Unable to SSH into the Softher Ubuntu based VPN server

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
wahabqurashi
Posts: 10
Joined: Sat Apr 16, 2022 2:50 am

Unable to SSH into the Softher Ubuntu based VPN server

Post by wahabqurashi » Mon Apr 18, 2022 9:00 pm

Hello there. I have set up the Softether VPN on a Ubuntu-based server for remote access as attached in the below diagram.
softehtervpn.png
I am able to connect to the VPN server using Softether Windows or Linux client service from any remote location using the Public IP address. I get an IP address of 192.168.30.X from the VPN virtual interface. I can ping and SSH into all the devices such as Raspberry Pi and Server 2. I am unable to access the same server (Server 1) where my Softether VPN is installed. I can SSH into Server 1 from other devices but not with the VPN.

Kindly guide me is it a normal thing that you cannot log in to the device where Softether VPN is set up or does anything else need to be done to access it.
You do not have the required permissions to view the files attached to this post.

solo
Posts: 1228
Joined: Sun Feb 14, 2021 10:31 am

Re: Unable to SSH into the Softher Ubuntu based VPN server

Post by solo » Tue Apr 19, 2022 1:50 am

If you are using Linux or Solaris, you can communicate within the Virtual Hub (VPN) from the network adapter connected to by the local bridge to the LAN, but you can not communicate to the network adapter itself. This is a restriction imposed by the Linux kernel.
Workaround: TAP.

wahabqurashi
Posts: 10
Joined: Sat Apr 16, 2022 2:50 am

Re: Unable to SSH into the Softher Ubuntu based VPN server

Post by wahabqurashi » Tue Apr 19, 2022 10:49 am

I am not sure about creating the local bridge. Using the documentation
- I have created two local bridges one with a "Bridge with a physical existing network adaptor" option and the second one with a "Bridge with a new tap device" to test the connectivity.
- Both are in "Operating" status as shown in the screenshot.
- I have used my Virtual Hub name: ---hub.
- LAN adaptors are eno2 and tap respectively.
- I am still unable to ping or SSH into the server.

Are there more steps that need to be done to connect to the VPN server (server1)?
You do not have the required permissions to view the files attached to this post.

solo
Posts: 1228
Joined: Sun Feb 14, 2021 10:31 am

Re: Unable to SSH into the Softher Ubuntu based VPN server

Post by solo » Tue Apr 19, 2022 1:14 pm

One bridge in SoftEther and another in Linux.

Code: Select all

  vHUB+++TAP+++
              +
             br0 (addr, promisc on)
              +
         NIC+++

wahabqurashi
Posts: 10
Joined: Sat Apr 16, 2022 2:50 am

Re: Unable to SSH into the Softher Ubuntu based VPN server

Post by wahabqurashi » Tue Apr 19, 2022 1:18 pm

Do I need to remove one bridge? What do I need to do to make it work?

I am not sure do I need to paste this code into the vpn_server.config file?

solo
Posts: 1228
Joined: Sun Feb 14, 2021 10:31 am

Re: Unable to SSH into the Softher Ubuntu based VPN server

Post by solo » Wed Apr 20, 2022 12:34 am

There are several steps involved, search for tap, tap_tap or tap_soft for instructions. But if all you want is to only SSH there on a different subnet, then here is a shortcut.

- keep your current SE bridges as they are
- add extra config

Code: Select all

nano vpnserver.service
...
ExecStartPost=/bin/sleep 3
ExecStartPost=/sbin/ip addr add 192.168.9.1/24 brd + dev tap_tap
...
- reboot
- verify

Code: Select all

enp0s3    Link encap:Ethernet  HWaddr 08:00:27:42:15:2f
          inet addr:10.0.2.15  Bcast:10.0.2.255  Mask:255.255.255.0
          inet6 addr: fe80::a00:27ff:fe42:152f/64 Scope:Link
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1

tap_tap   Link encap:Ethernet  HWaddr 5e:64:73:42:b6:e1
          inet addr:192.168.9.1  Bcast:192.168.9.255  Mask:255.255.255.0
          inet6 addr: fe80::5c64:73ff:fe42:b6e1/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         10.0.2.2        0.0.0.0         UG    0      0        0 enp0s3
10.0.2.0        *               255.255.255.0   U     0      0        0 enp0s3
192.168.9.0     *               255.255.255.0   U     0      0        0 tap_tap
- Win SE client

