L2TP/IPSEC PSK Issue
-
- Posts: 9
- Joined: Sat Sep 28, 2013 2:10 pm
L2TP/IPSEC PSK Issue
Hi All.
Hope you can help with this.
I'm trying to set up a few android devices and iPhone using L2TP/IPSEC PSK.
I've followed the online info but I'm having no luck. It just keeps saying unsuccessful.
I've noticed something though.
I have selected the user names etc as standard passwords. When i log on using my laptop selecting my log in, it only connects by using Radius or NT domain password setting.
I HAVE NOT SELECTED THIS AT ALL. I've been back on the server and I've made sure it only has the standard password selected. But alas, No luck and from a PC it's asking for radius or NT domain log in.
Can anyone help?
I'm not using secure NAT or anything. This is a direct link to the virtual hub.
Also, can I just check the forwarding route is 0.0.0.0/0. If not how do I find out what it should be? I haven't changed anything from the original install.
Thanks in advance.
Simon
Hope you can help with this.
I'm trying to set up a few android devices and iPhone using L2TP/IPSEC PSK.
I've followed the online info but I'm having no luck. It just keeps saying unsuccessful.
I've noticed something though.
I have selected the user names etc as standard passwords. When i log on using my laptop selecting my log in, it only connects by using Radius or NT domain password setting.
I HAVE NOT SELECTED THIS AT ALL. I've been back on the server and I've made sure it only has the standard password selected. But alas, No luck and from a PC it's asking for radius or NT domain log in.
Can anyone help?
I'm not using secure NAT or anything. This is a direct link to the virtual hub.
Also, can I just check the forwarding route is 0.0.0.0/0. If not how do I find out what it should be? I haven't changed anything from the original install.
Thanks in advance.
Simon
-
- Posts: 153
- Joined: Fri Oct 11, 2013 4:00 pm
- Location: Netherlands
Re: L2TP/IPSEC PSK Issue
You're server hub should use secureNat OR be bridged to a local network adapter.
In the last case the client should get an ip address of the server's dhcp server on the network of the local network adapter.
In the last case the client should get an ip address of the server's dhcp server on the network of the local network adapter.
-
- Posts: 9
- Joined: Sat Sep 28, 2013 2:10 pm
Re: L2TP/IPSEC PSK Issue
Hi,
It is all set up and working using the softether client. But using L2TP/IPSEC PSK doesn't.
Everything else works fine and gets the IP from my server on the network. However, the L2TP connection just doesn't work.
I only have the 1 connection in the softether server with 1 network bridge to the server.
Any further ideas?
Simon
It is all set up and working using the softether client. But using L2TP/IPSEC PSK doesn't.
Everything else works fine and gets the IP from my server on the network. However, the L2TP connection just doesn't work.
I only have the 1 connection in the softether server with 1 network bridge to the server.
Any further ideas?
Simon
-
- Posts: 3
- Joined: Tue Jan 28, 2014 11:26 am
Re: L2TP/IPSEC PSK Issue
I have the same problem.
I can log into my VPN using the softether client on Windows, but cannot make L2TP/IPSEC PSK from android.
I have also tried configuring the windows Client as per the tutorials online but no joy.
I can log into my VPN using the softether client on Windows, but cannot make L2TP/IPSEC PSK from android.
I have also tried configuring the windows Client as per the tutorials online but no joy.
-
- Posts: 3
- Joined: Tue Jan 28, 2014 11:26 am
Re: L2TP/IPSEC PSK Issue
for now I am using OPENVPN-CONNECT app from OpenVPN of googles app store.
I know this isnt L2tP with ipsec, but android users can connect with this.
it will be great if a solution can be found for the l2tp issues that dont work
I know this isnt L2tP with ipsec, but android users can connect with this.
it will be great if a solution can be found for the l2tp issues that dont work
-
- Posts: 9
- Joined: Sat Sep 28, 2013 2:10 pm
Re: L2TP/IPSEC PSK Issue
Nazir wrote:
> for now I am using OPENVPN-CONNECT app from OpenVPN of googles app store.
>
> I know this isnt L2tP with ipsec, but android users can connect with this.
>
> it will be great if a solution can be found for the l2tp issues that dont
> work
Have you had to set up certificates for all users?
> for now I am using OPENVPN-CONNECT app from OpenVPN of googles app store.
>
> I know this isnt L2tP with ipsec, but android users can connect with this.
>
> it will be great if a solution can be found for the l2tp issues that dont
> work
Have you had to set up certificates for all users?
-
- Posts: 3
- Joined: Tue Jan 28, 2014 11:26 am
Re: L2TP/IPSEC PSK Issue
username and password for authentication.
-
- Posts: 4
- Joined: Thu Mar 06, 2014 6:41 pm
Re: L2TP/IPSEC PSK Issue
I can connect to the server using my mobile (android), but no send/receive at all!
how could I find the reason?!
how could I find the reason?!
-
- Posts: 2458
- Joined: Mon Feb 24, 2014 11:03 am
Re: L2TP/IPSEC PSK Issue
Hi, Hsec
We need more information. We can't find problem.
Please see http://www.vpnusers.com/viewtopic.php?f=7&t=2790
We need more information. We can't find problem.
Please see http://www.vpnusers.com/viewtopic.php?f=7&t=2790
-
- Posts: 4
- Joined: Thu Mar 06, 2014 6:41 pm
Re: L2TP/IPSEC PSK Issue
(It’s a virtual machine (ESXi base) on a dedicated server.)
I'm using this server as a gateway to internet.
1-
CentOs 6.5 X86_64
2-
eth0 Link encap:Ethernet HWaddr 00:50:56:A:B:C
inet addr: x.y.z.156 Bcast:x.y.z.159 Mask:255.255.255.240
inet6 addr: fe80::250:56ff:fe15:2282/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:22227133 errors:0 dropped:0 overruns:0 frame:0
TX packets:24571584 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:10803056439 (10.0 GiB) TX bytes:12327220494 (11.4 GiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:2300 errors:0 dropped:0 overruns:0 frame:0
TX packets:2300 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2143642 (2.0 MiB) TX bytes:2143642 (2.0 MiB)
3-
Linux SG156 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux
4-
Build 9423
5-
I don’t know what this question exactly mean
6-
As I already mentioned, the server is a virtual machine on a dedicated server. I don’t have any NAT or Firewall installed but, the Datacenter surely use firewall.
7-
I use SecureNAT for ease of use. I don’t want to config dhcp on my server. And I don’t know much about “Local Bridge function” and why I should use it.
