question about bridge service

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
freeiran
Posts: 48
Joined: Fri Apr 05, 2013 8:17 pm

question about bridge service

Post by freeiran » Wed May 22, 2013 4:54 pm

hi admin

i setup a bridge between softether client and server, and have ping beetween them, also i set an ip address from on layer3 virtual interface and have ping from client to this adapter, but i cant route the bandwidth from server that has internet to the virtual interface of layer3.

can you help me about that?

i should do this work bevause of my server softeare is on VPS and hyper-v in win 2003 doesnt have promiscuous mode to enable.

dera admin, i am waiting for your reply

best regards

cedar
Site Admin
Posts: 2070
Joined: Sat Mar 09, 2013 5:37 am

Re: question about bridge service

Post by cedar » Thu May 23, 2013 12:43 pm

What is your goal?
What purpose do you want to use the VPN for?

freeiran
Posts: 48
Joined: Fri Apr 05, 2013 8:17 pm

Re: question about bridge service

Post by freeiran » Thu May 23, 2013 2:39 pm

i want to make a vpn on bridge, and then route some IP addresses from server to client trough the tunnel

cedar
Site Admin
Posts: 2070
Joined: Sat Mar 09, 2013 5:37 am

Re: question about bridge service

Post by cedar » Thu May 23, 2013 3:31 pm

Is it correct in understanding that you want to build a network, such as the manual 10.6.

http://www.softether.org/4-docs/1-manua ... P_Routing)

I guess that routing table setting may be not correct.
What setting did you apply to routing table?

freeiran
Posts: 48
Joined: Fri Apr 05, 2013 8:17 pm

Re: question about bridge service

Post by freeiran » Thu May 23, 2013 3:53 pm

i wanted to see this page for see all of the page need to login, i havent any local account.

my client softether ip is 1.1.1.2 located this ip on NIC ( also my NIC has a public IP)
my server virtual interface on layer3 switch on softether is 1.1.1.1 ( now my NIC only has public IP )

now when i connect cascade connection ihave ping from 1.1.1.2 to 1.1.1.1 and 1.1.1.1 to 1.1.1.2
also ihave ping from public ip on client to 1.1.1.1

but i havent ping from public IP on server to 1.1.1.2!!!!!

when i wanted to have bridge between softether server and server NIC because of i have VPS and data center doesnt active pomiscuous for me, i cant have this bridge.

now i want to route a public ip from server to client

please help me about config

regards

cedar
Site Admin
Posts: 2070
Joined: Sat Mar 09, 2013 5:37 am

Re: question about bridge service

Post by cedar » Thu May 23, 2013 11:00 pm

The virtual Layer 3 switch don't let communicate to the host OS with the virtual hub.
You should use VPN client to communicate with the virtual hub instead of local-bridge.

freeiran
Posts: 48
Joined: Fri Apr 05, 2013 8:17 pm

Re: question about bridge service

Post by freeiran » Fri May 24, 2013 4:47 am

you put route option on layer3 switch, i wrote route but it doesnt work yet, i thnik may i have problem on routing rule or maybe your route command doesnt work good, that was the reason i need to your help about config, also i need too see the page that you sent me before, it needs special account. maybe it can help me

and in the other hand i should say when i connect cascade, i am connectiong to virtual hub trough vpn, is there any difference to the thing that you said.

also i am using windows route to have communicate beetween layer3 switch and server os , but it doesnt have,

do you think it is so wonderfull.

i am waiting for your guide.

regards

cedar
Site Admin
Posts: 2070
Joined: Sat Mar 09, 2013 5:37 am

Re: question about bridge service

Post by cedar » Fri May 24, 2013 7:04 am

If you want to communicate a remote PC with VPN, you don't need to use virtual L3SW.
Of course, you don't need to configure routing table.

Please try PC-to-PC form VPN network.
http://www.softether.org/4-docs/1-manua ... -to-PC_VPN

freeiran
Posts: 48
Joined: Fri Apr 05, 2013 8:17 pm

Re: question about bridge service

Post by freeiran » Fri May 24, 2013 9:06 am

thanks alot for your reply, but i have a quesion

i have a device beside of my client that i have bridge on that should have a public IP that this public IP is for example should be from the range of softether server to bypass the filterring.

so i cant use pc-to pc technique, because of i have a softether server, and client pc, and a device beside client pc, that i want after i made the bridge , could to route ip address trough vpn to client and after that route to device.

is there any way to i solve that problem for promiscuous when i made bridge, because of i simulate these on 2 computers here and work fine, but i have vps and data center because of security, doesnt enable promiscuous mode for me

i said before i can ping from public IP at client the vpn server IP ( 1.1.1.1 )

but from server public IP i cant ping 1.1.1.2

please help me about that

regards

cedar
Site Admin
Posts: 2070
Joined: Sat Mar 09, 2013 5:37 am

Re: question about bridge service

Post by cedar » Fri May 24, 2013 11:56 am

Do you want to access from device in client side network to the Internet?
If so, it is a good idea is to use the SecureNAT function instead of virtual L3SW.

The device -(local bridge)-> VPN Bridge -----(Internet)----> VPN Server -(SecureNAT)--> Internet

freeiran
Posts: 48
Joined: Fri Apr 05, 2013 8:17 pm

Re: question about bridge service

Post by freeiran » Fri May 24, 2013 12:41 pm

thanks alot for your reply again.

it is a good diagram, but i need that softethet do secureNAT on a private special static IP address, now my usual users having secure nat on my server IP address.

i want to get another IP from data center and allocate this IP to this user all of the time. my user have a VOIP gateway that should register to a softswitch , so my user should have a static public IP that is private that can register to softswitch after they open his IP in firewall

also i wanted to know in this mode my client will get an ip ehich is not public, how can route public IP trough NAT and client which takes non-public IP?

do you think it is better that i can make a connection between layer3 switch and VPS?

when you have routing oprion on layer3 switch why it doesnt work correctly?

does it possible?

regards

cedar
Site Admin
Posts: 2070
Joined: Sat Mar 09, 2013 5:37 am

Re: question about bridge service

Post by cedar » Sun May 26, 2013 1:09 am

Virtual L3SW is not NAT router.
If you need NAT with special setting, you should setup a dedicated NAT server on your VPS.

freeiran
Posts: 48
Joined: Fri Apr 05, 2013 8:17 pm

Re: question about bridge service

Post by freeiran » Sun May 26, 2013 10:34 am

i have a question

layer3 doesnt do NAT

layer3 doesnt do Route,

do you think it is really layer3.

i think it is better that named that internal virtual interface.

am i right?

thanks alo for your reply

regards

cedar
Site Admin
Posts: 2070
Joined: Sat Mar 09, 2013 5:37 am

Re: question about bridge service

Post by cedar » Mon May 27, 2013 9:27 am

Virtual Layer 3 switch route the packets.

You must specify a virtual L3SW as a gateway to the destination network into routing table of all involved hosts.
(Of course, you can set it as the default gateway.)

In order to communicate with the Internet through a virtual L3SW, all attached networks should be using a global IP address, and upstream router should know the virtual L3SW as a lower router.

freeiran
Posts: 48
Joined: Fri Apr 05, 2013 8:17 pm

Re: question about bridge service

Post by freeiran » Wed May 29, 2013 2:40 pm

hi

i did all of that, but it doesnt route.

cedar
Site Admin
Posts: 2070
Joined: Sat Mar 09, 2013 5:37 am

Re: question about bridge service

Post by cedar » Wed May 29, 2013 11:14 pm

Configuring IP network is very complex.
Please show your network configuration specific.

Post Reply