solved: vpnclient not working under Linux

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
sky59
Posts: 477
Joined: Tue Sep 11, 2018 5:58 pm

solved: vpnclient not working under Linux

Post by sky59 » Wed May 22, 2019 7:56 am

I have problem with vpnclient. Here is the description:

SERVER:
--------------------------------------------------------------------------
Ubuntu computer running SoftEther server

eth0 - connection to internet with port forwarding
gets IP automatically from ISP router

eth1 - connection to company network router with DHCP server
there is also access to internet
this is SE local bridge with static ip adress

company router has GW 10.81.100.1 and gives clients IP= 10.81.100.xx

as there are two accesses to internet I delete all routes for
eth1 from routing table "ip route show" to avoid confusion
only eth0 is active connection to internet



CLIENT Windows: (OK)
-------------------------------------------------------------------------------
works perfect, when connected to server above I can use internet
connection over SE VPN (avoiding geopolitical restrictions)

new PC IP address from company router DHCP is 10.81.100.143

this is routing table in windows computer:
winroute.png

this is test from whatismyip.com
winip.png

CLIENT linux: (not OK)
-------------------------------------------------------------------------------
this client is running on another Ubuntu computer, wlan0 is internet connection

I start it manually "sudo vpnclient start"
then using vpncmd I start "accountconnect banovce" (vpn name)
then "dhclient vpn_banovce" (this is virtual interface)

so now vpn_banovce has got IP 10.81.100.105 (from DHCP company router)

then I manually add lines 1 and 6 into routing table, see below
(all traffic forced to vpn_banovce - copied from OpenVPN, reverse engineering :-)
the lines 2 and 5 are created automatically by SE client
the rest of lines (3,4,7,8) are naturally there from Ubuntu

***** ip route *****
1- 0.0.0.0/1 dev vpn_banovce scope link
2- default via 10.81.100.1 dev vpn_banovce
3- default via 192.168.92.1 dev wlan0
4- default via 192.168.92.1 dev wlan0 metric 310
5- 10.81.0.0/16 dev vpn_banovce proto kernel scope link src 10.81.100.105
6- 128.0.0.0/1 dev vpn_banovce scope link
7- 192.168.92.0/24 dev wlan0 proto kernel scope link src 192.168.92.131 metric 310
8- 192.168.92.1 dev wlan0 scope link

Now I can ping GW 10.81.100.1 and also computers like 10.81.100.142, 10.81.10.2 (ten,two), 10.81.220.3 ...
all of them on company's network

but I can not ping 8.8.8.8 , also internet is not working like for CLIENT Windows

What else do I have to set up in linux client? I believe server is OK as windows client works perfect.
You do not have the required permissions to view the files attached to this post.
Last edited by sky59 on Sun May 26, 2019 11:25 am, edited 1 time in total.

sky59
Posts: 477
Joined: Tue Sep 11, 2018 5:58 pm

Re: vpnclient not working under Linux

Post by sky59 » Thu May 23, 2019 1:48 pm

I am not just waiting I progressed a bit already...
This is now "the best" routing table, with cache flushed......

0.0.0.0/1 dev vpn_banovce scope link
default via 192.168.92.1 dev wlan0
default via 192.168.92.1 dev wlan0 metric 310
10.81.0.0/16 dev vpn_banovce proto kernel scope link src 10.81.100.105
128.0.0.0/1 dev vpn_banovce scope link
192.168.92.0/24 dev wlan0 proto kernel scope link src 192.168.92.131 metric 310
192.168.92.1 dev wlan0 scope link

the difference is I deleted GW 10.81.100.1 to avoid messing traffic

then I added into iptables this:

iptables -t nat -A OUTPUT -j DNAT --to-destination 10.81.100.1
iptables -t nat -A POSTROUTING -j MASQUERADE

Now it is doing what I need - almost ! The traffic is redirected to GW 10.81.100.1
now I can ping also 8.8.8.8 - something out of domain 10.81.x.x

But when I try to open some internet page I get following feedback !! :-)
DSCN2427.JPG
DSCN2426.JPG
So I finish on router itself !!!!? What have I configured wrong in iptables???
You do not have the required permissions to view the files attached to this post.

sky59
Posts: 477
Joined: Tue Sep 11, 2018 5:58 pm

Re: vpnclient not working under Linux

Post by sky59 » Sun May 26, 2019 11:25 am

Solved:

Vpnclient is messy and completely destroyes ip route table in linux - both ubuntu and android

After correcting routes manually works like charm

Advantage proved again: i can connect with vpnclient but OpenVpn has no chance. Company firewall blocks it.

Post Reply