Setup works but no connection to LAN servers possible

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
JAG
Posts: 9
Joined: Tue Apr 26, 2022 2:52 pm

Setup works but no connection to LAN servers possible

Post by JAG » Tue Apr 26, 2022 2:58 pm

Hi everyone,

I've just setup a Windows Server with Softether Server and a Windows Client with Softether client.
Then I setup a connection to the VPN server.
Connection from client works to VPN server. Status is connected. The Client got IP address from Virtual DHCP-server.
The client can ping server. The server can ping client.

So far so good.

What doesn't work is that if I ping or try to RDP servers in the LAN, after successfully being connected to the VPN server they cannot be pinged? What should I configure to enable this so that servers can be pinged?

Greetings, Alex

solo
Posts: 355
Joined: Sun Feb 14, 2021 10:31 am

Re: Setup works but no connection to LAN servers possible

Post by solo » Tue Apr 26, 2022 10:42 pm

JAG wrote:
Tue Apr 26, 2022 2:58 pm
The Client got IP address from Virtual DHCP-server.
The client can ping server. The server can ping client.
So far so good.
Just a moment, not so good actually. "Virtual DHCP-server" implies SecureNAT and in this networking scenario you have reported unbelievably successful pings. This miracle can only happen if you are running SoftEther server and client on the same PC. It is a truly useless test setup.

Going forward, while RDP over SecureNAT is doable, you will not like it. Please review Client PC unable to reach shared directory on Server PC for the reasons why not.

JAG
Posts: 9
Joined: Tue Apr 26, 2022 2:52 pm

Re: Setup works but no connection to LAN servers possible

Post by JAG » Wed Apr 27, 2022 6:35 am

Hi Solo,

Thanks for your reply.

Actually, it is a regular VPN server and VPN client setup. Server runs in a datacenter and client remotely connects from outside datacenter.
This is a setup that I've implemented at customers before. Also with (secure)NAT.

When there is no IP address pool configured, clients will get a APIPA address (169.254.x.x). This means that there is no DHCP server available or a connection can be made to a DHCP server. That's why a Virtual DHCP server comes into the game and gives a successfully connected client an IP address.
By enabling SecureNAT and the Virtual DHCP server a remotely connected PC gets an IP address from the configured IP pool. That's how VPN always has been working for sofar I know. That's also why the virtual DHCP server always is able to ping the client and vice versa. So, that's good and expected behavior.

The thing that's missing in my opinion is an route for the Virtual DHCP pool to be able to route the traffic from the VPN Virtual DHCP to the actual internal LAN. Adding this route unfortunately doesn't solve the problem.

solo
Posts: 355
Joined: Sun Feb 14, 2021 10:31 am

Re: Setup works but no connection to LAN servers possible

Post by solo » Wed Apr 27, 2022 8:23 am

Please post the output of "netstat -r" and "ipconfig /all" after VPN connection from both server and client, and paste them as code. Also include a log of pings to client/server. For example:

Code: Select all

ipconfig /all

Ethernet adapter VPN - VPN Client:
        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : VPN Client Adapter - VPN
        Physical Address. . . . . . . . . : 5E-D4-B1-2F-81-01
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 192.168.30.10
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . :
        DHCP Server . . . . . . . . . . . : 192.168.30.1

netstat -r

Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.2.2       10.0.2.15       20
         10.0.2.0    255.255.255.0        10.0.2.15       10.0.2.15       20
        10.0.2.15  255.255.255.255        127.0.0.1       127.0.0.1       20
   10.255.255.255  255.255.255.255        10.0.2.15       10.0.2.15       20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1
    130.158.6.107  255.255.255.255         10.0.2.2       10.0.2.15       20
     192.168.30.0    255.255.255.0    192.168.30.10   192.168.30.10       1
    192.168.30.10  255.255.255.255        127.0.0.1       127.0.0.1       1
   192.168.30.255  255.255.255.255    192.168.30.10   192.168.30.10       1
        224.0.0.0        240.0.0.0        10.0.2.15       10.0.2.15       20
        224.0.0.0        240.0.0.0    192.168.30.10   192.168.30.10       1
  255.255.255.255  255.255.255.255        10.0.2.15       10.0.2.15       1
  255.255.255.255  255.255.255.255    192.168.30.10   192.168.30.10       1
Default Gateway:          10.0.2.2

