Site-to-Site for L2TPv2 clients

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
kneel
Posts: 5
Joined: Thu Jun 01, 2017 2:48 am

Site-to-Site for L2TPv2 clients

Post by kneel » Thu Jun 22, 2017 4:18 am

I wanted a way to let non-SoftEtherVPN Client L2TPv2/IPSec clients to be able to use bridge/router mode, so that I can build L2TPv2 site-to-site VPNs.
I realise this may not be that important to the developers, as this means you also need a way to manually add routes on the client side. This is not an issue for me, so I downloaded the source code and found a way to do it myself.
Please see the attached file, which is from the Cedar directory of the source tree.
Sorry, no diff file!
I added 3 lines (line 2505 which is a comment line, plus 2506 & 7 which do the work) to this file, which simply forces Bridge/router mode for connections.
All L2TP client connections show the "Bridge/Router mode" enabled in client properties of the SoftEther server manager, and traffic appears to route fine, although I haven't extensively tested this yet - I have checked that traffic appears on the virtual switch with the correct IP and MAC addresses, but that's about it.
Routing can be added at the client (linux client, I am using embedded device) using something like "ip route add a.b.c.d/x via e.f.g.h" where a.b.c.d/x if the CIDR for the target network and e.f.g.h is the IP of a (virtual) router or client attached to the virtual switch.

I am posting this in the hopes it is useful to someone else.

If developers are reading this, perhaps you could add this option on a per-user or per-switch (or both!) basis. Client setup in non-trivial and can't be automated from the server end, but I find it useful for what I want/need to do, and so may others. Suitable caveats in the documentation ("for networking experts only" or similar) of course.

Complaints to /dev/null :-)
You do not have the required permissions to view the files attached to this post.

Post Reply