't connect internet and isolated),
Other NIC can connect Internet
and Vpnbridge and Vpnserver of softether installed on this servers.
Can I setup site to site (LAN to LAN) ?
Re: Can't I setup LAN to LAN on server that have two NIC (Server Zone is DMZ)
Posted: Thu Mar 07, 2024 2:14 am
by solo
jufirst wrote: ↑Thu Mar 07, 2024 12:21 am
Reply that wrote by softether community say only 1 NIC (Connect to internet by Network Address Translation)
Where did the community write that only one NIC+NAT is allowed?
Re: How to configure LAN to LAN using Softether VPN
Posted: Thu Mar 07, 2024 2:32 am
by jufirst
link of document that You suggest to me, I find one network(IP of vpnserver(bridge) is one)
I can't find sample case that over 1 NIC.
So, I think that
Re: How to configure LAN to LAN using Softether VPN
Posted: Thu Mar 07, 2024 3:02 am
by solo
Re: How to configure LAN to LAN using Softether VPN
Posted: Thu Mar 07, 2024 4:58 am
by jufirst
I don't want to clustering
I 'll attach the network topolozy
192.168.2.2 (client)
192.168.2.1(172.20.18.31/24 , gw-172.20.18.154 - wifi network connected hot spot cellular phone)
192.168.2.1 and 192.168.2.2 are wired connected
vpnbridge installed 192.168.2.1 and was setted local bridge NIC of 192.168.2.1
192.168.1.2 ( client of server side)
192.168.1.1 (172.30.1.81/24,gw-172.30.1.254 - wifi network connected ISP internet using NAT)
192.168.1.2 and 192.168.1.1 are wired connected
vpnserver installed 192.168.1.1 and was setted local bridge NIC of 192.168.1.1
and
cascade connect from 192.168.2.1 to 192.168.1.1 successfully.
then, I try to ping 192.168.2.2 to 192.168.1.2 and fail to ping.
attach.jpg
in network topolozy vpnserver(172.30.1.81) use port forwarding 5555 -> 172.30.1.81 (public ip is 220.76.XXX.XXX)
Re: How to configure LAN to LAN using Softether VPN
Posted: Thu Mar 07, 2024 7:13 am
by jufirst
In fact, 192.168.2.2 and 192.168.1.2 can't connect internet web site, only can connect internal ip (192.168.2.0/24, 192.168.1.0/24)
Re: How to configure LAN to LAN using Softether VPN
Posted: Thu Mar 07, 2024 8:11 am
by solo
jufirst wrote: ↑Thu Mar 07, 2024 4:58 am
I try to ping 192.168.2.2 to 192.168.1.2 and fail to ping.
Ensure they are on the same subnet or use L3 switch. Also run on both:
netsh advfirewall firewall set rule name="File and Printer Sharing (Echo Request - ICMPv4-In)" new enable=yes
Re: How to configure LAN to LAN using Softether VPN
Posted: Fri Mar 08, 2024 12:37 am
by jufirst
thank you for your comment.
I tried set network config
192.168.2.2/16 <---------------> 192.168.2.1/16, 172.20.18.31/24 (NAT) ------- internet ------- 172.30.1.81/24(NAT), 192.168.1.1/16<----------> 192.168.1.2/16
but ping from 192.168.2.2 to 192.168.1.2 is failed.
and from 192.168.2.2 to 192.168.1.1(vpnserver) is failed
only from 192.168.2.2 to 192.168.2.1 is succeeded. but from 192.168.2.2 to 172.20.18.31 is failed.
vpnbridge,vpnserver 's OS are windows 10.
firewall are off all for test.
What can I do for success?
thank you
Re: How to configure LAN to LAN using Softether VPN
Posted: Fri Mar 08, 2024 1:50 am
by solo
Start the VPN and post
AS CODE the output of:
Code: Select all
from Windows #1 PC
------------------
ping 192.168.1.1
ping 192.168.1.2
ping 192.168.2.2
netstat -r
ipconfig /all
arp -a
netsh advfirewall show allprofiles state
vpncmd localhost:port /server /password:*** /cmd ServerInfoGet
vpncmd localhost:port /server /password:*** /cmd BridgeDeviceList
vpncmd localhost:port /server /password:*** /cmd BridgeList
vpncmd localhost:port /server /password:*** /adminhub:@@@ /cmd StatusGet
vpncmd localhost:port /server /password:*** /adminhub:@@@ /cmd NatGet
vpncmd localhost:port /server /password:*** /adminhub:@@@ /cmd AccessList
vpncmd localhost:port /server /password:*** /adminhub:@@@ /cmd CascadeList
vpncmd localhost:port /server /password:*** /adminhub:@@@ /cmd CascadeStatusGet [name]
//replace: 'port' with number; *** with SE admin password; @@@ with VPN hub's name
from Client #1 PC
------------------
ping 192.168.2.1
ping 192.168.1.1
ping 192.168.1.2
netstat -r
ipconfig /all
arp -a
netsh advfirewall show allprofiles state
from Windows #2 PC
------------------
ping 192.168.2.1
ping 192.168.2.2
ping 192.168.1.2
netstat -r
ipconfig /all
arp -a
netsh advfirewall show allprofiles state
vpncmd localhost:port /server /password:*** /cmd ServerInfoGet
vpncmd localhost:port /server /password:*** /cmd BridgeDeviceList
vpncmd localhost:port /server /password:*** /cmd BridgeList
vpncmd localhost:port /server /password:*** /adminhub:@@@ /cmd StatusGet
vpncmd localhost:port /server /password:*** /adminhub:@@@ /cmd NatGet
vpncmd localhost:port /server /password:*** /adminhub:@@@ /cmd AccessList
from Client #2 PC
------------------
ping 192.168.1.1
ping 192.168.2.1
ping 192.168.2.2
netstat -r
ipconfig /all
arp -a
netsh advfirewall show allprofiles state