[BUG] DHCP lease time 300000000sec = 10days only
-
- Posts: 43
- Joined: Fri Aug 12, 2022 6:57 pm
- Contact:
[BUG] DHCP lease time 300000000sec = 10days only
I would like to set DHCP lease time of the Virtual NAT to infinite.
The setup does not allow to set it to 1 sec. (That would be the official "infinite")
If I set it to 300-450M sec (= 10-15 years) :
- it is still expiring after ca. 10 days!
I've tested with 5.01 developer version too.
Result: The SAME :-(
How do i set those IP addresses to be fixed forever?
The setup does not allow to set it to 1 sec. (That would be the official "infinite")
If I set it to 300-450M sec (= 10-15 years) :
- it is still expiring after ca. 10 days!
I've tested with 5.01 developer version too.
Result: The SAME :-(
How do i set those IP addresses to be fixed forever?
You do not have the required permissions to view the files attached to this post.
-
- Posts: 289
- Joined: Wed Dec 28, 2022 9:10 pm
Re: [BUG] DHCP lease time 300000000sec = 10days only
1. using MAC:se:00:00:00:00:00 in NOTE section + dnsmasqPizzaProgram wrote: ↑Fri Feb 24, 2023 5:45 pmI would like to set DHCP lease time of the Virtual NAT to infinite.
The setup does not allow to set it to 1 sec. (That would be the official "infinite")
DHCP setup.jpg
If I set it to 300-450M sec (= 10-15 years) :
- it is still expiring after ca. 10 days!
I've tested with 5.01 developer version too.
Result: The SAME :-(
DHCP expire.jpg
How do i set those IP addresses to be fixed forever?
Code: Select all
# If you’d like to have dnsmasq assign static IPs to some clients, bind the LAN computers NIC MAC addresses:
# dhcp-host=ae:00:00:00:00:01,192.168.100.111
# dhcp-host=ae:00:00:00:00:02,192.168.100.112
-
- Posts: 43
- Joined: Fri Aug 12, 2022 6:57 pm
- Contact:
Re: [BUG] DHCP lease time 300000000sec = 10days only
Thank you very much the quick answer!
1.
I've found your prev. topic about DHCP speed measuring before, but it does not tell, where to put those lines.
https://www.vpnusers.com/viewtopic.php?t=68065
2.
Doing this for 2-300 clients one by one is a huge extra work.
Isn't this a bug, that should be reported and fixed?
Why only 10 days?
1.
A NOTE section of what?using MAC:se:00:00:00:00:00 in NOTE section + dnsmasq
- Somewhere in the server's config file?
I've found your prev. topic about DHCP speed measuring before, but it does not tell, where to put those lines.
https://www.vpnusers.com/viewtopic.php?t=68065
2.
You mean manually setting the VPN's adapter like any other adapter?statically being set by the client
Doing this for 2-300 clients one by one is a huge extra work.
Isn't this a bug, that should be reported and fixed?
Why only 10 days?
-
- Posts: 43
- Joined: Fri Aug 12, 2022 6:57 pm
- Contact:
Re: [BUG] DHCP lease time 300000000sec = 10days only
... and the other problem with these methods:
- How will the client get the "static routing table" pushed from the server ?
That built-in SecureNAT is working perfectly fine, if that "max 10 days" problem could be solved... ?
- How will the client get the "static routing table" pushed from the server ?
That built-in SecureNAT is working perfectly fine, if that "max 10 days" problem could be solved... ?
-
- Posts: 1429
- Joined: Sun Feb 14, 2021 10:31 am
Re: [BUG] DHCP lease time 300000000sec = 10days only
The max is 6.9 days
The min is 0.69 days
If you don't like it, use an external DHCP server.
You could modify the source code, in TcpIp.c
...remove the "if" line but it may have unintended consequences.
The min is 0.69 days
If you don't like it, use an external DHCP server.
You could modify the source code, in TcpIp.c
Code: Select all
// Lease time
a = GetDhcpOption(o, DHCP_ID_LEASE_TIME);
if (a != NULL && a->Size == 4)
{
ret->LeaseTime = READ_UINT(a->Data);
}
-
- Posts: 43
- Joined: Fri Aug 12, 2022 6:57 pm
- Contact:
Re: [BUG] DHCP lease time 300000000sec = 10days only
Recompiling the whole thing would be too difficult for me,
but Thank you (again) for the quick and detailed information! :-)
An other, completely different approach:
- Is it possible to add "names" to the PCs, so no mater what the current IP assigned by SecureNAT, it would "find" it ?