8-
# Software Configuration File
#
# You can edit this file when the program is not working.
#
declare root
{
uint ConfigRevision 84
bool IPsecMessageDisplayed true
bool VgsMessageDisplayed false
declare DDnsClient
{
bool Disabled false
byte Key sT+A3709ipdRS/*/lz3c=
string LocalHostname SG156
string ProxyHostName $
uint ProxyPort 0
uint ProxyType 0
string ProxyUsername $
}
declare IPsec
{
bool EtherIP_IPsec true
string IPsec_Secret *****
string L2TP_DefaultHub VPN
bool L2TP_IPsec true
bool L2TP_Raw true
declare EtherIP_IDSettingsList
{
}
}
declare ListenerList
{
declare Listener0
{
bool DisableDos false
bool Enabled true
uint Port 443
}
declare Listener1
{
bool DisableDos false
bool Enabled true
uint Port 992
}
declare Listener2
{
bool DisableDos false
bool Enabled true
uint Port 1194
}
declare Listener3
{
bool DisableDos false
bool Enabled true
uint Port 5555
}
}
declare LocalBridgeList
{
}
declare ServerConfiguration
{
uint64 AutoDeleteCheckDiskFreeSpaceMin 104857600
uint AutoSaveConfigSpan 300
bool BackupConfigOnlyWhenModified true
string CipherName RC4-MD5
uint CurrentBuild 9423
bool DisableDeadLockCheck false
bool DisableDosProction false
bool DisableIntelAesAcceleration false
bool DisableIPv6Listener false
bool DisableNatTraversal false
bool DisableOpenVPNServer false
bool DisableSSTPServer false
bool DontBackupConfig false
bool EnableVpnAzure false
bool EnableVpnOverDns false
bool EnableVpnOverIcmp false
byte HashedPassword **************************
string KeepConnectHost keepalive.softether.org
uint KeepConnectInterval 50
uint KeepConnectPort 80
uint KeepConnectProtocol 1
uint MaxConnectionsPerIP 256
uint MaxUnestablishedConnections 1000
bool NoHighPriorityProcess false
bool NoLinuxArpFilter false
bool NoSendSignature false
string OpenVPN_UdpPortList 1194
bool SaveDebugLog false
byte ServerCert */*/*/RjUiHUIUJWV//s6CsQffudywqTEEDgm1tixL1XT626u4OkA5xW0ISD3QhXgXqXgHloN+/aHu5BrdHOXHWpsVHbajjPNxvV9wP03XUlHt80X1PgGUKGY1alk79rfTRYLSuBFaXSfVlzQtk80x5cFWsiJWXKZmQ141mF6BZhx38CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAAfgb1XIAfg1J7vfSEQFGKVdOU4ClU951E6+RsqkMxqg5qXce8T6R6xGi4O34MraSwPnFXxUUInizU6/MuQW9KU1eYDFR/1J4naQyrqOivCbUIHTpV7bv1IiRG1jvriOOoBrYUjw7ZTKQIy6kIZAKaFx/wAFxeFvmktymSgOD44BPBThV8FFXGqRDPKlsrpf1QPZtZ1lze0taP9tMtmprd7RXR3EotqmdbiaBMk0aXP/E9P4JrhlROpJ5iH3kKkSiX7ArJm60DV0XU37nm5+N+mYpg3k+Po7EoY9Av4wvTz8f6kDTfKPrjR7wesJvF8gmR/V4sqbLHDfYfF+oQKQN5w==
byte ServerKey */*+*/bK0AlvF1tCdzfar2CxfOn84G10a/1YlqsQpkhM+y1TNS8zsr2wtL0J839bhQ6zye9dgc3UKDwu1DX3twVjCsAEmO9Lj0geU1YkPPSTs5bpmI55OmH9GNSIdQhQlZX/+zoKxB9+53LCpMQQOCbW2LEvVdPrbq7g6QDnFbQhIPdCFeBepeAeWg379oe7kGt0c5cdamxUdtqOM83G9X3A/TddSUe3zRfU+AZQoZjVqWTv2t9NFgtK4EVpdJ9WXNC2TzTHlwVayIlZcpmZDXjWYXoFmHHfwIDAQABAoIBAB2TC1+mT0J9j7iDl4hYF2XhM4+EVqVI5YIq2K+TQug0Dlp84Z8aSB0sKDVkCkUsyHEUTh443pTSrmqZZj+mJbff+QWECMYfscNh72CsD8LP6XwLPVgt39EfpqBmswdjxkhbLuJbjGA0P4prgtKXc0aG16C/lO63xEa5eCsFLYFaQa7QVg5GTNpnABjBjUJx00UgruNzwfOr146ZNX1Ggtl4wC5nlF2oa2V8pPHrAalOdeAUJMJNrpgo/V+L6Mfsw0T6H34s7I9k3CUEbqQ4sKRukx1oZCpGDLwkRv/Oe5UDFeCiaI8PspqCVArO6aYCzSbvfkc1/bXYGEDB7RmiP/ECgYEA2Mt1yevSB9NJOCduqGFD42a+r5sNjXHLXEihtjjqraxf89/bMlrZsS067K0794tqsEj1lj6tyWG1HbcDfIQ9bnCHJErMoJ+N5rHIv8hcvIwa0trBEXpuMmgGX0vsi87bOIiH05QFG/5KZer2ZHtok280lM9fUU7rvhA2N3Z6DecCgYEAzv5HsSGCgGamdBqr/6e9VGIrBlEzGdj5V48FN2TSIbFwyHJQAvuAwZMQe4OaVUEn+FjHiVki3ff8y4xrbnmqDSv83FK3BftVhrQwD04afKV+1FEINi//w8kdONkmARUh8dd0T3y9KHEcKZwJn1oIY0Q4FqwJZxgSjbtbjCVlVqkCgYEAo8Vvgc4np8mw8j63lXOEuXCQdFAJeOSR33Du2J0+i1xAUBa3m96NvQ6SCOEFAAfN3MYA4DMRTaQGEiCC/blYPum67WukEWL262M6Z8aQZ87fJJIkb3Oxc1qqFathUmw9pwNcuDSFd5Qt17gb0eR4J4hGjHPraZzY8YeFrXhO09kCgYBpXWaA893KHnZ8g1cqO+hUG+RqwsqQTbIer96n49pS7E/MuOOhoQRZhNLPDJ5y50fBUu+/KnBlLOaxdjj5c1Tsf4enXzNrCBTxDKeqIse4y0VULitP6f73WlhVp7OAuZEd2d6K16QyAeGkDJmZU+sRHJiwccIXiFlpbAWdwStkgQKBgQCrQ7ICagMZ/EOL/eLO3/i+lb3RrR7gieV70ci+4ViDzEK+rUjEL/awOSvqO8VKaJ/tlx7LwrluCZp1zE85Ly/P/vzuhFC9gIY/yJnW5f25X6EYGC7R4l0jNn4GEgDSP8mLi/kWBnzFxAWxGFZ9FhU8jQkCLEACVVn6vgnrztIpKQ==
uint ServerType 0
bool UseKeepConnect true
bool UseWebTimePage false
bool UseWebUI false
declare ServerTraffic
{
declare RecvTraffic
{
uint64 BroadcastBytes 128794138
uint64 BroadcastCount 1784265
uint64 UnicastBytes 11053143330
uint64 UnicastCount 23805341
}
declare SendTraffic
{
uint64 BroadcastBytes 89552638
uint64 BroadcastCount 916099
uint64 UnicastBytes 11046815257
uint64 UnicastCount 23892253
}
}
declare SyslogSettings
{
string HostName $
uint Port 0
uint SaveType 0
}
}
declare VirtualHUB
{
declare DEFAULT
{
uint64 CreatedTime 1393596623376
byte HashedPassword +*******************=
uint64 LastCommTime 1393596623361
uint64 LastLoginTime 1393596623361
uint NumLogin 0
bool Online true
uint RadiusRetryInterval 0
uint RadiusServerPort 1812
string RadiusSuffixFilter $
byte SecurePassword ****************************
uint Type 0
declare AccessList
{
}
declare AdminOption
{
uint allow_hub_admin_change_option 0
uint deny_bridge 0
uint deny_change_user_password 0
uint deny_empty_password 0
uint deny_hub_admin_change_ext_option 0
uint deny_qos 0
uint deny_routing 0
uint max_accesslists 0
uint max_bitrates_download 0
uint max_bitrates_upload 0
uint max_groups 0
uint max_multilogins_per_user 0
uint max_sessions 0
uint max_sessions_bridge 0
uint max_sessions_client 0
uint max_sessions_client_bridge_apply 0
uint max_users 0
uint no_access_list_include_file 0
uint no_cascade 0
uint no_change_access_control_list 0
uint no_change_access_list 0
uint no_change_admin_password 0
uint no_change_cert_list 0
uint no_change_crl_list 0
uint no_change_groups 0
uint no_change_log_config 0
uint no_change_log_switch_type 0
uint no_change_msg 0
uint no_change_users 0
uint no_delay_jitter_packet_loss 0
uint no_delete_iptable 0
uint no_delete_mactable 0
uint no_disconnect_session 0
uint no_enum_session 0
uint no_offline 0
uint no_online 0
uint no_query_session 0
uint no_read_log_file 0
uint no_securenat 0
uint no_securenat_enabledhcp 0
uint no_securenat_enablenat 0
}
declare CascadeList
{
}
declare LogSetting
{
uint PacketLogSwitchType 4
uint PACKET_LOG_ARP 0
uint PACKET_LOG_DHCP 1
uint PACKET_LOG_ETHERNET 0
uint PACKET_LOG_ICMP 0
uint PACKET_LOG_IP 0
uint PACKET_LOG_TCP 0
uint PACKET_LOG_TCP_CONN 1
uint PACKET_LOG_UDP 0
bool SavePacketLog true
bool SaveSecurityLog true
uint SecurityLogSwitchType 4
}
declare Message
{
}
declare Option
{
uint AccessListIncludeFileCacheLifetime 30
uint AdjustTcpMssValue 0
bool ApplyIPv4AccessListOnArpPacket false
bool BroadcastLimiterStrictMode false
uint BroadcastStormDetectionThreshold 0