ping 192.168.30.10
Pinging 192.168.30.10 with 32 bytes of data:
Reply from 192.168.30.10: bytes=32 time<1ms TTL=128
Reply from 192.168.30.10: bytes=32 time<1ms TTL=128
Reply from 192.168.30.10: bytes=32 time<1ms TTL=128

ping 192.168.30.1
Pinging 192.168.30.1 with 32 bytes of data:
Reply from 192.168.30.1: bytes=32 time<1ms TTL=128
Reply from 192.168.30.1: bytes=32 time<1ms TTL=128
Reply from 192.168.30.1: bytes=32 time<1ms TTL=128

solo
Posts: 355
Joined: Sun Feb 14, 2021 10:31 am

Re: Setup works but no connection to LAN servers possible

Post by solo » Wed Apr 27, 2022 10:25 am

While waiting for your logs I realized that yet another network topology, as bad and unthinkable as SE client/server on the same PC, can produce the results you described. Have you enabled both local bridge and SecureNAT/vDHCP? If so, there is no way it could possibly work, choose one or the other.

SecureNAT in this context refers to the "Virtual NAT Function".

JAG
Posts: 9
Joined: Tue Apr 26, 2022 2:52 pm

Re: Setup works but no connection to LAN servers possible

Post by JAG » Wed Apr 27, 2022 12:09 pm

Code: Select all

C:\Users\jag>ping 192.168.178.230

Pinging 192.168.178.230 with 32 bytes of data:
Reply from 192.168.178.230: bytes=32 time=2ms TTL=128
Reply from 192.168.178.230: bytes=32 time=3ms TTL=128
Reply from 192.168.178.230: bytes=32 time=3ms TTL=128
Reply from 192.168.178.230: bytes=32 time=2ms TTL=128

Ping statistics for 192.168.178.230:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 2ms, Maximum = 3ms, Average = 2ms

C:\Users\jag>netstat -r
===========================================================================
Interface List
53...5e d2 db 1c 6c 60 ......VPN Client Adapter - VPN
  6...f4 a4 75 f9 34 28 ......Microsoft Wi-Fi Direct Virtual Adapter
  2...f6 a4 75 f9 34 27 ......Microsoft Wi-Fi Direct Virtual Adapter #2
19...f4 a4 75 f9 34 27 ......Intel(R) Wi-Fi 6 AX201 160MHz
20...f4 a4 75 f9 34 2b ......Bluetooth Device (Personal Area Network)
  1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.178.1   192.168.178.75     50
   89.101.251.228  255.255.255.255    192.168.178.1   192.168.178.75     50
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
     130.158.6.75  255.255.255.255    192.168.178.1   192.168.178.75     50
    192.168.178.0    255.255.255.0         On-link    192.168.178.75    306
    192.168.178.0    255.255.255.0         On-link   192.168.178.231    257
   192.168.178.75  255.255.255.255         On-link    192.168.178.75    306
  192.168.178.231  255.255.255.255         On-link   192.168.178.231    257
  192.168.178.255  255.255.255.255         On-link    192.168.178.75    306
  192.168.178.255  255.255.255.255         On-link   192.168.178.231    257
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link    192.168.178.75    306
        224.0.0.0        240.0.0.0         On-link   192.168.178.231    257
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link    192.168.178.75    306
  255.255.255.255  255.255.255.255         On-link   192.168.178.231    257
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination      Gateway
19    306 ::/0                     fe80::4ad3:43ff:fec9:2870
  1    331 ::1/128                  On-link
19    306 2001:1c01:43c4:8800::/64 On-link
19    306 2001:1c01:43c4:8800:309d:8ce3:344f:4fd3/128
                                    On-link
19    306 2001:1c01:43c4:8800:899e:19f0:a648:f45a/128
                                    On-link
19    306 fe80::/64                On-link
53    291 fe80::/64                On-link
53    291 fe80::204f:9ce6:2c7c:fb18/128
                                    On-link
19    306 fe80::309d:8ce3:344f:4fd3/128
                                    On-link
  1    331 ff00::/8                 On-link
19    306 ff00::/8                 On-link
53    291 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

