Page 1 of 1
Unable to SSH into the Softher Ubuntu based VPN server
Posted: Mon Apr 18, 2022 9:00 pm
by wahabqurashi
Hello there. I have set up the Softether VPN on a Ubuntu-based server for remote access as attached in the below diagram.
softehtervpn.png
I am able to connect to the VPN server using Softether Windows or Linux client service from any remote location using the Public IP address. I get an IP address of 192.168.30.X from the VPN virtual interface. I can
ping and
SSH into all the devices such as
Raspberry Pi and
Server 2. I am unable to access the same server
(Server 1) where my Softether VPN is installed. I can SSH into
Server 1 from other devices but not with the VPN.
Kindly guide me is it a normal thing that you cannot log in to the device where Softether VPN is set up or does anything else need to be done to access it.
Re: Unable to SSH into the Softher Ubuntu based VPN server
Posted: Tue Apr 19, 2022 1:50 am
by solo
If you are using Linux or Solaris, you can communicate within the Virtual Hub (VPN) from the network adapter connected to by the local bridge to the LAN, but you can not communicate to the network adapter itself. This is a
restriction imposed by the Linux kernel.
Workaround: TAP.
Re: Unable to SSH into the Softher Ubuntu based VPN server
Posted: Tue Apr 19, 2022 10:49 am
by wahabqurashi
I am not sure about creating the local bridge. Using the documentation
- I have created two local bridges one with a "Bridge with a physical existing network adaptor" option and the second one with a "Bridge with a new tap device" to test the connectivity.
- Both are in "Operating" status as shown in the screenshot.
- I have used my Virtual Hub name: ---hub.
- LAN adaptors are eno2 and tap respectively.
- I am still unable to ping or SSH into the server.
Are there more steps that need to be done to connect to the VPN server (server1)?
Re: Unable to SSH into the Softher Ubuntu based VPN server
Posted: Tue Apr 19, 2022 1:14 pm
by solo
One bridge in SoftEther and another in Linux.
Code: Select all
vHUB+++TAP+++
+
br0 (addr, promisc on)
+
NIC+++
Re: Unable to SSH into the Softher Ubuntu based VPN server
Posted: Tue Apr 19, 2022 1:18 pm
by wahabqurashi
Do I need to remove one bridge? What do I need to do to make it work?
I am not sure do I need to paste this code into the vpn_server.config file?
Re: Unable to SSH into the Softher Ubuntu based VPN server
Posted: Wed Apr 20, 2022 12:34 am
by solo
There are several steps involved, search for tap, tap_tap or tap_soft for instructions. But if all you want is to only SSH there
on a different subnet, then here is a shortcut.
- keep your current SE bridges as they are
- add extra config
Code: Select all
nano vpnserver.service
...
ExecStartPost=/bin/sleep 3
ExecStartPost=/sbin/ip addr add 192.168.9.1/24 brd + dev tap_tap
...
- reboot
- verify
Code: Select all
enp0s3 Link encap:Ethernet HWaddr 08:00:27:42:15:2f
inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe42:152f/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
tap_tap Link encap:Ethernet HWaddr 5e:64:73:42:b6:e1
inet addr:192.168.9.1 Bcast:192.168.9.255 Mask:255.255.255.0
inet6 addr: fe80::5c64:73ff:fe42:b6e1/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 10.0.2.2 0.0.0.0 UG 0 0 0 enp0s3
10.0.2.0 * 255.255.255.0 U 0 0 0 enp0s3
192.168.9.0 * 255.255.255.0 U 0 0 0 tap_tap
- Win SE client
Code: Select all
Description . . . . . . . . . . . : VPN Client Adapter - VPN2
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.9.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
ping 192.168.9.1
Reply from 192.168.9.1: bytes=32 time=1ms TTL=64
- Ubuntu
Code: Select all
root@ubuntu:/# ping 192.168.9.2
64 bytes from 192.168.9.2: icmp_seq=1 ttl=128 time=0.677 ms
|---NIC (10.0.2.x)
vHUB
|---TAP (192.168.9.x)
Re: Unable to SSH into the Softher Ubuntu based VPN server
Posted: Wed Apr 20, 2022 9:12 am
by wahabqurashi
I have edited the config file as shown in the screenshot.
configs.jpg
It is still not showing any IP address on the bridge interface. Am I doing it correctly?
Re: Unable to SSH into the Softher Ubuntu based VPN server
Posted: Wed Apr 20, 2022 9:40 am
by solo
This mode of operation does not require a Linux bridge.
Try a SoftEther server on Windows OS. It has no kernel restriction and you could RDP or VNC to it effortlessly.
Re: Unable to SSH into the Softher Ubuntu based VPN server
Posted: Wed Apr 20, 2022 12:06 pm
by wahabqurashi
I am restricted to a Linux server due to project requirements. If you kindly guide me in detail and I will be able to resolve these issues. Thanks for your help in advance:)
Re: Unable to SSH into the Softher Ubuntu based VPN server
Posted: Wed Apr 20, 2022 12:56 pm
by wahabqurashi
Re: Unable to SSH into the Softher Ubuntu based VPN server
Posted: Wed Apr 20, 2022 3:31 pm
by wahabqurashi
I can access the server physically and the GUI of the server if you can guide me in that regard it would be great.
Re: Unable to SSH into the Softher Ubuntu based VPN server
Posted: Fri May 06, 2022 8:16 pm
by alizaza
Edit IP Settings
Open files with your favorite editor,
Code: Select all
nano /etc/pptpd.conflocalip 192.168.0.1
Code: Select all
remoteip 192.168.0.101-200 # Replace with your VPS IP
Add Usernames and Passwords
Code: Select all
nano /etc/ppp/chap-secrets
usernameForuser1 * setpassword1here *
Enable network forwarding in /etc/sysctl.conf
Code: Select all
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
use the following command to apply the change:
Re: Unable to SSH into the Softher Ubuntu based VPN server
Posted: Sat May 07, 2022 6:56 am
by alizaza
Configure routing and firewall :
Code: Select all
iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
iptables -A INPUT -i eth0 -p gre -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT
If your OS is CentOS/RedHat 6 & CentOS/RedHat 7, using the flowing command for saving:
Code: Select all
service iptables save
service iptables restart
also you can read my source for more info :
https://cloudzy.com/knowledge-base/inst ... er-on-vps/