Code: Select all

        Description . . . . . . . . . . . : VPN Client Adapter - VPN2
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.9.2
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . :

ping 192.168.9.1
Reply from 192.168.9.1: bytes=32 time=1ms TTL=64
- Ubuntu

Code: Select all

root@ubuntu:/# ping 192.168.9.2
64 bytes from 192.168.9.2: icmp_seq=1 ttl=128 time=0.677 ms

    |---NIC (10.0.2.x)
  vHUB 
    |---TAP (192.168.9.x)


wahabqurashi
Posts: 10
Joined: Sat Apr 16, 2022 2:50 am

Re: Unable to SSH into the Softher Ubuntu based VPN server

Post by wahabqurashi » Wed Apr 20, 2022 9:12 am

I have edited the config file as shown in the screenshot.
configs.jpg

It is still not showing any IP address on the bridge interface. Am I doing it correctly?
You do not have the required permissions to view the files attached to this post.

solo
Posts: 1228
Joined: Sun Feb 14, 2021 10:31 am

Re: Unable to SSH into the Softher Ubuntu based VPN server

Post by solo » Wed Apr 20, 2022 9:40 am

This mode of operation does not require a Linux bridge.

Try a SoftEther server on Windows OS. It has no kernel restriction and you could RDP or VNC to it effortlessly.

wahabqurashi
Posts: 10
Joined: Sat Apr 16, 2022 2:50 am

Re: Unable to SSH into the Softher Ubuntu based VPN server

Post by wahabqurashi » Wed Apr 20, 2022 12:06 pm

I am restricted to a Linux server due to project requirements. If you kindly guide me in detail and I will be able to resolve these issues. Thanks for your help in advance:)

wahabqurashi
Posts: 10
Joined: Sat Apr 16, 2022 2:50 am

Re: Unable to SSH into the Softher Ubuntu based VPN server

Post by wahabqurashi » Wed Apr 20, 2022 12:56 pm

I have seen a few tutorials but I am not sure if they serve the purpose?
https://tweenpath.net/softether-vps-local-bridge/
http://www.auxnet.org/index.php/the-new ... cal-bridge

wahabqurashi
Posts: 10
Joined: Sat Apr 16, 2022 2:50 am

Re: Unable to SSH into the Softher Ubuntu based VPN server

Post by wahabqurashi » Wed Apr 20, 2022 3:31 pm

I can access the server physically and the GUI of the server if you can guide me in that regard it would be great.

alizaza
Posts: 2
Joined: Fri May 06, 2022 8:13 pm

Re: Unable to SSH into the Softher Ubuntu based VPN server

Post by alizaza » Fri May 06, 2022 8:16 pm

Edit IP Settings
Open files with your favorite editor,

Code: Select all

nano /etc/pptpd.conflocalip 192.168.0.1   

Code: Select all

remoteip 192.168.0.101-200 # Replace with your VPS IP 
Add Usernames and Passwords

Code: Select all

nano /etc/ppp/chap-secrets

usernameForuser1 *  setpassword1here  *
Enable network forwarding in /etc/sysctl.conf

Code: Select all

echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
use the following command to apply the change:

Code: Select all

sysctl -p

alizaza
Posts: 2
Joined: Fri May 06, 2022 8:13 pm

Re: Unable to SSH into the Softher Ubuntu based VPN server

Post by alizaza » Sat May 07, 2022 6:56 am

Configure routing and firewall :

Code: Select all

iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
iptables -A INPUT -i eth0 -p gre -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT
If your OS is CentOS/RedHat 6 & CentOS/RedHat 7, using the flowing command for saving:

Code: Select all

service iptables save
service iptables restart
also you can read my source for more info :
https://cloudzy.com/knowledge-base/inst ... er-on-vps/

Post Reply