C:\Users\jagor>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : ALEXWORK03
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : prdlab.nl

Unknown adapter VPN - VPN Client:

   Connection-specific DNS Suffix  . : prdlab.nl
   Description . . . . . . . . . . . : VPN Client Adapter - VPN
   Physical Address. . . . . . . . . : 5E-D2-DB-1C-6C-60
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::204f:9ce6:2c7c:fb18%53(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.178.231(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : woensdag 27 april 2022 08:46:06
   Lease Expires . . . . . . . . . . : woensdag 27 april 2022 15:46:49
   Default Gateway . . . . . . . . . :
   DHCP Server . . . . . . . . . . . : 192.168.178.230
   DHCPv6 IAID . . . . . . . . . . . : 895406811
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-29-42-11-38-3C-18-A0-19-1F-EC
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter LAN-verbinding* 1:

   Media State . . . . . . . . . . . : Media disconnected
  Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : F4-A4-75-F9-34-28
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter LAN-verbinding* 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #2
   Physical Address. . . . . . . . . : F6-A4-75-F9-34-27
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) Wi-Fi 6 AX201 160MHz
   Physical Address. . . . . . . . . : F4-A4-75-F9-34-27
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:1c01:43c4:8800:309d:8ce3:344f:4fd3(Preferred)
   Temporary IPv6 Address. . . . . . : 2001:1c01:43c4:8800:899e:19f0:a648:f45a(Preferred)
   Link-local IPv6 Address . . . . . : fe80::309d:8ce3:344f:4fd3%19(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.178.75(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : woensdag 27 april 2022 08:45:29
   Lease Expires . . . . . . . . . . : woensdag 27 april 2022 15:03:24
  Default Gateway . . . . . . . . . : fe80::4ad3:43ff:fec9:2870%19
                                       192.168.178.1
   DHCP Server . . . . . . . . . . . : 192.168.178.1
   DHCPv6 IAID . . . . . . . . . . . : 200582261
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-29-42-11-38-3C-18-A0-19-1F-EC
   DNS Servers . . . . . . . . . . . : 2001:b88:1002::10
                                       2001:b88:1202::10
                                       2001:730:3e42:1000::53
                                       89.101.251.228
                                       89.101.251.229
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Bluetooth-netwerkverbinding:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : F4-A4-75-F9-34-2B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

C:\Users\jag>

JAG
Posts: 9
Joined: Tue Apr 26, 2022 2:52 pm

Re: Setup works but no connection to LAN servers possible

Post by JAG » Wed Apr 27, 2022 12:18 pm

And now from the server:

Code: Select all

Microsoft Windows [Version 10.0.20348.405]
(c) Microsoft Corporation. All rights reserved.

