Browsing internet is not working as I expected
-
- Posts: 8
- Joined: Fri Apr 01, 2022 1:55 pm
Browsing internet is not working as I expected
Hello guys,
Here's the scenario i want to achieve. Basically I want to be able to access all LAN devices I have at home when I'm connected to VPN from my laptop or phone from some other place BUT only this, i don't want all internet to go via the VPN.
In human words... Let's say I'm at a coffe-shop with my laptop and I want to access my remote windows machine from home.
I want to be able to RDP to 192.168.1.15 for example.
But also, all internet browsing... to happen via coffess-shop's wireless (and not to be re-routed to my home and back to me)
How could I achieve this?
P.S. As I understood, in the virtual nat settings I only had to disable providing a default gateway or DNS. And so I did. But without a default gateway, all sites throw a DNS PROBE POSSIBLE error (though I provided 8.8.8.8 and 8.8.4.4 as DNS data)
If I use a default gateway with the VPN's internal IP address... browsing internet works... but all traffic gets routed via that VPN interface, and I don't want to do this.
Here's the scenario i want to achieve. Basically I want to be able to access all LAN devices I have at home when I'm connected to VPN from my laptop or phone from some other place BUT only this, i don't want all internet to go via the VPN.
In human words... Let's say I'm at a coffe-shop with my laptop and I want to access my remote windows machine from home.
I want to be able to RDP to 192.168.1.15 for example.
But also, all internet browsing... to happen via coffess-shop's wireless (and not to be re-routed to my home and back to me)
How could I achieve this?
P.S. As I understood, in the virtual nat settings I only had to disable providing a default gateway or DNS. And so I did. But without a default gateway, all sites throw a DNS PROBE POSSIBLE error (though I provided 8.8.8.8 and 8.8.4.4 as DNS data)
If I use a default gateway with the VPN's internal IP address... browsing internet works... but all traffic gets routed via that VPN interface, and I don't want to do this.
-
- Posts: 1228
- Joined: Sun Feb 14, 2021 10:31 am
-
- Posts: 8
- Joined: Fri Apr 01, 2022 1:55 pm
Re: Browsing internet is not working as I expected
Hello,
I've tried also with DNS disabled and still not working
Here's what I see from ipconfig /all
Here is a photo of the SecureNAT Configuration:
I've tried also with DNS disabled and still not working
Here's what I see from ipconfig /all
Code: Select all
PPP adapter VPN_36:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VPN_36
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.11.12.10(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 0.0.0.0
NetBIOS over Tcpip. . . . . . . . : Enabled
You do not have the required permissions to view the files attached to this post.
-
- Posts: 8
- Joined: Fri Apr 01, 2022 1:55 pm
Re: Browsing internet is not working as I expected
Here's the entire server config, in case it is needed for clarifications:
Code: Select all
declare root
{
uint ConfigRevision 42
bool IPsecMessageDisplayed true
string Region RO
bool VgsMessageDisplayed false
declare DDnsClient
{
bool Disabled false
byte Key XXXXXXXXXXXXXXXXXXXXXXXX
string LocalHostname S2
string ProxyHostName $
uint ProxyPort 0
uint ProxyType 0
