Access internal IPs from vpnclient

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
redscream
Posts: 4
Joined: Fri Nov 13, 2020 9:39 pm

Access internal IPs from vpnclient

Post by redscream » Fri Nov 13, 2020 9:47 pm

Dear all,

I am using Softether VPN server I have a question. I appreciate if you could help me.
I use local bridge and I would like to access to the servers internal IPs from vpn client. Let me give you some details.
This is my ifconfig output.

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:670 errors:0 dropped:0 overruns:0 frame:0
TX packets:670 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:49066 (47.9 KiB) TX bytes:49066 (47.9 KiB)

ppp0 Link encap:Point-to-Point Protocol
inet addr:10.0.0.1 P-t-P:10.0.0.110 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1396 Metric:1
RX packets:687 errors:0 dropped:0 overruns:0 frame:0
TX packets:813 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:95104 (92.8 KiB) TX bytes:65306 (63.7 KiB)

ppp1 Link encap:Point-to-Point Protocol
inet addr:10.0.0.1 P-t-P:10.0.0.111 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1396 Metric:1
RX packets:691 errors:0 dropped:0 overruns:0 frame:0
TX packets:545 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:95366 (93.1 KiB) TX bytes:45336 (44.2 KiB)

ppp2 Link encap:Point-to-Point Protocol
inet addr:10.0.0.1 P-t-P:10.0.0.112 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1396 Metric:1
RX packets:849 errors:0 dropped:0 overruns:0 frame:0
TX packets:1015 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:80079 (78.2 KiB) TX bytes:85186 (83.1 KiB)

tap_soft Link encap:Ethernet HWaddr 00:ac:79:c7:20:30
inet addr:192.168.7.1 Bcast:192.168.7.255 Mask:255.255.255.0
inet6 addr: fe80::2ac:79ff:fec7:2030/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:9866 errors:0 dropped:0 overruns:0 frame:0
TX packets:12867 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:1188328 (1.1 MiB) TX bytes:4627597 (4.4 MiB)


Client gets 192.168.7.50 IP adress from softether, I can ping from 192.168.7.50 to 10.0.0.1 but can not access to 10.0.0.110, 10.0.0.111, 10.0.0.112. These Ips are pptp VPN ips of other pptp clients. I am running both softether and native pptp vpn servers on my server.

Thanks in advance

sky59
Posts: 477
Joined: Tue Sep 11, 2018 5:58 pm

Re: Access internal IPs from vpnclient

Post by sky59 » Sat Nov 14, 2020 11:14 am

I think you have too strickt mask at the client, what is it? 255.255.255.0?

redscream
Posts: 4
Joined: Fri Nov 13, 2020 9:39 pm

Re: Access internal IPs from vpnclient

Post by redscream » Thu Nov 19, 2020 10:46 pm

sky59 wrote:
Sat Nov 14, 2020 11:14 am
I think you have too strickt mask at the client, what is it? 255.255.255.0?
What should be the netmask to access 10.0.0.x network from 192.7.1.X ?
Thanks

sky59
Posts: 477
Joined: Tue Sep 11, 2018 5:58 pm

Re: Access internal IPs from vpnclient

Post by sky59 » Fri Nov 20, 2020 7:50 am

0.0.0.0

but it will probably affect whole network (other things would probably be not working)

redscream
Posts: 4
Joined: Fri Nov 13, 2020 9:39 pm

Re: Access internal IPs from vpnclient

Post by redscream » Fri Nov 20, 2020 8:27 am

sky59 wrote:
Fri Nov 20, 2020 7:50 am
0.0.0.0

but it will probably affect whole network (other things would probably be not working)
yes I did it the VPN clients could not connect, is there any other way to configure it?

sky59
Posts: 477
Joined: Tue Sep 11, 2018 5:58 pm

Re: Access internal IPs from vpnclient

Post by sky59 » Fri Nov 20, 2020 9:18 am

make both subnets closer to each other 10..... and 192...... are too different

both either 10 or 192

use this calculator http://jodies.de/ipcalc and you will see if you can reach other subnet

Afakename
Posts: 30
Joined: Thu Dec 03, 2020 6:15 pm

Re: Access internal IPs from vpnclient

Post by Afakename » Thu Dec 03, 2020 7:02 pm

Hi Redscream,

Bridging requires the NIC card supporting promiscuous mode and MAC forging (aka, MAC spoofing). You need to verify that these 2 options are enabled for the NIC card that is facing the internal network. Are you running the SEVPN server on a VM or a physical host?

redscream
Posts: 4
Joined: Fri Nov 13, 2020 9:39 pm

Re: Access internal IPs from vpnclient

Post by redscream » Fri Dec 04, 2020 7:53 am

It is VM on VPS.
I have already figured out by adding route on client side (10.X.X.X ips) when ppp connects.
All ip blocks are communicating each other successfully.
Thanks a lot

Post Reply