wired DCHP problem with Softether on OpenWRT, not getting ip from DHCP
Posted: Wed May 28, 2025 5:21 am
hi guys,
i am having rather a wierd problem, everything with softether works fine before coupele of days ago, but i'm having issue with other part of openwrt, so i decieded to do a version upgrade on openwrt with option to keep all settings.
firstly it works fine, everything runs as expected. but after daily reboot of the openwrt router, i found that all of my vpn clients are failed to connect, not getting ip address from DHCP server, softether log gives:
2025-05-28 10:40:16.857 OpenVPN Session 1 (111.200.xxx.xxx:2095 -> 61.51.xxx.xxx:13194) Channel 0: Acquiring an IP address from the DHCP server failed. To accept a PPP session, you need to have a DHCP server. Make sure that a DHCP server is working normally in the Ethernet segment which the Virtual Hub belongs to. If you do not have a DHCP server, you can use the Virtual DHCP function of the SecureNAT on the Virtual Hub instead.
2025-05-28 10:40:16.857 OpenVPN Session 1 (111.200.xxx.xxx:2095 -> 61.51.xxx.xxx:13194) Channel 0: Failed to connect a channel.
2025-05-28 10:40:16.857 [OpenVPN] 111.200.xxx.xxx:2095 -> 61.51.xxx.xxx:13194 (TCP): Session deleted.
2025-05-28 10:40:16.857 Connection "CID-24" has been terminated.
but no settings were changed, and all of my local devices seems to getting ip from dhcp just fine.
here is what i discovered so far:
if i delete the tap interface from local bridge setting, and add it back, then in openwrt, tick that tap interface to enable as part of lan bridge, it works agfain... until next time router restarts of if i do a ./etc/init.d/softethervpn restart
we have 3 dirrerent system running samiler config, all work fine but this one. we have been compare setting across systems, didnt find anything stands out.
new openwrt update comes with softether version of 5.02.5187-1, but i'm not sure what was the previous version, since last time i did a router update was like 6 month ago, it should not be too old.
i have not yet tested secureNAT, but it's knida important to keep client ip address in the same subnet as server, in order for some really old system to work.
here are the some related config from openwrt system:
===from /etc/config/network====
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option packet_steering '1'
config interface 'lan'
option type 'bridge'
option proto 'static'
option _orig_ifname 'eth0'
option _orig_bridge 'true'
option delegate '0'
option netmask '255.255.255.0'
option ipaddr '192.168.0.1'
option dns '192.168.0.1'
option ifname 'eth2 eth3 eth4 eth5 tap_sevpn'
====from /etc/config/dhcp===
config dnsmasq
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option localuse '1'
option doh_backup_noresolv '0'
option min_ttl '3600'
option port '53'
option nonwildcard '0'
option mini_ttl '0'
option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
option localservice '0'
option rebind_protection '0'
option authoritative '1'
option filter_aaaa '1'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option ra_slaac '1'
list ra_flags 'managed-config'
list ra_flags 'other-config'
list dhcp_option '6,192.168.0.1'
option force '1'
option logdhcp '1'
option netmask '255.255.255.0'
