Looking for the best configuration

[usbano]

Hi everyone, I need to implement the following configuration:
- on a VPS (Windows OS) I have installed a softether VPN server
- on it will converge several networks, scattered in various cities. Each remote network will have its own softether bridge pointing to the VPN server installed on the VPS.

On the VPS I only have the network card with a public ip.
In order to use private addresses and activate DHCP, I used the SecureNAT function on the VPN server (network 192.168.30.0/24).
Everything works, what is missing is that the VPN Server also needs access to the clients on the SecureNAT network.
How can I realise this architecture?

A temporary solution was to also install Softether Client on the VPS and connect it to the localhost VPN server, but I see that it increases CPU load of Softether Server on the VPS, and even if it works, it doesn't seem like a good solution to me.

[solo]

A temporary solution was to also install Softether Client on the VPS and connect it to the localhost...

Good move but if you don't like it, here is another solution:
- install Microsoft Loopback Adapter
- bridge the vHUB to it
- assign a static IP to it, presumably between 192.168.30.2-192.168.30.9

[shakibamoshiri]

Hi everyone, I need to implement the following configuration:
- on a VPS (Windows OS) I have installed a softether VPN server
- on it will converge several networks, scattered in various cities. Each remote network will have its own softether bridge pointing to the VPN server installed on the VPS.

On the VPS I only have the network card with a public ip.
In order to use private addresses and activate DHCP, I used the SecureNAT function on the VPN server (network 192.168.30.0/24).
Everything works, what is missing is that the VPN Server also needs access to the clients on the SecureNAT network.
How can I realise this architecture?

A temporary solution was to also install Softether Client on the VPS and connect it to the localhost VPN server, but I see that it increases CPU load of Softether Server on the VPS, and even if it works, it doesn't seem like a good solution to me.

Why do you need to connect to the SE sever on your the LAN?
Because it is the SE server private NAT

How to access clients on that SE server private NAT?
Connecting as client to that SE server

How to avoid using the SE client to access other clients?
Setup a Local Bridge (and + a local DHCP) and do not use SecureNAT virtual NAT (or virtual DHCP)
So should be able to access your clients

[solo]

Setup a Local Bridge (and + a local DHCP) and do not use SecureNAT virtual NAT (or virtual DHCP)
So should be able to access your clients

I see, now, keep in mind that it is a Windows-based VPS and describe precisely how to perform this magic.

[shakibamoshiri]

I see, now, keep in mind that it is a Windows-based VPS and describe precisely how to perform this magic.

I came to this first, since did not have experience with Windows but knew the issue, described in general that there is a solution.
But usually my answers take a few hours to be approved by forum's moderator(s) and that is why it came after your answer.

[solo]

I came to this first, since did not have experience with Windows but knew the issue, described in general that there is a solution. But usually my answers take a few hours to be approved by forum's moderator(s) and that is why it came after your answer.

Very well. Just for the record, note what the OP wrote: "On the VPS I only have the network card with a public ip" - so there is no trivial Windows way of doing what you had proposed, ie bridge with external dhcp/nat there.