- what is the "domain" field good for at the SecureNAT edit config window?
SecureNAT is a DHCP server itself, so theoretically should we able to resolve the IP by any name?
For example,
- if the HUB name is RobertoPizzaHUB
- and the PC name is DeliveryPC
than something like:
$> ping DeliveryPC.RobertoPizzaHUB.myServer.softether.org
should give back the current IP address of that PC that SecureNAT ?
... or maybe a MACaddress based name?
... or is there any other method to give a specific name to a user maybe? (I could create as many users, as many PCs there are...)
PS: can I donate you via PayPal? You have helped me a lot already!
but Thank you (again) for the quick and detailed information! :-)
An other, completely different approach:
- Is it possible to add "names" to the PCs, so no mater what the current IP assigned by SecureNAT, it would "find" it ?
- what is the "domain" field good for at the SecureNAT edit config window?
SecureNAT is a DHCP server itself, so theoretically should we able to resolve the IP by any name?
For example,
- if the HUB name is RobertoPizzaHUB
- and the PC name is DeliveryPC
than something like:
$> ping DeliveryPC.RobertoPizzaHUB.myServer.softether.org
should give back the current IP address of that PC that SecureNAT ?
... or maybe a MACaddress based name?
... or is there any other method to give a specific name to a user maybe? (I could create as many users, as many PCs there are...)
PS: can I donate you via PayPal? You have helped me a lot already!
-
- Posts: 1429
- Joined: Sun Feb 14, 2021 10:31 am
Re: [BUG] DHCP lease time 300000000sec = 10days only
Wait, what OS and SE version are you using? Instead of recompiling a binary patch is possible. I could look into it, no promises though.PizzaProgram wrote: ↑Sat Feb 25, 2023 12:19 amRecompiling the whole thing would be too difficult for me,
but Thank you (again) for the quick and detailed information! :-)
An other, completely different approach:...
(please donate to University of Tsukuba :-)
-
- Posts: 43
- Joined: Fri Aug 12, 2022 6:57 pm
- Contact:
Re: [BUG] DHCP lease time 300000000sec = 10days only
I will start renting the VPS probably tomorrow, but I'm still not 100% sure what OS should I choose.
I'm a bit lame with linux, but for stability for the next 10-20years it seems more logical to choose Debian,
unless You recommend me something else?
(Currently all my test are temporary running on my home server, which is Win7 32bit)
I will install a version, whatever you recommend. Probably latest would be best? 5.02
But this high-CPU Issue sounds bad: https://github.com/SoftEtherVPN/SoftEth ... sions/1774
OFF: That new API-development looks good at 5.02, maybe I can use that later to monitor ALL my clients over the whole country in a summarized view.
(Just like I'm doing it now, based on an OpenVPN server made by somebody else ... who is demanding now +70% money pro month, which I can not effort any more.)
I'm planning to set a regular donation pro month for You, if everything goes well. (Sorry, I'm not a rich guy at all, living in the 2th poorest country of Europe.)
I'm a bit lame with linux, but for stability for the next 10-20years it seems more logical to choose Debian,
unless You recommend me something else?
(Currently all my test are temporary running on my home server, which is Win7 32bit)
I will install a version, whatever you recommend. Probably latest would be best? 5.02
But this high-CPU Issue sounds bad: https://github.com/SoftEtherVPN/SoftEth ... sions/1774
IMHO a simple "hidden option" inside the server's .conf file would be the best approach, don't you think?Instead of recompiling a binary patch is possible. I could look into it, no promises though
Code: Select all
declare VirtualDhcpServer
{
bool DhcpEnabled true
uint DhcpExpireTimeSpan 300000000
...
bool DhcpAllowExtendedTime false ## <<... could be set to true manually
...
(Just like I'm doing it now, based on an OpenVPN server made by somebody else ... who is demanding now +70% money pro month, which I can not effort any more.)
I'm planning to set a regular donation pro month for You, if everything goes well. (Sorry, I'm not a rich guy at all, living in the 2th poorest country of Europe.)
