Can't connect server from macOS

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
particlefeever
Posts: 9
Joined: Thu Mar 31, 2022 7:37 pm

Can't connect server from macOS

Post by particlefeever » Wed Jun 01, 2022 9:46 pm

I have installed SoftEther in one PC of a LAN in an office in order to be able to work inside that LAN remotely (in fact, from another city).

The main objective is to use Windows Remote Desktop to perform maintenance without have to travel. I have succeed thought port redirection but I was informed this is a bad practice, unsafe, and got several cons, as the need of one port to each equipment. So I decided to try SoftEther to get inside the LAN.

O SoftEther was installed in Windows 11. The router is brand Askey and don't have a preset for SoftEther in "games" section, so I did add manually ports 500:500 and 4500:4500 both UDP for any:any IP. It seems all OK, there is no error messages. The hub seems to be online.

In macOS (12.3.1) I did add VPN service in Network section of Preferences. The answer is always this: the L2TP-VPN server did not respond. I also tried to add Azure service but the authentication available is password only, and my server is configured to user-password. I have downloaded the Azure client from App Store, but got stuck in Certification part, it won't accept the key, it says the key needs to have 512 characters, but I have only the key provided by SoftEther app...

Thought you might want, for a start, further information, but I don't know where to find some error log, if any, or how to debug this error. Any ideas?

solo
Posts: 355
Joined: Sun Feb 14, 2021 10:31 am

Re: Can't connect server from macOS

Post by solo » Wed Jun 01, 2022 10:25 pm

particlefeever wrote:
Wed Jun 01, 2022 9:46 pm
...I did add manually ports 500:500 and 4500:4500 both UDP

...In macOS (12.3.1) I did add VPN service in Network section of Preferences. The answer is always this: the L2TP-VPN server did not respond. I also tried to add Azure service
In L2TP/IPSec mode forward also at least one of TCP 443, 5555, or 992.

SoftEther VPN Azure service GUI client is available only for Windows.

particlefeever
Posts: 9
Joined: Thu Mar 31, 2022 7:37 pm

Re: Can't connect server from macOS

Post by particlefeever » Thu Jun 02, 2022 2:02 pm

solo wrote:
Wed Jun 01, 2022 10:25 pm
particlefeever wrote:
Wed Jun 01, 2022 9:46 pm
...I did add manually ports 500:500 and 4500:4500 both UDP

...In macOS (12.3.1) I did add VPN service in Network section of Preferences. The answer is always this: the L2TP-VPN server did not respond. I also tried to add Azure service
In L2TP/IPSec mode forward also at least one of TCP 443, 5555, or 992.

SoftEther VPN Azure service GUI client is available only for Windows.
Hi thanks for answering. I believe these ports are configured in server, also 1194 is listed as TCP, not UDP as in the thread you linked. I guess I will have to configure port forwarding for these TCP ports in the router, right?
I am afraid there is Azure VPN client for Mac from Microsoft Corporation, version 2.2.0, that can be installed trough app store.

Will post a log a found, just hiding possible sensible info:

