SoftEther VPN User Forum

Thank you for providing this wonderful VPN software!

I am unclear how NAT Traversal works. How does the client or cascade connection know where the VPN server is behind my Router/NAT firewall. If I don't open and forward the port on the Router to the local softether VPN server IP address. How will it find it ?

I am currently using port 5555 on a Server to Bridge setup. (It is running great)

However when I don't open and forward port 5555 on the Router/NAT the Server is behind to the server local IP the Bridge cannot connect.

I would love to close all ports and still have the VPN connection.

I appreciate your help and direction on setting up NAT Traversal.

Thank you

When I do a packet capturing on the network adapter, it show that NAT Traversal is using UDP.

The listening ports are TCP ports and HTTPS is used, you must open the ports for TCP connections like a normal HTTPS web server.

Thank you for your reply.

So I would only need to open the TCP listening ports on the Server Firewall ie: the PC/Server the VPN is installed on.

I do not need to open the ports on the Router-NAT/Firewall.

I have tested this and it does work.

Thank you for your help.

Hi.

You can disable the NAT Traversal function on the VPN Server by followings:

1. Stop vpnserver service.
2. Open vpn_server.config by your text editor.
3. Modify the field:
bool DisableNatTraversal false -> true
4. Start vpnserver service.