===from softether vpn server===
# Software Configuration File
# ---------------------------
#
# You may edit this file when the VPN Server / Client / Bridge program is not running.
#
# In prior to edit this file manually by your text editor,
# shutdown the VPN Server / Client / Bridge background service.
# Otherwise, all changes will be lost.
#
declare root
{
uint ConfigRevision 463
bool IPsecMessageDisplayed true
string Region HK
declare DDnsClient
{
string CustomHttpHeader $
bool Disabled false
byte Key xxxx
string LocalHostname BleachWrt
string ProxyHostName $
uint ProxyPort 0
uint ProxyType 0
string ProxyUsername $
}
declare IPsec
{
bool EtherIP_IPsec false
string IPsec_Secret xxxx
string L2TP_DefaultHub LM202
bool L2TP_IPsec true
bool L2TP_Raw true
declare EtherIP_IDSettingsList
{
}
}
declare ListenerList
{
declare Listener0
{
bool DisableDos false
bool Enabled true
uint Port 1701
}
declare Listener1
{
bool DisableDos false
bool Enabled true
uint Port 13194
}
}
declare LocalBridgeList
{
bool DoNotDisableOffloading false
declare LocalBridge0
{
string DeviceName SEVPN
string HubName LM202
bool LimitBroadcast false
bool MonitorMode false
bool NoPromiscuousMode false
string TapMacAddress 5E-76-13-DF-43-55
bool TapMode true
}
}
declare ServerConfiguration
{
uint64 AutoDeleteCheckDiskFreeSpaceMin 104857600
uint AutoDeleteCheckIntervalSecs 300
uint AutoSaveConfigSpan 86400
bool BackupConfigOnlyWhenModified true
string CipherName ~DEFAULT~
uint CurrentBuild 5187
uint DhParamBits 2048
bool DisableCoreDumpOnUnix false
bool DisableDeadLockCheck false
bool DisableDosProtection false
bool DisableGetHostNameWhenAcceptTcp false
bool DisableIPsecAggressiveMode false
bool DisableIPv6Listener false
bool DisableJsonRpcWebApi false
bool DisableNatTraversal false
bool DisableSessionReconnect false
bool DontBackupConfig false
bool EnableVpnAzure false
bool EnableVpnOverDns false
bool EnableVpnOverIcmp false
byte HashedPassword B+m8ZibAkeGK42JaG6MMrT2DjhQ=
string KeepConnectHost keepalive.softether.org
uint KeepConnectInterval 50
uint KeepConnectPort 80
uint KeepConnectProtocol 1
string ListenIP ::
uint64 LoggerMaxLogSize 1073741823
uint MaxConcurrentDnsClientThreads 512
uint MaxConnectionsPerIP 256
uint MaxUnestablishedConnections 1000
bool NoHighPriorityProcess false
bool NoLinuxArpFilter false
bool NoSendSignature false
bool Override_Security_Level false
uint Override_Security_Level_Value 0
string PortsUDP 443,$20992,$201194,$205555
bool SaveDebugLog false
byte ServerCert xxx
uint ServerLogSwitchType 4
uint ServerType 0
bool StrictSyslogDatetimeFormat false
bool Tls_Disable1_0 false
bool Tls_Disable1_1 false
bool Tls_Disable1_2 false
bool Tls_Disable1_3 false
bool UseKeepConnect false
string UsernameHubSeparator @
bool UseWebTimePage false
bool UseWebUI false
declare GlobalParams
{
uint FIFO_BUDGET 10240000
uint HUB_ARP_SEND_INTERVAL 5000
uint IP_TABLE_EXPIRE_TIME 60000
uint IP_TABLE_EXPIRE_TIME_DHCP 300000
uint MAC_TABLE_EXPIRE_TIME 600000
uint MAX_BUFFERING_PACKET_SIZE 2560000
uint MAX_HUB_LINKS 1024
uint MAX_IP_TABLES 65536
uint MAX_MAC_TABLES 65536
uint MAX_SEND_SOCKET_QUEUE_NUM 128
uint MAX_SEND_SOCKET_QUEUE_SIZE 2560000
uint MAX_STORED_QUEUE_NUM 1024
uint MEM_FIFO_REALLOC_MEM_SIZE 655360
uint MIN_SEND_SOCKET_QUEUE_SIZE 320000
