SoftEther VPN User Forum

Posted: **Wed Dec 24, 2025 7:49 pm**

SoftEther VPN claims to support traffic obfuscation when both its client and server are used. However, many Russian websites still detect that a VPN is being used and block the connection. These same websites cannot be opened without a VPN at all.

What is confusing is this:
I can access these sites when connected to some public OpenVPN servers located in Russia.
But when I connect using my own SoftEther client and server, the traffic gets detected and blocked.
This suggests that the public OpenVPN servers somehow avoid detection, while SoftEther does not.

The Windows 7 client machine uses these settings:
Firefox Secure DNS: disabled (set to Off)
SoftEther VPN adapter: set to highest network priority
DNS tab option: “Register this connection’s addresses in DNS” is unchecked
DNS servers configured on the system:
Preferred: 1.1.1.1
Alternate: 1.0.0.1
DNS cache: cleared using ipconfig /flushdns

Leak test results: I tested the connection using services such as IP/DNS leak test sites. No IP or DNS leaks were detected.

Examples of sites affected by blocking:
mgts.ru
my.mosenergosbyt.ru
(Note: mosenergosbyt.ru loads normally, but my.mosenergosbyt.ru does not.)

I cannot find any SoftEther settings that allow me to fix this problem. Because my IT knowledge is limited, I would really appreciate explanations in plain, easy-to-understand language. Any suggestions are welcome.

Posted: **Thu Dec 25, 2025 11:51 pm**

This is bizarre as Russians usually complain about outgoing VPNs being blocked, eg. https://www.vpnusers.com/viewtopic.php?f=7&t=69366

Anyway, in your case it has nothing to do with SoftEther whatsoever. Look, mgts.ru connects fine via VPN Gate on SoftEther protocol, not OpenVPN.
.

mgts.png

.
Check if it works with JavaScript disabled and/or cleared cookies, but most likely your Russian SE server's IP is blocked.

Posted: **Mon Dec 29, 2025 5:49 pm**

You are correct that most complaints from Russian users concern the blocking of outgoing VPN connections due to censorship. However, since the start of the war, the government has also begun restricting incoming connections to many local resources. Fewer people need external access to those services, which likely explains the scarcity of public complaints.
The SE server’s IP address is not blocked. I asked my friend, who provided his desktop to host the service, to test the same websites from his side. The sites open without any issues—both when accessed simultaneously with my connection and when tested at different times.
My suspicion that VPN traffic is being detected remains unchanged. I performed multiple connectivity tests. To rule out a browser-level issue, I also used low-level network diagnostics—specifically, ping and tracert to mgts.ru [IP: 195.178.108.240]. The same hardware and software stack was used throughout (SE client with VPN gateway plugin, browsers, and VPN gateway plugin).
The results are unusual, but the only consistent explanation I can find is that VPN-routed traffic is being identified and blocked at some layer of the network path.
For reference, the connection was configured using Azure. My friend was unable to set up port forwarding, which prevented further testing of externally reachable ports.

Baseline: VPN client off
Symptoms: the user of the machine where the SE server is installed can access the blocked sites. I cannot access these sites

Code: Select all

ping mgts.ru
Pinging mgts.ru [195.178.108.240] with 32 bytes of data:
Request timed out.
Ping statistics for 195.178.108.240:
    Packets: Sent = 1, Received = 0, Lost = 1 (100% loss),

tracert mgts.ru
Tracing route to mgts.ru [195.178.108.240]
over a maximum of 30 hops:
  1    <1 ms    <1 ms    <1 ms  192.168.1.1
  2     9 ms    10 ms     9 ms  d28-23-1-112.dim.wideopenwest.com [23.28.112.1]
  3     9 ms     9 ms     9 ms  10.52.148.34
  4    11 ms    11 ms    10 ms  76-73-165-194.knology.net [76.73.165.194]
  5    49 ms    47 ms    48 ms  23-28-210-80.static.evv.wideopenwest.com [23.28.210.80]
  6    45 ms    45 ms    47 ms  75.76.35.51
  7    34 ms    17 ms    18 ms  75.76.35.8
  8    18 ms    18 ms    17 ms  chi-b23-link.ip.twelve99.net [62.115.153.98]
  9     *        *        *     Request timed out.
 10    30 ms    33 ms    31 ms  ewr-bb2-link.ip.twelve99.net [62.115.132.134]
 11   109 ms   108 ms   109 ms  kbn-bb6-link.ip.twelve99.net [80.91.254.90]
 12   115 ms   115 ms   116 ms  sto-bb2-link.ip.twelve99.net [62.115.139.172]
 13   121 ms   123 ms   120 ms  hls-b4-link.ip.twelve99.net [62.115.123.203]
 14   130 ms   132 ms   129 ms  mts-ic-357601.ip.twelve99-cust.net [80.239.135.171]
 15   149 ms   147 ms   147 ms  fedor-cr04-eth-trunk9.spb.mts-internet.net [195.34.50.74]
 16   146 ms   147 ms   146 ms  mag9-cr02-be12.msk.mts-internet.net [195.34.53.13]
 17   146 ms   146 ms   146 ms  a433-cr06-eth-trunk15.msk.mts-internet.net [212.188.28.102]
 18   147 ms   151 ms   147 ms  a433-cr05-eth-trunk55.msk.mts-internet.net [212.188.42.40]
 19   147 ms   148 ms   146 ms  as25513.asbr.router [212.188.6.35]
 20     *        *        *     Request timed out.
 21     *        *        *     Request timed out.
 22     *        *        *     Request timed out.
 23     *        *        *     Request timed out.
 24     *        *        *     Request timed out.
 25     *        *        *     Request timed out.
 26     *        *        *     Request timed out.
 27     *        *        *     Request timed out.
 28     *        *        *     Request timed out.
 29     *        *        *     Request timed out.
 30     *        *        *     Request timed out.
Trace complete.

SE client and server VPN are used
Symptoms: the user of the machine where the SE server is installed can access the blocked sites. I cannot access these sites
ping mgts.ru

Code: Select all

Pinging mgts.ru [195.178.108.240] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 195.178.108.240:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

tracert mgts.ru
Tracing route to mgts.ru [195.178.108.240]
over a maximum of 30 hops:
  1     *      139 ms   140 ms  192.168.30.1
  2   138 ms   139 ms   141 ms  192.168.1.1
  3   139 ms   138 ms   138 ms  172.16.253.50
  4   141 ms   138 ms   140 ms  172.16.253.244
  5   139 ms   139 ms   138 ms  188.191.160.165
  6   140 ms   144 ms     *     100.105.103.106
  7   140 ms   140 ms   145 ms  178.178.110.201
  8   142 ms   141 ms   141 ms  83.169.204.65
  9   141 ms   140 ms   146 ms  83.169.204.184
 10   142 ms   141 ms   140 ms  m9-cr04-be95.msk.mts-internet.net [212.188.61.6]
 11     *      141 ms   142 ms  a433-cr06-eth-trunk4.msk.mts-internet.net [195.34.53.114]
 12   139 ms   141 ms   142 ms  a433-cr05-eth-trunk55.msk.mts-internet.net [212.188.42.40]
 13   141 ms   142 ms   158 ms  as25513.asbr.router [212.188.6.35]
 14     *        *        *     Request timed out.
 15     *        *        *     Request timed out.
 16   142 ms   144 ms   141 ms  94.29.127.190
 17   166 ms   142 ms   142 ms  94.29.127.189
 18     *        *        *     Request timed out.
 19   145 ms   141 ms   141 ms  62.112.96.34
 20     *        *        *     Request timed out.
 21     *        *        *     Request timed out.
 22     *        *        *     Request timed out.
 23     *        *        *     Request timed out.
 24     *        *        *     Request timed out.
 25     *        *        *     Request timed out.
 26     *        *        *     Request timed out.
 27     *        *        *     Request timed out.
 28     *        *        *     Request timed out.
 29     *        *        *     Request timed out.
 30     *        *        *     Request timed out.

SE client and VPN gateway are used
I can access these sites

Code: Select all

ping mgts.ru
Pinging mgts.ru [195.178.108.240] with 32 bytes of data:
Reply from 195.178.108.240: bytes=32 time=251ms TTL=242
Reply from 195.178.108.240: bytes=32 time=251ms TTL=242
Reply from 195.178.108.240: bytes=32 time=252ms TTL=242
Reply from 195.178.108.240: bytes=32 time=252ms TTL=242

Ping statistics for 195.178.108.240:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 251ms, Maximum = 252ms, Average = 251ms

tracert mgts.ru
Tracing route to mgts.ru [195.178.108.240]
over a maximum of 30 hops:
  1   187 ms   186 ms   187 ms  10.211.254.254
  2   192 ms   187 ms   188 ms  192.168.1.1
  3   193 ms   190 ms   192 ms  100.103.0.1
  4   188 ms   189 ms   188 ms  10.144.8.1
  5   190 ms   191 ms   190 ms  82.142.130.198
  6   201 ms   200 ms   202 ms  pe02.Krasnoyarsk.gldn.net [79.104.247.43]
  7   207 ms   201 ms   201 ms  79.104.212.245
  8   254 ms   254 ms   253 ms  sem275-cr02-ae0.24.krsk.mts-internet.net [212.188.0.166]
  9   251 ms   253 ms   251 ms  bhm-cr04-eth-trunk9.nsk.mts-internet.net [212.188.2.1]
 10   250 ms   253 ms   249 ms  psshag-cr01-ae12.0.chel.mts-internet.net [195.34.50.153]
 11   252 ms   257 ms   251 ms  che-cr02-ae10.63.sam.mts-internet.net [212.188.42.129]
 12   252 ms   252 ms   250 ms  a433-cr06-eth-trunk13.msk.mts-internet.net [212.188.1.181]
 13   250 ms   269 ms   253 ms  a433-cr05-eth-trunk55.msk.mts-internet.net [212.188.42.40]
 14   251 ms   253 ms   250 ms  as25513.asbr.router [212.188.6.35]
 15     *        *        *     Request timed out.
 16     *        *        *     Request timed out.
 17   252 ms   251 ms   255 ms  94.29.127.190
 18   254 ms   257 ms   252 ms  94.29.127.189
 19     *        *        *     Request timed out.
 20   253 ms   250 ms   253 ms  62.112.96.34
 21     *        *        *     Request timed out.
 22     *        *        *     Request timed out.
 23   252 ms   251 ms   251 ms  195.178.108.240
Trace complete.

Posted: **Tue Dec 30, 2025 7:25 am**

assagai wrote: ↑
Mon Dec 29, 2025 5:49 pm
For reference, the connection was configured using Azure. My friend was unable to set up port forwarding...

There it is... Azure - that's why you are blocked. Let me elaborate. Your VPN via JP Azure server massively increases network latency which can be easily "detected and blocked". Also your friend's CGNAT-induced latency does not help for sure. Read more about it:

First, establish a baseline latency for users with a known geographic region that are known not to be connected to a VPN. This can be done by measuring the latency between the client and a known server, such as a popular website or a server within the organization. By doing this, you can understand the typical latency range for non-VPN users in a specific location.
Second, continuously monitor the latency of users within your network. This can be done using network monitoring tools, which can analyze network traffic and measure latency between different nodes. Look for instances where the measured latency is significantly higher than the established baseline for a specific geographic region. This could indicate that a user is connected to a VPN, as VPNs generally add extra latency to network connections. To increase the accuracy of VPN detection, it's essential to correlate latency measurements with other data, such as IP addresses, geographical data, DNS requests or browser fingerprinting.

Measuring Latency to Detect VPNs

If you can do port forwarding at your location, this VPN could be "restructured" without Azure and with lower latency it may (might) then work for you.

SoftEther VPN User Forum

VPN traffic is detected and blocked when using SoftEther VPN (client + server)

VPN traffic is detected and blocked when using SoftEther VPN (client + server)

Re: VPN traffic is detected and blocked when using SoftEther VPN (client + server)

Re: VPN traffic is detected and blocked when using SoftEther VPN (client + server)

Re: VPN traffic is detected and blocked when using SoftEther VPN (client + server)