VPN with 3 sites

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
thisjun
Posts: 2458
Joined: Mon Feb 24, 2014 11:03 am

Re: VPN with 3 sites

Post by thisjun » Thu Dec 15, 2016 7:47 am

>Does the the signed certificate gives extra security or not significant?

Signed certificate is for manage many users efficiently.
It doesn't give extra security.


>What is the situation in real life, when I can use it?
This is one of example.
http://www.softether.org/4-docs/1-manua ... Permission

This page says "Without any permission", however it's wrong. This page assume that firewall permit outgoing traffic.

xlanor
Posts: 1
Joined: Fri Mar 06, 2020 4:10 am

Re: VPN with 3 sites

Post by xlanor » Fri Mar 06, 2020 6:26 am

raafat wrote:
Sun Sep 18, 2016 8:42 pm
Hello There!, i am going to breakdown my instructions into several stages. Meaning we will move on to next stage once we finishe the previous one successfully. Also, to not end with a situation where is i have to solve other's suggestions problems, I am going to instruct you from beginning. Here we go (:.


First stage, HQ side, SE server:

** create a router and name it BlackCastle or whatever you would like to call it.

** create a virtual hub, let's name it HQGate.

** bridge HQGate hub to the interface that is connected to your internal network, make sure "Promiscuous mode" is enabled on the interface that is connected to your internal network.

** on the just-created BlackCastle router, create a virtual interface and and set "Destination Virtual Hub Name" as HQGate hub. Since HQ's IP subnet is : 192.168.88.0/24, we're going to set the virtual interface IP address to : 192.168.88.253/24

** ping the virtual IP address 192.168.88.253 from your router or any host on the same segment(internal network) to make sure that the virtual interface is reachable and the bridge function is functioning correctly.


I am waiting for your confirmation that "192.168.88.253" is reachable from your internal network, that is, 192.168.88.0/24.


Good luck (:
Hi rafaat,

Apologies for digging this thread,

I stumbled on it while looking for help with the exact same issue that I have.

I'm setting up a SoftEther Site-to-site between AWS and my house, I don't see anyway that I can enable Promiscuous mode.

I'm using a network 172.31.49.0/25, so I tried setting 172.31.49.126 as the virtual interface IP address, but it's not working either.

I tried enabling it with secureNat and without, and was still unable to proceed further.

raafat
Posts: 223
Joined: Fri Jul 03, 2015 2:21 pm

Re: VPN with 3 sites

Post by raafat » Sun Jun 14, 2020 3:36 pm

xlanor wrote:
Fri Mar 06, 2020 6:26 am
raafat wrote:
Sun Sep 18, 2016 8:42 pm
Hello There!, i am going to breakdown my instructions into several stages. Meaning we will move on to next stage once we finishe the previous one successfully. Also, to not end with a situation where is i have to solve other's suggestions problems, I am going to instruct you from beginning. Here we go (:.


First stage, HQ side, SE server:

** create a router and name it BlackCastle or whatever you would like to call it.

** create a virtual hub, let's name it HQGate.

** bridge HQGate hub to the interface that is connected to your internal network, make sure "Promiscuous mode" is enabled on the interface that is connected to your internal network.

** on the just-created BlackCastle router, create a virtual interface and and set "Destination Virtual Hub Name" as HQGate hub. Since HQ's IP subnet is : 192.168.88.0/24, we're going to set the virtual interface IP address to : 192.168.88.253/24

** ping the virtual IP address 192.168.88.253 from your router or any host on the same segment(internal network) to make sure that the virtual interface is reachable and the bridge function is functioning correctly.


I am waiting for your confirmation that "192.168.88.253" is reachable from your internal network, that is, 192.168.88.0/24.


Good luck (:
Hi rafaat,

Apologies for digging this thread,

I stumbled on it while looking for help with the exact same issue that I have.

I'm setting up a SoftEther Site-to-site between AWS and my house, I don't see anyway that I can enable Promiscuous mode.

I'm using a network 172.31.49.0/25, so I tried setting 172.31.49.126 as the virtual interface IP address, but it's not working either.

I tried enabling it with secureNat and without, and was still unable to proceed further.

If you still need help, kindly let me know a few more details regarding your setup. Good luck

Post Reply