SoftEther VPN claims to support traffic obfuscation when both its client and server are used. However, many Russian websites still detect that a VPN is being used and block the connection. These same websites cannot be opened without a VPN at all.
What is confusing is this:
I can access these sites when connected to some public OpenVPN servers located in Russia.
But when I connect using my own SoftEther client and server, the traffic gets detected and blocked.
This suggests that the public OpenVPN servers somehow avoid detection, while SoftEther does not.
The Windows 7 client machine uses these settings:
Firefox Secure DNS: disabled (set to Off)
SoftEther VPN adapter: set to highest network priority
DNS tab option: “Register this connection’s addresses in DNS” is unchecked
DNS servers configured on the system:
Preferred: 1.1.1.1
Alternate: 1.0.0.1
DNS cache: cleared using ipconfig /flushdns
Leak test results: I tested the connection using services such as IP/DNS leak test sites. No IP or DNS leaks were detected.
Examples of sites affected by blocking:
mgts.ru
my.mosenergosbyt.ru
(Note: mosenergosbyt.ru loads normally, but my.mosenergosbyt.ru does not.)
I cannot find any SoftEther settings that allow me to fix this problem. Because my IT knowledge is limited, I would really appreciate explanations in plain, easy-to-understand language. Any suggestions are welcome.
VPN traffic is detected and blocked when using SoftEther VPN (client + server)
-
assagai
- Posts: 4
- Joined: Tue May 13, 2025 6:44 pm
-
solo
- Posts: 1787
- Joined: Sun Feb 14, 2021 10:31 am
Re: VPN traffic is detected and blocked when using SoftEther VPN (client + server)
This is bizarre as Russians usually complain about outgoing VPNs being blocked, eg. https://www.vpnusers.com/viewtopic.php?f=7&t=69366
Anyway, in your case it has nothing to do with SoftEther whatsoever. Look, mgts.ru connects fine via VPN Gate on SoftEther protocol, not OpenVPN.
. .
Check if it works with JavaScript disabled and/or cleared cookies, but most likely your Russian SE server's IP is blocked.
Anyway, in your case it has nothing to do with SoftEther whatsoever. Look, mgts.ru connects fine via VPN Gate on SoftEther protocol, not OpenVPN.
. .
Check if it works with JavaScript disabled and/or cleared cookies, but most likely your Russian SE server's IP is blocked.
You do not have the required permissions to view the files attached to this post.
-
assagai
- Posts: 4
- Joined: Tue May 13, 2025 6:44 pm
Re: VPN traffic is detected and blocked when using SoftEther VPN (client + server)
You are correct that most complaints from Russian users concern the blocking of outgoing VPN connections due to censorship. However, since the start of the war, the government has also begun restricting incoming connections to many local resources. Fewer people need external access to those services, which likely explains the scarcity of public complaints.
The SE server’s IP address is not blocked. I asked my friend, who provided his desktop to host the service, to test the same websites from his side. The sites open without any issues—both when accessed simultaneously with my connection and when tested at different times.
My suspicion that VPN traffic is being detected remains unchanged. I performed multiple connectivity tests. To rule out a browser-level issue, I also used low-level network diagnostics—specifically, ping and tracert to mgts.ru [IP: 195.178.108.240]. The same hardware and software stack was used throughout (SE client with VPN gateway plugin, browsers, and VPN gateway plugin).
The results are unusual, but the only consistent explanation I can find is that VPN-routed traffic is being identified and blocked at some layer of the network path.
For reference, the connection was configured using Azure. My friend was unable to set up port forwarding, which prevented further testing of externally reachable ports.
Baseline: VPN client off
Symptoms: the user of the machine where the SE server is installed can access the blocked sites. I cannot access these sites
SE client and server VPN are used
Symptoms: the user of the machine where the SE server is installed can access the blocked sites. I cannot access these sites
ping mgts.ru
SE client and VPN gateway are used
I can access these sites
The SE server’s IP address is not blocked. I asked my friend, who provided his desktop to host the service, to test the same websites from his side. The sites open without any issues—both when accessed simultaneously with my connection and when tested at different times.
My suspicion that VPN traffic is being detected remains unchanged. I performed multiple connectivity tests. To rule out a browser-level issue, I also used low-level network diagnostics—specifically, ping and tracert to mgts.ru [IP: 195.178.108.240]. The same hardware and software stack was used throughout (SE client with VPN gateway plugin, browsers, and VPN gateway plugin).