uint QUEUE_BUDGET 2048
uint SELECT_TIME 256
uint SELECT_TIME_FOR_NAT 30
uint STORM_CHECK_SPAN 500
uint STORM_DISCARD_VALUE_END 1024
uint STORM_DISCARD_VALUE_START 3
}
declare Proto
{
declare OpenVPN
{
string DefaultClientOption dev-type$20tun,link-mtu$201500,tun-mtu$201500,cipher$20AES-128-CBC,auth$20SHA1,keysize$20128,key-method$202,tls-client
bool Enabled true
bool Obfuscation false
string ObfuscationMask $
uint PingSendInterval 3000
bool PushDummyIPv4AddressOnL2Mode true
uint Timeout 30000
}
declare SSTP
{
bool Enabled false
}
declare WireGuard
{
bool Enabled true
string PresharedKey xxx
string PrivateKey xxx
}
}
declare ServerChain
{
}
declare ServerTraffic
{
declare RecvTraffic
{
uint64 BroadcastBytes 27263072267
uint64 BroadcastCount 85546721
uint64 UnicastBytes 214698911713
uint64 UnicastCount 396065388
}
declare SendTraffic
{
uint64 BroadcastBytes 27630163682
uint64 BroadcastCount 86602125
uint64 UnicastBytes 209724805168
uint64 UnicastCount 357796435
}
}
declare SyslogSettings
{
string HostName $
uint Port 514
uint SaveType 0
}
}
declare VirtualHUB
{
declare LM202
{
uint64 CreatedTime 1733299539018
byte HashedPassword xxx
uint64 LastCommTime 1748376621124
uint64 LastLoginTime 1748375412003
uint NumLogin 689
bool Online true
bool RadiusConvertAllMsChapv2AuthRequestToEap false
string RadiusRealm $
uint RadiusRetryInterval 0
uint RadiusServerPort 1812
string RadiusSuffixFilter $
bool RadiusUsePeapInsteadOfEap false
byte SecurePassword xxx
uint Type 0
declare AccessList
{
}
declare AdminOption
{
uint allow_hub_admin_change_option 0
uint deny_bridge 0
uint deny_change_user_password 0
uint deny_empty_password 0
uint deny_hub_admin_change_ext_option 0
uint deny_qos 0
uint deny_routing 0
uint max_accesslists 0
uint max_bitrates_download 0
uint max_bitrates_upload 0
uint max_groups 0
uint max_multilogins_per_user 5
uint max_sessions 0
uint max_sessions_bridge 0
uint max_sessions_client 0
uint max_sessions_client_bridge_apply 0
uint max_users 0
uint no_access_list_include_file 0
uint no_cascade 0
uint no_change_access_control_list 0
uint no_change_access_list 0
uint no_change_admin_password 0
uint no_change_cert_list 0
uint no_change_crl_list 0
uint no_change_groups 0
uint no_change_log_config 0
uint no_change_log_switch_type 0
uint no_change_msg 0
uint no_change_users 0
uint no_delay_jitter_packet_loss 0
uint no_delete_iptable 0
uint no_delete_mactable 0
uint no_disconnect_session 0
uint no_enum_session 0
uint no_offline 0
uint no_online 0
uint no_query_session 0
uint no_read_log_file 0
uint no_securenat 0
uint no_securenat_enabledhcp 0
uint no_securenat_enablenat 0
}
declare CascadeList
{
}
declare LogSetting
{
uint PacketLogSwitchType 4
uint PACKET_LOG_ARP 0
uint PACKET_LOG_DHCP 1
uint PACKET_LOG_ETHERNET 0
uint PACKET_LOG_ICMP 0
uint PACKET_LOG_IP 0
uint PACKET_LOG_TCP 0
uint PACKET_LOG_TCP_CONN 1
uint PACKET_LOG_UDP 0
bool SavePacketLog true
bool SaveSecurityLog true
uint SecurityLogSwitchType 4
}
declare Message
{
}
declare Option
{
uint AccessListIncludeFileCacheLifetime 30
uint AdjustTcpMssValue 0
bool AllowEapMatchUserByCert false
bool AllowSameUserInPrivacyFilterMode false
bool ApplyIPv4AccessListOnArpPacket false
bool AssignVLanIdByRadiusAttribute false
bool BroadcastLimiterStrictMode false