uint ClientMinimumRequiredBuild 0
bool DisableAdjustTcpMss false
bool DisableCheckMacOnLocalBridge false
bool DisableCorrectIpOffloadChecksum false
bool DisableHttpParsing false
bool DisableIPParsing false
bool DisableKernelModeSecureNAT false
bool DisableUdpAcceleration false
bool DisableUdpFilterForLocalBridgeNic false
bool DisableUserModeSecureNAT false
bool DoNotSaveHeavySecurityLogs false
bool FilterBPDU false
bool FilterIPv4 false
bool FilterIPv6 false
bool FilterNonIP false
bool FilterOSPF false
bool FilterPPPoE false
bool ManageOnlyLocalUnicastIPv6 true
bool ManageOnlyPrivateIP true
uint MaxLoggedPacketsPerMinute 0
uint MaxSession 0
bool NoArpPolling false
bool NoDhcpPacketLogOutsideHub true
bool NoEnum false
bool NoIpTable false
bool NoIPv4PacketLog false
bool NoIPv6AddrPolling false
bool NoIPv6DefaultRouterInRAWhenIPv6 true
bool NoIPv6PacketLog false
bool NoLookBPDUBridgeId false
bool NoMacAddressLog true
bool NoManageVlanId false
bool NoSpinLockForPacketDelay false
bool RemoveDefGwOnDhcpForLocalhost true
uint RequiredClientId 0
uint SecureNAT_MaxDnsSessionsPerIp 0
uint SecureNAT_MaxIcmpSessionsPerIp 0
uint SecureNAT_MaxTcpSessionsPerIp 0
uint SecureNAT_MaxTcpSynSentPerIp 0
uint SecureNAT_MaxUdpSessionsPerIp 0
string VlanTypeId 0x8100
bool YieldAfterStorePacket false
}
declare SecureNAT
{
bool Disabled true
bool SaveLog true
declare VirtualDhcpServer
{
string DhcpDnsServerAddress 192.168.30.1
string DhcpDnsServerAddress2 0.0.0.0
string DhcpDomainName $
bool DhcpEnabled true
uint DhcpExpireTimeSpan 7200
string DhcpGatewayAddress 192.168.30.1
string DhcpLeaseIPEnd 192.168.30.200
string DhcpLeaseIPStart 192.168.30.10
string DhcpSubnetMask 255.255.255.0
}
declare VirtualHost
{
string VirtualHostIp 192.168.30.1
string VirtualHostIpSubnetMask 255.255.255.0
string VirtualHostMacAddress 00-AC-5E-74-70-C4
}
declare VirtualRouter
{
bool NatEnabled true
uint NatMtu 1500
uint NatTcpTimeout 1800
uint NatUdpTimeout 60
}
}
declare SecurityAccountDatabase
{
declare CertList
{
}
declare CrlList
{
}
declare GroupList
{
}
declare IPAccessControlList
{
}
declare UserList
{
}
}
declare Traffic
{
declare RecvTraffic
{
uint64 BroadcastBytes 0
uint64 BroadcastCount 0
uint64 UnicastBytes 0
uint64 UnicastCount 0
}
declare SendTraffic
{
uint64 BroadcastBytes 0
uint64 BroadcastCount 0
uint64 UnicastBytes 0
uint64 UnicastCount 0
}
}
}
declare test
{
uint64 CreatedTime 1394142424414
byte HashedPassword ******/jjBuTYEXc7puiX2HzI=
uint64 LastCommTime 1395609798681
uint64 LastLoginTime 1394151829404
uint NumLogin 3
bool Online true
uint RadiusRetryInterval 0
uint RadiusServerPort 1812
string RadiusSuffixFilter $
byte SecurePassword gb+**************=
uint Type 0
declare AccessList
{
}
declare AdminOption
{
uint allow_hub_admin_change_option 0
uint deny_bridge 0
uint deny_change_user_password 0
uint deny_empty_password 0
uint deny_hub_admin_change_ext_option 0
uint deny_qos 0
uint deny_routing 0
uint max_accesslists 0
uint max_bitrates_download 0
uint max_bitrates_upload 0
uint max_groups 0
uint max_multilogins_per_user 0
uint max_sessions 0
uint max_sessions_bridge 0
uint max_sessions_client 0
uint max_sessions_client_bridge_apply 0
uint max_users 0
uint no_access_list_include_file 0
uint no_cascade 0
uint no_change_access_control_list 0
uint no_change_access_list 0
uint no_change_admin_password 0
uint no_change_cert_list 0
uint no_change_crl_list 0
uint no_change_groups 0
uint no_change_log_config 0
uint no_change_log_switch_type 0
uint no_change_msg 0
uint no_change_users 0
uint no_delay_jitter_packet_loss 0
uint no_delete_iptable 0
uint no_delete_mactable 0
uint no_disconnect_session 0
uint no_enum_session 0
uint no_offline 0
uint no_online 0
uint no_query_session 0
uint no_read_log_file 0
uint no_securenat 0
uint no_securenat_enabledhcp 0
uint no_securenat_enablenat 0
}
declare CascadeList
{
}
declare LogSetting
{
uint PacketLogSwitchType 4
uint PACKET_LOG_ARP 0
uint PACKET_LOG_DHCP 1
uint PACKET_LOG_ETHERNET 0
uint PACKET_LOG_ICMP 0
uint PACKET_LOG_IP 0
uint PACKET_LOG_TCP 0
uint PACKET_LOG_TCP_CONN 1
uint PACKET_LOG_UDP 0
bool SavePacketLog true
bool SaveSecurityLog true
uint SecurityLogSwitchType 4
}
declare Message
{
}
declare Option
{
uint AccessListIncludeFileCacheLifetime 30
uint AdjustTcpMssValue 0
bool ApplyIPv4AccessListOnArpPacket false
bool BroadcastLimiterStrictMode false
uint BroadcastStormDetectionThreshold 0
uint ClientMinimumRequiredBuild 0
bool DisableAdjustTcpMss false
bool DisableCheckMacOnLocalBridge false
bool DisableCorrectIpOffloadChecksum false
bool DisableHttpParsing false
bool DisableIPParsing false
bool DisableKernelModeSecureNAT false
bool DisableUdpAcceleration false
bool DisableUdpFilterForLocalBridgeNic false
bool DisableUserModeSecureNAT false
bool DoNotSaveHeavySecurityLogs false
bool FilterBPDU false
bool FilterIPv4 false
bool FilterIPv6 false
bool FilterNonIP false
bool FilterOSPF false
bool FilterPPPoE false
bool ManageOnlyLocalUnicastIPv6 true
bool ManageOnlyPrivateIP true
uint MaxLoggedPacketsPerMinute 0
uint MaxSession 0
bool NoArpPolling false
bool NoDhcpPacketLogOutsideHub true
bool NoEnum false
bool NoIpTable false
bool NoIPv4PacketLog false
bool NoIPv6AddrPolling false
bool NoIPv6DefaultRouterInRAWhenIPv6 true
bool NoIPv6PacketLog false
bool NoLookBPDUBridgeId false
bool NoMacAddressLog true
bool NoManageVlanId false
bool NoSpinLockForPacketDelay false
bool RemoveDefGwOnDhcpForLocalhost true
uint RequiredClientId 0
uint SecureNAT_MaxDnsSessionsPerIp 0
uint SecureNAT_MaxIcmpSessionsPerIp 0
uint SecureNAT_MaxTcpSessionsPerIp 0
uint SecureNAT_MaxTcpSynSentPerIp 0
uint SecureNAT_MaxUdpSessionsPerIp 0
string VlanTypeId 0x8100
bool YieldAfterStorePacket false
}
declare SecureNAT
{
bool Disabled false
bool SaveLog true
declare VirtualDhcpServer
{
string DhcpDnsServerAddress 10.10.10.1
string DhcpDnsServerAddress2 8.8.8.8
string DhcpDomainName $
bool DhcpEnabled true
uint DhcpExpireTimeSpan 7200
string DhcpGatewayAddress 10.10.10.1
string DhcpLeaseIPEnd 10.101.10.200
string DhcpLeaseIPStart 10.10.10.10
string DhcpSubnetMask 255.255.255.0
}
declare VirtualHost
{
string VirtualHostIp 10.10.10.1
string VirtualHostIpSubnetMask 255.255.255.0
string VirtualHostMacAddress 00-AC-08-6B-D5-F9
}
declare VirtualRouter
{
bool NatEnabled true
uint NatMtu 1500
uint NatTcpTimeout 1800
uint NatUdpTimeout 60
}
}
declare SecurityAccountDatabase
{
declare CertList
{
}
declare CrlList
{
}
declare GroupList
{
}
declare IPAccessControlList
{
}
