Unable to SSH into the Softher Ubuntu based VPN server
-
- Posts: 10
- Joined: Sat Apr 16, 2022 2:50 am
Unable to SSH into the Softher Ubuntu based VPN server
Hello there. I have set up the Softether VPN on a Ubuntu-based server for remote access as attached in the below diagram.
I am able to connect to the VPN server using Softether Windows or Linux client service from any remote location using the Public IP address. I get an IP address of 192.168.30.X from the VPN virtual interface. I can ping and SSH into all the devices such as Raspberry Pi and Server 2. I am unable to access the same server (Server 1) where my Softether VPN is installed. I can SSH into Server 1 from other devices but not with the VPN.
Kindly guide me is it a normal thing that you cannot log in to the device where Softether VPN is set up or does anything else need to be done to access it.
I am able to connect to the VPN server using Softether Windows or Linux client service from any remote location using the Public IP address. I get an IP address of 192.168.30.X from the VPN virtual interface. I can ping and SSH into all the devices such as Raspberry Pi and Server 2. I am unable to access the same server (Server 1) where my Softether VPN is installed. I can SSH into Server 1 from other devices but not with the VPN.
Kindly guide me is it a normal thing that you cannot log in to the device where Softether VPN is set up or does anything else need to be done to access it.
You do not have the required permissions to view the files attached to this post.
-
- Posts: 1286
- Joined: Sun Feb 14, 2021 10:31 am
Re: Unable to SSH into the Softher Ubuntu based VPN server
Workaround: TAP.If you are using Linux or Solaris, you can communicate within the Virtual Hub (VPN) from the network adapter connected to by the local bridge to the LAN, but you can not communicate to the network adapter itself. This is a restriction imposed by the Linux kernel.
-
- Posts: 10
- Joined: Sat Apr 16, 2022 2:50 am
Re: Unable to SSH into the Softher Ubuntu based VPN server
I am not sure about creating the local bridge. Using the documentation
- I have created two local bridges one with a "Bridge with a physical existing network adaptor" option and the second one with a "Bridge with a new tap device" to test the connectivity.
- Both are in "Operating" status as shown in the screenshot.
- I have used my Virtual Hub name: ---hub.
- LAN adaptors are eno2 and tap respectively.
- I am still unable to ping or SSH into the server.
Are there more steps that need to be done to connect to the VPN server (server1)?
- I have created two local bridges one with a "Bridge with a physical existing network adaptor" option and the second one with a "Bridge with a new tap device" to test the connectivity.
- Both are in "Operating" status as shown in the screenshot.
- I have used my Virtual Hub name: ---hub.
- LAN adaptors are eno2 and tap respectively.
- I am still unable to ping or SSH into the server.
Are there more steps that need to be done to connect to the VPN server (server1)?
You do not have the required permissions to view the files attached to this post.
-
- Posts: 1286
- Joined: Sun Feb 14, 2021 10:31 am
Re: Unable to SSH into the Softher Ubuntu based VPN server
One bridge in SoftEther and another in Linux.
Code: Select all
vHUB+++TAP+++
+
br0 (addr, promisc on)
+
NIC+++
-
- Posts: 10
- Joined: Sat Apr 16, 2022 2:50 am
Re: Unable to SSH into the Softher Ubuntu based VPN server
Do I need to remove one bridge? What do I need to do to make it work?
I am not sure do I need to paste this code into the vpn_server.config file?
I am not sure do I need to paste this code into the vpn_server.config file?
-
- Posts: 1286
- Joined: Sun Feb 14, 2021 10:31 am
Re: Unable to SSH into the Softher Ubuntu based VPN server
There are several steps involved, search for tap, tap_tap or tap_soft for instructions. But if all you want is to only SSH there on a different subnet, then here is a shortcut.
- keep your current SE bridges as they are
- add extra config
- reboot
- verify
- Win SE client
- Ubuntu
- keep your current SE bridges as they are
- add extra config
Code: Select all
nano vpnserver.service
...
ExecStartPost=/bin/sleep 3
ExecStartPost=/sbin/ip addr add 192.168.9.1/24 brd + dev tap_tap
...
