Looking for the best configuration

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
usbano
Posts: 1
Joined: Fri Feb 03, 2023 4:14 pm

Looking for the best configuration

Post by usbano » Fri Feb 03, 2023 4:33 pm

Hi everyone, I need to implement the following configuration:
- on a VPS (Windows OS) I have installed a softether VPN server
- on it will converge several networks, scattered in various cities. Each remote network will have its own softether bridge pointing to the VPN server installed on the VPS.

On the VPS I only have the network card with a public ip.
In order to use private addresses and activate DHCP, I used the SecureNAT function on the VPN server (network 192.168.30.0/24).
Everything works, what is missing is that the VPN Server also needs access to the clients on the SecureNAT network.
How can I realise this architecture?

A temporary solution was to also install Softether Client on the VPS and connect it to the localhost VPN server, but I see that it increases CPU load of Softether Server on the VPS, and even if it works, it doesn't seem like a good solution to me.

solo
Posts: 1228
Joined: Sun Feb 14, 2021 10:31 am

Re: Looking for the best configuration

Post by solo » Fri Feb 03, 2023 9:47 pm

usbano wrote:
Fri Feb 03, 2023 4:33 pm
A temporary solution was to also install Softether Client on the VPS and connect it to the localhost...
Good move but if you don't like it, here is another solution:
- install Microsoft Loopback Adapter
- bridge the vHUB to it
- assign a static IP to it, presumably between 192.168.30.2-192.168.30.9

shakibamoshiri
Posts: 285
Joined: Wed Dec 28, 2022 9:10 pm

Re: Looking for the best configuration

Post by shakibamoshiri » Fri Feb 03, 2023 10:06 pm

usbano wrote:
Fri Feb 03, 2023 4:33 pm
Hi everyone, I need to implement the following configuration:
- on a VPS (Windows OS) I have installed a softether VPN server
- on it will converge several networks, scattered in various cities. Each remote network will have its own softether bridge pointing to the VPN server installed on the VPS.

On the VPS I only have the network card with a public ip.
In order to use private addresses and activate DHCP, I used the SecureNAT function on the VPN server (network 192.168.30.0/24).
Everything works, what is missing is that the VPN Server also needs access to the clients on the SecureNAT network.
How can I realise this architecture?

A temporary solution was to also install Softether Client on the VPS and connect it to the localhost VPN server, but I see that it increases CPU load of Softether Server on the VPS, and even if it works, it doesn't seem like a good solution to me.
Why do you need to connect to the SE sever on your the LAN?
Because it is the SE server private NAT

How to access clients on that SE server private NAT?
Connecting as client to that SE server

How to avoid using the SE client to access other clients?
Setup a Local Bridge (and + a local DHCP) and do not use SecureNAT virtual NAT (or virtual DHCP)
So should be able to access your clients

solo
Posts: 1228
Joined: Sun Feb 14, 2021 10:31 am

Re: Looking for the best configuration

Post by solo » Fri Feb 03, 2023 10:29 pm

shakibamoshiri wrote:
Fri Feb 03, 2023 10:06 pm
Setup a Local Bridge (and + a local DHCP) and do not use SecureNAT virtual NAT (or virtual DHCP)
So should be able to access your clients
I see, now, keep in mind that it is a Windows-based VPS and describe precisely how to perform this magic.

shakibamoshiri
Posts: 285
Joined: Wed Dec 28, 2022 9:10 pm

Re: Looking for the best configuration

Post by shakibamoshiri » Sat Feb 04, 2023 9:41 am

solo wrote:
Fri Feb 03, 2023 10:29 pm
I see, now, keep in mind that it is a Windows-based VPS and describe precisely how to perform this magic.
I came to this first, since did not have experience with Windows but knew the issue, described in general that there is a solution.
But usually my answers take a few hours to be approved by forum's moderator(s) and that is why it came after your answer.

solo
Posts: 1228
Joined: Sun Feb 14, 2021 10:31 am

Re: Looking for the best configuration

Post by solo » Sat Feb 04, 2023 11:24 pm

shakibamoshiri wrote:
Sat Feb 04, 2023 9:41 am
I came to this first, since did not have experience with Windows but knew the issue, described in general that there is a solution. But usually my answers take a few hours to be approved by forum's moderator(s) and that is why it came after your answer.
Very well. Just for the record, note what the OP wrote: "On the VPS I only have the network card with a public ip" - so there is no trivial Windows way of doing what you had proposed, ie bridge with external dhcp/nat there.

Post Reply