-
- Posts: 43
- Joined: Fri Aug 12, 2022 6:57 pm
- Contact:
Re: [BUG] DHCP lease time 300000000sec = 10days only
I've found the official DHCP lease time criteria:
https://www.informit.com/articles/artic ... 4&seqNum=3
MAX = 2^32 - 2 ;
INFINITE = 2^32 ;
https://www.informit.com/articles/artic ... 4&seqNum=3
MAX = 2^32 - 2 ;
INFINITE = 2^32 ;
-
- Posts: 289
- Joined: Wed Dec 28, 2022 9:10 pm
Re: [BUG] DHCP lease time 300000000sec = 10days only
1.PizzaProgram wrote: ↑Fri Feb 24, 2023 10:30 pmThank you very much the quick answer!
1.A NOTE section of what?using MAC:se:00:00:00:00:00 in NOTE section + dnsmasqPlease tell me more about this.
- Somewhere in the server's config file?
I've found your prev. topic about DHCP speed measuring before, but it does not tell, where to put those lines.
https://www.vpnusers.com/viewtopic.php?t=68065
2.You mean manually setting the VPN's adapter like any other adapter?statically being set by the client
Doing this for 2-300 clients one by one is a huge extra work.
Isn't this a bug, that should be reported and fixed?
Why only 10 days?
Virtual MAC address reservation
http://www.softether.org/5-download/history
2.
In dnsmasq.conf file
who said manually :)
Code: Select all
#!/bin/bash
declare -ir min_ip_range=10;
declare -ir max_ip_range=200;
for (( index=$min_ip_range; index <= $max_ip_range; ++index )); do
if (( index <= 99 )); then
echo "dhcp-host=ae:00:00:00:00:${index},192.168.100.${index}"
else
echo "dhcp-host=ae:00:00:00:0${index%??}:${index#?},192.168.100.${index}"
fi
done
Code: Select all
dhcp-host=ae:00:00:00:00:10,192.168.100.10
dhcp-host=ae:00:00:00:00:11,192.168.100.11
dhcp-host=ae:00:00:00:00:12,192.168.100.12
dhcp-host=ae:00:00:00:00:13,192.168.100.13
dhcp-host=ae:00:00:00:00:14,192.168.100.14
dhcp-host=ae:00:00:00:00:15,192.168.100.15
dhcp-host=ae:00:00:00:00:16,192.168.100.16
dhcp-host=ae:00:00:00:00:17,192.168.100.17
dhcp-host=ae:00:00:00:00:18,192.168.100.18
dhcp-host=ae:00:00:00:00:19,192.168.100.19
dhcp-host=ae:00:00:00:00:20,192.168.100.20
...
...
dhcp-host=ae:00:00:00:01:92,192.168.100.192
dhcp-host=ae:00:00:00:01:93,192.168.100.193
dhcp-host=ae:00:00:00:01:94,192.168.100.194
dhcp-host=ae:00:00:00:01:95,192.168.100.195
dhcp-host=ae:00:00:00:01:96,192.168.100.196
dhcp-host=ae:00:00:00:01:97,192.168.100.197
dhcp-host=ae:00:00:00:01:98,192.168.100.198
dhcp-host=ae:00:00:00:01:99,192.168.100.199
dhcp-host=ae:00:00:00:02:00,192.168.100.200
I did not use/check this part, maybe.Isn't this a bug, that should be reported and fixed?
-
- Posts: 1429
- Joined: Sun Feb 14, 2021 10:31 am
Re: [BUG] DHCP lease time 300000000sec = 10days only
That's a fine choice.PizzaProgram wrote: ↑Sat Feb 25, 2023 1:29 amCurrently all my test are temporary running on my home server, which is Win7 32bit
I've created a binary patch to fix the lease issue but then discovered a BUG indeed in the code which can be exploited without any patching. Simply enter 4294967295 for lease time and you will get...
Code: Select all
op=BOOTREPLY chaddr=E8:F6:46:F6:25:CE hops=0 xid=DD59761C secs=0 flags=0000
ciaddr=0.0.0.0 yiaddr=192.168.30.10 siaddr=192.168.30.1 giaddr=0.0.0.0 sname= file=
6 options:
53 (DHCP Message Type): offer
54 (Server Identifier): 192.168.30.1
51 (IP Address Lease Time): 4294967295 (7101 weeks, 3 days, 6 hours, 28 minutes, and 15 secs)
1 (Subnet Mask): 255.255.255.0
3 (Router Option): 192.168.30.1
6 (Domain Name Server Option): 192.168.30.1
Description . . . . . . . . . . . : VPN Client Adapter - VPN
Physical Address. . . . . . . . . : 5E-68-60-B3-FD-02
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.30.10
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCP Server . . . . . . . . . . . : 192.168.30.1
Lease Obtained. . . . . . . . . . : Sunday, 26 February 2023 12:37:56 PM
Lease Expires . . . . . . . . . . : Tuesday, 19 January 2038 2:14:07 PM
Not tested on other builds.