uint BroadcastStormDetectionThreshold 0
uint ClientMinimumRequiredBuild 0
string DefaultGateway 0.0.0.0
string DefaultSubnet 0.0.0.0
bool DenyAllRadiusLoginWithNoVlanAssign false
uint DetectDormantSessionInterval 0
bool DisableAdjustTcpMss false
bool DisableCheckMacOnLocalBridge false
bool DisableCorrectIpOffloadChecksum false
bool DisableHttpParsing false
bool DisableIPParsing false
bool DisableIpRawModeSecureNAT false
bool DisableKernelModeSecureNAT false
bool DisableUdpAcceleration false
bool DisableUdpFilterForLocalBridgeNic false
bool DisableUserModeSecureNAT false
bool DoNotSaveHeavySecurityLogs false
bool DropArpInPrivacyFilterMode true
bool DropBroadcastsInPrivacyFilterMode true
bool FilterBPDU false
bool FilterIPv4 false
bool FilterIPv6 false
bool FilterNonIP false
bool FilterOSPF false
bool FilterPPPoE false
uint FloodingSendQueueBufferQuota 33554432
bool ManageOnlyLocalUnicastIPv6 true
bool ManageOnlyPrivateIP true
uint MaxLoggedPacketsPerMinute 0
uint MaxSession 20
bool NoArpPolling false
bool NoDhcpPacketLogOutsideHub true
bool NoEnum true
bool NoIpTable false
bool NoIPv4PacketLog false
bool NoIPv6AddrPolling false
bool NoIPv6DefaultRouterInRAWhenIPv6 false
bool NoIPv6PacketLog false
bool NoLookBPDUBridgeId false
bool NoMacAddressLog true
bool NoManageVlanId false
bool NoPhysicalIPOnPacketLog false
bool NoSpinLockForPacketDelay false
bool RemoveDefGwOnDhcpForLocalhost true
uint RequiredClientId 0
uint SecureNAT_MaxDnsSessionsPerIp 0
uint SecureNAT_MaxIcmpSessionsPerIp 0
uint SecureNAT_MaxTcpSessionsPerIp 0
uint SecureNAT_MaxTcpSynSentPerIp 0
uint SecureNAT_MaxUdpSessionsPerIp 0
bool SecureNAT_RandomizeAssignIp false
bool SuppressClientUpdateNotification false
bool UseHubNameAsDhcpUserClassOption false
bool UseHubNameAsRadiusNasId false
string VlanTypeId 0x8100
bool YieldAfterStorePacket false
}
declare SecureNAT
{
bool Disabled true
bool SaveLog true
declare VirtualDhcpServer
{
string DhcpDnsServerAddress 192.168.30.1
string DhcpDnsServerAddress2 ::
string DhcpDomainName $
bool DhcpEnabled true
uint DhcpExpireTimeSpan 7200
string DhcpGatewayAddress 192.168.30.1
string DhcpLeaseIPEnd 192.168.30.200
string DhcpLeaseIPStart 192.168.30.10
string DhcpPushRoutes $
string DhcpSubnetMask 255.255.255.0
}
declare VirtualHost
{
string VirtualHostIp 192.168.30.1
string VirtualHostIpSubnetMask 255.255.255.0
string VirtualHostMacAddress 5E-7F-78-DE-EB-3A
}
declare VirtualRouter
{
bool NatEnabled true
uint NatMtu 1500
uint NatTcpTimeout 1800
uint NatUdpTimeout 60
}
}
declare SecurityAccountDatabase
{
declare CertList
{
}
declare CrlList
{
}
declare GroupList
{
}
declare IPAccessControlList
{
}
declare Traffic
{
declare RecvTraffic
{
uint64 BroadcastBytes 27263072267
uint64 BroadcastCount 85546721
uint64 UnicastBytes 214698911713
uint64 UnicastCount 396065388
}
declare SendTraffic
{
uint64 BroadcastBytes 27630163682
uint64 BroadcastCount 86602125
uint64 UnicastBytes 209724805168
uint64 UnicastCount 357796435
}
}
}
}
declare VirtualLayer3SwitchList
{
}
declare WireGuardKeyList
{
}
}
i am having rather a wierd problem, everything with softether works fine before coupele of days ago, but i'm having issue with other part of openwrt, so i decieded to do a version upgrade on openwrt with option to keep all settings.