Code: Select all

2022-05-30 07:29:45.230 [HUB "SINTRANVPN"] Session "SID-LOCALBRIDGE-1": A Local Bridge connection to physical Ethernet interface "Realtek Ethernet Controller (ID=1332993132)" was started.
2022-05-30 10:20:43.846 ------------------------------------------------------
2022-05-30 10:20:43.846 SoftEther VPN Server Version 4.38 Build 9760   (English)
2022-05-30 10:20:43.846 Compiled 2021/08/17 22:32:49 by buildsan at crosswin
2022-05-30 10:20:43.846 Log Messages are written with UTF-8 Encoding Format.
2022-05-30 10:20:43.846 The SoftEther VPN Server has been started.
2022-05-30 10:20:43.846 IPsec Module: The IPsec ver 2.0 (ISAKMP/IKEv1) processing module is started.
2022-05-30 10:20:43.893 OpenVPN Module: The OpenVPN Server Module is starting.
2022-05-30 10:20:43.893 Loading the configuration file.
2022-05-30 10:20:45.832 Monitoring the directory "C:\Program Files\SoftEther VPN Server". If the amount of available free disk space becomes less than 8,00 GBytes, the backup files for log files and configurations that are saved on the sub-directories of this directory will be automatically deleted in the order of oldest first. The amount of free disk space that determines when to start deletion can be modified by changing the "AutoDeleteCheckDiskFreeSpaceMin" item in the configuration file.
2022-05-30 10:20:45.847 Virtual Hub "SINTRANVPN" has been started.
2022-05-30 10:20:45.847 The MAC address of Virtual Hub "SINTRANVPN" is "-".
2022-05-30 10:20:45.847 [HUB "SINTRANVPN"] The Virtual Hub is now online.
2022-05-30 10:20:45.847 TCP Listener (port 443) is starting.
2022-05-30 10:20:45.847 TCP Listener (port 443) has started. Now listening for connection from client.
2022-05-30 10:20:45.847 TCP Listener (port 992) is starting.
2022-05-30 10:20:45.847 TCP Listener (port 992) has started. Now listening for connection from client.
2022-05-30 10:20:45.847 TCP Listener (port 1194) is starting.
2022-05-30 10:20:45.847 TCP Listener (port 1194) has started. Now listening for connection from client.
2022-05-30 10:20:45.847 TCP Listener (port 5555) is starting.
2022-05-30 10:20:45.847 TCP Listener (port 5555) has started. Now listening for connection from client.
2022-05-30 10:20:45.847 [HUB "SINTRANVPN"] The Local Bridge connection "Realtek Ethernet Controller (ID=1332993132)" has started. The bridge session "SID-LOCALBRIDGE-1" was created.
2022-05-30 10:20:45.863 The configuration file has been loaded.
2022-05-30 10:20:45.863 Starting the automatically saving background task. The interval between auto-saves is 300 seconds. You can change the interval by changing the parameter AutoSaveConfigSpan in the configuration file.
2022-05-30 10:20:46.191 [HUB "SINTRANVPN"] Session "SID-LOCALBRIDGE-1": A Local Bridge connection to physical Ethernet interface "Realtek Ethernet Controller (ID=1332993132)" was started.
2022-05-30 11:58:03.142 On the TCP Listener (Port 5555), a Client (IP address 127.0.0.1, Host name "DESKTOP-IO2DCHJ", Port number 60789) has connected.
2022-05-30 11:58:03.142 For the client (IP address: 127.0.0.1, host name: "DESKTOP-IO2DCHJ", port number: 60789), connection "CID-1-61B3BD7266" has been created.
2022-05-30 11:58:03.175 SSL communication for connection "CID-1-61B3BD7266" has been started. The encryption algorithm name is "TLS_AES_256_GCM_SHA384".
2022-05-30 11:58:03.175 Connection "CID-1-61B3BD7266" connected using server admin mode.
2022-05-30 11:58:03.175 Connection "CID-1-61B3BD7266" successfully logged in using administration mode.
2022-05-30 11:58:03.175 Connection "CID-1-61B3BD7266" created a new remote procedure call session "RPC-2956" for the purpose of administration mode.
2022-05-30 13:27:35.321 [HUB "SINTRANVPN"] Administration mode [RPC-2956] (Virtual Hub "SINTRANVPN"): The Virtual Hub setting has been changed.
2022-05-30 14:22:10.210 [HUB "SINTRANVPN"] Administration mode [RPC-2956] (Virtual Hub "SINTRANVPN"): The Virtual Hub is now offline.
2022-05-30 14:22:10.210 [HUB "SINTRANVPN"] The Virtual Hub is now offline.
2022-05-30 14:22:10.211 [HUB "SINTRANVPN"] The Local Bridge connection "Realtek Ethernet Controller (ID=1332993132)" has stopped.
2022-05-30 14:22:16.064 [HUB "SINTRANVPN"] Administration mode [RPC-2956] (Virtual Hub "SINTRANVPN"): The Virtual Hub is now online.
2022-05-30 14:22:16.064 [HUB "SINTRANVPN"] The Virtual Hub is now online.
2022-05-30 14:22:16.064 [HUB "SINTRANVPN"] The Local Bridge connection "Realtek Ethernet Controller (ID=1332993132)" has started. The bridge session "SID-LOCALBRIDGE-2" was created.
2022-05-30 14:22:16.346 [HUB "SINTRANVPN"] Session "SID-LOCALBRIDGE-2": A Local Bridge connection to physical Ethernet interface "Realtek Ethernet Controller (ID=1332993132)" was started.