declare UserList
{
declare test
{
byte AuthNtLmSecureHash ***************==
byte AuthPassword ZadK3/*******************=
uint AuthType 1
uint64 CreatedTime 1394142471049
uint64 ExpireTime 0
uint64 LastLoginTime 1394151829404
string Note testing$20l2tp
uint NumLogin 3
string RealName test$20test
uint64 UpdatedTime 1394142997250
declare Traffic
{
declare RecvTraffic
{
uint64 BroadcastBytes 34040
uint64 BroadcastCount 505
uint64 UnicastBytes 9455246
uint64 UnicastCount 17707
}
declare SendTraffic
{
uint64 BroadcastBytes 259708
uint64 BroadcastCount 2036
uint64 UnicastBytes 1335618
uint64 UnicastCount 12510
}
}
}
}
}
declare Traffic
{
declare RecvTraffic
{
uint64 BroadcastBytes 35379428
uint64 BroadcastCount 577836
uint64 UnicastBytes 22851470
uint64 UnicastCount 317509
}
declare SendTraffic
{
uint64 BroadcastBytes 293748
uint64 BroadcastCount 2541
uint64 UnicastBytes 22831300
uint64 UnicastCount 317421
}
}
}
declare VPN
{
uint64 CreatedTime 1393596791656
byte HashedPassword *********************=
uint64 LastCommTime 1395609801657
uint64 LastLoginTime 1395580422789
uint NumLogin 270
bool Online true
uint RadiusRetryInterval 0
uint RadiusServerPort 1812
string RadiusSuffixFilter $
byte SecurePassword is4FLK/***************=
uint Type 0
declare AccessList
{
}
declare AdminOption
{
uint allow_hub_admin_change_option 0
uint deny_bridge 0
uint deny_change_user_password 0
uint deny_empty_password 0
uint deny_hub_admin_change_ext_option 0
uint deny_qos 0
uint deny_routing 0
uint max_accesslists 0
uint max_bitrates_download 0
uint max_bitrates_upload 0
uint max_groups 0
uint max_multilogins_per_user 0
uint max_sessions 0
uint max_sessions_bridge 0
uint max_sessions_client 0
uint max_sessions_client_bridge_apply 0
uint max_users 0
uint no_access_list_include_file 0
uint no_cascade 0
uint no_change_access_control_list 0
uint no_change_access_list 0
uint no_change_admin_password 0
uint no_change_cert_list 0
uint no_change_crl_list 0
uint no_change_groups 0
uint no_change_log_config 0
uint no_change_log_switch_type 0
uint no_change_msg 0
uint no_change_users 0
uint no_delay_jitter_packet_loss 0
uint no_delete_iptable 0
uint no_delete_mactable 0
uint no_disconnect_session 0
uint no_enum_session 0
uint no_offline 0
uint no_online 0
uint no_query_session 0
uint no_read_log_file 0
uint no_securenat 0
uint no_securenat_enabledhcp 0
uint no_securenat_enablenat 0
}
declare CascadeList
{
}
declare LogSetting
{
uint PacketLogSwitchType 4
uint PACKET_LOG_ARP 0
uint PACKET_LOG_DHCP 1
uint PACKET_LOG_ETHERNET 0
uint PACKET_LOG_ICMP 0
uint PACKET_LOG_IP 0
uint PACKET_LOG_TCP 0
uint PACKET_LOG_TCP_CONN 1
uint PACKET_LOG_UDP 0
bool SavePacketLog true
bool SaveSecurityLog true
uint SecurityLogSwitchType 4
}
declare Message
{
}
declare Option
{
uint AccessListIncludeFileCacheLifetime 30
uint AdjustTcpMssValue 0
bool ApplyIPv4AccessListOnArpPacket false
bool BroadcastLimiterStrictMode false
uint BroadcastStormDetectionThreshold 0
uint ClientMinimumRequiredBuild 0
bool DisableAdjustTcpMss false
bool DisableCheckMacOnLocalBridge false
bool DisableCorrectIpOffloadChecksum false
bool DisableHttpParsing false
bool DisableIPParsing false
bool DisableKernelModeSecureNAT false
bool DisableUdpAcceleration false
bool DisableUdpFilterForLocalBridgeNic false
bool DisableUserModeSecureNAT false
bool DoNotSaveHeavySecurityLogs false
bool FilterBPDU false
bool FilterIPv4 false
bool FilterIPv6 false
bool FilterNonIP false
bool FilterOSPF false
bool FilterPPPoE false
bool ManageOnlyLocalUnicastIPv6 true
bool ManageOnlyPrivateIP true
uint MaxLoggedPacketsPerMinute 0
uint MaxSession 0
bool NoArpPolling false
bool NoDhcpPacketLogOutsideHub true
bool NoEnum false
bool NoIpTable false
bool NoIPv4PacketLog false
bool NoIPv6AddrPolling false
bool NoIPv6DefaultRouterInRAWhenIPv6 true
bool NoIPv6PacketLog false
bool NoLookBPDUBridgeId false
bool NoMacAddressLog true
bool NoManageVlanId false
bool NoSpinLockForPacketDelay false
bool RemoveDefGwOnDhcpForLocalhost true
uint RequiredClientId 0
uint SecureNAT_MaxDnsSessionsPerIp 0
uint SecureNAT_MaxIcmpSessionsPerIp 0
uint SecureNAT_MaxTcpSessionsPerIp 0
uint SecureNAT_MaxTcpSynSentPerIp 0
uint SecureNAT_MaxUdpSessionsPerIp 0
string VlanTypeId 0x8100
bool YieldAfterStorePacket false
}
declare SecureNAT
{
bool Disabled false
bool SaveLog true
declare VirtualDhcpServer
{
string DhcpDnsServerAddress 10.10.8.1
string DhcpDnsServerAddress2 8.8.8.8
string DhcpDomainName $
bool DhcpEnabled true
uint DhcpExpireTimeSpan 7200
string DhcpGatewayAddress 10.10.8.1
string DhcpLeaseIPEnd 10.10.8.200
string DhcpLeaseIPStart 10.10.8.10
string DhcpSubnetMask 255.255.255.0
}
declare VirtualHost
{
string VirtualHostIp 10.10.8.1
string VirtualHostIpSubnetMask 255.255.255.0
string VirtualHostMacAddress 00-AC-EF-89-03-7D
}
declare VirtualRouter
{
bool NatEnabled true
uint NatMtu 1500
uint NatTcpTimeout 1800
uint NatUdpTimeout 60
}
}
declare SecurityAccountDatabase
{
declare CertList
{
}
declare CrlList
{
}
declare GroupList
{
}
declare IPAccessControlList
{
}
}
declare Traffic
{
declare RecvTraffic
{
uint64 BroadcastBytes 93414710
uint64 BroadcastCount 1206429
uint64 UnicastBytes 11030291860
uint64 UnicastCount 23487832
}
declare SendTraffic
{
uint64 BroadcastBytes 89258890
uint64 BroadcastCount 913558
uint64 UnicastBytes 11023983957
uint64 UnicastCount 23574832
}
}
}
}
declare VirtualLayer3SwitchList
{
}
}
I'm using this server as a gateway to internet.
1-
CentOs 6.5 X86_64
2-
eth0 Link encap:Ethernet HWaddr 00:50:56:A:B:C
inet addr: x.y.z.156 Bcast:x.y.z.159 Mask:255.255.255.240
inet6 addr: fe80::250:56ff:fe15:2282/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:22227133 errors:0 dropped:0 overruns:0 frame:0
TX packets:24571584 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:10803056439 (10.0 GiB) TX bytes:12327220494 (11.4 GiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:2300 errors:0 dropped:0 overruns:0 frame:0
TX packets:2300 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2143642 (2.0 MiB) TX bytes:2143642 (2.0 MiB)
3-
Linux SG156 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux
4-
Build 9423
5-
I don’t know what this question exactly mean
6-
As I already mentioned, the server is a virtual machine on a dedicated server. I don’t have any NAT or Firewall installed but, the Datacenter surely use firewall.
7-
I use SecureNAT for ease of use. I don’t want to config dhcp on my server. And I don’t know much about “Local Bridge function” and why I should use it.
