Page 1 of 1

How are different things supposed to work?

Posted: Thu Mar 12, 2020 7:28 pm
by peon2t
Hi

I've set up about four SoftEther "installations", always using a Netgear RN212 NAS as server. Unfortunately none of those installations went "straightforward" - I always ended up fiddling around quite a lot until it finally worked somehow. Because I probably didn't always understand why it finally worked - and because there always was about half a year or more between the installations - every time I more or less start troubleshooting from the beginning because I don't remember what finally made it work the last time.

Therefore a few questions:

1. VPNAZURE - why doesn't it work consistently?

For example today I set up a new installation, activating VPNazure and making the usual configuration. To start I didn't touch the router (port forward and things like this) because it should work without thanks to VPNazure, right?

Now the thing is: It worked for a bit less than an hour and then stopped working. (No change was made between when it worked and when it didn't).

After I first set up the VPN server I could connect using VPNazure... tried it like three or four times, worked. Fifth try after probably a bit less than a hour didn't work (no connection to the server possible). Since then it never worked. (Server UI still says that it's connected to VPNazure.)


2. Port forwarding

Since VPNazure doesn't seem to work reliably I'd probably have to open ports. Is it correct that this should be a "straightforward" thing, meaning forwarding one (or more than one) of the "listening" ports of the VPN server to the IP of the server?
I ask this because this is how it normally works when I forward some RDP, Webcam or even Webserver on the router... however in the past I made the experience that it didn't just always work as expected. IIRC with port 443 there often were issues, other ports worked better. Is there something special to consider?


3. local DHCP/DNS

If the client (eventually) gets a successful connection to the network, it gets it's IP via DHCP from the router and it gets the router set as Gateway and DNS server. Can I alter this behaviour in order to get another DNS server set?


Thanks for your input.

Re: How are different things supposed to work?

Posted: Sat Mar 14, 2020 12:13 am
by ddunston
1. I've not used VPNAzure much because the performance was not always great for sessions like RDP. I set up my own digital ocean VPN relay server instead once before.

2. The port-forwarding should work but it depends on what you're referring to? Do you want to administer the VPN server remotely or forward the ports for the VPN protocols? Port-forwarding has always worked for me using standard forwarding rules.

Towards the middle of the page https://www.softether.org/3-spec you can see the ports for the various services for the VPN server and the ports for the VPN protocols supported.

3. a. You can use the Softether SecureNat and its DHCP service to provide IPs and a DNS server. I'm not sure if there is another way right off hand except to have a script the user can run to set their DNS server via bash or powershell, depending on the OS.