string ProxyUsername $
}
declare IPsec
{
bool EtherIP_IPsec true
string IPsec_Secret XXXXXXXXXX
string L2TP_DefaultHub XXXXXXXXXXVPN
bool L2TP_IPsec true
bool L2TP_Raw true
declare EtherIP_IDSettingsList
{
}
}
declare ListenerList
{
declare Listener0
{
bool DisableDos false
bool Enabled true
uint Port 443
}
declare Listener1
{
bool DisableDos false
bool Enabled true
uint Port 992
}
declare Listener2
{
bool DisableDos false
bool Enabled true
uint Port 1194
}
declare Listener3
{
bool DisableDos false
bool Enabled true
uint Port 5555
}
}
declare LocalBridgeList
{
bool EnableSoftEtherKernelModeDriver true
bool ShowAllInterfaces false
declare LocalBridge0
{
string DeviceName XXXXXXXXXX
string HubName XXXXXXXXXXVPN
bool LimitBroadcast false
bool MonitorMode false
bool NoPromiscuousMode false
}
}
declare ServerConfiguration
{
bool AcceptOnlyTls true
uint64 AutoDeleteCheckDiskFreeSpaceMin 8589934592
uint AutoDeleteCheckIntervalSecs 300
uint AutoSaveConfigSpan 300
bool BackupConfigOnlyWhenModified true
string CipherName AES128-SHA
uint CurrentBuild 9760
bool DisableCoreDumpOnUnix false
bool DisableDeadLockCheck false
bool DisableDosProction false
bool DisableGetHostNameWhenAcceptTcp false
bool DisableIntelAesAcceleration false
bool DisableIPsecAggressiveMode false
bool DisableIPv6Listener false
bool DisableJsonRpcWebApi false
bool DisableNatTraversal false
bool DisableOpenVPNServer false
bool DisableSessionReconnect false
bool DisableSSTPServer false
bool DontBackupConfig false
bool EnableVpnAzure true
bool EnableVpnOverDns false
bool EnableVpnOverIcmp false
byte HashedPassword XXXXXXXXXX=
string KeepConnectHost keepalive.softether.org
uint KeepConnectInterval 50
uint KeepConnectPort 80
uint KeepConnectProtocol 1
uint64 LoggerMaxLogSize 1073741823
uint MaxConcurrentDnsClientThreads 512
uint MaxConnectionsPerIP 256
uint MaxUnestablishedConnections 1000
bool NoDebugDump false
bool NoHighPriorityProcess false
bool NoSendSignature false
string OpenVPNDefaultClientOption dev-type$20tun,link-mtu$201500,tun-mtu$201500,cipher$20AES-128-CBC,auth$20SHA1,keysize$20128,key-method$202,tls-client
string OpenVPN_UdpPortList 1194
bool SaveDebugLog false
byte ServerCert XXXXXXXXXX=
byte ServerKey XXXXXXXXXX=
uint ServerLogSwitchType 4
uint ServerType 0
bool StrictSyslogDatetimeFormat false
bool Tls_Disable1_0 false
bool Tls_Disable1_1 false
bool Tls_Disable1_2 false
bool Tls_Disable1_3 false
bool UseKeepConnect true
bool UseWebTimePage false
bool UseWebUI false
declare GlobalParams
{
uint FIFO_BUDGET 10240000
uint HUB_ARP_SEND_INTERVAL 5000
uint IP_TABLE_EXPIRE_TIME 60000
uint IP_TABLE_EXPIRE_TIME_DHCP 300000
uint MAC_TABLE_EXPIRE_TIME 600000
uint MAX_BUFFERING_PACKET_SIZE 2560000
uint MAX_HUB_LINKS 1024
uint MAX_IP_TABLES 65536
uint MAX_MAC_TABLES 65536
uint MAX_SEND_SOCKET_QUEUE_NUM 128
uint MAX_SEND_SOCKET_QUEUE_SIZE 2560000
uint MAX_STORED_QUEUE_NUM 1024
uint MEM_FIFO_REALLOC_MEM_SIZE 655360
uint MIN_SEND_SOCKET_QUEUE_SIZE 320000
uint QUEUE_BUDGET 2048
uint SELECT_TIME 256
uint SELECT_TIME_FOR_NAT 30
uint STORM_CHECK_SPAN 500
uint STORM_DISCARD_VALUE_END 1024
uint STORM_DISCARD_VALUE_START 3
}
declare ServerTraffic
{
declare RecvTraffic
{
uint64 BroadcastBytes 3397539
uint64 BroadcastCount 37968
uint64 UnicastBytes 53131148725
uint64 UnicastCount 145964517
}
declare SendTraffic
{
