Page 1 of 1

SoftEther Bridge Setup on Linux (raspbian)

Posted: Thu Oct 10, 2019 4:21 am
by hbleier
I have a SoftEther Server running on linux (Rpi3B+) at our main office and on the remote network I got a SoftEther Bridge running on linux (rpi3B+). I can not figure out how to get the routing to work, I think it is because I need to setup layer 3 virtual switching. Can anyone give me a hand with this. I have read thru the howtos and still can not get it working. The only limit I have and the reason I am doing this is I don't have access to the customers router to give myself a static public ip otherwise I would do this with my routers openvpn support. I saw SoftEther supports this but most examples I have found are just using it for remote access with s-nat. I have to have each of my device able to see each other via their local ip address, there is a ton of ports that I need them to be able to access, as it is a S.C.A.D.A system and also the device configuration software uses several ports when we need to make sequence changes to their programming. I am sorry if I don't use the proper TCP/IP terminology as I primarily deal with modbus and BACnet rs485 comms. But please if you understand what I am trying to achieve here any help would be greatly appreciated. I am sure it is something simple that I am just missing in the configuration, I don't normally work with VPN's that much.
SoftEtherNetwork.png
SoftEtherConfig.png

Re: SoftEther Bridge Setup on Linux (raspbian)

Posted: Thu Oct 10, 2019 11:03 am
by sky59
your picture is not very clear also description is not really clear....

do you access your SE server as public IP on your picture?? and ports forwarded in router to 10.10.1.3?

Re: SoftEther Bridge Setup on Linux (raspbian)

Posted: Thu Oct 10, 2019 10:32 pm
by hbleier
Yes, exactly the Server is on a static public IP that is the reason I blocked it out. My router is port forwarding the ports 443,992,1194, and 5555 from the Public IP to the Servers IP of 10.10.1.3 on the local LAN. When I did that screenshot I was at our customers building logged into both the server and the bridge using the VPN Server Manager for windows via wine emulator on ubuntu linux. The bridge is able to log into the server at our office, when I watch the server status it does show that there is a session active and shows the user logged in. But from our office (server location) I am not able to ping any of the IP addresses at the bridge location range (10.10.110.0/24).

Re: SoftEther Bridge Setup on Linux (raspbian)

Posted: Fri Oct 11, 2019 6:55 am
by hbleier
Yes on the router at my office I have four ports (443,992,1194,5555) being forwarded from the WAN (Static Public IP Address) to the local LAN IP of the SoftEther Server. I have been playing with the settings on both the bridge and server and still haven't got it to work. The bridge does connect to the server, I see the session that the user logged in but I still can't ping addresses from one network to the other network. Do you have any ideas on what I need to check?

Re: SoftEther Bridge Setup on Linux (raspbian)

Posted: Fri Oct 11, 2019 8:58 am
by sky59
What is your SE bridge bridging!??
It must have at least TWO lan connections. One to the internet and one "bridge" to the devices you want to access over VPN.

I see your bridge has only ONE lan???

Re: SoftEther Bridge Setup on Linux (raspbian)

Posted: Fri Oct 11, 2019 9:29 am
by hbleier
I am trying to Bridge the remote site to our office. There is only one nic in each system, it is just like the network diagram. So from the office Scada Server (IP 10.10.1.2) I need to be able to access all of the IP's at the remote site (10.10.110.0/24) there is alot more than what I shown on the diagram there is 30 nodes there. Then from the remote site I need to be able to see the office network which also has more devices than what is shown. But at the remote site the customer will not give me a static public ip (they only have one and use it for their vpn), I only have a static ip on their LAN (192.168.110.220) only have the one IP. It is plugged into a Ubnt ERLite-3 Router on the WAN port and we run the IP range of 10.10.110.0/24 on the LAN port which feeds our network switches that are onsite at their building. I got several of these same setups at multiple buildings that I need to link back to our office, 10.10.71.2, 10.10.75.2, etc. Each is the same they give me one ip address on their lan 192.168.71.220, 192.168.75.220, etc.

Re: SoftEther Bridge Setup on Linux (raspbian)

Posted: Fri Oct 11, 2019 10:11 am
by hbleier
Here is a more detailed diagram of the remote site. The customer assigned the IP 192.168.110.220 to me I have that plugged into a UBNT ERLite-3 router on wan port and my switch is on lan port. The router is setup with 10.10.110.1 as it's lan ip. I turned off the internal DHCP server because all of our ethernet nodes are set to a static ip. The Raspberry Pi running SoftEther Bridge has a static ip of 10.10.110.4 on eth0. There is only one nic on the raspberry pi. It is plugged into my main switch, as are the other 29 devices are, each with a static ip in the range of 10.10.110.5-10.10.110.34. The raspberry pi is connected over the internet back to my office because I can see that it logged into it. But it is not linking the two networks together and routing the tcp packets.