-
- Posts: 43
- Joined: Fri Aug 12, 2022 6:57 pm
- Contact:
Re: [BUG] DHCP lease time 300000000sec = 10days only
WOW! Thank you VERY MUCH, this sounds great !
... but I don't fully understand this:
https://www.softether-download.com/en.a ... =softether
2. That version seems to be much older than the current ones. May I ask: Why didn't you patch the latest, to make a:
3. If yes : did you compile it for Win32 only?
The final VPS server will be probably Debian, because it's faster, cheaper, more stable. Even if I know windows better... Do You agree ?
4. ... or is the WIN64 version more stable than the linux one?
I will have to choose the server type until tomorrow.
... but I don't fully understand this:
1. You mean, If I simply download and install 4.38 from the official download page, it will work now?I've created a binary patch ... This works with SE v4.38.0.9760
https://www.softether-download.com/en.a ... =softether
2. That version seems to be much older than the current ones. May I ask: Why didn't you patch the latest, to make a:
- 4.42 or even better, a :
- 5.03 based on the developer version?
3. If yes : did you compile it for Win32 only?
The final VPS server will be probably Debian, because it's faster, cheaper, more stable. Even if I know windows better... Do You agree ?
4. ... or is the WIN64 version more stable than the linux one?
I will have to choose the server type until tomorrow.
-
- Posts: 1429
- Joined: Sun Feb 14, 2021 10:31 am
Re: [BUG] DHCP lease time 300000000sec = 10days only
4.38 is the latest, stable, RTM version you should use.
The bug may be exploitable in the betas and DE you mentioned.
Just enter 4294967295. Patching is not required.
The bug may be exploitable in the betas and DE you mentioned.
Just enter 4294967295. Patching is not required.
-
- Posts: 43
- Joined: Fri Aug 12, 2022 6:57 pm
- Contact:
Re: [BUG] DHCP lease time 300000000sec = 10days only
... and which OS?
-
- Posts: 1429
- Joined: Sun Feb 14, 2021 10:31 am
Re: [BUG] DHCP lease time 300000000sec = 10days only
Any OS. Try it for now on your W7 on the version you already have.
Should the GUI reject 4294967295 then stop the service and enter it directly in vpn_server.config
Should the GUI reject 4294967295 then stop the service and enter it directly in vpn_server.config
-
- Posts: 43
- Joined: Fri Aug 12, 2022 6:57 pm
- Contact:
Re: [BUG] DHCP lease time 300000000sec = 10days only
Some news about testing:
I was curious how the Development 5.01 version reacts to this high number:
1. The GUI accepted the 4294967295 seconds fine, saved it.
2. The client got the IP and the lease time was actually 130+ years :-)
3. But SE manager's "IP Lease table on virtual DHCP manager" windows shows:
Expires at 2023-07-17 19:31. :-(
That's = ca. 18 days + 17h + 50m = ca. 1619400 sec
So the problem remains:
- If the user turns off his spare-PC or Laptop for 3 weeks, the IP address will be lost, and I have to start to reconfigure everything again. (IP based database access, VNC, RDP, shared printers, etc...)
That's not very promising.
I was curious how the Development 5.01 version reacts to this high number:
1. The GUI accepted the 4294967295 seconds fine, saved it.
2. The client got the IP and the lease time was actually 130+ years :-)
3. But SE manager's "IP Lease table on virtual DHCP manager" windows shows:
Expires at 2023-07-17 19:31. :-(
That's = ca. 18 days + 17h + 50m = ca. 1619400 sec
So the problem remains:
- If the user turns off his spare-PC or Laptop for 3 weeks, the IP address will be lost, and I have to start to reconfigure everything again. (IP based database access, VNC, RDP, shared printers, etc...)
That's not very promising.