C:\Users\administrator.prdlab>netstat -r
===========================================================================
Interface List
  9...00 50 56 89 9c cd ......vmxnet3 Ethernet Adapter
  1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.178.1  192.168.178.106    271
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
    192.168.178.0    255.255.255.0         On-link   192.168.178.106    271
  192.168.178.106  255.255.255.255         On-link   192.168.178.106    271
  192.168.178.255  255.255.255.255         On-link   192.168.178.106    271
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link   192.168.178.106    271
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link   192.168.178.106    271
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0    192.168.178.1  Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    331 ::1/128                  On-link
  1    331 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

C:\Users\administrator.prdlab>ipconfig/all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : MT01
   Primary Dns Suffix  . . . . . . . : prdlab.nl
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : prdlab.nl

Ethernet adapter Ethernet0:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : vmxnet3 Ethernet Adapter
   Physical Address. . . . . . . . . : 00-50-56-89-9C-CD
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.178.106(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.178.1
   DNS Servers . . . . . . . . . . . : 192.168.178.220
                                       192.168.178.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

C:\Users\administrator.prdlab>ping 192.168.178.1.231
Ping request could not find host 192.168.178.1.231. Please check the name and try again.

C:\Users\administrator.prdlab>ping 192.168.178.230

Pinging 192.168.178.230 with 32 bytes of data:
Reply from 192.168.178.230: bytes=32 time<1ms TTL=128
Reply from 192.168.178.230: bytes=32 time<1ms TTL=128
Reply from 192.168.178.230: bytes=32 time<1ms TTL=128
Reply from 192.168.178.230: bytes=32 time<1ms TTL=128

Ping statistics for 192.168.178.230:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms

C:\Users\administrator.prdlab>

solo
Posts: 355
Joined: Sun Feb 14, 2021 10:31 am

Re: Setup works but no connection to LAN servers possible

Post by solo » Wed Apr 27, 2022 1:30 pm

Alex, your SE client seems to connect via WiFi to the same LAN as the SE server. Can you connect it on a different network, eg a hotspot on your cell phone and repeat the ping tests?

Btw there is a typo error "Ping request could not find host 192.168.178.1.231."

Again, have you enabled both local bridge and SecureNAT/vDHCP?

JAG
Posts: 9
Joined: Tue Apr 26, 2022 2:52 pm

Re: Setup works but no connection to LAN servers possible

Post by JAG » Wed Apr 27, 2022 1:57 pm

Yes, I have not enabled local bridge on the VPN server and enabled SecureNAT/vDHCP.

JAG
Posts: 9
Joined: Tue Apr 26, 2022 2:52 pm

Re: Setup works but no connection to LAN servers possible

Post by JAG » Wed Apr 27, 2022 2:07 pm

From client (connected through 4G):

Code: Select all

C:\Users\jag>ping 192.168.178.230

Pinging 192.168.178.230 with 32 bytes of data:
Reply from 192.168.178.230: bytes=32 time=119ms TTL=128
Reply from 192.168.178.230: bytes=32 time=71ms TTL=128
Reply from 192.168.178.230: bytes=32 time=80ms TTL=128
Reply from 192.168.178.230: bytes=32 time=91ms TTL=128

Ping statistics for 192.168.178.230:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 71ms, Maximum = 119ms, Average = 90ms

C:\Users\jag>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : ALEXWORK03
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : prdlab.nl

Unknown adapter VPN - VPN Client:

   Connection-specific DNS Suffix  . : prdlab.nl
   Description . . . . . . . . . . . : VPN Client Adapter - VPN
   Physical Address. . . . . . . . . : 5E-D2-DB-1C-6C-60
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::204f:9ce6:2c7c:fb18%53(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.178.231(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : woensdag 27 april 2022 16:04:39
   Lease Expires . . . . . . . . . . : woensdag 27 april 2022 18:04:39
   Default Gateway . . . . . . . . . :
   DHCP Server . . . . . . . . . . . : 192.168.178.230
   DHCPv6 IAID . . . . . . . . . . . : 895406811
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-29-42-11-38-3C-18-A0-19-1F-EC
   DNS Servers . . . . . . . . . . . : 192.168.178.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter LAN-verbinding* 1:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : F4-A4-75-F9-34-28
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter LAN-verbinding* 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #2
   Physical Address. . . . . . . . . : F6-A4-75-F9-34-27
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) Wi-Fi 6 AX201 160MHz
   Physical Address. . . . . . . . . : F4-A4-75-F9-34-27
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2a02:a420:6:1f02:309d:8ce3:344f:4fd3(Preferred)
   Temporary IPv6 Address. . . . . . : 2a02:a420:6:1f02:44d5:3d5b:cf4c:b7e8(Preferred)
   Link-local IPv6 Address . . . . . : fe80::309d:8ce3:344f:4fd3%19(Preferred)
   IPv4 Address. . . . . . . . . . . : 172.20.10.6(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.240
   Lease Obtained. . . . . . . . . . : woensdag 27 april 2022 15:59:32
   Lease Expires . . . . . . . . . . : donderdag 28 april 2022 15:59:32
   Default Gateway . . . . . . . . . : fe80::4c20:b8ff:fe9d:9664%19
                                       172.20.10.1
   DHCP Server . . . . . . . . . . . : 172.20.10.1
   DHCPv6 IAID . . . . . . . . . . . : 200582261
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-29-42-11-38-3C-18-A0-19-1F-EC
   DNS Servers . . . . . . . . . . . : fe80::4c20:b8ff:fe9d:9664%19
                                       172.20.10.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Bluetooth-netwerkverbinding:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : F4-A4-75-F9-34-2B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

C:\Users\jag>netstat -r
===========================================================================
Interface List
53...5e d2 db 1c 6c 60 ......VPN Client Adapter - VPN
  6...f4 a4 75 f9 34 28 ......Microsoft Wi-Fi Direct Virtual Adapter
  2...f6 a4 75 f9 34 27 ......Microsoft Wi-Fi Direct Virtual Adapter #2
19...f4 a4 75 f9 34 27 ......Intel(R) Wi-Fi 6 AX201 160MHz
20...f4 a4 75 f9 34 2b ......Bluetooth Device (Personal Area Network)
  1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      172.20.10.1      172.20.10.6     50
    80.115.26.165  255.255.255.255      172.20.10.1      172.20.10.6     50
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
     130.158.6.75  255.255.255.255      172.20.10.1      172.20.10.6     50
      172.20.10.0  255.255.255.240         On-link       172.20.10.6    306
      172.20.10.6  255.255.255.255         On-link       172.20.10.6    306
     172.20.10.15  255.255.255.255         On-link       172.20.10.6    306
    192.168.178.0    255.255.255.0         On-link   192.168.178.231    257
  192.168.178.231  255.255.255.255         On-link   192.168.178.231    257
  192.168.178.255  255.255.255.255         On-link   192.168.178.231    257
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link       172.20.10.6    306
        224.0.0.0        240.0.0.0         On-link   192.168.178.231    257
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link       172.20.10.6    306
  255.255.255.255  255.255.255.255         On-link   192.168.178.231    257
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination      Gateway
19    306 ::/0                     fe80::4c20:b8ff:fe9d:9664
  1    331 ::1/128                  On-link
19    306 2a02:a420:6:1f02::/64    On-link
19    306 2a02:a420:6:1f02:309d:8ce3:344f:4fd3/128
                                    On-link
19    306 2a02:a420:6:1f02:44d5:3d5b:cf4c:b7e8/128
                                    On-link
19    306 fe80::/64                On-link
53    291 fe80::/64                On-link
53    291 fe80::204f:9ce6:2c7c:fb18/128
                                    On-link
19    306 fe80::309d:8ce3:344f:4fd3/128
                                    On-link
  1    331 ff00::/8                 On-link
19    306 ff00::/8                 On-link
53    291 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

C:\Users\jag>


JAG
Posts: 9
Joined: Tue Apr 26, 2022 2:52 pm

Re: Setup works but no connection to LAN servers possible

Post by JAG » Wed Apr 27, 2022 2:10 pm

From server:

Code: Select all

Microsoft Windows [Version 10.0.20348.405]
(c) Microsoft Corporation. All rights reserved.

