Routing possible through an existing VPN tunnel?

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
jteverett
Posts: 1
Joined: Mon May 16, 2022 7:23 pm

Routing possible through an existing VPN tunnel?

Post by jteverett » Mon May 16, 2022 7:47 pm

I have successfully set up SoftEther VPN server on my Windows AD network (Location A), can connect to it with remote clients, get an IP from my DHCP server, and browse internal resources without any issue, except one. I have an existing VPN tunnel between Location A and a remote location (Location B), and am able to fully access shares and resources from within Location A. When I establish a SoftEther connection to Location A remotely, I cannot access those resources in Location B through that existing tunnel, nor ping anything through that existing tunnel. So there is something preventing the routing when I am connected to SoftEther VPN that works when I am physically internal at Location A. I'm not sure what configuration or component will need to be added to allow this, or IF my presumption that a successful connection to the SoftEther vpn server in Location A SHOULD be able to reach traffic through that pre-existing tunnel to Location B is correct. Any input would be appreciated. Will I need to install another SoftEther VPN server at Location B, bypassing the existing tunnel?

solo
Posts: 355
Joined: Sun Feb 14, 2021 10:31 am

Re: Routing possible through an existing VPN tunnel?

Post by solo » Mon May 16, 2022 10:37 pm

Try this:

- activate the A/B tunnel
- activate the SE eg-C/A tunnel
- review the route table on A
- on A enable IP forwarding
- on C apply a persistent static route to B
- on B apply a persistent static route to C

If unsure, post here formatted as code the output of "netstat -r" from A, B and C.

eddiewu
Posts: 253
Joined: Wed Nov 25, 2020 9:10 am

Re: Routing possible through an existing VPN tunnel?

Post by eddiewu » Tue May 17, 2022 2:39 am

Use secure Nat and secure dhcp setup instead of local bridge + existing dhcp server.
Then the vpn client becomes internal to softether and will use existing routes at A, saving you from doing IP forwarding and adding routes. The down side is the client will lose layer 2 connectivity. It’s not important if you only access remote resources via direct IP.

Post Reply