Accessing Another Subnet accessible to SE Server

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
gary9293
Posts: 8
Joined: Tue Sep 10, 2019 7:36 pm

Accessing Another Subnet accessible to SE Server

Post by gary9293 » Tue Sep 10, 2019 7:54 pm

I connect to a SoftEther server (call it Tokyo, e.g. 10.1), but I want to access a different subnet on a different server (call it Osaka, e.g. 10.2) that Tokyo has visibility to because Tokyo and Osaka are connected by a gateway-to-gateway hardware VPN. Installing SoftEther in Osaka is not an option. I think I can do this using VirtualNAT, but I have not been able to get that to work. Does anybody have any suggestions?
Thank you, -Gary.

sky59
Posts: 477
Joined: Tue Sep 11, 2018 5:58 pm

Re: Accessing Another Subnet accessible to SE Server

Post by sky59 » Wed Sep 11, 2019 8:28 am

as tokyo and osaka are already connected together I do not see any problem anywhere?

once you are in tokyo you are also in osaka, is not it?

gary9293
Posts: 8
Joined: Tue Sep 10, 2019 7:36 pm

Re: Accessing Another Subnet accessible to SE Server

Post by gary9293 » Wed Sep 11, 2019 4:36 pm

Thank you for your reply. To clarify, I am at a remote office, connecting to Tokyo using a SoftEther client. I haven't figured out how to get visibility to Osaka's assets. I only have addresses in my own space (e.g. 10.3), and in Tokyo's (10.1), but not in Osaka's space (10.2). If I remote desktop into Tokyo, I can access Osaka, but I want to do it from my own desktop. How can I get an address in Osaka's space (10.2), or otherwise access assets in 10.2 from my remote location? I cannot, for example, ping anything in 10.2 from my remote office.

sky59
Posts: 477
Joined: Tue Sep 11, 2018 5:58 pm

Re: Accessing Another Subnet accessible to SE Server

Post by sky59 » Wed Sep 11, 2019 6:53 pm

Netmask 255.0.0.0 for SE client computer?

gary9293
Posts: 8
Joined: Tue Sep 10, 2019 7:36 pm

Re: Accessing Another Subnet accessible to SE Server

Post by gary9293 » Wed Sep 11, 2019 7:11 pm

Thank you again for kindly considering my question, and for your reply. I don't really understand your response, though. While I have more knowledge about networking than the average person, I'm not a networking professional. Are you referring to a routing table entry I need to create? If so, what would it be? Where would I create it? If not, can you give me a little more information? Thank you, -Gary.

sky59
Posts: 477
Joined: Tue Sep 11, 2018 5:58 pm

Re: Accessing Another Subnet accessible to SE Server

Post by sky59 » Thu Sep 12, 2019 11:36 am

No, what is the setting for network of your SE client?

Does it get setting from DHCP? If yes, DHCP does not know that you want to go to another subnet

Check with ipconfig (ifconfig linux) what is IP and netmask for interface on SE client

you probably have something like

10.1.x.y 255.255.255.0 for interface VPN
10.3.u.v 255.255.255.0 for interface to internet

THIS IS ON MY PC WHEN I START VPN
---------------------------------------------------

Ethernet-Adapter VPN - VPN Client:

Verbindungsspezifisches DNS-Suffix:
Verbindungslokale IPv6-Adresse . : fe80::3049:6f17:c9a3:8397%53
IPv4-Adresse . . . . . . . . . . : 192.168.40.76
Subnetzmaske . . . . . . . . . . : 255.255.255.0
Standardgateway . . . . . . . . . :


Ethernet-Adapter Ethernet:

Verbindungsspezifisches DNS-Suffix: xxxxxxxxx.com
Verbindungslokale IPv6-Adresse . : fe80::c22:781e:ae2d:89b0%35
IPv4-Adresse . . . . . . . . . . : 10.81.100.150
Subnetzmaske . . . . . . . . . . : 255.255.0.0
Standardgateway . . . . . . . . . : 10.81.100.1
------------------------------------------------------------

VPN I use static adress - no gateway, I can access only 192.168.40.1 to 192.168.40.254

internet/office connection I can access 10.81.0.1 up to 10.81.254.254

I hope you see difference, I believe you understand IP addresses

gary9293
Posts: 8
Joined: Tue Sep 10, 2019 7:36 pm

Re: Accessing Another Subnet accessible to SE Server

Post by gary9293 » Thu Sep 12, 2019 7:53 pm

Thank you for your detailed reply. My configuration is similar to yours. I realize now that I made an error in describing the problem (due to trying to obfuscate my particular configuration), and I'm sorry for that. The configuration is really like this: Tokyo is 12.*, Osaka is 14.*, and my remote office is 16.*. My SE VPN connection assigns me an address within 12.*, so I can access Tokyo, but I also want to access Osaka. All Tokyo machines can see Osaka due to the gateway-to-gateway hardware VPN, but of course I don't have an address on 14.* in my remote office, which is what I want.

I think my solution may be I need to create a bridge/cascade situation in Tokyo, and a second client connection.

sky59
Posts: 477
Joined: Tue Sep 11, 2018 5:58 pm

Re: Accessing Another Subnet accessible to SE Server

Post by sky59 » Fri Sep 13, 2019 5:55 am

you have written you know some IT...

what is the setting for VPN interface at client (your PC) in your office? I am 99.9999999999999999% sure that is the problem

IP: 12. ?
mask: ?
gateway: ?

your PC in your office does not know ot should go to 12* if your PC wants to access 14*, but you should know this it is a basic of networking

Post Reply