SoftEther client within Linux Deploy

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
forestDwelr
Posts: 4
Joined: Fri Mar 15, 2019 8:45 am

SoftEther client within Linux Deploy

Post by forestDwelr » Fri Mar 15, 2019 9:06 am

I am running ubuntu bionic under Linux Deploy on Android nougat (Tegra K1 chipset). I have built softether from source and the compile/config & client connection startup show no errors. However, although connection seems to succeed i am unable to access the vpn network (can still see local network & internet) ...
1. Is there some fundamental reason why this can't work?
2. If not, how to debug?

Other info:
-For reference, i have a native ubuntu bionic install on a laptop (on the same network), which connects just fine. Softether version and NIC/account setup are identical between the two. 'ifconfig' output of running NIC is identical. netstat output looks identical for vpnclient entries (except for differences in dynamically assigned port numbers). List of installed cyphers is also identical.
-No firewall on either ubuntu or android host.

forestDwelr
Posts: 4
Joined: Fri Mar 15, 2019 8:45 am

Re: SoftEther client within Linux Deploy

Post by forestDwelr » Fri Mar 15, 2019 3:09 pm

One more comment:

Reading around other posts related to VM's etc it looks like making a bridge between softether and the dummy device setup by linux deploy would be a good place to start. However, when i tried to do this it fails because the kernel is compiled without CONFIG_BRIDGE.
It's probably not worthwhile to try and recompile the kernel (especially just as a guess) - any non-bridge ideas?

cmd wh0ami
Posts: 125
Joined: Sun Jul 16, 2017 6:58 pm

Re: SoftEther client within Linux Deploy

Post by cmd wh0ami » Sat Mar 23, 2019 1:53 am

A while back I installed and ran SoftEther on a Android cell phone using Linux Deploy and Busy Box. Here is a link to a post i made on it. Maybe your settings in linux deploy arent right read over my post and see if you can find a answer to your issue. I was kinda noob to linux when I wrote it, but I was able to figure it out, even though half the time I had no idea what I was talking about. (you'll see if you read it)

https://www.aspkin.com/forums/ip-addres ... erver.html
VPN Discord invite: https://discord.gg/QByKXA9

cmd wh0ami
Posts: 125
Joined: Sun Jul 16, 2017 6:58 pm

Re: SoftEther client within Linux Deploy

Post by cmd wh0ami » Sat Mar 23, 2019 2:03 am

Here is another post I wrote a couple years ago on how to set up softether client. maybe your missing something. some of the things at the end aren't necessary with some versions of Ubuntu. But maybe you will find your answer.

https://www.aspkin.com/forums/ip-addres ... toral.html
VPN Discord invite: https://discord.gg/QByKXA9

forestDwelr
Posts: 4
Joined: Fri Mar 15, 2019 8:45 am

Re: SoftEther client within Linux Deploy

Post by forestDwelr » Wed Mar 27, 2019 3:32 am

Thanks for the links.
Setting up the server and having it work over LTE is impressive! but seems quite a different problem to getting the client to work over wifi which is what i'm struggling with.

New Info:
  • My suspicion about needing a bridge was incorrect. I actually made myself a custom android kernel with CONFIG_BRIDGE present ... bridging then succeeded but did not solve the issue (by which i mean that on closer inspection linux deploy isn't really using 'dummy0' anyway).
  • I realized that using 'ping -I vpn_vpn_eth' instead of the default i/f, i can actually reach the VPN network.
... So, i came to think that linux deploy and its 'dummy0' device are red herrings here. The main difference between this environment and the native ubuntu case that i'm farmiliar with is simply that network-manager isn't running. Therefore it should be just a matter of manually setting up the correct routing ... still reading up on how to do that.

forestDwelr
Posts: 4
Joined: Fri Mar 15, 2019 8:45 am

Re: SoftEther client within Linux Deploy

Post by forestDwelr » Thu Mar 28, 2019 8:49 am

Finally working!

What really had me scratching my head about this was that after firing up the client connection, the output from "ip route" looked correct - that is to say, it was consistent with the output from a native ubuntu install where everything is working correctly.

Digging a bit deeper ... i guess
>ip route
really means...
>ip route show table main

...So there is an assumption that 'main' is being used. Quick look at "ip rule list" shows up the key difference between linux deploy and native ubuntu:

root> ip rule list
0: from all lookup local
10000: from all fwmark 0xc0000/0xd0000 lookup 99
10500: from all oif dummy0 lookup 1002
10500: from all oif wlan0 lookup 1005
13000: from all fwmark 0x10063/0x1ffff lookup 97
13000: from all fwmark 0x10064/0x1ffff lookup 1005
14000: from all oif dummy0 lookup 1002
14000: from all oif wlan0 lookup 1005
15000: from all fwmark 0x0/0x10000 lookup 99
16000: from all fwmark 0x0/0x10000 lookup 98
17000: from all fwmark 0x0/0x10000 lookup 97
19000: from all fwmark 0x64/0x1ffff lookup 1005
22000: from all fwmark 0x0/0xffff lookup 1005
23000: from all fwmark 0x0/0xffff lookup main
32000: from all unreachable

The standard "from all look up main" rule isn't there!
... from here (given that the "ip route" output looks sensible), it's clear that the following solves the problem:
>ip rule add from all lookup main

Obviously no longer SoftEther related, but this does lead me to wonder what are all these ip rules? can they be deleted?

Post Reply