SoftEther VPN User Forum

SoftEther VPN User Forum
https://www.vpnusers.com/

Access List problem

https://www.vpnusers.com/viewtopic.php?f=7&t=4330

Page 1 of 1

Access List problem

Posted: Thu Mar 05, 2015 1:25 pm
by Mhm0ud
Hi every one,

With simple test project before used SoftEther VPN in my company I create this lab :
windows server 2012 R2 with two network cards internal with ip 192.168.1.1, External with IP 192.168.2.1 and installed SoftEther VPN server on it, Create local bridge between a Virtual Hub and internal network, in hub create users user1 & user2 with password authentication.
Another computer(windows 7) work as any client want to connect to VPN server from outside with IP 192.168.2.10, installed SoftEther VPN client on it.
And last server work as a file server in internal network with IP 192.168.1.3.
Create access list on Hub to pass only to user1 to connect to file server only with priority 900, and create access list to discard all connection to any ip in internal network with priority 1000.
So, as usual the user1 will can access to file server only, but with this setting in SoftEther the user1 can't connect to the file server! and I need to delete the discard access list if I need to the user access the internal network.
I need to permit specific users to access specific internal servers and anything else discard.
Can any body explain me how it works!

---------------------------------------------------------------
Update :
Any suggestion to make this scenario !

Re: Access List problem

Posted: Fri Mar 06, 2015 9:46 am
by qupfer
Mhm0ud wrote:
> Create access list on Hub to pass only to user1 to connect to file server
> only with priority 900, and create access list to discard all connection to
> any ip in internal network with priority 1000.

>
> ---------------------------------------------------------------
> Update :
> Any suggestion to make this scenario !

Can you post your complete access-list?
Did you allow the connection from user1 to fileserver and also from fileserver to user1.
In most cases, one of the both required paths are missing, so the answer of the fileserver can't reach the client.

Re: Access List problem

Posted: Sun Mar 08, 2015 7:20 am
by Mhm0ud
Access List :
1-Permit user1 to acess any IP with any souce IP Priority : 100
2-Deny any any any any Priority :200

* I disabled firewall in both machines
*in basic settings they type smaller number has higher priority, and IP packets that didn't match any access list items can pass

Re: Access List problem

Posted: Tue Mar 10, 2015 6:31 am
by Mhm0ud
If any body use Access List can describe the and how it work.
I work with latest version (Ver 4.14, Build 9529, beta)

Re: Access List problem

Posted: Thu Mar 19, 2015 6:51 am
by thisjun
Try to allow broadcast packet.
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/