Questions about IP-based forwarding and accounting

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
Webypassit
Posts: 2
Joined: Sun Mar 05, 2023 2:45 pm

Questions about IP-based forwarding and accounting

Post by Webypassit » Sun Mar 05, 2023 4:02 pm

Hello,

I have two questions and I would appreciate any help that someone can offer.

1- We have two servers connected to each other via cascade, with the connection from the first server passing through a local sock5 before reaching the second server. Is it possible to create a list of specific IP address ranges that can access the web directly through the first server, without cascading to the second server?
For example, if a client in the same country as the first server opens a website hosted in that same country, can the request go directly from the first server to the requested website without cascading to the second server?


2- I have created a client that is valid for one month. Is it possible to activate this one-month period automatically after the client's first connection to the server?

Thank you!
Top
shakibamoshiri
Posts: 289
Joined: Wed Dec 28, 2022 9:10 pm

Re: Questions about IP-based forwarding and accounting

Post by shakibamoshiri » Sun Mar 05, 2023 8:28 pm

Webypassit wrote:
Sun Mar 05, 2023 4:02 pm
 1- We have two servers connected to each other via cascade, with the connection from the first server passing through a local sock5 before reaching the second server. Is it possible to create a list of specific IP address ranges that can access the web directly through the first server, without cascading to the second server?
For example, if a client in the same country as the first server opens a website hosted in that same country, can the request go directly from the first server to the requested website without cascading to the second server?
You have a double-VPN with which the incoming traffic to a HUB (=hop-1) will be cascaded to hop-2.
Since hop-1 network in domestic you can access if you do NAT-ing , with cascade I do not think so.
So you can create another HUB on hop-1 and add some users to second HUB on hop-1 and enable NAT-ing thus clients of this HUB can access hop-1 network.

If you just want to use the SE server, it may be possible with L3 switch to route some traffic of some IPs to a twin HUB (from HUB-1 to HUB-2 on hop-1)
But if you are not forced to use SE, you can use OpenVPN or OpenCoonect on hop-1 to ignore tunneling traffic for some IPs
Wait more expert users here give your better solutions
Webypassit wrote:
Sun Mar 05, 2023 4:02 pm
 2- I have created a client that is valid for one month. Is it possible to activate this one-month period automatically after the client's first connection to the server?
There is no single button / click / command to achieve it, but using RPC-JSON API you can check the "last client login time" and add 30 days to this "last client login time" as the expiration date.
Top
Webypassit
Posts: 2
Joined: Sun Mar 05, 2023 2:45 pm

Re: Questions about IP-based forwarding and accounting

Post by Webypassit » Mon Mar 06, 2023 8:39 am

Thanks for your reply Shakiba jan!


I was looking for the RPC-JSON API and found it on GitHub, and it seems like you are the author! The API is available at https://github.com/shakibamoshiri/secli.

However, I am facing an issue with installing the API on my Windows Server VPS where SoftEther is already installed. I was wondering if there is any tutorial available for installing the API, as I am not very familiar with the process.

Thank you for your time and assistance!
Top
shakibamoshiri
Posts: 289
Joined: Wed Dec 28, 2022 9:10 pm

Re: Questions about IP-based forwarding and accounting

Post by shakibamoshiri » Mon Mar 06, 2023 12:29 pm

You no need to install RPC-JSON API, if you installed a SE server and it is running, you can request to it.

With RPC-JSON APi you no need to log in to your server, from you local machine you can manage your server.
This is the API
https://github.com/SoftEtherVPN/SoftEth ... pc-clients

This is a CLI under development using JSON API
https://github.com/shakibamoshiri/secli
Mostly the CLI is for Linux, since on Windows you have GUI and can mange users easily.

The "secli" is a bash CLI which for using it you need to have
- bash 4.4+
- yq installed
- jq installed
- perl , etc
Top
solo
Posts: 1637
Joined: Sun Feb 14, 2021 10:31 am

Re: Questions about IP-based forwarding and accounting

Post by solo » Tue Mar 07, 2023 11:13 am

Webypassit wrote:
Mon Mar 06, 2023 8:39 am
 I am facing an issue with installing the API on my Windows Server VPS...
Windows? No problem...

Code: Select all

curl -k -H "X-VPNADMIN-PASSWORD: xxx" --json "{ \"jsonrpc\": \"2.0\", \"id\": \"rpc_call_id\", \"method\": \"EnumUser\", \"params\": { \"HubName_str\": \"VPN\" } }" https://localhost:5555/api/

{
    "result": {
        "UserList": [
            {
                "AuthType_u32": 1,
                "DenyAccess_bool": false,
                "Ex.Recv.BroadcastBytes_u64": 30750,
                "Ex.Recv.BroadcastCount_u64": 435,
                "Ex.Recv.UnicastBytes_u64": 9684,
                "Ex.Recv.UnicastCount_u64": 202,
                "Ex.Send.BroadcastBytes_u64": 7561,
                "Ex.Send.BroadcastCount_u64": 41,
                "Ex.Send.UnicastBytes_u64": 7308,
                "Ex.Send.UnicastCount_u64": 174,
                "Expires_dt": "1970-01-01T09:00:00.000Z",
                "GroupName_str": "",
                "IsExpiresFilled_bool": true,
                "IsTrafficFilled_bool": true,
                "LastLoginTime_dt": "2023-02-28T01:23:02.546Z",
                "Name_str": "usr1",
                "Note_utf": "",
                "NumLogin_u32": 7,
                "Realname_utf": ""
            },
            {
                "AuthType_u32": 1,
                "DenyAccess_bool": false,
                "Ex.Recv.BroadcastBytes_u64": 0,
                "Ex.Recv.BroadcastCount_u64": 0,
                "Ex.Recv.UnicastBytes_u64": 0,
                "Ex.Recv.UnicastCount_u64": 0,
                "Ex.Send.BroadcastBytes_u64": 0,
                "Ex.Send.BroadcastCount_u64": 0,
                "Ex.Send.UnicastBytes_u64": 0,
                "Ex.Send.UnicastCount_u64": 0,
                "Expires_dt": "1970-01-01T09:00:00.000Z",
                "GroupName_str": "",
                "IsExpiresFilled_bool": true,
                "IsTrafficFilled_bool": true,
                "LastLoginTime_dt": "1970-01-01T09:00:00.000Z",
                "Name_str": "usr2",
                "Note_utf": "",
                "NumLogin_u32": 0,
                "Realname_utf": ""
            },
            {
                "AuthType_u32": 1,
                "DenyAccess_bool": false,
                "Ex.Recv.BroadcastBytes_u64": 0,
                "Ex.Recv.BroadcastCount_u64": 0,
                "Ex.Recv.UnicastBytes_u64": 0,
                "Ex.Recv.UnicastCount_u64": 0,
                "Ex.Send.BroadcastBytes_u64": 0,
                "Ex.Send.BroadcastCount_u64": 0,
                "Ex.Send.UnicastBytes_u64": 0,
                "Ex.Send.UnicastCount_u64": 0,
                "Expires_dt": "1970-01-01T09:00:00.000Z",
                "GroupName_str": "",
                "IsExpiresFilled_bool": true,
                "IsTrafficFilled_bool": true,
                "LastLoginTime_dt": "1970-01-01T09:00:00.000Z",
                "Name_str": "usr3",
                "Note_utf": "",
                "NumLogin_u32": 0,
                "Realname_utf": ""
            }
        ],
        "HubName_str": "VPN"
    },
    "jsonrpc": "2.0",
    "id": "rpc_call_id"
}
Top
Post Reply

Return to “SoftEther VPN General Discussion”