8-
# Software Configuration File
#
# You can edit this file when the program is not working.
#
declare root
{
uint ConfigRevision 84
bool IPsecMessageDisplayed true
bool VgsMessageDisplayed false
declare DDnsClient
{
bool Disabled false
byte Key sT+A3709ipdRS/*/lz3c=
string LocalHostname SG156
string ProxyHostName $
uint ProxyPort 0
uint ProxyType 0
string ProxyUsername $
}
declare IPsec
{
bool EtherIP_IPsec true
string IPsec_Secret *****
string L2TP_DefaultHub VPN
bool L2TP_IPsec true
bool L2TP_Raw true
declare EtherIP_IDSettingsList
{
}
}
declare ListenerList
{
declare Listener0
{
bool DisableDos false
bool Enabled true
uint Port 443
}
declare Listener1
{
bool DisableDos false
bool Enabled true
uint Port 992
}
declare Listener2
{
bool DisableDos false
bool Enabled true
uint Port 1194
}
declare Listener3
{
bool DisableDos false
bool Enabled true
uint Port 5555
}
}
declare LocalBridgeList
{
}
declare ServerConfiguration
{
uint64 AutoDeleteCheckDiskFreeSpaceMin 104857600
uint AutoSaveConfigSpan 300
bool BackupConfigOnlyWhenModified true
string CipherName RC4-MD5
uint CurrentBuild 9423
bool DisableDeadLockCheck false
bool DisableDosProction false
bool DisableIntelAesAcceleration false
bool DisableIPv6Listener false
bool DisableNatTraversal false
bool DisableOpenVPNServer false
bool DisableSSTPServer false
bool DontBackupConfig false
bool EnableVpnAzure false
bool EnableVpnOverDns false
bool EnableVpnOverIcmp false
byte HashedPassword **************************
string KeepConnectHost keepalive.softether.org
uint KeepConnectInterval 50
uint KeepConnectPort 80
uint KeepConnectProtocol 1
uint MaxConnectionsPerIP 256
uint MaxUnestablishedConnections 1000
bool NoHighPriorityProcess false
bool NoLinuxArpFilter false
bool NoSendSignature false
string OpenVPN_UdpPortList 1194
bool SaveDebugLog false
byte ServerCert */*/*/RjUiHUIUJWV//s6CsQffudywqTEEDgm1tixL1XT626u4OkA5xW0ISD3QhXgXqXgHloN+/aHu5BrdHOXHWpsVHbajjPNxvV9wP03XUlHt80X1PgGUKGY1alk79rfTRYLSuBFaXSfVlzQtk80x5cFWsiJWXKZmQ141mF6BZhx38CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAAfgb1XIAfg1J7vfSEQFGKVdOU4ClU951E6+RsqkMxqg5qXce8T6R6xGi4O34MraSwPnFXxUUInizU6/MuQW9KU1eYDFR/1J4naQyrqOivCbUIHTpV7bv1IiRG1jvriOOoBrYUjw7ZTKQIy6kIZAKaFx/wAFxeFvmktymSgOD44BPBThV8FFXGqRDPKlsrpf1QPZtZ1lze0taP9tMtmprd7RXR3EotqmdbiaBMk0aXP/E9P4JrhlROpJ5iH3kKkSiX7ArJm60DV0XU37nm5+N+mYpg3k+Po7EoY9Av4wvTz8f6kDTfKPrjR7wesJvF8gmR/V4sqbLHDfYfF+oQKQN5w==
byte ServerKey */*+*/bK0AlvF1tCdzfar2CxfOn84G10a/1YlqsQpkhM+y1TNS8zsr2wtL0J839bhQ6zye9dgc3UKDwu1DX3twVjCsAEmO9Lj0geU1YkPPSTs5bpmI55OmH9GNSIdQhQlZX/+zoKxB9+53LCpMQQOCbW2LEvVdPrbq7g6QDnFbQhIPdCFeBepeAeWg379oe7kGt0c5cdamxUdtqOM83G9X3A/TddSUe3zRfU+AZQoZjVqWTv2t9NFgtK4EVpdJ9WXNC2TzTHlwVayIlZcpmZDXjWYXoFmHHfwIDAQABAoIBAB2TC1+mT0J9j7iDl4hYF2XhM4+EVqVI5YIq2K+TQug0Dlp84Z8aSB0sKDVkCkUsyHEUTh443pTSrmqZZj+mJbff+QWECMYfscNh72CsD8LP6XwLPVgt39EfpqBmswdjxkhbLuJbjGA0P4prgtKXc0aG16C/lO63xEa5eCsFLYFaQa7QVg5GTNpnABjBjUJx00UgruNzwfOr146ZNX1Ggtl4wC5nlF2oa2V8pPHrAalOdeAUJMJNrpgo/V+L6Mfsw0T6H34s7I9k3CUEbqQ4sKRukx1oZCpGDLwkRv/Oe5UDFeCiaI8PspqCVArO6aYCzSbvfkc1/bXYGEDB7RmiP/ECgYEA2Mt1yevSB9NJOCduqGFD42a+r5sNjXHLXEihtjjqraxf89/bMlrZsS067K0794tqsEj1lj6tyWG1HbcDfIQ9bnCHJErMoJ+N5rHIv8hcvIwa0trBEXpuMmgGX0vsi87bOIiH05QFG/5KZer2ZHtok280lM9fUU7rvhA2N3Z6DecCgYEAzv5HsSGCgGamdBqr/6e9VGIrBlEzGdj5V48FN2TSIbFwyHJQAvuAwZMQe4OaVUEn+FjHiVki3ff8y4xrbnmqDSv83FK3BftVhrQwD04afKV+1FEINi//w8kdONkmARUh8dd0T3y9KHEcKZwJn1oIY0Q4FqwJZxgSjbtbjCVlVqkCgYEAo8Vvgc4np8mw8j63lXOEuXCQdFAJeOSR33Du2J0+i1xAUBa3m96NvQ6SCOEFAAfN3MYA4DMRTaQGEiCC/blYPum67WukEWL262M6Z8aQZ87fJJIkb3Oxc1qqFathUmw9pwNcuDSFd5Qt17gb0eR4J4hGjHPraZzY8YeFrXhO09kCgYBpXWaA893KHnZ8g1cqO+hUG+RqwsqQTbIer96n49pS7E/MuOOhoQRZhNLPDJ5y50fBUu+/KnBlLOaxdjj5c1Tsf4enXzNrCBTxDKeqIse4y0VULitP6f73WlhVp7OAuZEd2d6K16QyAeGkDJmZU+sRHJiwccIXiFlpbAWdwStkgQKBgQCrQ7ICagMZ/EOL/eLO3/i+lb3RrR7gieV70ci+4ViDzEK+rUjEL/awOSvqO8VKaJ/tlx7LwrluCZp1zE85Ly/P/vzuhFC9gIY/yJnW5f25X6EYGC7R4l0jNn4GEgDSP8mLi/kWBnzFxAWxGFZ9FhU8jQkCLEACVVn6vgnrztIpKQ==
uint ServerType 0
bool UseKeepConnect true
bool UseWebTimePage false
bool UseWebUI false
declare ServerTraffic
{
declare RecvTraffic
{
uint64 BroadcastBytes 128794138
uint64 BroadcastCount 1784265
uint64 UnicastBytes 11053143330
uint64 UnicastCount 23805341
}
declare SendTraffic
{
uint64 BroadcastBytes 89552638
uint64 BroadcastCount 916099
uint64 UnicastBytes 11046815257
uint64 UnicastCount 23892253
}
}
declare SyslogSettings
{
string HostName $
uint Port 0
uint SaveType 0
}
}
declare VirtualHUB
{
declare DEFAULT
{
uint64 CreatedTime 1393596623376
byte HashedPassword +*******************=
uint64 LastCommTime 1393596623361
uint64 LastLoginTime 1393596623361
uint NumLogin 0
bool Online true
uint RadiusRetryInterval 0
uint RadiusServerPort 1812
string RadiusSuffixFilter $
byte SecurePassword ****************************
uint Type 0
declare AccessList
{
}
declare AdminOption
{
uint allow_hub_admin_change_option 0
uint deny_bridge 0
uint deny_change_user_password 0
uint deny_empty_password 0
uint deny_hub_admin_change_ext_option 0
uint deny_qos 0
uint deny_routing 0
uint max_accesslists 0
uint max_bitrates_download 0
uint max_bitrates_upload 0
uint max_groups 0
uint max_multilogins_per_user 0
uint max_sessions 0
uint max_sessions_bridge 0
uint max_sessions_client 0
uint max_sessions_client_bridge_apply 0
uint max_users 0
uint no_access_list_include_file 0
uint no_cascade 0
uint no_change_access_control_list 0
uint no_change_access_list 0
uint no_change_admin_password 0
uint no_change_cert_list 0
uint no_change_crl_list 0
uint no_change_groups 0
uint no_change_log_config 0
uint no_change_log_switch_type 0
uint no_change_msg 0
uint no_change_users 0
uint no_delay_jitter_packet_loss 0
uint no_delete_iptable 0
uint no_delete_mactable 0
uint no_disconnect_session 0
uint no_enum_session 0
uint no_offline 0
uint no_online 0
uint no_query_session 0
uint no_read_log_file 0
uint no_securenat 0
uint no_securenat_enabledhcp 0
uint no_securenat_enablenat 0
}
declare CascadeList
{
}
declare LogSetting
{
uint PacketLogSwitchType 4
uint PACKET_LOG_ARP 0
uint PACKET_LOG_DHCP 1
uint PACKET_LOG_ETHERNET 0
uint PACKET_LOG_ICMP 0
uint PACKET_LOG_IP 0
uint PACKET_LOG_TCP 0
uint PACKET_LOG_TCP_CONN 1
uint PACKET_LOG_UDP 0
bool SavePacketLog true
bool SaveSecurityLog true
uint SecurityLogSwitchType 4
}
declare Message
{
}
declare Option
{
uint AccessListIncludeFileCacheLifetime 30
uint AdjustTcpMssValue 0
bool ApplyIPv4AccessListOnArpPacket false
bool BroadcastLimiterStrictMode false
uint BroadcastStormDetectionThreshold 0
uint ClientMinimumRequiredBuild 0
bool DisableAdjustTcpMss false
bool DisableCheckMacOnLocalBridge false
bool DisableCorrectIpOffloadChecksum false
bool DisableHttpParsing false
bool DisableIPParsing false