I just need all of the 29 devices on the network to be visible to my main office by their ip address because there is a ton of ports that I need access to on each of them (about 10 different ports on each).
Remote Network Diagram.png

Re: SoftEther Bridge Setup on Linux (raspbian)

Posted: Fri Oct 11, 2019 11:11 am
by sky59
you do not need to write stories, I have no time to read them...

your diagram is completely wrong, read again what I have written before...

Re: SoftEther Bridge Setup on Linux (raspbian)

Posted: Fri Oct 11, 2019 2:34 pm
by 87502560
hi sky

can you help me ?

https://www.vpnusers.com/viewtopic.php?f=7&t=64673

Unable to connect to SoftEther management server

Sometimes it can, sometimes it can't.

Do you have a solution?

Re: SoftEther Bridge Setup on Linux (raspbian)

Posted: Fri Oct 11, 2019 3:28 pm
by hbleier
So is there a way to do a site2site vpn with only the internal nic on the raspberry pi at each site. I can not get rid of the routers and the Rpi's are not going to be able to handle all of the badwidth of the whole system. I just want to route the small amount between the sites that need to be shared, not all of the network traffic between the whole network and the internet. I just need to link the sites together. I don't think that you are fully understanding what I am trying to do. I have seen this done with hardware at another building. Do I need to run the full SoftEther Server at both sites? Do I need to setup a VLan on the rpi's to allow it, like eth0:1 etc.? Please let me know what to look into, I am stuck it connects but will not route the packets.

Re: SoftEther Bridge Setup on Linux (raspbian)

Posted: Fri Oct 11, 2019 3:34 pm
by sky59
Hbleier,

stop writing stories, I told you already where is the problem

Place here screenshot what is your LocalBridgeSetting
for server and bridge

Re: SoftEther Bridge Setup on Linux (raspbian)

Posted: Fri Oct 11, 2019 3:38 pm
by sky59
87502560 wrote:
Fri Oct 11, 2019 2:34 pm
hi sky

can you help me ?

https://www.vpnusers.com/viewtopic.php?f=7&t=64673

Unable to connect to SoftEther management server

Sometimes it can, sometimes it can't.

Do you have a solution?
I never had problem with this so I can not help

But I always used direct connection from PC to server/bridge using lan cable from interface to interface, it MUST work

Re: SoftEther Bridge Setup on Linux (raspbian)

Posted: Sat Oct 12, 2019 1:49 am
by 87502560
I also use point to server mode, but the management login is not up.

Re: SoftEther Bridge Setup on Linux (raspbian)

Posted: Sat Oct 12, 2019 2:16 am
by ozone
To hbleier:

I wonder, did you get it working?
Seem to be not too difficult to do actually, looking at your pictures....

Re: SoftEther Bridge Setup on Linux (raspbian)

Posted: Sat Oct 12, 2019 2:23 am
by ozone
to 87502560:

Please start your own thread, in stead of hijacking someone else's...

Re: SoftEther Bridge Setup on Linux (raspbian)

Posted: Sun Oct 13, 2019 6:07 pm
by hbleier
ozone wrote:
Sat Oct 12, 2019 2:16 am
To hbleier:

I wonder, did you get it working?
Seem to be not too difficult to do actually, looking at your pictures....
To ozone:

Yes, thank you for check up on my request for help. I just got it working about an hour ago. All that was wrong was my static route in my physical router was not pointing at the virtual switch on the softether server. It works and this way I can keep the physical router in place so only the remote packets are going thru the bottleneck of the onboard usb-controller-nic situation on the rpi3b+. I know the rpi4b is better but i got one and it runs a lot hotter and this is panel mounted on din rail in industrial control panel so I didn't want to risk it overheating. I know the rpi3b+ last, I got many of them installed this way acting as network translators for BACnet MS/TP(rs485) to BACnet IP. SoftEther is awesome, it gets the job done and I am averaging only 30ms delay on the raspberry pi's going across the internet to each other so I am very pleased with the performance I was worried the rpi's were going to be slow.

Re: SoftEther Bridge Setup on Linux (raspbian)

Posted: Mon Oct 14, 2019 6:35 am
by sky59
There is no way it can work as it is shown on very first picture. There is no local bridge!