We had the following problem:
Several independent companies should have access to a Windows virtual server through RDP which should operate via VPN.
The standard VPN Server installation of Softether did not work. There was no network created. Our solution was to install also VPN Client on the server, make a network and connect to the server. Then for the clients we could also join this network.
Then we could use RDP over VPN
Is this the correct way?
Softether on Windows Server for RDP connections
-
- Posts: 289
- Joined: Wed Dec 28, 2022 9:10 pm
Re: Softether on Windows Server for RDP connections
your topology is a "hub and spoke" --- MANY connect to ONE
If you just need to access a specific service (e.g RDP) not the whole network, a split tunnel is needed not a full tunnel
With a full tunnel connection from server A to your endpoint all traffic of server A is forwarded to the endpoint
Instead while you should be able to connect from server A to the endpoint via RDP but keeping the server A network as it is
solutions (no NAT)
SE server to SE server via cascade connection
In this one you do not need a SE client , just SE server installation and connection from each server X to the endpoint
So the endpoint have 10 users registered for 10 server
Each sever X is going to connect with their own username && password to the endpoint
And statically assigning iP to each tap interface
If number of servers are less than 255, a network of /24 is enough
SE client to SE server via a normal connection
In the case the SE client is going to forward all the traffic, and since you do not need it, the route table for each server X using SE client should be modified to prevent full tunneling
If there is NAT, then an intermediate server is needed as bridge between servers (clients) and the endpoint
If you just need to access a specific service (e.g RDP) not the whole network, a split tunnel is needed not a full tunnel
With a full tunnel connection from server A to your endpoint all traffic of server A is forwarded to the endpoint
Instead while you should be able to connect from server A to the endpoint via RDP but keeping the server A network as it is
solutions (no NAT)
SE server to SE server via cascade connection
In this one you do not need a SE client , just SE server installation and connection from each server X to the endpoint
So the endpoint have 10 users registered for 10 server
Each sever X is going to connect with their own username && password to the endpoint
And statically assigning iP to each tap interface
If number of servers are less than 255, a network of /24 is enough
SE client to SE server via a normal connection
In the case the SE client is going to forward all the traffic, and since you do not need it, the route table for each server X using SE client should be modified to prevent full tunneling
If there is NAT, then an intermediate server is needed as bridge between servers (clients) and the endpoint
-
- Posts: 2
- Joined: Mon Nov 13, 2023 7:34 am
Re: Softether on Windows Server for RDP connections
Thank you for the immediate reply.
I will try the Server-Server connection.
In my above described situation I did not see any traffic being rerouted since I made another network for the clients. In the clients I put the adapter metrics number to a higher number than the network which supplies Internet. I had to block port 443 for the VPN server tunnel otherwise the https: connections to the server from extern did not work.
I will try the Server-Server connection.
In my above described situation I did not see any traffic being rerouted since I made another network for the clients. In the clients I put the adapter metrics number to a higher number than the network which supplies Internet. I had to block port 443 for the VPN server tunnel otherwise the https: connections to the server from extern did not work.