bool DisableKernelModeSecureNAT false
bool DisableUdpAcceleration false
bool DisableUdpFilterForLocalBridgeNic false
bool DisableUserModeSecureNAT false
bool DoNotSaveHeavySecurityLogs false
bool FilterBPDU false
bool FilterIPv4 false
bool FilterIPv6 false
bool FilterNonIP false
bool FilterOSPF false
bool FilterPPPoE false
bool ManageOnlyLocalUnicastIPv6 true
bool ManageOnlyPrivateIP true
uint MaxLoggedPacketsPerMinute 0
uint MaxSession 0
bool NoArpPolling false
bool NoDhcpPacketLogOutsideHub true
bool NoEnum false
bool NoIpTable false
bool NoIPv4PacketLog false
bool NoIPv6AddrPolling false
bool NoIPv6DefaultRouterInRAWhenIPv6 true
bool NoIPv6PacketLog false
bool NoLookBPDUBridgeId false
bool NoMacAddressLog true
bool NoManageVlanId false
bool NoSpinLockForPacketDelay false
bool RemoveDefGwOnDhcpForLocalhost true
uint RequiredClientId 0
uint SecureNAT_MaxDnsSessionsPerIp 0
uint SecureNAT_MaxIcmpSessionsPerIp 0
uint SecureNAT_MaxTcpSessionsPerIp 0
uint SecureNAT_MaxTcpSynSentPerIp 0
uint SecureNAT_MaxUdpSessionsPerIp 0
string VlanTypeId 0x8100
bool YieldAfterStorePacket false
}
declare SecureNAT
{
bool Disabled true
bool SaveLog true
declare VirtualDhcpServer
{
string DhcpDnsServerAddress 192.168.30.1
string DhcpDnsServerAddress2 0.0.0.0
string DhcpDomainName $
bool DhcpEnabled true
uint DhcpExpireTimeSpan 7200
string DhcpGatewayAddress 192.168.30.1
string DhcpLeaseIPEnd 192.168.30.200
string DhcpLeaseIPStart 192.168.30.10
string DhcpSubnetMask 255.255.255.0
}
declare VirtualHost
{
string VirtualHostIp 192.168.30.1
string VirtualHostIpSubnetMask 255.255.255.0
string VirtualHostMacAddress 00-AC-5E-74-70-C4
}
declare VirtualRouter
{
bool NatEnabled true
uint NatMtu 1500
uint NatTcpTimeout 1800
uint NatUdpTimeout 60
}
}
declare SecurityAccountDatabase
{
declare CertList
{
}
declare CrlList
{
}
declare GroupList
{
}
declare IPAccessControlList
{
}
declare UserList
{
}
}
declare Traffic
{
declare RecvTraffic
{
uint64 BroadcastBytes 0
uint64 BroadcastCount 0
uint64 UnicastBytes 0
uint64 UnicastCount 0
}
declare SendTraffic
{
uint64 BroadcastBytes 0
uint64 BroadcastCount 0
uint64 UnicastBytes 0
uint64 UnicastCount 0
}
}
}
declare test
{
uint64 CreatedTime 1394142424414
byte HashedPassword ******/jjBuTYEXc7puiX2HzI=
uint64 LastCommTime 1395609798681
uint64 LastLoginTime 1394151829404
uint NumLogin 3
bool Online true
uint RadiusRetryInterval 0
uint RadiusServerPort 1812
string RadiusSuffixFilter $
byte SecurePassword gb+**************=
uint Type 0
declare AccessList
{
}
declare AdminOption
{
uint allow_hub_admin_change_option 0
uint deny_bridge 0
uint deny_change_user_password 0
uint deny_empty_password 0
uint deny_hub_admin_change_ext_option 0
uint deny_qos 0
uint deny_routing 0
uint max_accesslists 0
uint max_bitrates_download 0
uint max_bitrates_upload 0
uint max_groups 0
uint max_multilogins_per_user 0
uint max_sessions 0
uint max_sessions_bridge 0
uint max_sessions_client 0
uint max_sessions_client_bridge_apply 0
uint max_users 0
uint no_access_list_include_file 0
uint no_cascade 0
uint no_change_access_control_list 0
uint no_change_access_list 0
uint no_change_admin_password 0
uint no_change_cert_list 0
uint no_change_crl_list 0
uint no_change_groups 0
uint no_change_log_config 0
uint no_change_log_switch_type 0
uint no_change_msg 0
uint no_change_users 0
uint no_delay_jitter_packet_loss 0
uint no_delete_iptable 0
uint no_delete_mactable 0
uint no_disconnect_session 0
uint no_enum_session 0
uint no_offline 0
uint no_online 0
uint no_query_session 0
uint no_read_log_file 0
uint no_securenat 0
uint no_securenat_enabledhcp 0
uint no_securenat_enablenat 0
}
declare CascadeList
{
}
declare LogSetting
{
uint PacketLogSwitchType 4
uint PACKET_LOG_ARP 0
uint PACKET_LOG_DHCP 1
uint PACKET_LOG_ETHERNET 0
uint PACKET_LOG_ICMP 0
uint PACKET_LOG_IP 0
uint PACKET_LOG_TCP 0
uint PACKET_LOG_TCP_CONN 1
uint PACKET_LOG_UDP 0
bool SavePacketLog true
bool SaveSecurityLog true
uint SecurityLogSwitchType 4
}
declare Message
{
}
declare Option
{
uint AccessListIncludeFileCacheLifetime 30
uint AdjustTcpMssValue 0
bool ApplyIPv4AccessListOnArpPacket false
bool BroadcastLimiterStrictMode false
uint BroadcastStormDetectionThreshold 0
uint ClientMinimumRequiredBuild 0
bool DisableAdjustTcpMss false
bool DisableCheckMacOnLocalBridge false
bool DisableCorrectIpOffloadChecksum false
bool DisableHttpParsing false
bool DisableIPParsing false
bool DisableKernelModeSecureNAT false
bool DisableUdpAcceleration false
bool DisableUdpFilterForLocalBridgeNic false
bool DisableUserModeSecureNAT false
bool DoNotSaveHeavySecurityLogs false
bool FilterBPDU false
bool FilterIPv4 false
bool FilterIPv6 false
bool FilterNonIP false
bool FilterOSPF false
bool FilterPPPoE false
bool ManageOnlyLocalUnicastIPv6 true
bool ManageOnlyPrivateIP true
uint MaxLoggedPacketsPerMinute 0
uint MaxSession 0
bool NoArpPolling false
bool NoDhcpPacketLogOutsideHub true
bool NoEnum false
bool NoIpTable false
bool NoIPv4PacketLog false
bool NoIPv6AddrPolling false
bool NoIPv6DefaultRouterInRAWhenIPv6 true
bool NoIPv6PacketLog false
bool NoLookBPDUBridgeId false
bool NoMacAddressLog true
bool NoManageVlanId false
bool NoSpinLockForPacketDelay false
bool RemoveDefGwOnDhcpForLocalhost true
uint RequiredClientId 0
uint SecureNAT_MaxDnsSessionsPerIp 0
uint SecureNAT_MaxIcmpSessionsPerIp 0
uint SecureNAT_MaxTcpSessionsPerIp 0
uint SecureNAT_MaxTcpSynSentPerIp 0
uint SecureNAT_MaxUdpSessionsPerIp 0
string VlanTypeId 0x8100
bool YieldAfterStorePacket false
}
declare SecureNAT
{
bool Disabled false
bool SaveLog true
declare VirtualDhcpServer
{
string DhcpDnsServerAddress 10.10.10.1
string DhcpDnsServerAddress2 8.8.8.8
string DhcpDomainName $
bool DhcpEnabled true
uint DhcpExpireTimeSpan 7200
string DhcpGatewayAddress 10.10.10.1
string DhcpLeaseIPEnd 10.101.10.200
string DhcpLeaseIPStart 10.10.10.10
string DhcpSubnetMask 255.255.255.0
}
declare VirtualHost
{
string VirtualHostIp 10.10.10.1
string VirtualHostIpSubnetMask 255.255.255.0
string VirtualHostMacAddress 00-AC-08-6B-D5-F9
}
declare VirtualRouter
{
bool NatEnabled true
uint NatMtu 1500
uint NatTcpTimeout 1800
uint NatUdpTimeout 60
}
}
declare SecurityAccountDatabase
{
declare CertList
{
}
declare CrlList
{
}
declare GroupList
{
}
declare IPAccessControlList
{
}
declare UserList
{
declare test
{
byte AuthNtLmSecureHash ***************==
byte AuthPassword ZadK3/*******************=
uint AuthType 1
uint64 CreatedTime 1394142471049
uint64 ExpireTime 0
uint64 LastLoginTime 1394151829404
string Note testing$20l2tp
uint NumLogin 3
string RealName test$20test
uint64 UpdatedTime 1394142997250
declare Traffic
{
declare RecvTraffic
{
uint64 BroadcastBytes 34040
uint64 BroadcastCount 505
uint64 UnicastBytes 9455246
uint64 UnicastCount 17707