firstly it works fine, everything runs as expected. but after daily reboot of the openwrt router, i found that all of my vpn clients are failed to connect, not getting ip address from DHCP server, softether log gives:
2025-05-28 10:40:16.857 OpenVPN Session 1 (111.200.xxx.xxx:2095 -> 61.51.xxx.xxx:13194) Channel 0: Acquiring an IP address from the DHCP server failed. To accept a PPP session, you need to have a DHCP server. Make sure that a DHCP server is working normally in the Ethernet segment which the Virtual Hub belongs to. If you do not have a DHCP server, you can use the Virtual DHCP function of the SecureNAT on the Virtual Hub instead.
2025-05-28 10:40:16.857 OpenVPN Session 1 (111.200.xxx.xxx:2095 -> 61.51.xxx.xxx:13194) Channel 0: Failed to connect a channel.
2025-05-28 10:40:16.857 [OpenVPN] 111.200.xxx.xxx:2095 -> 61.51.xxx.xxx:13194 (TCP): Session deleted.
2025-05-28 10:40:16.857 Connection "CID-24" has been terminated.
but no settings were changed, and all of my local devices seems to getting ip from dhcp just fine.
here is what i discovered so far:
if i delete the tap interface from local bridge setting, and add it back, then in openwrt, tick that tap interface to enable as part of lan bridge, it works agfain... until next time router restarts of if i do a ./etc/init.d/softethervpn restart
we have 3 dirrerent system running samiler config, all work fine but this one. we have been compare setting across systems, didnt find anything stands out.
new openwrt update comes with softether version of 5.02.5187-1, but i'm not sure what was the previous version, since last time i did a router update was like 6 month ago, it should not be too old.
i have not yet tested secureNAT, but it's knida important to keep client ip address in the same subnet as server, in order for some really old system to work.
here are the some related config from openwrt system:
===from /etc/config/network====
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option packet_steering '1'
config interface 'lan'
option type 'bridge'
option proto 'static'
option _orig_ifname 'eth0'
option _orig_bridge 'true'
option delegate '0'
option netmask '255.255.255.0'
option ipaddr '192.168.0.1'
option dns '192.168.0.1'
option ifname 'eth2 eth3 eth4 eth5 tap_sevpn'
====from /etc/config/dhcp===
config dnsmasq
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option localuse '1'
option doh_backup_noresolv '0'
option min_ttl '3600'
option port '53'
option nonwildcard '0'
option mini_ttl '0'
option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
option localservice '0'
option rebind_protection '0'
option authoritative '1'
option filter_aaaa '1'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option ra_slaac '1'
list ra_flags 'managed-config'
list ra_flags 'other-config'
list dhcp_option '6,192.168.0.1'
option force '1'
option logdhcp '1'
option netmask '255.255.255.0'