- verify
Code: Select all
enp0s3 Link encap:Ethernet HWaddr 08:00:27:42:15:2f
inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe42:152f/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
tap_tap Link encap:Ethernet HWaddr 5e:64:73:42:b6:e1
inet addr:192.168.9.1 Bcast:192.168.9.255 Mask:255.255.255.0
inet6 addr: fe80::5c64:73ff:fe42:b6e1/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 10.0.2.2 0.0.0.0 UG 0 0 0 enp0s3
10.0.2.0 * 255.255.255.0 U 0 0 0 enp0s3
192.168.9.0 * 255.255.255.0 U 0 0 0 tap_tap
Code: Select all
Description . . . . . . . . . . . : VPN Client Adapter - VPN2
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.9.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
ping 192.168.9.1
Reply from 192.168.9.1: bytes=32 time=1ms TTL=64
Code: Select all
root@ubuntu:/# ping 192.168.9.2
64 bytes from 192.168.9.2: icmp_seq=1 ttl=128 time=0.677 ms
|---NIC (10.0.2.x)
vHUB
|---TAP (192.168.9.x)
-
- Posts: 10
- Joined: Sat Apr 16, 2022 2:50 am
Re: Unable to SSH into the Softher Ubuntu based VPN server
I have edited the config file as shown in the screenshot.
It is still not showing any IP address on the bridge interface. Am I doing it correctly?
It is still not showing any IP address on the bridge interface. Am I doing it correctly?
You do not have the required permissions to view the files attached to this post.
-
- Posts: 1286
- Joined: Sun Feb 14, 2021 10:31 am
Re: Unable to SSH into the Softher Ubuntu based VPN server
This mode of operation does not require a Linux bridge.
Try a SoftEther server on Windows OS. It has no kernel restriction and you could RDP or VNC to it effortlessly.
Try a SoftEther server on Windows OS. It has no kernel restriction and you could RDP or VNC to it effortlessly.
-
- Posts: 10
- Joined: Sat Apr 16, 2022 2:50 am
Re: Unable to SSH into the Softher Ubuntu based VPN server
I am restricted to a Linux server due to project requirements. If you kindly guide me in detail and I will be able to resolve these issues. Thanks for your help in advance:)
-
- Posts: 10
- Joined: Sat Apr 16, 2022 2:50 am
Re: Unable to SSH into the Softher Ubuntu based VPN server
I have seen a few tutorials but I am not sure if they serve the purpose?
https://tweenpath.net/softether-vps-local-bridge/
http://www.auxnet.org/index.php/the-new ... cal-bridge
https://tweenpath.net/softether-vps-local-bridge/
http://www.auxnet.org/index.php/the-new ... cal-bridge
-
- Posts: 10
- Joined: Sat Apr 16, 2022 2:50 am
Re: Unable to SSH into the Softher Ubuntu based VPN server
I can access the server physically and the GUI of the server if you can guide me in that regard it would be great.
-
- Posts: 2
- Joined: Fri May 06, 2022 8:13 pm
Re: Unable to SSH into the Softher Ubuntu based VPN server
Edit IP Settings
Open files with your favorite editor,
Add Usernames and Passwords
Enable network forwarding in /etc/sysctl.conf
use the following command to apply the change:
Open files with your favorite editor,
Code: Select all
nano /etc/pptpd.conflocalip 192.168.0.1
Code: Select all
remoteip 192.168.0.101-200 # Replace with your VPS IP
Code: Select all
nano /etc/ppp/chap-secrets
usernameForuser1 * setpassword1here *
Code: Select all
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
Code: Select all
sysctl -p
-
- Posts: 2
- Joined: Fri May 06, 2022 8:13 pm
Re: Unable to SSH into the Softher Ubuntu based VPN server
Configure routing and firewall :
If your OS is CentOS/RedHat 6 & CentOS/RedHat 7, using the flowing command for saving:
https://cloudzy.com/knowledge-base/inst ... er-on-vps/
Code: Select all
iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
iptables -A INPUT -i eth0 -p gre -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT
Code: Select all
service iptables save
service iptables restart
also you can read my source for more info :