The results are unusual, but the only consistent explanation I can find is that VPN-routed traffic is being identified and blocked at some layer of the network path.
For reference, the connection was configured using Azure. My friend was unable to set up port forwarding, which prevented further testing of externally reachable ports.
Baseline: VPN client off
Symptoms: the user of the machine where the SE server is installed can access the blocked sites. I cannot access these sites
Code: Select all
ping mgts.ru
Pinging mgts.ru [195.178.108.240] with 32 bytes of data:
Request timed out.
Ping statistics for 195.178.108.240:
Packets: Sent = 1, Received = 0, Lost = 1 (100% loss),
tracert mgts.ru
Tracing route to mgts.ru [195.178.108.240]
over a maximum of 30 hops:
1 <1 ms <1 ms <1 ms 192.168.1.1
2 9 ms 10 ms 9 ms d28-23-1-112.dim.wideopenwest.com [23.28.112.1]
3 9 ms 9 ms 9 ms 10.52.148.34
4 11 ms 11 ms 10 ms 76-73-165-194.knology.net [76.73.165.194]
5 49 ms 47 ms 48 ms 23-28-210-80.static.evv.wideopenwest.com [23.28.210.80]
6 45 ms 45 ms 47 ms 75.76.35.51
7 34 ms 17 ms 18 ms 75.76.35.8
8 18 ms 18 ms 17 ms chi-b23-link.ip.twelve99.net [62.115.153.98]
9 * * * Request timed out.
10 30 ms 33 ms 31 ms ewr-bb2-link.ip.twelve99.net [62.115.132.134]
11 109 ms 108 ms 109 ms kbn-bb6-link.ip.twelve99.net [80.91.254.90]
12 115 ms 115 ms 116 ms sto-bb2-link.ip.twelve99.net [62.115.139.172]
13 121 ms 123 ms 120 ms hls-b4-link.ip.twelve99.net [62.115.123.203]
14 130 ms 132 ms 129 ms mts-ic-357601.ip.twelve99-cust.net [80.239.135.171]
15 149 ms 147 ms 147 ms fedor-cr04-eth-trunk9.spb.mts-internet.net [195.34.50.74]
16 146 ms 147 ms 146 ms mag9-cr02-be12.msk.mts-internet.net [195.34.53.13]
17 146 ms 146 ms 146 ms a433-cr06-eth-trunk15.msk.mts-internet.net [212.188.28.102]
18 147 ms 151 ms 147 ms a433-cr05-eth-trunk55.msk.mts-internet.net [212.188.42.40]
19 147 ms 148 ms 146 ms as25513.asbr.router [212.188.6.35]
20 * * * Request timed out.
21 * * * Request timed out.
22 * * * Request timed out.
23 * * * Request timed out.
24 * * * Request timed out.
25 * * * Request timed out.
26 * * * Request timed out.
27 * * * Request timed out.
28 * * * Request timed out.
29 * * * Request timed out.
30 * * * Request timed out.
Trace complete.Symptoms: the user of the machine where the SE server is installed can access the blocked sites. I cannot access these sites
ping mgts.ru
Code: Select all
Pinging mgts.ru [195.178.108.240] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 195.178.108.240:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
tracert mgts.ru
Tracing route to mgts.ru [195.178.108.240]
over a maximum of 30 hops:
1 * 139 ms 140 ms 192.168.30.1
2 138 ms 139 ms 141 ms 192.168.1.1
3 139 ms 138 ms 138 ms 172.16.253.50
4 141 ms 138 ms 140 ms 172.16.253.244
5 139 ms 139 ms 138 ms 188.191.160.165
6 140 ms 144 ms * 100.105.103.106
7 140 ms 140 ms 145 ms 178.178.110.201
8 142 ms 141 ms 141 ms 83.169.204.65
9 141 ms 140 ms 146 ms 83.169.204.184
10 142 ms 141 ms 140 ms m9-cr04-be95.msk.mts-internet.net [212.188.61.6]
11 * 141 ms 142 ms a433-cr06-eth-trunk4.msk.mts-internet.net [195.34.53.114]
12 139 ms 141 ms 142 ms a433-cr05-eth-trunk55.msk.mts-internet.net [212.188.42.40]
13 141 ms 142 ms 158 ms as25513.asbr.router [212.188.6.35]
14 * * * Request timed out.
15 * * * Request timed out.
16 142 ms 144 ms 141 ms 94.29.127.190
17 166 ms 142 ms 142 ms 94.29.127.189
18 * * * Request timed out.
19 145 ms 141 ms 141 ms 62.112.96.34
20 * * * Request timed out.
21 * * * Request timed out.
22 * * * Request timed out.
23 * * * Request timed out.
24 * * * Request timed out.
25 * * * Request timed out.
26 * * * Request timed out.
27 * * * Request timed out.
28 * * * Request timed out.
29 * * * Request timed out.
30 * * * Request timed out.I can access these sites
Code: Select all
ping mgts.ru
Pinging mgts.ru [195.178.108.240] with 32 bytes of data:
Reply from 195.178.108.240: bytes=32 time=251ms TTL=242
Reply from 195.178.108.240: bytes=32 time=251ms TTL=242
Reply from 195.178.108.240: bytes=32 time=252ms TTL=242
Reply from 195.178.108.240: bytes=32 time=252ms TTL=242
Ping statistics for 195.178.108.240:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 251ms, Maximum = 252ms, Average = 251ms
tracert mgts.ru
Tracing route to mgts.ru [195.178.108.240]
over a maximum of 30 hops:
1 187 ms 186 ms 187 ms 10.211.254.254
2 192 ms 187 ms 188 ms 192.168.1.1
3 193 ms 190 ms 192 ms 100.103.0.1
4 188 ms 189 ms 188 ms 10.144.8.1
5 190 ms 191 ms 190 ms 82.142.130.198
6 201 ms 200 ms 202 ms pe02.Krasnoyarsk.gldn.net [79.104.247.43]
7 207 ms 201 ms 201 ms 79.104.212.245
8 254 ms 254 ms 253 ms sem275-cr02-ae0.24.krsk.mts-internet.net [212.188.0.166]
9 251 ms 253 ms 251 ms bhm-cr04-eth-trunk9.nsk.mts-internet.net [212.188.2.1]
10 250 ms 253 ms 249 ms psshag-cr01-ae12.0.chel.mts-internet.net [195.34.50.153]
11 252 ms 257 ms 251 ms che-cr02-ae10.63.sam.mts-internet.net [212.188.42.129]
12 252 ms 252 ms 250 ms a433-cr06-eth-trunk13.msk.mts-internet.net [212.188.1.181]
13 250 ms 269 ms 253 ms a433-cr05-eth-trunk55.msk.mts-internet.net [212.188.42.40]
14 251 ms 253 ms 250 ms as25513.asbr.router [212.188.6.35]
15 * * * Request timed out.
16 * * * Request timed out.
17 252 ms 251 ms 255 ms 94.29.127.190
18 254 ms 257 ms 252 ms 94.29.127.189
19 * * * Request timed out.
20 253 ms 250 ms 253 ms 62.112.96.34
21 * * * Request timed out.
22 * * * Request timed out.
23 252 ms 251 ms 251 ms 195.178.108.240
Trace complete.-
solo
- Posts: 1787
- Joined: Sun Feb 14, 2021 10:31 am
Re: VPN traffic is detected and blocked when using SoftEther VPN (client + server)
There it is... Azure - that's why you are blocked. Let me elaborate. Your VPN via JP Azure server massively increases network latency which can be easily "detected and blocked". Also your friend's CGNAT-induced latency does not help for sure. Read more about it:
Measuring Latency to Detect VPNsFirst, establish a baseline latency for users with a known geographic region that are known not to be connected to a VPN. This can be done by measuring the latency between the client and a known server, such as a popular website or a server within the organization. By doing this, you can understand the typical latency range for non-VPN users in a specific location.
Second, continuously monitor the latency of users within your network. This can be done using network monitoring tools, which can analyze network traffic and measure latency between different nodes. Look for instances where the measured latency is significantly higher than the established baseline for a specific geographic region. This could indicate that a user is connected to a VPN, as VPNs generally add extra latency to network connections. To increase the accuracy of VPN detection, it's essential to correlate latency measurements with other data, such as IP addresses, geographical data, DNS requests or browser fingerprinting.
If you can do port forwarding at your location, this VPN could be "restructured" without Azure and with lower latency it may (might) then work for you.