MasterHUB - One2RuleAll with Layer3

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
PizzaProgram
Posts: 43
Joined: Fri Aug 12, 2022 6:57 pm
Contact:

MasterHUB - One2RuleAll with Layer3

Post by PizzaProgram » Sun Feb 26, 2023 2:02 am

I'm trying to finish this project: https://www.vpnusers.com/viewtopic.php?f=7&t=67721
Sorry, I've red everything from manual, especially about Layer3, searched and red 100+ forum topics, etc... but still need help to solve the most important thing for my setup:

I'll have, let's say 100 equally separated HUBs,

Code: Select all

10.10.001.10 - .50
10.10.002.10 - .70
...
10.10.100.10 - .20
(they can not reach each other,) but I need a special one too:
- my "superuser MASTER-HUB" that can "reach" every each client from those other 100 HUBs.

Code: Select all

10.10.250.10 - .20
1. This one will contain all of my own PCs and my android phone, and whenever I need to help a client, I need to be able to connect to any PC of any HUB immediately.
2. It would be even better, if those "sub-PCs" could NOT connect to my PCs (only I could connect to them... if that's even possible?
( With Packet filtering maybe?)

All of these HUBs will run on the same server.
Each hub will have active SecureNAT.

I do not want to add 100+ virtual network (TAP) adapters to my PCs, nor I want to: "disconnect -> search -> connect to an other HUB" each time.
So I think the only logical choice is: using Layer 3

But I don't know exactly how?
  • 3. Is one L3 switch enough?
  • 4. Do I need 100 Virtual adapter or 101?
  • 5. and 100 routing table? What should be the IP and what the gateway? or all 0.0.0.0 ?
Also:
  • 6. I'll have to add under each SecureNAT configuration a "static routing table to PUSH" too? ... or the L3 switch does that for me automatically?
... sorry for the lots of questions and trouble I cause, but I'm desperate and need urgent help to finish this project within 2 days. :-(
Any help is greatly appreciated!
Last edited by PizzaProgram on Sun Feb 26, 2023 1:12 pm, edited 1 time in total.

shakibamoshiri
Posts: 285
Joined: Wed Dec 28, 2022 9:10 pm

Re: MasterHUB - One2RuleAll with Layer3

Post by shakibamoshiri » Sun Feb 26, 2023 7:46 am

unreadable content
please update/modify your question's content, make it clear, same font size and style

solo
Posts: 1228
Joined: Sun Feb 14, 2021 10:31 am

Re: MasterHUB - One2RuleAll with Layer3

Post by solo » Sun Feb 26, 2023 9:31 am

Yeah, the readability is abysmal.

Anyway, all the OP's conceived ideas are sub-optimal. Here is a trivial solution to management of the humongous collection of VPN hubs:

- inst SE client + server on the same Win server
- only one virtual network adapter is needed
- run VPN-IP.bat before connecting to a hub

Code: Select all

VPN-IP.bat
----------
@echo off
set /p sbn=Enter subnet: || set sbn=1
netsh interface ip set address name="VPN - VPN Client" static 10.10.%sbn%.2 255.255.255.0

PizzaProgram
Posts: 43
Joined: Fri Aug 12, 2022 6:57 pm
Contact:

Re: MasterHUB - One2RuleAll with Layer3

Post by PizzaProgram » Sun Feb 26, 2023 1:45 pm

Sorry for the Large / Tiny fonts. Reverted back to normal.
(Strange, why you couldn't read it, it appeared perfectly fine on my FireFox.)

- The server will be on a Debian based remote VPS.
- I'll manage it remotely.
- I need to reach all clients from 4 PCs + 1 phone
- If a client calls, there is no time to:
  1. Search for the client manager program
  2. Check if my Virt. Adapter is occupied
  3. if yes > Disconnect
  4. search for the current HUB the client is in (scrolling through 100 HUBs in the list.. because there is no filter, nor Ctrl+F)
  5. connect to it... wait
  6. and only THEN click on the VNC ikon to see the client's screen remotely.
... not to mention if I have to work on 3-4 clients simultaniously, all from different HUBs.
(My work is seconds based, not minutes. Managing POS systems of 100+ pizzeria is not an easy task.)


SUMMARISED:

I need help with the Layer 3 setup please! Need 1-1 permanent, stable connection from my devices where I can reach ALL my clients from all the HUBs.
(Even from my phone, if I'm not at my laptop or my developer PC.)

Thank you very much in forward.

Post Reply