Can't connect to SoftEther server from Android

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
Roman
Posts: 5
Joined: Wed Apr 06, 2022 7:00 pm

Can't connect to SoftEther server from Android

Post by Roman » Wed Apr 06, 2022 7:44 pm

Hi!
On my virtual machine (Linux (ubuntu 20.04)) in a cloud I've created SoftEther VPN server following instruction posted here https://cloudinfrastructureservices.co. ... ntu-20-04/
I've done all the posted steps for server creation - no errors during any of it.
I can successfully connect to the server from OS Win using SoftEther client (ver 4.34 build 9745).

But I cannot connect to the server from my phone (Android 7.0).
I follow these instructions https://www.softether.org/4-docs/2-howt ... ient_Setup
But when I try to connect it's just says 'Unsuccessful'. Googling problem leads mostly to the same instructions as at the link above.

Could anyone, please, advise what to check? Maybe someone have seen the same problem?
Beside buid-in Android vpn client, is there any other free SoftEther vpn client for Android 7.0 that can connect to some custom server?
Thank you in advance!

solo
Posts: 1228
Joined: Sun Feb 14, 2021 10:31 am

Re: Can't connect to SoftEther server from Android

Post by solo » Thu Apr 07, 2022 12:04 am

From the instructions
Enable L2TP over IPsec Server Function (yes / no): yes
...you will need to allow ports 443, 5555, 992 and 1194
But you also need to allow UDP 500 and 4500.

Roman
Posts: 5
Joined: Wed Apr 06, 2022 7:00 pm

Re: Can't connect to SoftEther server from Android

Post by Roman » Sat Apr 09, 2022 9:43 pm

Thank you for the reply!
Have run the commands now allowing the ports, but the problem remains

Code: Select all

azureuser@VPNserver:~$ sudo ufw allow 500/udp
Rules updated
Rules updated (v6)
azureuser@VPNserver:~$ sudo ufw allow 4500/udp
Rules updated
Rules updated (v6)
azureuser@VPNserver:~$ sudo ufw reload
Firewall not enabled (skipping reload)
azureuser@VPNserver:~$
It seems like the image of the VM with disabled firewall (the line with the system reply 'Firewall not enabled (skipping reload)'), so it even more strange what can be wrong.
Any other ideas?

solo
Posts: 1228
Joined: Sun Feb 14, 2021 10:31 am

Re: Can't connect to SoftEther server from Android

Post by solo » Sun Apr 10, 2022 11:24 am

This cloud has no need for port forwarding?

Can you connect to it from Windows using L2TP/IPsec?

Can your Android connect to VPN Gate using L2TP/IPsec?

Roman
Posts: 5
Joined: Wed Apr 06, 2022 7:00 pm

Re: Can't connect to SoftEther server from Android

Post by Roman » Mon Apr 11, 2022 11:43 am

This cloud has no need for port forwarding?
I'll investigate and give an update
Can you connect to it from Windows using L2TP/IPsec?
No. I get error: 'The L2TP connection attempt failed because the security layer encountered a processing error'

At the same time I can connect to VPN Gate's server via built-in Win10 VPN.
And, as quick reminder, I can successfully connect to the problem server via SoftEther client for win.
Can your Android connect to VPN Gate using L2TP/IPsec?
Yes.

It seems like I missing some setting on the my server which fails connection via built-in clients (both Android 7 and Win 10).
I'll reinstall the server from the scratch and will post an update.
At the same time any other ideas appreciated! Especially maybe some other step-by-step guide for server install is recommended?
And thank you again for the replies!!!

PS
also while googling the problem have found this client https://github.com/kittoku/Minimum-VPN- ... tEther-VPN.
It's just in case if it's gonna help anyone else. I doesn't in my case as it for Android 8 or later (https://github.com/kittoku/Minimum-VPN- ... N/issues/6)

solo
Posts: 1228
Joined: Sun Feb 14, 2021 10:31 am

Re: Can't connect to SoftEther server from Android

Post by solo » Mon Apr 11, 2022 1:09 pm

Roman wrote:
Mon Apr 11, 2022 11:43 am
And, as quick reminder, I can successfully connect to the problem server via SoftEther client for win.
Aah yes that. You see, it is completely inconclusive because native SoftEther VPN protocol deploys neat connection tricks with NAT-T and/or VPN Azure, which are not applicable for L2TP/IPsec and your Android.

So, if necessary do port forwarding for UDP 500, 4500, 1194 and TCP 443, 5555, 992.

On the server confirm that...

Code: Select all

netstat -uapn
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
udp        0      0 127.0.0.1:4500          0.0.0.0:*                           1387/vpnserver
udp        0      0 127.0.0.1:500           0.0.0.0:*                           1387/vpnserver
On the client with portqry verify...

Code: Select all

portqry.exe -n your.cloud.net -e 500 -p UDP
//expected reply: "UDP port 500 (unknown service): LISTENING or FILTERED"

portqry.exe -n your.cloud.net -e 4500 -p UDP
//expected reply: "UDP port 4500 (unknown service): LISTENING or FILTERED"

Roman
Posts: 5
Joined: Wed Apr 06, 2022 7:00 pm

Re: Can't connect to SoftEther server from Android

Post by Roman » Thu Apr 14, 2022 7:24 pm

Yes! Got it working!
So, if necessary do port forwarding for UDP 500, 4500, 1194 and TCP 443, 5555, 992.
You were right!
I messed up with this and had these ports closed (but not in the VM itself (where firewall is disabled) but in Azure portal settings)

Huge thanks, solo!!!!!!

covis
Posts: 3
Joined: Thu May 05, 2022 5:44 pm

Re: Can't connect to SoftEther server from Android

Post by covis » Thu May 05, 2022 7:03 pm

Hello solo and Roman,
I have the same problem like Roman but difference is that I have SoftEther server instaled on VM Azure on Windows10.
When I use SoftEther Client for Windows the connection is established.
On the VM Azure Windows10 I disabled firewall.
When I try connect by my phone with Android or my iPad Pro I see message 'Unsuccessful'
I attached screens with rules Inbound and Outbound ports
Could you explain me most simply how setup port forwarding at setup Azure and VM with Windows10?
Or am I making another mistake as well?
You do not have the required permissions to view the files attached to this post.

solo
Posts: 1228
Joined: Sun Feb 14, 2021 10:31 am

Re: Can't connect to SoftEther server from Android

Post by solo » Fri May 06, 2022 1:54 am

Hi covis, the inbound firewall rules seem OK, check Azure port forwarding and allow all outbound traffic in the firewall.

Roman
Posts: 5
Joined: Wed Apr 06, 2022 7:00 pm

Re: Can't connect to SoftEther server from Android

Post by Roman » Fri May 06, 2022 12:19 pm

Hi! tiny conformation from my side: yes, I tweaked the port setting in the same way: 'Networking' menu item. Firewall on the VM itself was disabled right after creation (but it depends on which VM image used I guess)

covis
Posts: 3
Joined: Thu May 05, 2022 5:44 pm

Re: Can't connect to SoftEther server from Android

Post by covis » Sun May 08, 2022 12:13 pm

Thank you solo and Roman.
Solutions is of course port forwarding and using Virtual NAT and Virtual DHCP Server with collaboration of OpenVPN Clients on Android and IOs equipment.
I use VM with Windows10 and it is Windows ;-)
I must use it (Windows not Linux) because I have applications for Windows running on VM.

Post Reply