===from softether vpn server===
# Software Configuration File
# ---------------------------
#
# You may edit this file when the VPN Server / Client / Bridge program is not running.
#
# In prior to edit this file manually by your text editor,
# shutdown the VPN Server / Client / Bridge background service.
# Otherwise, all changes will be lost.
#
declare root
{
uint ConfigRevision 463
bool IPsecMessageDisplayed true
string Region HK
declare DDnsClient
{
string CustomHttpHeader $
bool Disabled false
byte Key xxxx
string LocalHostname BleachWrt
string ProxyHostName $
uint ProxyPort 0
uint ProxyType 0
string ProxyUsername $
}
declare IPsec
{
bool EtherIP_IPsec false
string IPsec_Secret xxxx
string L2TP_DefaultHub LM202
bool L2TP_IPsec true
bool L2TP_Raw true
declare EtherIP_IDSettingsList
{
}
}
declare ListenerList
{
declare Listener0
{
bool DisableDos false
bool Enabled true
uint Port 1701
}
declare Listener1
{
bool DisableDos false
bool Enabled true
uint Port 13194
}
}
declare LocalBridgeList
{
bool DoNotDisableOffloading false
declare LocalBridge0
{
string DeviceName SEVPN
string HubName LM202
bool LimitBroadcast false
bool MonitorMode false
bool NoPromiscuousMode false
string TapMacAddress 5E-76-13-DF-43-55
bool TapMode true
}
}
declare ServerConfiguration
{
uint64 AutoDeleteCheckDiskFreeSpaceMin 104857600
uint AutoDeleteCheckIntervalSecs 300
uint AutoSaveConfigSpan 86400
bool BackupConfigOnlyWhenModified true
string CipherName ~DEFAULT~
uint CurrentBuild 5187
uint DhParamBits 2048
bool DisableCoreDumpOnUnix false
bool DisableDeadLockCheck false
bool DisableDosProtection false
bool DisableGetHostNameWhenAcceptTcp false
bool DisableIPsecAggressiveMode false
bool DisableIPv6Listener false
bool DisableJsonRpcWebApi false
bool DisableNatTraversal false
bool DisableSessionReconnect false
bool DontBackupConfig false
bool EnableVpnAzure false
bool EnableVpnOverDns false
bool EnableVpnOverIcmp false
byte HashedPassword B+m8ZibAkeGK42JaG6MMrT2DjhQ=
string KeepConnectHost keepalive.softether.org
uint KeepConnectInterval 50
uint KeepConnectPort 80
uint KeepConnectProtocol 1
string ListenIP ::
uint64 LoggerMaxLogSize 1073741823
uint MaxConcurrentDnsClientThreads 512
uint MaxConnectionsPerIP 256
uint MaxUnestablishedConnections 1000
bool NoHighPriorityProcess false
bool NoLinuxArpFilter false
bool NoSendSignature false
bool Override_Security_Level false
uint Override_Security_Level_Value 0
string PortsUDP 443,$20992,$201194,$205555
bool SaveDebugLog false
byte ServerCert xxx
uint ServerLogSwitchType 4
uint ServerType 0
bool StrictSyslogDatetimeFormat false
bool Tls_Disable1_0 false
bool Tls_Disable1_1 false
bool Tls_Disable1_2 false
bool Tls_Disable1_3 false
bool UseKeepConnect false
string UsernameHubSeparator @
bool UseWebTimePage false
bool UseWebUI false
declare GlobalParams
{
uint FIFO_BUDGET 10240000
uint HUB_ARP_SEND_INTERVAL 5000
uint IP_TABLE_EXPIRE_TIME 60000
uint IP_TABLE_EXPIRE_TIME_DHCP 300000
uint MAC_TABLE_EXPIRE_TIME 600000
uint MAX_BUFFERING_PACKET_SIZE 2560000
uint MAX_HUB_LINKS 1024
uint MAX_IP_TABLES 65536
uint MAX_MAC_TABLES 65536
uint MAX_SEND_SOCKET_QUEUE_NUM 128
uint MAX_SEND_SOCKET_QUEUE_SIZE 2560000
uint MAX_STORED_QUEUE_NUM 1024
