SoftEther VPN User Forum

Hi,

I'm making some tests on the SoftEtherVPN Server in a linux debian machine.
I want to provide remote access to a LAN using the SoftEther VPN Server. Attached is a scheme of my simple LAB.
http://www.vpnusers.com/download/file.p ... iew&id=715

I can have access to my server and get an IP address but when I try to ping a machine in the LAN I can't get answers. I analyzed the traffic and I can see that the LAN machine can't answer the ping of the user.

I have tried the Local bridge function but it doesn't seem to be working. Here is my local bridge configuration:
http://www.vpnusers.com/download/file.p ... iew&id=716

Do you have any idea what may be wrong with my configuration??
Is it necessary to have the VPN Server directly connected to the LAN and not seperated by a router or a firewall?

Thank you!!

If that PC on the LAN network is behind a NAT'd router than of course you can't ping it.
If the router is also your firewall, then you can place it in front of your SE server...but be sure to enable port forwarding or assign the SE server to DMZ on your router.

hatimux wrote:
> Hi,
>
> I'm making some tests on the SoftEtherVPN Server in a linux debian machine.
> I want to provide remote access to a LAN using the SoftEther VPN Server.
> Attached is a scheme of my simple LAB.
> http://www.vpnusers.com/download/file.p ... iew&id=715
>
> I can have access to my server and get an IP address but when I try to ping
> a machine in the LAN I can't get answers. I analyzed the traffic and I can
> see that the LAN machine can't answer the ping of the user.
>
> I have tried the Local bridge function but it doesn't seem to be working.
> Here is my local bridge configuration:
> http://www.vpnusers.com/download/file.p ... iew&id=716
>
> Do you have any idea what may be wrong with my configuration??
> Is it necessary to have the VPN Server directly connected to the LAN and
> not seperated by a router or a firewall?
>
> Thank you!!

Actually there is no NAT configuration.
I think the local bridge isn't working because I can't even ping the LAN interface (eth1) of the SE server.

Just one thing, I'm using VMware to create my machines. It might be the cause of the problem.

Refer to section 3.6.5 and 3.6.6 here: https://www.softether.org/4-docs/1-manu ... al_Bridges

I'm assuming you mean esxi/esx when you're referring to VMware. By default, esxi port groups has promiscuous mode disabled, enabled it on the port group where eth1 of SE server is connected to.

hatimux wrote:
> Actually there is no NAT configuration.
> I think the local bridge isn't working because I can't even ping the LAN
> interface (eth1) of the SE server.
>
> Just one thing, I'm using VMware to create my machines. It might be the
> cause of the problem.

Did you enable SecureNAT?
If so, please disable the function when using localbridge.