uint64 BroadcastBytes 3596891
uint64 BroadcastCount 41005
uint64 UnicastBytes 27114181
uint64 UnicastCount 52708
}
}
declare SyslogSettings
{
string HostName $
uint Port 514
uint SaveType 0
}
}
declare VirtualHUB
{
declare XXXXXXXXXXVPN
{
uint64 CreatedTime 1648764089003
byte HashedPassword XXXXXXXXXX=
uint64 LastCommTime 1648859046460
uint64 LastLoginTime 1648858452348
uint NumLogin 8
bool Online true
bool RadiusConvertAllMsChapv2AuthRequestToEap false
string RadiusRealm $
uint RadiusRetryInterval 0
uint RadiusServerPort 1812
string RadiusSuffixFilter $
bool RadiusUsePeapInsteadOfEap false
byte SecurePassword XXXXXXXXXX=
uint Type 0
declare AccessList
{
}
declare AdminOption
{
uint allow_hub_admin_change_option 0
uint deny_bridge 0
uint deny_change_user_password 0
uint deny_empty_password 0
uint deny_hub_admin_change_ext_option 0
uint deny_qos 0
uint deny_routing 0
uint max_accesslists 0
uint max_bitrates_download 0
uint max_bitrates_upload 0
uint max_groups 0
uint max_multilogins_per_user 0
uint max_sessions 0
uint max_sessions_bridge 0
uint max_sessions_client 0
uint max_sessions_client_bridge_apply 0
uint max_users 0
uint no_access_list_include_file 0
uint no_cascade 0
uint no_change_access_control_list 0
uint no_change_access_list 0
uint no_change_admin_password 0
uint no_change_cert_list 0
uint no_change_crl_list 0
uint no_change_groups 0
uint no_change_log_config 0
uint no_change_log_switch_type 0
uint no_change_msg 0
uint no_change_users 0
uint no_delay_jitter_packet_loss 0
uint no_delete_iptable 0
uint no_delete_mactable 0
uint no_disconnect_session 0
uint no_enum_session 0
uint no_offline 0
uint no_online 0
uint no_query_session 0
uint no_read_log_file 0
uint no_securenat 0
uint no_securenat_enabledhcp 0
uint no_securenat_enablenat 0
}
declare CascadeList
{
}
declare LogSetting
{
uint PacketLogSwitchType 4
uint PACKET_LOG_ARP 0
uint PACKET_LOG_DHCP 1
uint PACKET_LOG_ETHERNET 0
uint PACKET_LOG_ICMP 0
uint PACKET_LOG_IP 0
uint PACKET_LOG_TCP 0
uint PACKET_LOG_TCP_CONN 1
uint PACKET_LOG_UDP 0
bool SavePacketLog true
bool SaveSecurityLog true
uint SecurityLogSwitchType 4
}
declare Message
{
}
declare Option
{
uint AccessListIncludeFileCacheLifetime 30
uint AdjustTcpMssValue 0
bool ApplyIPv4AccessListOnArpPacket false
bool AssignVLanIdByRadiusAttribute false
bool BroadcastLimiterStrictMode false
uint BroadcastStormDetectionThreshold 0
uint ClientMinimumRequiredBuild 0
bool DenyAllRadiusLoginWithNoVlanAssign false
uint DetectDormantSessionInterval 0
bool DisableAdjustTcpMss false
bool DisableCheckMacOnLocalBridge false
bool DisableCorrectIpOffloadChecksum false
bool DisableHttpParsing false
bool DisableIPParsing false
bool DisableIpRawModeSecureNAT false
bool DisableKernelModeSecureNAT false
bool DisableUdpAcceleration false
bool DisableUdpFilterForLocalBridgeNic false
bool DisableUserModeSecureNAT false
bool DoNotSaveHeavySecurityLogs false
bool DropArpInPrivacyFilterMode true
bool DropBroadcastsInPrivacyFilterMode true
bool FilterBPDU false
bool FilterIPv4 false
bool FilterIPv6 false
bool FilterNonIP false
bool FilterOSPF false
bool FilterPPPoE false
uint FloodingSendQueueBufferQuota 33554432
bool ManageOnlyLocalUnicastIPv6 true
bool ManageOnlyPrivateIP true
uint MaxLoggedPacketsPerMinute 0
uint MaxSession 0
bool NoArpPolling false
bool NoDhcpPacketLogOutsideHub true