-
- Posts: 1429
- Joined: Sun Feb 14, 2021 10:31 am
Re: [BUG] DHCP lease time 300000000sec = 10days only
As you've cozied up with the devs, ask them to revise this "2000000000" constant in Virtual.c
51 (IP Address Lease Time): 2000000 (3 weeks, 2 days, 3 hours, 33 minutes
Let us know the new github's issue # ;-)
Code: Select all
// Expiration date
if (vo->DhcpExpireTimeSpan == 0 || vo->DhcpExpireTimeSpan == INFINITE)
{
v->DhcpExpire = INFINITE;
}
else
{
v->DhcpExpire = MAKESURE(DHCP_MIN_EXPIRE_TIMESPAN,
MIN(vo->DhcpExpireTimeSpan * 1000, 2000000000),
INFINITE);
}
Let us know the new github's issue # ;-)
-
- Posts: 1429
- Joined: Sun Feb 14, 2021 10:31 am
Re: [BUG] DHCP lease time 300000000sec = 10days only
...that said, 4294967295 should work as expected because:
But as SE server does not store the lease table, if you reboot it, you'll end up with IP mess no matter what nominal lease expiration time.
In conclusion, let go of SecureNAT - it's meant for testing only, not for such large production environment. On both Linux and Windows there are decent DHCP servers available. Better yet, let go of DHCP too, as in your setup context, I'd rather opt for static VPN IP assignments.
- a DHCP client will not negotiate lease renewal before currently assigned expiration time which is stored locally in the registry and preserved after a reboot
- SE server does indeed display shorter expiration but it is "ephemeral" and not stored anywhere
But as SE server does not store the lease table, if you reboot it, you'll end up with IP mess no matter what nominal lease expiration time.
In conclusion, let go of SecureNAT - it's meant for testing only, not for such large production environment. On both Linux and Windows there are decent DHCP servers available. Better yet, let go of DHCP too, as in your setup context, I'd rather opt for static VPN IP assignments.
-
- Posts: 43
- Joined: Fri Aug 12, 2022 6:57 pm
- Contact:
Re: [BUG] DHCP lease time 300000000sec = 10days only
@shakibamoshiri
Restarted the server, but still got totally mixed up IPs :-(
Why can't SE simply save the DHCP list from memory to a .conf file
- every 5 min,
-- if it changed at all
-- and if the release time is over 5 min. ? (to exclude short-therm IPs)
- and load back, when it starts.
Used latest 5.02 builds from both server + client.
I've just tried the "Note" trick, you have recommended, by settingVirtual MAC address reservation http://www.softether.org/5-download/history
Code: Select all
MAC:ae:00:00:00:03:01
etc..
Why can't SE simply save the DHCP list from memory to a .conf file
- every 5 min,
-- if it changed at all
-- and if the release time is over 5 min. ? (to exclude short-therm IPs)
- and load back, when it starts.
Used latest 5.02 builds from both server + client.
Do I still have to edit that too ?2. In dnsmasq.conf file
You do not have the required permissions to view the files attached to this post.
-
- Posts: 289
- Joined: Wed Dec 28, 2022 9:10 pm
Re: [BUG] DHCP lease time 300000000sec = 10days only
Where did you add this part?
It should be added to a DNS/DHCP server called "dnsmasq" which you should install ot on Debian/Ubuntu via "apt install dnsmasq".
Then add the desired MACs to dnsmasq file called "dnsmasq.conf"
Do not forget to disable SE server SecureNAT.
Code: Select all
MAC:ae:00:00:00:03:01
Then add the desired MACs to dnsmasq file called "dnsmasq.conf"
Do not forget to disable SE server SecureNAT.
-
- Posts: 43
- Joined: Fri Aug 12, 2022 6:57 pm
- Contact:
Re: [BUG] DHCP lease time 300000000sec = 10days only
Thank you VERY much for all your time!
Turning OFF SecureNAT is not an option for me. Sorry.
Rather I would like to see that function fixed!
Opened a GitHub issue https://github.com/SoftEtherVPN/SoftEth ... ssues/1792
(Also just made a one-time donation ahead (45.000HUF = ca. 116EUR).
Sorry, but that's the max I could give. I live in the 2th poorest country in Europe.
Will set 25% of that amount as regular monthly donation, if this problem is getting solved and I can finally start using SE.)
Turning OFF SecureNAT is not an option for me. Sorry.
Rather I would like to see that function fixed!
Opened a GitHub issue https://github.com/SoftEtherVPN/SoftEth ... ssues/1792
(Also just made a one-time donation ahead (45.000HUF = ca. 116EUR).
Sorry, but that's the max I could give. I live in the 2th poorest country in Europe.
Will set 25% of that amount as regular monthly donation, if this problem is getting solved and I can finally start using SE.)
-
- Posts: 289
- Joined: Wed Dec 28, 2022 9:10 pm
Re: [BUG] DHCP lease time 300000000sec = 10days only
Basically for knowing about each client IP address you have these two choicesPizzaProgram wrote: ↑Thu Mar 02, 2023 10:36 amThank you VERY much for all your time!
