Howto Route Other VPN Servers to Connect SoftEther Server

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
mjthelearner
Posts: 28
Joined: Fri Nov 25, 2022 6:08 am

Howto Route Other VPN Servers to Connect SoftEther Server

Post by mjthelearner » Tue Dec 20, 2022 9:47 am

Hi dear guys and @solo

In Iran the ultimate censorship is running already. Everything you are thinking about it, becoming to be censored and filtered, it seems they are trying to use whitelist on their firewall.

BTW i can access to Europe location server only by cascade connection through 2 softether servers.

VPS1=IRAN
VPS2=TURKEY

VPS1 can access to VPS2 throughout the cascade connection.

I can access to VPS1 by L2TP connection and at final get VPS2 ip.

Unfortunately openvpn server that integrated with SE doesnt work and can't connect.

I have to install Angristan auto script version of openvpn server on VPS1.

OVPNServer= Angristan openserver script on VPS1

The question is how to route the OVPNServer to access VPS2 from VPS1?

Is the way to access to this scehmatic

Clients > OVPNServer > VPS1 [cascaded] VPS2

When clients connected to OVPNServer, they will get VPS2 ip?


Thanks in advance

solo
Posts: 1228
Joined: Sun Feb 14, 2021 10:31 am

Re: Howto Route Other VPN Servers to Connect SoftEther Server

Post by solo » Tue Dec 20, 2022 1:33 pm

Hello @mjthelearner, what's the problem with "openvpn server that integrated with SE"? Apart from the known scalability issue, it works fine (for me). Post server/client logs.

As for the Angristan openvpn-install script, it sets up "dev tun" routed IP tunnel, but you'd need "dev tap0" to bridge it with SoftEther. Simply use Linux bridge of OVPN "dev tap0" with SE soft tap for this OVPN/SE hybrid server.

"When clients connected to OVPNServer, they will get VPS2 ip?"
yes

mjthelearner
Posts: 28
Joined: Fri Nov 25, 2022 6:08 am

Re: Howto Route Other VPN Servers to Connect SoftEther Server

Post by mjthelearner » Wed Dec 21, 2022 12:36 am

Thank you solo for responding 🙏

This is the OpenVPN log on mobile client side

Use as TCP
Changed real ip to x.x.x.x

Code: Select all


03:45:38.667 -- EVENT: RECONNECTING

03:45:38.672 -- EVENT: RESOLVE

03:45:38.677 -- Contacting x.x.x.x:1195 via TCPv4

03:45:38.679 -- EVENT: WAIT

03:45:38.852 -- Transport Error: TCPv4 connect error on 'x.x.x.x.:1195' (x.x.x.x:1195): Connection refused

03:45:38.861 -- Client terminated, restarting in 2000 ms...

03:45:40.852 -- EVENT: RECONNECTING

03:45:40.858 -- EVENT: RESOLVE

03:45:40.864 -- Contacting x.x.x.x.:1195 via TCPv4

03:45:40.864 -- EVENT: WAIT

03:45:40.923 -- Transport Error: TCPv4 connect error on 'x.x.x.x:1195): Connection refused

03:45:40.924 -- Client terminated, restarting in 2000 ms...


Use as UDP

Code: Select all


03:55:47.666 -- Server poll timeout, trying next remote entry...

03:55:47.667 -- EVENT: RECONNECTING

03:55:47.671 -- EVENT: RESOLVE

03:55:47.676 -- Contacting x.x.x.x.:1195 via UDP

03:55:47.677 -- EVENT: WAIT

03:55:47.681 -- Connecting to [x.x.x.x]:1195 (x.x.x.x) via UDPv4

03:55:57.667 -- Server poll timeout, trying next remote entry...

03:55:57.669 -- EVENT: RECONNECTING

03:55:57.674 -- EVENT: RESOLVE

03:55:57.677 -- Contacting x.x.x.x:1195 via UDP

03:55:57.678 -- EVENT: WAIT

03:55:57.692 -- Connecting to [x.x.x.x]:1195 (x.x.x.x) via UDPv4



____________


For run SE with tap adapter as local bridge, i did on two side VPSs ,
What i did

VPS1 [IRAN], created local bridge and set the ip pool for soft_tap as 12.0.0.1/24

VPS2 [TURKEY], created local bridge and set the ip pool for soft_tap as 13.0.0.1/24

VPS1 > cascaded to > VPS2


When client is connected to VPS1, it will get the ip from VPS2 ip pool range and doesn't take it from VPS1 ip range and its the matter.

I had to write all my config step here, right?

solo
Posts: 1228
Joined: Sun Feb 14, 2021 10:31 am

Re: Howto Route Other VPN Servers to Connect SoftEther Server

Post by solo » Wed Dec 21, 2022 1:23 am

Re: internal OVPN SE server

- on the SE hub set: Log Save Setting / Save Packet Log: ON / ICMP Packet: Header Only
- briefly disable all firewalls
- try a VPN connection from a Windows OVPN client

Post server/client logs.


Re: external OVPN hybrid server

Assuming the "how to make a Tunnel" network topology, try this:

- on VPS1 aka "blocked country" change from "no bridge" to a bridge with Linux tap
- using bridge-utils bridge the SE tap with OVPN tap0

That's it, no IP assignments or any other setup required, very easy.

It's also possible to route between the servers but it's complex and I don't support it :-)

Post Reply