bool NoEnum false
bool NoIpTable false
bool NoIPv4PacketLog false
bool NoIPv6AddrPolling false
bool NoIPv6DefaultRouterInRAWhenIPv6 true
bool NoIPv6PacketLog false
bool NoLookBPDUBridgeId false
bool NoMacAddressLog true
bool NoManageVlanId false
bool NoPhysicalIPOnPacketLog false
bool NoSpinLockForPacketDelay false
bool RemoveDefGwOnDhcpForLocalhost true
uint RequiredClientId 0
uint SecureNAT_MaxDnsSessionsPerIp 0
uint SecureNAT_MaxIcmpSessionsPerIp 0
uint SecureNAT_MaxTcpSessionsPerIp 0
uint SecureNAT_MaxTcpSynSentPerIp 0
uint SecureNAT_MaxUdpSessionsPerIp 0
bool SecureNAT_RandomizeAssignIp false
bool SuppressClientUpdateNotification false
bool UseHubNameAsDhcpUserClassOption false
bool UseHubNameAsRadiusNasId false
string VlanTypeId 0x8100
bool YieldAfterStorePacket false
}
declare SecureNAT
{
bool Disabled false
bool SaveLog true
declare VirtualDhcpServer
{
string DhcpDnsServerAddress 0.0.0.0
string DhcpDnsServerAddress2 0.0.0.0
string DhcpDomainName $
bool DhcpEnabled true
uint DhcpExpireTimeSpan 7200
string DhcpGatewayAddress 0.0.0.0
string DhcpLeaseIPEnd 10.11.254.254
string DhcpLeaseIPStart 10.11.12.10
string DhcpPushRoutes $
string DhcpSubnetMask 255.255.0.0
}
declare VirtualHost
{
string VirtualHostIp 10.11.12.1
string VirtualHostIpSubnetMask 255.255.0.0
string VirtualHostMacAddress XX-XX-XX-XX-XX-XX
}
declare VirtualRouter
{
bool NatEnabled true
uint NatMtu 1500
uint NatTcpTimeout 1800
uint NatUdpTimeout 60
}
}
declare SecurityAccountDatabase
{
declare CertList
{
}
declare CrlList
{
}
declare GroupList
{
declare XXXXXXXXXX
{
string Note $
string RealName $
declare Traffic
{
declare RecvTraffic
{
uint64 BroadcastBytes 255907
uint64 BroadcastCount 2770
uint64 UnicastBytes 8212389
uint64 UnicastCount 8851
}
declare SendTraffic
{
uint64 BroadcastBytes 36772
uint64 BroadcastCount 288
uint64 UnicastBytes 657307
uint64 UnicastCount 5779
}
}
}
}
declare IPAccessControlList
{
}
declare UserList
{
declare XXXXXXXXXX
{
byte AuthNtLmSecureHash XXXXXXXXXX=
byte AuthPassword XXXXXXXXXX=
uint AuthType 1
uint64 CreatedTime 1648790523982
uint64 ExpireTime 0
string GroupName XXXXXXXXXX
uint64 LastLoginTime 1648840334233
string Note $
uint NumLogin 4
string RealName XXXXXXXXXX
uint64 UpdatedTime 1648790523982
declare Traffic
{
declare RecvTraffic
{
uint64 BroadcastBytes 255907
uint64 BroadcastCount 2770
uint64 UnicastBytes 8212389
uint64 UnicastCount 8851
}
declare SendTraffic
{
uint64 BroadcastBytes 36772
uint64 BroadcastCount 288
uint64 UnicastBytes 657307
uint64 UnicastCount 5779
}
}
}
}
}
declare Traffic
{
declare RecvTraffic
{
uint64 BroadcastBytes 3397539
uint64 BroadcastCount 37968
uint64 UnicastBytes 53131148725
uint64 UnicastCount 145964517
}
declare SendTraffic
{
uint64 BroadcastBytes 3596891
uint64 BroadcastCount 41005
uint64 UnicastBytes 27114181
uint64 UnicastCount 52708
}
}
}
}
declare VirtualLayer3SwitchList
{
}
declare VPNGate
{
string Abuse $
bool IsEnabled false
bool LogPermanent false
string Message $
bool NoLog false
string Owner XXXXXXXXXX
}
}
-
- Posts: 1228
- Joined: Sun Feb 14, 2021 10:31 am
Re: Browsing internet is not working as I expected
Connect the client and post the output of "netstat -r"
Is your remote server connected with a LAN cable or WiFi to the internet?
Is your remote server connected with a LAN cable or WiFi to the internet?