solo
Posts: 355
Joined: Sun Feb 14, 2021 10:31 am

Re: Can't connect server from macOS

Post by solo » Thu Jun 02, 2022 10:53 pm

particlefeever wrote:
Thu Jun 02, 2022 2:02 pm
Hi thanks for answering. I believe these ports are configured in server, also 1194 is listed as TCP, not UDP as in the thread you linked. I guess I will have to configure port forwarding for these TCP ports in the router, right?
I am afraid there is Azure VPN client for Mac from Microsoft Corporation, version 2.2.0, that can be installed trough app store.
UDP 1194 is used for compatibility reasons with OpenVPN and becomes active only in this mode. You do not need to forward TCP/UDP 1194 In L2TP/IPSec mode.

Apart from name similarity, Microsoft Azure VPN apps have nothing in common with SoftEther VPN Azure. Take it to the bank.

particlefeever
Posts: 9
Joined: Thu Mar 31, 2022 7:37 pm

Re: Can't connect server from macOS

Post by particlefeever » Fri Jun 03, 2022 12:57 pm

Apart from name similarity, Microsoft Azure VPN apps have nothing in common with SoftEther VPN Azure. Take it to the bank.
In fact, the name is the same, but the brand is different. So I will buy a car in a MS store and will get a bike? Somebody please sue MS...

Anyway, for those reading this, next step: will try to generate an OVPN file to try (again) to use my OpenVPN client for Mac.

particlefeever
Posts: 9
Joined: Thu Mar 31, 2022 7:37 pm

Re: Can't connect server from macOS

Post by particlefeever » Mon Jun 06, 2022 5:43 pm

Gave up on macOS VPN clientes. They always fail trying to connect as the build in VPN connection.

Now trying in my Windows 10 inside a VirtualBOX. I have installed the SoftEther VPN Client Manager, that will install a VPN Client Adapter for it. Now I can connect but won't accept user credentials. Tried simple user account and certificate + key. Will have to try some changes in the server.

I have researched a lot over the internet. There is a lot of complains and no answers. Will try to make some personal contacts...

solo
Posts: 355
Joined: Sun Feb 14, 2021 10:31 am

Re: Can't connect server from macOS

Post by solo » Tue Jun 07, 2022 12:26 am

particlefeever wrote:
Mon Jun 06, 2022 5:43 pm
Gave up on macOS VPN clientes.
Wait, is it a Mac with Apple M1 chip? SSTP Connect works for sure.

particlefeever
Posts: 9
Joined: Thu Mar 31, 2022 7:37 pm

Re: Can't connect server from macOS

Post by particlefeever » Mon Jun 13, 2022 2:25 pm

solo wrote:
Tue Jun 07, 2022 12:26 am
particlefeever wrote:
Mon Jun 06, 2022 5:43 pm
Gave up on macOS VPN clientes.
Wait, is it a Mac with Apple M1 chip? SSTP Connect works for sure.
No, an old mid 2012 macbook pro Core i5 with a SSD and 16GB RAM running macOS Monterrey trough OpenCore.

particlefeever
Posts: 9
Joined: Thu Mar 31, 2022 7:37 pm

Re: Can't connect server from macOS

Post by particlefeever » Mon Jun 13, 2022 6:25 pm

I have reinstalled all SoftEther in another PC. I have followed the instructions of the website step by step. It seem to be working but I can't connect anyway.

What is strange is during a ping test, the name is resolved and get the right ip, but no ping is returned. The server is there but it does not answer.

Code: Select all

gustavopinent@gustavopi-macbook Downloads % ping vpn-sintran-poa.softether.net
PING vpn-sintran-poa.softether.net (177.18.158.252): 56 data bytes
Request timeout for icmp_seq 0
Request timeout for icmp_seq 1
Request timeout for icmp_seq 2
Request timeout for icmp_seq 3
Request timeout for icmp_seq 4
^C
--- vpn-sintran-poa.softether.net ping statistics ---
6 packets transmitted, 0 packets received, 100.0% packet loss
If I ping from inside the LAN, the server is found and reponds, but there is no point accessing from inside, I wish to access from outside...

