SoftEther VPN User Forum

raafat wrote: ↑

Sun Sep 18, 2016 8:42 pm

Hello There!, i am going to breakdown my instructions into several stages. Meaning we will move on to next stage once we finishe the previous one successfully. Also, to not end with a situation where is i have to solve other's suggestions problems, I am going to instruct you from beginning. Here we go (:.


First stage, HQ side, SE server:

** create a router and name it BlackCastle or whatever you would like to call it.

** create a virtual hub, let's name it HQGate.

** bridge HQGate hub to the interface that is connected to your internal network, make sure "Promiscuous mode" is enabled on the interface that is connected to your internal network.

** on the just-created BlackCastle router, create a virtual interface and and set "Destination Virtual Hub Name" as HQGate hub. Since HQ's IP subnet is : 192.168.88.0/24, we're going to set the virtual interface IP address to : 192.168.88.253/24

** ping the virtual IP address 192.168.88.253 from your router or any host on the same segment(internal network) to make sure that the virtual interface is reachable and the bridge function is functioning correctly.


I am waiting for your confirmation that "192.168.88.253" is reachable from your internal network, that is, 192.168.88.0/24.


Good luck (:

xlanor wrote: ↑

Fri Mar 06, 2020 6:26 am

raafat wrote: ↑

Sun Sep 18, 2016 8:42 pm

Hello There!, i am going to breakdown my instructions into several stages. Meaning we will move on to next stage once we finishe the previous one successfully. Also, to not end with a situation where is i have to solve other's suggestions problems, I am going to instruct you from beginning. Here we go (:.


First stage, HQ side, SE server:

** create a router and name it BlackCastle or whatever you would like to call it.

** create a virtual hub, let's name it HQGate.

** bridge HQGate hub to the interface that is connected to your internal network, make sure "Promiscuous mode" is enabled on the interface that is connected to your internal network.

** on the just-created BlackCastle router, create a virtual interface and and set "Destination Virtual Hub Name" as HQGate hub. Since HQ's IP subnet is : 192.168.88.0/24, we're going to set the virtual interface IP address to : 192.168.88.253/24

** ping the virtual IP address 192.168.88.253 from your router or any host on the same segment(internal network) to make sure that the virtual interface is reachable and the bridge function is functioning correctly.


I am waiting for your confirmation that "192.168.88.253" is reachable from your internal network, that is, 192.168.88.0/24.


Good luck (:

Hi rafaat,

Apologies for digging this thread,

I stumbled on it while looking for help with the exact same issue that I have.

I'm setting up a SoftEther Site-to-site between AWS and my house, I don't see anyway that I can enable Promiscuous mode.

I'm using a network 172.31.49.0/25, so I tried setting 172.31.49.126 as the virtual interface IP address, but it's not working either.

I tried enabling it with secureNat and without, and was still unable to proceed further.