uint MEM_FIFO_REALLOC_MEM_SIZE 655360
uint MIN_SEND_SOCKET_QUEUE_SIZE 320000
uint QUEUE_BUDGET 2048
uint SELECT_TIME 256
uint SELECT_TIME_FOR_NAT 30
uint STORM_CHECK_SPAN 500
uint STORM_DISCARD_VALUE_END 1024
uint STORM_DISCARD_VALUE_START 3
}
declare Proto
{
declare OpenVPN
{
string DefaultClientOption dev-type$20tun,link-mtu$201500,tun-mtu$201500,cipher$20AES-128-CBC,auth$20SHA1,keysize$20128,key-method$202,tls-client
bool Enabled true
bool Obfuscation false
string ObfuscationMask $
uint PingSendInterval 3000
bool PushDummyIPv4AddressOnL2Mode true
uint Timeout 30000
}
declare SSTP
{
bool Enabled false
}
declare WireGuard
{
bool Enabled true
string PresharedKey xxx
string PrivateKey xxx
}
}
declare ServerChain
{
}
declare ServerTraffic
{
declare RecvTraffic
{
uint64 BroadcastBytes 27263072267
uint64 BroadcastCount 85546721
uint64 UnicastBytes 214698911713
uint64 UnicastCount 396065388
}
declare SendTraffic
{
uint64 BroadcastBytes 27630163682
uint64 BroadcastCount 86602125
uint64 UnicastBytes 209724805168
uint64 UnicastCount 357796435
}
}
declare SyslogSettings
{
string HostName $
uint Port 514
uint SaveType 0
}
}
declare VirtualHUB
{
declare LM202
{
uint64 CreatedTime 1733299539018
byte HashedPassword xxx
uint64 LastCommTime 1748376621124
uint64 LastLoginTime 1748375412003
uint NumLogin 689
bool Online true
bool RadiusConvertAllMsChapv2AuthRequestToEap false
string RadiusRealm $
uint RadiusRetryInterval 0
uint RadiusServerPort 1812
string RadiusSuffixFilter $
bool RadiusUsePeapInsteadOfEap false
byte SecurePassword xxx
uint Type 0
declare AccessList
{
}
declare AdminOption
{
uint allow_hub_admin_change_option 0
uint deny_bridge 0
uint deny_change_user_password 0
uint deny_empty_password 0
uint deny_hub_admin_change_ext_option 0
uint deny_qos 0
uint deny_routing 0
uint max_accesslists 0
uint max_bitrates_download 0
uint max_bitrates_upload 0
uint max_groups 0
uint max_multilogins_per_user 5
uint max_sessions 0
uint max_sessions_bridge 0
uint max_sessions_client 0
uint max_sessions_client_bridge_apply 0
uint max_users 0
uint no_access_list_include_file 0
uint no_cascade 0
uint no_change_access_control_list 0
uint no_change_access_list 0
uint no_change_admin_password 0
uint no_change_cert_list 0
uint no_change_crl_list 0
uint no_change_groups 0
uint no_change_log_config 0
uint no_change_log_switch_type 0
uint no_change_msg 0
uint no_change_users 0
uint no_delay_jitter_packet_loss 0
uint no_delete_iptable 0
uint no_delete_mactable 0
uint no_disconnect_session 0
uint no_enum_session 0
uint no_offline 0
uint no_online 0
uint no_query_session 0
uint no_read_log_file 0
uint no_securenat 0
uint no_securenat_enabledhcp 0
uint no_securenat_enablenat 0
}
declare CascadeList
{
}
declare LogSetting
{
uint PacketLogSwitchType 4
uint PACKET_LOG_ARP 0
uint PACKET_LOG_DHCP 1
uint PACKET_LOG_ETHERNET 0
uint PACKET_LOG_ICMP 0
uint PACKET_LOG_IP 0
uint PACKET_LOG_TCP 0
uint PACKET_LOG_TCP_CONN 1
uint PACKET_LOG_UDP 0
bool SavePacketLog true
bool SaveSecurityLog true
uint SecurityLogSwitchType 4
}
declare Message
{
}
declare Option
{
uint AccessListIncludeFileCacheLifetime 30
uint AdjustTcpMssValue 0
bool AllowEapMatchUserByCert false