}
declare SendTraffic
{
uint64 BroadcastBytes 259708
uint64 BroadcastCount 2036
uint64 UnicastBytes 1335618
uint64 UnicastCount 12510
}
}
}
}
}
declare Traffic
{
declare RecvTraffic
{
uint64 BroadcastBytes 35379428
uint64 BroadcastCount 577836
uint64 UnicastBytes 22851470
uint64 UnicastCount 317509
}
declare SendTraffic
{
uint64 BroadcastBytes 293748
uint64 BroadcastCount 2541
uint64 UnicastBytes 22831300
uint64 UnicastCount 317421
}
}
}
declare VPN
{
uint64 CreatedTime 1393596791656
byte HashedPassword *********************=
uint64 LastCommTime 1395609801657
uint64 LastLoginTime 1395580422789
uint NumLogin 270
bool Online true
uint RadiusRetryInterval 0
uint RadiusServerPort 1812
string RadiusSuffixFilter $
byte SecurePassword is4FLK/***************=
uint Type 0
declare AccessList
{
}
declare AdminOption
{
uint allow_hub_admin_change_option 0
uint deny_bridge 0
uint deny_change_user_password 0
uint deny_empty_password 0
uint deny_hub_admin_change_ext_option 0
uint deny_qos 0
uint deny_routing 0
uint max_accesslists 0
uint max_bitrates_download 0
uint max_bitrates_upload 0
uint max_groups 0
uint max_multilogins_per_user 0
uint max_sessions 0
uint max_sessions_bridge 0
uint max_sessions_client 0
uint max_sessions_client_bridge_apply 0
uint max_users 0
uint no_access_list_include_file 0
uint no_cascade 0
uint no_change_access_control_list 0
uint no_change_access_list 0
uint no_change_admin_password 0
uint no_change_cert_list 0
uint no_change_crl_list 0
uint no_change_groups 0
uint no_change_log_config 0
uint no_change_log_switch_type 0
uint no_change_msg 0
uint no_change_users 0
uint no_delay_jitter_packet_loss 0
uint no_delete_iptable 0
uint no_delete_mactable 0
uint no_disconnect_session 0
uint no_enum_session 0
uint no_offline 0
uint no_online 0
uint no_query_session 0
uint no_read_log_file 0
uint no_securenat 0
uint no_securenat_enabledhcp 0
uint no_securenat_enablenat 0
}
declare CascadeList
{
}
declare LogSetting
{
uint PacketLogSwitchType 4
uint PACKET_LOG_ARP 0
uint PACKET_LOG_DHCP 1
uint PACKET_LOG_ETHERNET 0
uint PACKET_LOG_ICMP 0
uint PACKET_LOG_IP 0
uint PACKET_LOG_TCP 0
uint PACKET_LOG_TCP_CONN 1
uint PACKET_LOG_UDP 0
bool SavePacketLog true
bool SaveSecurityLog true
uint SecurityLogSwitchType 4
}
declare Message
{
}
declare Option
{
uint AccessListIncludeFileCacheLifetime 30
uint AdjustTcpMssValue 0
bool ApplyIPv4AccessListOnArpPacket false
bool BroadcastLimiterStrictMode false
uint BroadcastStormDetectionThreshold 0
uint ClientMinimumRequiredBuild 0
bool DisableAdjustTcpMss false
bool DisableCheckMacOnLocalBridge false
bool DisableCorrectIpOffloadChecksum false
bool DisableHttpParsing false
bool DisableIPParsing false
bool DisableKernelModeSecureNAT false
bool DisableUdpAcceleration false
bool DisableUdpFilterForLocalBridgeNic false
bool DisableUserModeSecureNAT false
bool DoNotSaveHeavySecurityLogs false
bool FilterBPDU false
bool FilterIPv4 false
bool FilterIPv6 false
bool FilterNonIP false
bool FilterOSPF false
bool FilterPPPoE false
bool ManageOnlyLocalUnicastIPv6 true
bool ManageOnlyPrivateIP true
uint MaxLoggedPacketsPerMinute 0
uint MaxSession 0
bool NoArpPolling false
bool NoDhcpPacketLogOutsideHub true
bool NoEnum false
bool NoIpTable false
bool NoIPv4PacketLog false
bool NoIPv6AddrPolling false
bool NoIPv6DefaultRouterInRAWhenIPv6 true
bool NoIPv6PacketLog false
bool NoLookBPDUBridgeId false
bool NoMacAddressLog true
bool NoManageVlanId false
bool NoSpinLockForPacketDelay false
bool RemoveDefGwOnDhcpForLocalhost true
uint RequiredClientId 0
uint SecureNAT_MaxDnsSessionsPerIp 0
uint SecureNAT_MaxIcmpSessionsPerIp 0
uint SecureNAT_MaxTcpSessionsPerIp 0
uint SecureNAT_MaxTcpSynSentPerIp 0
uint SecureNAT_MaxUdpSessionsPerIp 0
string VlanTypeId 0x8100
bool YieldAfterStorePacket false
}
declare SecureNAT
{
bool Disabled false
bool SaveLog true
declare VirtualDhcpServer
{
string DhcpDnsServerAddress 10.10.8.1
string DhcpDnsServerAddress2 8.8.8.8
string DhcpDomainName $
bool DhcpEnabled true
uint DhcpExpireTimeSpan 7200
string DhcpGatewayAddress 10.10.8.1
string DhcpLeaseIPEnd 10.10.8.200
string DhcpLeaseIPStart 10.10.8.10
string DhcpSubnetMask 255.255.255.0
}
declare VirtualHost
{
string VirtualHostIp 10.10.8.1
string VirtualHostIpSubnetMask 255.255.255.0
string VirtualHostMacAddress 00-AC-EF-89-03-7D
}
declare VirtualRouter
{
bool NatEnabled true
uint NatMtu 1500
uint NatTcpTimeout 1800
uint NatUdpTimeout 60
}
}
declare SecurityAccountDatabase
{
declare CertList
{
}
declare CrlList
{
}
declare GroupList
{
}
declare IPAccessControlList
{
}
}
declare Traffic
{
declare RecvTraffic
{
uint64 BroadcastBytes 93414710
uint64 BroadcastCount 1206429
uint64 UnicastBytes 11030291860
uint64 UnicastCount 23487832
}
declare SendTraffic
{
uint64 BroadcastBytes 89258890
uint64 BroadcastCount 913558
uint64 UnicastBytes 11023983957
uint64 UnicastCount 23574832
}
}
}
}
declare VirtualLayer3SwitchList
{
}
}
-
- Posts: 4
- Joined: Thu Mar 06, 2014 6:41 pm
Re: L2TP/IPSEC PSK Issue
By the way, I can connect to the server (l2tp) using softether client and it works perfect. the problem is that even I can connect to the server using android built-in l2tp client, there are no connection to internet.
-
- Posts: 2458
- Joined: Mon Feb 24, 2014 11:03 am
Re: L2TP/IPSEC PSK Issue
Did your android succeed getting IP or DNS or default gateway from DHCP?
And is there any message in android?
And is there any message in android?
-
- Posts: 4
- Joined: Thu Mar 06, 2014 6:41 pm
Re: L2TP/IPSEC PSK Issue
Yes, based on the logs, it get both IP and DNS and default gateway from dhcp. I also ran tcpdump on server to see if server receives client packets, and I clearly can see the client requests. But for an unknown reason, the server cannot communicate properly with connected client.
I would appreciate it if anyone could help.
I would appreciate it if anyone could help.
-
- Posts: 2
- Joined: Tue Apr 01, 2014 5:40 am
Re: L2TP/IPSEC PSK Issue
Please fix this issue for mobile phones, I can't connect as well (L2TP/IPSEC with the correct ports open) but everything else works on other platforms. Thanks!
Last edited by geraldgreen on Tue Apr 01, 2014 9:21 pm, edited 1 time in total.
-
- Posts: 3
- Joined: Tue Apr 01, 2014 6:37 pm
Re: L2TP/IPSEC PSK Issue
I had been scratching my head for the last three days on this issue. I could get a dhcp address and was able to ping the router from Android but nothing else worked. Could not ping the assigned address, traceroute showed !H. I did not have any other client type except Android so could not test any other platform. I am running my SoftEther server on a Raspberry Pi and was thinking there is something wrong with my configuration or limitation of the hardware.