Turning OFF SecureNAT is not an option for me. Sorry.
Rather I would like to see that function fixed!
Opened a GitHub issue https://github.com/SoftEtherVPN/SoftEth ... ssues/1792
(Also just made a one-time donation ahead (45.000HUF = ca. 116EUR).
Sorry, but that's the max I could give. I live in the 2th poorest country in Europe.
Will set 25% of that amount as regular monthly donation, if this problem is getting solved and I can finally start using SE.)
1. a DHCP server with "FOREVER" lease time (server side)
2. statically IP assignment to each user (user side)
Solution #1 using SE server DHCP seems buggy so you are left with other DHCPs like "dnsmasq" .
For any reason if you cannot use other DCHP servers, depending upon how much skills you have and your need, you can get to know each client IP address dynamically using SE server RPC-JSON API.
You can request (= send rpc) to SE server and get JSON replay which tells you who has what IP address.
Thank you for the donation. Any ways you contribute is appreciated
-
- Posts: 1429
- Joined: Sun Feb 14, 2021 10:31 am
Re: [BUG] DHCP lease time 300000000sec = 10days only
Again - why don't you "...opt for static VPN IP assignments..."?
- no need for SecureNAT
- no need for a DHCP server
- no-brainer?
- no need for SecureNAT
- no need for a DHCP server
- no-brainer?
-
- Posts: 43
- Joined: Fri Aug 12, 2022 6:57 pm
- Contact:
Re: [BUG] DHCP lease time 300000000sec = 10days only
Dear @solo , Dear @shakibamoshiri, :-)
Believe me, I'm doing nothing else than thinking about your suggestions, while searching + learning.
1. My best hope is still: someone would fix/enhance the SecureNAT code in an hour, I'll upgrade the server in 5 min, and all my problems go away.
2. I've looked at debian's dnsmasq + DHCP_Server, but it's too complicated, too risky, too much trouble.
It drops up more questions than solutions. For example:
- What is the "interface" ? The SE? The VPS's ?
- How to prevent a DNS server to work as a DNS server ? (Because I do NOT want connected clients recognise it as one.)
(It's very easy to do it under SecureNAT -> simply by deleting DNS line)
- How to prevent users connected to the server could go out to the web through it?
(It's very easy to do it under SecureNAT -> simply by deleting GATEWAY line)
3. About manually configured fix IPs on client side...
- I'm still hoping to be able to set up 1 "superadmin-HUB" later somehow, to be able to reach ALL the other clients in All the other HUBs.
... with the right Layer 3 setup + DHCP route pushing https://www.vpnusers.com/viewtopic.php?f=7&t=68165
If the clients do not get the DHCP + route automatically, I won't be able to do it later without have to reconfigure each client one by one.
Believe me, I'm doing nothing else than thinking about your suggestions, while searching + learning.
1. My best hope is still: someone would fix/enhance the SecureNAT code in an hour, I'll upgrade the server in 5 min, and all my problems go away.
2. I've looked at debian's dnsmasq + DHCP_Server, but it's too complicated, too risky, too much trouble.
It drops up more questions than solutions. For example:
- What is the "interface" ? The SE? The VPS's ?
- How to prevent a DNS server to work as a DNS server ? (Because I do NOT want connected clients recognise it as one.)
(It's very easy to do it under SecureNAT -> simply by deleting DNS line)
- How to prevent users connected to the server could go out to the web through it?
(It's very easy to do it under SecureNAT -> simply by deleting GATEWAY line)
3. About manually configured fix IPs on client side...
- I'm still hoping to be able to set up 1 "superadmin-HUB" later somehow, to be able to reach ALL the other clients in All the other HUBs.
... with the right Layer 3 setup + DHCP route pushing https://www.vpnusers.com/viewtopic.php?f=7&t=68165
If the clients do not get the DHCP + route automatically, I won't be able to do it later without have to reconfigure each client one by one.
Last edited by PizzaProgram on Sat Mar 04, 2023 12:13 pm, edited 1 time in total.
-
- Posts: 1429
- Joined: Sun Feb 14, 2021 10:31 am
Re: [BUG] DHCP lease time 300000000sec = 10days only
Alright, since you insist on DHCP and prefer Windows, you can replace SecureNAT with a combination of "Microsoft Loopback Adapter" and "Open DHCP Server" on your VPS and "all my problems go away".