SoftEther VPN User Forum

Hi,

I'm trying to migrate from a openvpn server to a new ethersoft vpn server.

Now we have a openvpn server with 1 network adapter connected to internet with a public IP address.
The server is configured to act as a routed tunnel (dev-tun) and has this configuration:

server 192.168.10.0 255.255.254.0

We push general some routes on server.conf like this:

push "route 10.128.0.0 255.255.0.0"
push "route 172.21.0.0 255.255.0.0"

Then we have created several accounts to access the LAN, and for every account we assign a /30 subnet network addresses range.

client-config-dir ccd

On the ccd directory we have some files, one for each account with content like this:

ifconfig-push 192.168.11.109 192.168.11.110

The reason to do this is to restrict access to certain ip's only on a firewall filtering with the source IP address of each client.

On the openvpn server, I have one eth0 interface configured with the public IP address, and a virtual network interface tun0 like this:
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:192.168.10.1 P-t-P:192.168.10.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:4456587 errors:0 dropped:0 overruns:0 frame:0
TX packets:3610195 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:3022059022 (2.8 GiB) TX bytes:2301532676 (2.1 GiB)

I have been testing EtherSoft VPN Server, and I have managed to connect my company LAN using Virtual NAT and DHCP.
But I can't manage to make a configuration like our openvpn server, and to assign to each client a static IP, and that all network traffic that each client generates comes with its own source IP address in order to restrict access into a firewall.

Could anyone help me to configure this scenario?
Thank you very much.

Create virtual HUB for each user.
And use virtual L3 switch.
These can act as your OpenVPN settings.

thisjun wrote:
> Create virtual HUB for each user.
> And use virtual L3 switch.
> These can act as your OpenVPN settings.

Hi,

Thank you very much for your answer.
I have problems implementing this.

I explain the scenario that we would like to set up.

The softether vpn server have a IP address: 192.168.1.100

We would like to create some users into the vpn server, but want to assign to each user an static IP because we want to filter different access rules on a Juniper firewall what is connected as the default gateway of the vpn server (192.168.1.1)

So, we want an scenario like this:
- user1 -- fixed IP address: 192.168.0.5
- user2 -- fixed IP address: 192.168.0.10
- user3 -- fixed IP address: 192.168.0.15

And into the firewall create rules to allow and deny access to different networks filtering by the source address (192.168.0.5, 192,168.0.10 or 192.168.0.15).

I have tested creating an VPN Hub, and Layer3 Switch associated to this VPN Hub.
Layer3 Switch configured as: Virtual interfaces: IP: 192.168.0.1 Subnet Mask: 255.255.255.0
Routing Table: (all blank)

Into the VPN Hub, I have created a user with password.
But, how to configure the fixed IP's and gateway to each user?

Thank you very much.

Anyone could help me with this?

Thank you.

SoftEther can't assign static IP address for users.
So, please create Hub's for each user.
And, assign a IP address by SecureNAT DHCP.