SoftEther VPN User Forum

I have a problem, I have 2 networks, the first one is created in the program itself ([i]192.168.5.0/24[/i]), and the second network ([i]192.168.1.0/24[/i]) is the network of the organization itself. The problem is that users of the second network receive IP addresses from the pool of addresses for VPN users. As I understood, this is a problem in the bridge, I deleted it, changed its settings, and all to no avail, what am I doing wrong? How do I restrict broadcast packets for vpn users so that they do not exit to another interface?

If you bridge site-to-site then you have to use L3 for different subnets.

solo wrote: ↑

Sun Oct 30, 2022 3:20 am

If you bridge site-to-site then you have to use L3 for different subnets.

I dont try do site-to-site connection, i just connect remote users, I cannot configure dhcp in the vpn so that all traffic does not pass through the vpn, that is, if you receive settings from the vpn server, and the gateway is not specified in the settings, then the user uses his personal Internet without using traffic through the VPN connection. But if the user does not receive dhcp from the vpn server, but from the dhcp server inside the local network, then all traffic passes through the vpn server inside the network, how can this be ruined?

The OP is really convoluted, you simply need split tunnel. Two ways:

1) disable SecureNAT, enable local bridge, increase the client's vNIC's metric above regular NIC
or
2) delete local bridge, enable SecureNAT AND remove its default gateway AND push static route to the server's LAN