Code: Select all

gustavopinent@gustavopi-macbook Downloads % ping vpn-sintran-poa.softether.net
PING vpn-sintran-poa.softether.net (177.18.158.252): 56 data bytes
64 bytes from 177.18.158.252: icmp_seq=0 ttl=64 time=3.263 ms
64 bytes from 177.18.158.252: icmp_seq=1 ttl=64 time=5.806 ms
64 bytes from 177.18.158.252: icmp_seq=2 ttl=64 time=3.279 ms
64 bytes from 177.18.158.252: icmp_seq=3 ttl=64 time=5.883 ms
64 bytes from 177.18.158.252: icmp_seq=4 ttl=64 time=3.866 ms
64 bytes from 177.18.158.252: icmp_seq=5 ttl=64 time=3.012 ms
64 bytes from 177.18.158.252: icmp_seq=6 ttl=64 time=5.493 ms
^C
--- vpn-sintran-poa.softether.net ping statistics ---
7 packets transmitted, 7 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 3.012/4.372/5.883/1.203 ms

solo
Posts: 355
Joined: Sun Feb 14, 2021 10:31 am

Re: Can't connect server from macOS

Post by solo » Tue Jun 14, 2022 10:43 am

particlefeever wrote:
Mon Jun 13, 2022 6:25 pm
I have reinstalled all SoftEther in another PC.
...
If I ping from inside the LAN, the server is found and reponds,
...
an old mid 2012 macbook pro Core i5 with a SSD and 16GB RAM running macOS Monterrey
SoftEther does not respond to pings, your system does. This diagnostic is inconclusive. Do as follows:

- test out your Intel Mac on a VPN Gate L2TP/IPsec VPN
- if it is OK, forward the necessary L2TP/IPsec ports on your router to the SE server
- then connect to your SE

particlefeever
Posts: 9
Joined: Thu Mar 31, 2022 7:37 pm

Re: Can't connect server from macOS

Post by particlefeever » Tue Jun 14, 2022 2:47 pm

solo wrote:
Tue Jun 14, 2022 10:43 am
particlefeever wrote:
Mon Jun 13, 2022 6:25 pm
I have reinstalled all SoftEther in another PC.
...
If I ping from inside the LAN, the server is found and reponds,
...
an old mid 2012 macbook pro Core i5 with a SSD and 16GB RAM running macOS Monterrey
SoftEther does not respond to pings, your system does. This diagnostic is inconclusive. Do as follows:

- test out your Intel Mac on a VPN Gate L2TP/IPsec VPN
- if it is OK, forward the necessary L2TP/IPsec ports on your router to the SE server
- then connect to your SE
Ok, though I am getting close to the bottom of the problem. Mac won't connect because it demands a shared secret that I can't find anywhere. There isn't in VPN Gate and also SE server won't provide one, is not part of configuration. So it seems macOS will work differently, as long I can use Windscribe VPN that has it's own engine.

Inside my Windows 10 (VirtualBox) I have tried step by step configuration shown in VPN Gate's pages. I have to go with the IP. After sending vpn|vpn user password, the answer is - the remote connection wasn't done due to a failure in VPN tunnels tried. The VPN server might unreachable. If this connection is trying to use some L2TP/IPsec, the needed security parameters to IPsec negotiation might not be correctly configured.

There is a package SoftEther VPN Client + VPN Gate plug-in, but I think is pointless to make it work, will be a different situation, right?

solo
Posts: 355
Joined: Sun Feb 14, 2021 10:31 am

Re: Can't connect server from macOS

Post by solo » Tue Jun 14, 2022 11:09 pm

particlefeever wrote:
Tue Jun 14, 2022 2:47 pm
Mac won't connect because it demands a shared secret that I can't find anywhere. There isn't in VPN Gate and also SE server won't provide one, is not part of configuration.
So you clicked the above VPN Gate link but not RTFM? It clearly states "Specify "vpn" (3-letters) also on the "Shared Secret" field".

Your SE server also provides one: "Shared Secret" = "Pre-shared Key" in the configuration.

particlefeever
Posts: 9
Joined: Thu Mar 31, 2022 7:37 pm

Re: Can't connect server from macOS

Post by particlefeever » Tue Jul 05, 2022 1:31 am

Still trying to use this awesome. Now I can connect my macOS with "public-vpn-180.opengw.net". Big step. But still my own server does not answer. I will dig the internet about the possible reasons since I have forwarded the needed ports in the router.

One thing I remember now this Internet provider have some issues with some hosts around the world. Some websites will only open if I use some simple VPN (like Windscribe). Maybe they are blocking me, possible? Let's see...

Post Reply