-
- Posts: 8
- Joined: Fri Apr 01, 2022 1:55 pm
Re: Browsing internet is not working as I expected
Computer is connected via LAN
Here's output of netstat:
Here's output of netstat:
Code: Select all
netstat -r
===========================================================================
Interface List
2...xx xx xx xx xx xx ......Realtek PCIe GbE Family Controller
31...........................VPN_36
7...00 ff 7d 49 43 21 ......TAP-Windows Adapter V9
8...00 50 56 c0 00 01 ......VMware Virtual Ethernet Adapter for VMnet1
18...00 50 56 c0 00 08 ......VMware Virtual Ethernet Adapter for VMnet8
1...........................Software Loopback Interface 1
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.192 4250
0.0.0.0 0.0.0.0 On-link 10.11.12.10 26
10.11.0.0 255.255.0.0 On-link 10.11.12.10 26
10.11.12.10 255.255.255.255 On-link 10.11.12.10 281
10.11.255.255 255.255.255.255 On-link 10.11.12.10 281
89.xx.xx.xx255.255.255.255 192.168.1.1 192.168.1.192 4251
127.0.0.0 255.0.0.0 On-link 127.0.0.1 4556
127.0.0.1 255.255.255.255 On-link 127.0.0.1 4556
127.255.255.255 255.255.255.255 On-link 127.0.0.1 4556
169.254.0.0 255.255.0.0 On-link 169.254.6.4 4516
169.254.0.0 255.255.0.0 On-link 169.254.217.177 4516
169.254.6.4 255.255.255.255 On-link 169.254.6.4 4516
169.254.217.177 255.255.255.255 On-link 169.254.217.177 4516
169.254.255.255 255.255.255.255 On-link 169.254.6.4 4516
169.254.255.255 255.255.255.255 On-link 169.254.217.177 4516
192.168.1.0 255.255.255.0 On-link 192.168.1.192 4506
192.168.1.192 255.255.255.255 On-link 192.168.1.192 4506
192.168.1.255 255.255.255.255 On-link 192.168.1.192 4506
224.0.0.0 240.0.0.0 On-link 127.0.0.1 4556
224.0.0.0 240.0.0.0 On-link 192.168.1.192 4506
224.0.0.0 240.0.0.0 On-link 169.254.217.177 4516
224.0.0.0 240.0.0.0 On-link 169.254.6.4 4516
224.0.0.0 240.0.0.0 On-link 10.11.12.10 26
255.255.255.255 255.255.255.255 On-link 127.0.0.1 4556
255.255.255.255 255.255.255.255 On-link 192.168.1.192 4506
255.255.255.255 255.255.255.255 On-link 169.254.217.177 4516
255.255.255.255 255.255.255.255 On-link 169.254.6.4 4516
255.255.255.255 255.255.255.255 On-link 10.11.12.10 281
===========================================================================
Persistent Routes:
None
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 331 ::1/128 On-link
2 281 fe80::/64 On-link
18 291 fe80::/64 On-link
8 291 fe80::/64 On-link
2 281 fe80::80ab:96c2:94c1:7bb2/128
On-link
8 291 fe80::8959:6ec7:3df8:604/128
On-link
18 291 fe80::cd47:d8e6:bbc0:d9b1/128
On-link
1 331 ff00::/8 On-link
2 281 ff00::/8 On-link
18 291 ff00::/8 On-link
8 291 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
-
- Posts: 1228
- Joined: Sun Feb 14, 2021 10:31 am
Re: Browsing internet is not working as I expected
On the client's vNIC switch from DHCP to static 10.11.12.10 and blank DG/DNS.
-
- Posts: 8
- Joined: Fri Apr 01, 2022 1:55 pm
Re: Browsing internet is not working as I expected
Is there no solution to make it work via DHCP?
-
- Posts: 1228
- Joined: Sun Feb 14, 2021 10:31 am
Re: Browsing internet is not working as I expected
Your client's PC networking is messed up, hence the workaround. There is no issue with SoftEther's vDHCP.
With DHCP you also could try:
SE Client - Advanced - No adjustments of routing table: ON
in the vNIC - Advanced - UNCHECK “Use default gateway on remote network”
tmp disable the "VMware Virtual Ethernet Adapters"
With DHCP you also could try:
SE Client - Advanced - No adjustments of routing table: ON
in the vNIC - Advanced - UNCHECK “Use default gateway on remote network”
tmp disable the "VMware Virtual Ethernet Adapters"
-
- Posts: 8
- Joined: Fri Apr 01, 2022 1:55 pm
Re: Browsing internet is not working as I expected
Many thanks solo.
Disabling “Use default gateway on remote network” did the trick.
Disabling “Use default gateway on remote network” did the trick.