C:\Users\administrator.prdlab>ping 192.168.178.231

Pinging 192.168.178.231 with 32 bytes of data:
Request timed out.
Request timed out.
Reply from 192.168.178.106: Destination host unreachable.
Reply from 192.168.178.106: Destination host unreachable.

Ping statistics for 192.168.178.231:
    Packets: Sent = 4, Received = 2, Lost = 2 (50% loss),

C:\Users\administrator.prdlab>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : MT01
   Primary Dns Suffix  . . . . . . . : prdlab.nl
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : prdlab.nl

Ethernet adapter Ethernet0:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : vmxnet3 Ethernet Adapter
   Physical Address. . . . . . . . . : 00-50-56-89-9C-CD
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.178.106(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.178.1
   DNS Servers . . . . . . . . . . . : 192.168.178.220
                                       192.168.178.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

C:\Users\administrator.prdlab>netstat -r
===========================================================================
Interface List
  9...00 50 56 89 9c cd ......vmxnet3 Ethernet Adapter
  1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.178.1  192.168.178.106    271
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
    192.168.178.0    255.255.255.0         On-link   192.168.178.106    271
  192.168.178.106  255.255.255.255         On-link   192.168.178.106    271
  192.168.178.255  255.255.255.255         On-link   192.168.178.106    271
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link   192.168.178.106    271
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link   192.168.178.106    271
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0    192.168.178.1  Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    331 ::1/128                  On-link
  1    331 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

C:\Users\administrator.prdlab>

solo
Posts: 355
Joined: Sun Feb 14, 2021 10:31 am

Re: Setup works but no connection to LAN servers possible

Post by solo » Wed Apr 27, 2022 8:45 pm

Thank you. As you can see "the server can ping client" is not true on SecureNAT when the VPN LAN loop is removed and a real remote connection is established. Now we can consider your VPN objectives.

If all you want is "to RDP servers in the LAN" then do this:
- restore the default SecureNAT config (vDHCP 192.168.30.x, vNAT on, etc.)
- connect a SE client
- RDP to a LAN address 192.168.178.x

If you actually need the server to ping clients then we can accomplish it a different net config.

andrewwilliams
Posts: 1
Joined: Thu Apr 28, 2022 4:35 am
Location: India
Contact:

Re: Setup works but no connection to LAN servers possible

Post by andrewwilliams » Thu Apr 28, 2022 4:56 am

I am also facing the same issue.

eddiewu
Posts: 253
Joined: Wed Nov 25, 2020 9:10 am

Re: Setup works but no connection to LAN servers possible

Post by eddiewu » Thu Apr 28, 2022 5:20 am

This is the expected behavior. You didn't specify your situation in the right way so people were frustrated to understand. Your problem is to access the client-side network from the server.
SecureNAT is one-way from client to server.
To realise two-way access. You need a local bridge on the server side instead of secureNAT.
If there are more than 1 device on the client-side you would like the server to access, install SE bridge instead of SE client and setup a local bridge on the client side as well.

JAG
Posts: 9
Joined: Tue Apr 26, 2022 2:52 pm

Re: Setup works but no connection to LAN servers possible

Post by JAG » Thu Apr 28, 2022 8:29 am

Thank you solo! That worked. Just recreating as you specified. With default settings. The problem was that I had the same ip address range in which the servers reside, so routing did not work as we wanted. Now it does. Thabk again solo!

JAG
Posts: 9
Joined: Tue Apr 26, 2022 2:52 pm

Re: Setup works but no connection to LAN servers possible

Post by JAG » Thu Apr 28, 2022 8:29 am

Thank you solo! That worked. Just recreating as you specified. With default settings. The problem was that I had the same ip address range in which the servers reside, so routing did not work as we wanted. Now it does. Thabk again solo!

Post Reply