Route only SoftEther server traffic through OpenVPN

a.saneie · Post by **a.saneie** » Fri Jan 27, 2023 1:26 am

Hello everyone
I'm running a softether server on debian 11 and I would like to only route the traffic of the softether (not my whole OS) through the openvpn client, from my other server.
Any Idea on how I'll be able to achieve this?

solo · Post by **solo** » Fri Jan 27, 2023 2:44 am

The same way like routing through VPN Gate client https://www.vpnusers.com/viewtopic.php? ... 926#p97433

a.saneie · Post by **a.saneie** » Sun Jan 29, 2023 6:38 pm

Thanks a lot man @solo
The thing is I don't want any traffic other than Softether to go through OpenVPN that's why I used "pull-filter ignore redirect-gateway" in my OpenVPN client config file but will this line your method is not working anymore.

solo · Post by **solo** » Sun Jan 29, 2023 8:14 pm

Go back to the above link and scroll down to "policy-based routing variant".

a.saneie · Post by **a.saneie** » Mon Jan 30, 2023 12:07 am

Thanks a lot @solo
What is 10.245.254.254 representing in that code? should I change it? Also any other part?
I'm wondering how this is gonna help because if I don't include "pull-filter ignore redirect-gateway" in my OpenVPN client config file VPS is gonna be inaccessible and I'll no longer be able to SSH into that, and I'm connecting to openvpn on that with openvpn that I install with "apt install openvpn" I don't know if you had any other way in mind.

solo · Post by **solo** » Mon Jan 30, 2023 1:00 am

10.245.254.254 is a default gateway on the remote (client) connection - adjust accordingly for your OVPN.

a.saneie · Post by **a.saneie** » Mon Jan 30, 2023 12:27 pm

So if I understand correctly it's the OVPN server public IP right? or it's the gateway? mine is like:
Public IP of VPS: 155.155.155.155
Public IP of OVPN server: 199.199.199.199
OVPN gateway: 172.25.0.1
OVPN client IP (DHCP): 172.25.0.14

What about "pull-filter ignore redirect-gateway" in my OpenVPN client config file?

solo · Post by **solo** » Mon Jan 30, 2023 1:16 pm

replace 10.245.254.254 with 172.25.0.1

"pull-filter ignore redirect-gateway" is completely irrelevant in the context of SE-OVPN routing

a.saneie · Post by **a.saneie** » Mon Jan 30, 2023 2:34 pm

solo wrote: ↑
Mon Jan 30, 2023 1:16 pm

replace 10.245.254.254 with 172.25.0.1

Thanks man

solo wrote: ↑
Mon Jan 30, 2023 1:16 pm

replace 10.245.254.254 with 172.25.0.1

"pull-filter ignore redirect-gateway" is completely irrelevant in the context of SE-OVPN routing

But if I don't include this in the config file and connect to the OpenVPN client, VPS becomes inaccessible and if I do, VPS softether won't route the traffic through the OpenVPN client.

I think I should explain the situation again:

I got an OPENVPN client config file from a server which got access to the internet. We call it "OVPNfree".
And I also got a Linux VPS which doesn't have access to the internet but can connect to "OVPNfree".
On VPS, I installed Softether and turned on the OPENVPN server so I could connect to it with my phone and PC, which is called "OVPNdomestic".

Now what I want to achieve is to connect softether server which is running on my VPS to "OVPNfree" in a way that doesn't effect anything else on that VPS and doesn't make the SSH and other services on that VPS inaccessible via the public IP of the VPS. So this way if I connect to "OVPNdomestic" with my phone it will have access to the internet. **I cannot directly connect to "OVPNfree" on my phone or PC**

MY PC <=> "OVPNdomestic" VPS (Softether <=> "OVPNfree") <=> "OVPNfree" <=> Internet

solo · Post by **solo** » Tue Jan 31, 2023 5:20 am

a.saneie wrote: ↑
Mon Jan 30, 2023 2:34 pm
...if I do, VPS softether won't route the traffic through the OpenVPN client.

If you are absolutely sure that you have adapted the VPN Gate method precisely, and SE server is running, do as follows:
- start OVPN with "pull-filter ignore redirect-gateway"
- from the VPS verify that eg ping 1.1.1.1 is OK
- post as code the output of: