Softether is a great VPN server to use, but I noticed recently that, it periodically send my private information back to 130.158.6.116 UDP port 5004, which is owned by University of Tsukuba. The information dump make me nervous because it contains my server's:
1. hostname
2. machine_key
3. my private_ip
4. my private_port
5. session_key
6. token
... etc.
it also periodically send small packet to 130.158.6.56 UDP port 80
has anyone noticed this?
why Softether send those information back to a server owned by University of Tsukuba?
any insight would be appreciated!
softether always send my private information back
-
- Posts: 2
- Joined: Fri Jun 02, 2017 5:15 am
-
- Posts: 2458
- Joined: Mon Feb 24, 2014 11:03 am
Re: softether always send my private information back
These information is sent to NAT-T broker server.
The server is operated by University of Tsukuba.
The server is operated by University of Tsukuba.
-
- Posts: 2
- Joined: Fri Jun 02, 2017 5:15 am
Re: softether always send my private information back
thisjun wrote:
> These information is sent to NAT-T broker server.
> The server is operated by University of Tsukuba.
Thank you for the insight!
in this case, does it means that, if I block those traffic, softether won't be able to work as a site to site VPN if both side of the VPN tunnel sit behind NAT gateway, because UDP hole punch won't work without a broker?
For other use case which don't need UDP hole punch, blocking those traffic won't affect softether VPN ?
if so, does softether provide any software package for user to setup their own UDP hole punching broker?
thanks
> These information is sent to NAT-T broker server.
> The server is operated by University of Tsukuba.
Thank you for the insight!
in this case, does it means that, if I block those traffic, softether won't be able to work as a site to site VPN if both side of the VPN tunnel sit behind NAT gateway, because UDP hole punch won't work without a broker?
For other use case which don't need UDP hole punch, blocking those traffic won't affect softether VPN ?
if so, does softether provide any software package for user to setup their own UDP hole punching broker?
thanks
-
- Posts: 2458
- Joined: Mon Feb 24, 2014 11:03 am
Re: softether always send my private information back
> in this case, does it means that, if I block those traffic, softether won't be able
> to work as a site to site VPN if both side of the VPN tunnel sit behind NAT gateway,
> because UDP hole punch won't work without a broker?
No. NAT-T doesn't work.
However, VPN session can be made with TCP port forwarding.
> For other use case which don't need UDP hole punch, blocking those traffic won't
> affect softether VPN ?
If you use DDNS or VPN Azure, it affects them..
> if so, does softether provide any software package for user to setup their own UDP
> hole punching broker?
Now, SoftEther project doesn't provide such software.
> to work as a site to site VPN if both side of the VPN tunnel sit behind NAT gateway,
> because UDP hole punch won't work without a broker?
No. NAT-T doesn't work.
However, VPN session can be made with TCP port forwarding.
> For other use case which don't need UDP hole punch, blocking those traffic won't
> affect softether VPN ?
If you use DDNS or VPN Azure, it affects them..
> if so, does softether provide any software package for user to setup their own UDP
> hole punching broker?
Now, SoftEther project doesn't provide such software.
-
- Posts: 4
- Joined: Tue Jan 08, 2019 3:34 pm
Re: softether always send my private information back
Is there a way to turn it off?
-
- Site Admin
- Posts: 2166
- Joined: Sat Mar 09, 2013 5:37 am
Re: softether always send my private information back
Please check 'disable NAT-T' box.