Hello All,
I want to setup a computer on a local network with Softether VPN and have multiple connections to it. I want to be able to get to that computer that is hosting the softether from the ones that connect but not to anything else on the network on ether side.
I think this can be done using secureNAT. I have a virtual hub that I have setup using 10.1.3.x my servers IP is 10.0.1.45. When I have the client connected it gets an IP of 10.1.3.10 and I can ping 10.1.3.1. What I don't understand is how to get the client where it can ping the 10.0.1.45 address.
Thanks
Kirk
VPN setup question
-
- Posts: 1270
- Joined: Sun Feb 14, 2021 10:31 am
Re: VPN setup question
There are a few ways to accomplish your objectives. Your current setup could be modified with minimal effort as follows:
- to be able to ping the server, simply change SecNAT's vDHCP mask to 255.0.0.0 and run: netsh advfirewall firewall set rule name="File and Printer Sharing (Echo Request - ICMPv4-In)" new enable=yes
- to block clients from accessing the LAN, set Access Control List
- to block clients from accessing remote internet, remove default gateway from SecNAT and also apply ACL for good measure
-
- Posts: 2
- Joined: Tue Nov 29, 2022 8:35 pm
Re: VPN setup question
I did your steps and it still did not work.
How does the packet get from the secNAT of 10.1.3.x to the 10.0.1.x network?
I think I need to setup something in the local bridge or layer 3 switch. and then add something to the routing table but I'm just not getting it work.
If I setup hub and a bridge and don't use SecNAT then I get an can ping the server from the client.
Also a problem with changing the subnet as you suggest is I will at the end have many clients connecting to different hubs with SecNAT using 10.1.4.x and 10.1.5.x and want them to access the server but not each other.
Thanks
Kirk
How does the packet get from the secNAT of 10.1.3.x to the 10.0.1.x network?
I think I need to setup something in the local bridge or layer 3 switch. and then add something to the routing table but I'm just not getting it work.
If I setup hub and a bridge and don't use SecNAT then I get an can ping the server from the client.
Also a problem with changing the subnet as you suggest is I will at the end have many clients connecting to different hubs with SecNAT using 10.1.4.x and 10.1.5.x and want them to access the server but not each other.
Thanks
Kirk
-
- Posts: 1270
- Joined: Sun Feb 14, 2021 10:31 am
Re: VPN setup question
via SecNAT's vNAT tap into the OS' TCP/IP stackkirkgroome wrote: ↑Wed Nov 30, 2022 8:39 pmHow does the packet get from the secNAT of 10.1.3.x to the 10.0.1.x network?
If you don't like the mask's change, then push a static route from SecNAT instead.
-
- Posts: 1
- Joined: Wed Dec 07, 2022 12:14 am
Re: VPN setup question
Hello All,
I wanted to use SoftEther as my VPN to connect to a WAN Network within Nigeria, I plan to use a mobile Network and there will be a possibility I will use different mobile providers within some locations depending on network availability, I also don't have a static IP, was it possible to configure the VPN server on the server that I want to share some resources within the network? Was it going to be effective to use DHCP? I will appreciate support in any form that will enable me to archive that.
Thank you
I wanted to use SoftEther as my VPN to connect to a WAN Network within Nigeria, I plan to use a mobile Network and there will be a possibility I will use different mobile providers within some locations depending on network availability, I also don't have a static IP, was it possible to configure the VPN server on the server that I want to share some resources within the network? Was it going to be effective to use DHCP? I will appreciate support in any form that will enable me to archive that.
Thank you