bool AllowSameUserInPrivacyFilterMode false
bool ApplyIPv4AccessListOnArpPacket false
bool AssignVLanIdByRadiusAttribute false
bool BroadcastLimiterStrictMode false
uint BroadcastStormDetectionThreshold 0
uint ClientMinimumRequiredBuild 0
string DefaultGateway 0.0.0.0
string DefaultSubnet 0.0.0.0
bool DenyAllRadiusLoginWithNoVlanAssign false
uint DetectDormantSessionInterval 0
bool DisableAdjustTcpMss false
bool DisableCheckMacOnLocalBridge false
bool DisableCorrectIpOffloadChecksum false
bool DisableHttpParsing false
bool DisableIPParsing false
bool DisableIpRawModeSecureNAT false
bool DisableKernelModeSecureNAT false
bool DisableUdpAcceleration false
bool DisableUdpFilterForLocalBridgeNic false
bool DisableUserModeSecureNAT false
bool DoNotSaveHeavySecurityLogs false
bool DropArpInPrivacyFilterMode true
bool DropBroadcastsInPrivacyFilterMode true
bool FilterBPDU false
bool FilterIPv4 false
bool FilterIPv6 false
bool FilterNonIP false
bool FilterOSPF false
bool FilterPPPoE false
uint FloodingSendQueueBufferQuota 33554432
bool ManageOnlyLocalUnicastIPv6 true
bool ManageOnlyPrivateIP true
uint MaxLoggedPacketsPerMinute 0
uint MaxSession 20
bool NoArpPolling false
bool NoDhcpPacketLogOutsideHub true
bool NoEnum true
bool NoIpTable false
bool NoIPv4PacketLog false
bool NoIPv6AddrPolling false
bool NoIPv6DefaultRouterInRAWhenIPv6 false
bool NoIPv6PacketLog false
bool NoLookBPDUBridgeId false
bool NoMacAddressLog true
bool NoManageVlanId false
bool NoPhysicalIPOnPacketLog false
bool NoSpinLockForPacketDelay false
bool RemoveDefGwOnDhcpForLocalhost true
uint RequiredClientId 0
uint SecureNAT_MaxDnsSessionsPerIp 0
uint SecureNAT_MaxIcmpSessionsPerIp 0
uint SecureNAT_MaxTcpSessionsPerIp 0
uint SecureNAT_MaxTcpSynSentPerIp 0
uint SecureNAT_MaxUdpSessionsPerIp 0
bool SecureNAT_RandomizeAssignIp false
bool SuppressClientUpdateNotification false
bool UseHubNameAsDhcpUserClassOption false
bool UseHubNameAsRadiusNasId false
string VlanTypeId 0x8100
bool YieldAfterStorePacket false
}
declare SecureNAT
{
bool Disabled true
bool SaveLog true
declare VirtualDhcpServer
{
string DhcpDnsServerAddress 192.168.30.1
string DhcpDnsServerAddress2 ::
string DhcpDomainName $
bool DhcpEnabled true
uint DhcpExpireTimeSpan 7200
string DhcpGatewayAddress 192.168.30.1
string DhcpLeaseIPEnd 192.168.30.200
string DhcpLeaseIPStart 192.168.30.10
string DhcpPushRoutes $
string DhcpSubnetMask 255.255.255.0
}
declare VirtualHost
{
string VirtualHostIp 192.168.30.1
string VirtualHostIpSubnetMask 255.255.255.0
string VirtualHostMacAddress 5E-7F-78-DE-EB-3A
}
declare VirtualRouter
{
bool NatEnabled true
uint NatMtu 1500
uint NatTcpTimeout 1800
uint NatUdpTimeout 60
}
}
declare SecurityAccountDatabase
{
declare CertList
{
}
declare CrlList
{
}
declare GroupList
{
}
declare IPAccessControlList
{
}
declare Traffic
{
declare RecvTraffic
{
uint64 BroadcastBytes 27263072267
uint64 BroadcastCount 85546721
uint64 UnicastBytes 214698911713
uint64 UnicastCount 396065388
}
declare SendTraffic
{
uint64 BroadcastBytes 27630163682
uint64 BroadcastCount 86602125
uint64 UnicastBytes 209724805168
uint64 UnicastCount 357796435
}
}
}
}
declare VirtualLayer3SwitchList
{
}
declare WireGuardKeyList
{
}
}