I have connected our office (a) with a subsidiary (b), and also my home (c) with softether - (b) and (c) connect to (a). These cascade connections work perfectly.
At the moment client connections only work to (c).
I've forwarded udp ports 500, 4500 and 1701 on (b) and (c) to the local vpnserver, but the OSX VPN never makes it past the connecting phase on (b). (a is behind an asa 5505 where i still have to figure out how to port-forward!)
Does anybody know what I've missed?
Another problem is that if a machine connects via dhcp at home (c), it receives an ip address from (a). I remedied that by giving myself fixed ips for each subnet.
Is there a way to let dhcp hand out local ips? Would the layer 3 switch help in this case?
Thanks for your help
cheers
Phil
a few questions
-
- Posts: 2458
- Joined: Mon Feb 24, 2014 11:03 am
Re: a few questions
The router which doesn't support VPN pass-through can't handle multiple IPsec connection.
Please use Security Policy to filter DHCP packets. https://www.softether.org/4-docs/1-manu ... y_Policies
Please use Security Policy to filter DHCP packets. https://www.softether.org/4-docs/1-manu ... y_Policies
-
- Posts: 8
- Joined: Sun May 11, 2014 11:44 am
Re: a few questions
Thanks. Filtering DHCP packets does the job perfectly.
Any idea why I can connect to a machine on a different subnet via fqdn e.g. "ssh phil@admin.local" but not via its ip-address ssh phil@192.168.45.67? I also cannot ping ip addresses.
Phil
Any idea why I can connect to a machine on a different subnet via fqdn e.g. "ssh phil@admin.local" but not via its ip-address ssh phil@192.168.45.67? I also cannot ping ip addresses.
Phil
-
- Posts: 2458
- Joined: Mon Feb 24, 2014 11:03 am
Re: a few questions
If you do ping to the fqdn, which does IP respond?