-
- Posts: 153
- Joined: Fri Oct 11, 2013 4:00 pm
- Location: Netherlands
Re: L2TP/IPSEC PSK Issue
Works fine here on android 4.x
-
- Posts: 3
- Joined: Tue Apr 01, 2014 6:37 pm
Re: L2TP/IPSEC PSK Issue
Are you using two NICs?
Here is log from my server ....
2014-04-01 18:56:03.423 [HUB "Home"] Session "SID-LOCALBRIDGE-1": The DHCP server of host "F8-E4-FB-82-69-11" (192.168.1.1) on this session allocated, for host "SID-NOTE-[L2TP]-5" on another session "CA-81-E5-6D-F3-D4", the new IP address 192.168.1.2.
2014-04-01 18:56:03.434 L2TP PPP Session [208.54.35.237:1701]: An IP address is assigned. IP Address of Client: 192.168.1.2, Subnet Mask: 255.255.255.0, Default Gateway: 192.168.1.1, Domain Name: "", DNS Server 1: 192.168.1.1, DNS Server 2: 0.0.0.0, WINS Server 1: 0.0.0.0, WINS Server 2: 0.0.0.0, IP Address of DHCP Server: 192.168.1.1, Lease Lifetime: 86400 seconds
2014-04-01 18:56:03.434 L2TP PPP Session [208.54.35.237:1701]: The IP address and other network information parameters are set successfully. IP Address of Client: 192.168.1.2, Subnet Mask: 255.255.255.0, Default Gateway: 192.168.1.1, DNS Server 1: 192.168.1.1, DNS Server 2: 0.0.0.0, WINS Server 1: 0.0.0.0, WINS Server 2: 0.0.0.0
^C
#:/opt/vpnserver/server_log# ping 192.168.1.2
PING 192.168.1.2 (192.168.1.2) 56(84) bytes of data.
^C
--- 192.168.1.2 ping statistics ---
7 packets transmitted, 0 received, 100% packet loss, time 6004ms
Here is log from my server ....
2014-04-01 18:56:03.423 [HUB "Home"] Session "SID-LOCALBRIDGE-1": The DHCP server of host "F8-E4-FB-82-69-11" (192.168.1.1) on this session allocated, for host "SID-NOTE-[L2TP]-5" on another session "CA-81-E5-6D-F3-D4", the new IP address 192.168.1.2.
2014-04-01 18:56:03.434 L2TP PPP Session [208.54.35.237:1701]: An IP address is assigned. IP Address of Client: 192.168.1.2, Subnet Mask: 255.255.255.0, Default Gateway: 192.168.1.1, Domain Name: "", DNS Server 1: 192.168.1.1, DNS Server 2: 0.0.0.0, WINS Server 1: 0.0.0.0, WINS Server 2: 0.0.0.0, IP Address of DHCP Server: 192.168.1.1, Lease Lifetime: 86400 seconds
2014-04-01 18:56:03.434 L2TP PPP Session [208.54.35.237:1701]: The IP address and other network information parameters are set successfully. IP Address of Client: 192.168.1.2, Subnet Mask: 255.255.255.0, Default Gateway: 192.168.1.1, DNS Server 1: 192.168.1.1, DNS Server 2: 0.0.0.0, WINS Server 1: 0.0.0.0, WINS Server 2: 0.0.0.0
^C
#:/opt/vpnserver/server_log# ping 192.168.1.2
PING 192.168.1.2 (192.168.1.2) 56(84) bytes of data.
^C
--- 192.168.1.2 ping statistics ---
7 packets transmitted, 0 received, 100% packet loss, time 6004ms
-
- Posts: 3
- Joined: Tue Apr 01, 2014 6:37 pm
Re: L2TP/IPSEC PSK Issue
Just added a USB ethernet adapter. Made this adapter bridge device. Same result! Must be doing something fundamentally wrong here. Do see traffic .... Main_Router is 192.168.1.1 ...
tcpdump -vv -i eth1 host 192.168.1.2
tcpdump: WARNING: eth1: no IPv4 address assigned
tcpdump: listening on eth1, link-type EN10MB (Ethernet), capture size 65535 bytes
21:47:32.015521 IP (tos 0x10, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
Main_Router.bootps > 192.168.1.2.bootpc: [udp sum ok] BOOTP/DHCP, Reply, length 300, xid 0x9594b7ec, Flags [none] (0x0000)
Your-IP 192.168.1.2
Server-IP Main_Router
Client-Ethernet-Address ca:81:e5:6d:f3:d4 (oui Unknown)
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: Offer
Server-ID Option 54, length 4: Main_Router
Lease-Time Option 51, length 4: 86400
Subnet-Mask Option 1, length 4: 255.255.255.0
Default-Gateway Option 3, length 4: Main_Router
Domain-Name-Server Option 6, length 4: Main_Router
21:47:32.321713 IP (tos 0x10, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
Main_Router.bootps > 192.168.1.2.bootpc: [udp sum ok] BOOTP/DHCP, Reply, length 300, xid 0x9594b7ec, Flags [none] (0x0000)
Your-IP anonymous
Server-IP Main_Router
Client-Ethernet-Address ca:81:e5:6d:f3:d4 (oui Unknown)
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: ACK
Server-ID Option 54, length 4: Main_Router
Lease-Time Option 51, length 4: 86400
Subnet-Mask Option 1, length 4: 255.255.255.0
Default-Gateway Option 3, length 4: Main_Router
Domain-Name-Server Option 6, length 4: Main_Router
21:47:32.705919 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.1.2 tell Main_Router, length 46
21:47:34.439183 ARP, Ethernet (len 6), IPv4 (len 4), Reply 192.168.1.2 is-at ca:81:e5:6d:f3:d4 (oui Unknown), length 28
21:47:52.330986 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84)
192.168.1.2 > 192.168.1.80: ICMP echo request, id 27, seq 1, length 64
21:47:53.422288 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84)
192.168.1.2 > 192.168.1.80: ICMP echo request, id 27, seq 2, length 64
Don't see reply from 192.168.1.80 going back ... If ping 192.168.1.2 from 192.168.1.80
I see traffic going from .80 to .2 but no reply!
Please help.
tcpdump -vv -i eth1 host 192.168.1.2
tcpdump: WARNING: eth1: no IPv4 address assigned
tcpdump: listening on eth1, link-type EN10MB (Ethernet), capture size 65535 bytes
21:47:32.015521 IP (tos 0x10, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
Main_Router.bootps > 192.168.1.2.bootpc: [udp sum ok] BOOTP/DHCP, Reply, length 300, xid 0x9594b7ec, Flags [none] (0x0000)
Your-IP 192.168.1.2
Server-IP Main_Router
Client-Ethernet-Address ca:81:e5:6d:f3:d4 (oui Unknown)
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: Offer
Server-ID Option 54, length 4: Main_Router
Lease-Time Option 51, length 4: 86400
Subnet-Mask Option 1, length 4: 255.255.255.0
Default-Gateway Option 3, length 4: Main_Router
Domain-Name-Server Option 6, length 4: Main_Router
21:47:32.321713 IP (tos 0x10, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
Main_Router.bootps > 192.168.1.2.bootpc: [udp sum ok] BOOTP/DHCP, Reply, length 300, xid 0x9594b7ec, Flags [none] (0x0000)
Your-IP anonymous
Server-IP Main_Router
Client-Ethernet-Address ca:81:e5:6d:f3:d4 (oui Unknown)
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: ACK
Server-ID Option 54, length 4: Main_Router
Lease-Time Option 51, length 4: 86400
Subnet-Mask Option 1, length 4: 255.255.255.0
Default-Gateway Option 3, length 4: Main_Router
Domain-Name-Server Option 6, length 4: Main_Router
21:47:32.705919 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.1.2 tell Main_Router, length 46
21:47:34.439183 ARP, Ethernet (len 6), IPv4 (len 4), Reply 192.168.1.2 is-at ca:81:e5:6d:f3:d4 (oui Unknown), length 28
21:47:52.330986 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84)
192.168.1.2 > 192.168.1.80: ICMP echo request, id 27, seq 1, length 64
21:47:53.422288 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84)
192.168.1.2 > 192.168.1.80: ICMP echo request, id 27, seq 2, length 64
Don't see reply from 192.168.1.80 going back ... If ping 192.168.1.2 from 192.168.1.80
I see traffic going from .80 to .2 but no reply!
Please help.
-
- Posts: 2
- Joined: Tue Apr 01, 2014 5:40 am
Re: L2TP/IPSEC PSK Issue
Still can't resolve this issue.