Client has a SSL tunnel, but doesn't go through it

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
zedyasuo
Posts: 12
Joined: Mon May 11, 2020 7:42 am

Client has a SSL tunnel, but doesn't go through it

Post by zedyasuo » Fri Jul 31, 2020 7:09 am

Hey guys,
I have established a PC-LAN connection like the attaching picture and my platform is redhat EL5.

Here is the work procedure(some steps maybe wrong):
Step 1, the VPN Client and the VPN Server will make a SSL handshake, and a SSL tunnel will be established.
Step 2, the VPN Server will send the local resources corresponding to the client-account to the VPN Client through the SSL tunnel.
Step 3, the VPN client receives the resources and shows them in web browser. The resources are some links to the LAN behind the VPN server.
Step 4, and at the same time, the VPN server will allocate an IP for the VPN Client virtual card.
Step 5, now both client and server are in session main routine. the VPN Client now can access the resource through the virtual card.

Here is my question:
in Step 2, the VPN Server can send the resources in SSL tunnel, but in Step 5, the client's access to the LAN behind doesn't go through the SSL tunnel.It's just from client virtual card to the server LAN and it's non-encrypted.

Anyone know this?
Please tell me how to solve it, thankyou!!!
You do not have the required permissions to view the files attached to this post.

zedyasuo
Posts: 12
Joined: Mon May 11, 2020 7:42 am

Re: Client has a SSL tunnel, but doesn't go through it

Post by zedyasuo » Fri Jul 31, 2020 9:17 am

I use the tcpdump to capture the packets in virtual LAN card from VPN Server to VPN Client
The packets are all Plaintext and I can see the contents.
It's obviously that the packets don'g go through the SSL tunnel

zedyasuo
Posts: 12
Joined: Mon May 11, 2020 7:42 am

Re: Client has a SSL tunnel, but doesn't go through it

Post by zedyasuo » Mon Aug 03, 2020 1:38 am

Anyone know this?
Please reply this.
Thank you!!!

zedyasuo
Posts: 12
Joined: Mon May 11, 2020 7:42 am

Re: Client has a SSL tunnel, but doesn't go through it

Post by zedyasuo » Wed Aug 05, 2020 1:19 am

Hi guys,

I think I can close this topic now.

I use the 'port-mirroring' function of my switch to duplicate the packages of the VPN Server when I access the resources behind the VPN Server through the VPN Client.
The packages show that the transmission was in SSL tunnel and encrypted.
However, when I capture packages in the VPN Client, the packages are plaintext.

The conclusion is that:
1) The transmission between the VPN Server and the VPN Client is in SSL tunnel and encrypted.
2) The packages captured in VPN Client or VPN Server virtual LAN card is plaintext, which is because the packages has been decrypted before it is transferred to the virtual LAN card

Thank you all!

Post Reply