Client to Client Connection

[valant98]

Hello everyone,
First of all i have 2 computers in two different networks and a Softether Server in the Cloud of Azure.
The computer (1) connects to the server via Softether Client and Computer (2) with OpenVPN client.
The connection between those 2 computers are successful using SecureNat. Is there a way that computer (1) can see the whole network of computer (2) and communicate with all devices in its network?

[shakibamoshiri]

Yes there is.
You can install a vpnbridge (VPN Bridge) on computer 2.
These tutorials can help you
https://www.softether.org/4-docs/2-howto

[valant98]

As i mentioned the two computers are clients that connect to Softether Server in Cloud.
Isn't the installation of VPN Bridge specifically for server?
I have looked into the documentation but i cant find anything similar to my problem.
I would much appreciate a more specific guidance.
Thank you!

[shakibamoshiri]

Isn't the installation of VPN Bridge specifically for server?

SoftEther has three separate part
- vpn-server
- vpn-bridge
- vpn-client

In your case you need all three

I would much appreciate a more specific guidance.

what you need to download (or build)
That side you liked to expose whole internal network, you will install "SofEther VPN Bridge"
That side you liked to be normal, you will install "SofEther VPN Client"
For connecting these two clients, you will install "SoftEther VPN Server"

here is how
- install SE server
- add a hub
- at two users
- install SE bridge on computer 2 (enable SeucreNAT)
- add a cascade connection from SE bridge (on computer 2) to SE server (on could) -- use one of user credentials created
- install SE client (or any other client could connect to a SE server) and connect to SE server
At this point computer 1 should be able to access computer 2 internal network
You can ping the computer 2 local IP address from computer 1

topology of your need

Code: Select all

[ computer 1 (SE client) ] =======> [ could with public IP (SE server) ] <======= [ computer 2 (SE bridge) ]

[valant98]

Thanks a lot for the reply.
The only problem with the solution you provided is that the second computer is running openvpn client.
Shall i ask this question in openvpn forum?

[shakibamoshiri]

SoftEther is a multi protocol VPN. It supports
- OpenVPN
- SSTP
- L2TP

The only problem with the solution you provided is that the second computer is running openvpn client.
Shall i ask this question in openvpn forum?

It is up to you

[solo]

Is there a way that computer (1) can see the whole network of computer (2) and communicate with all devices in its network?

Shall i ask this question in openvpn forum?

It's a generic routing question which can be answered here. As you're not telling anything about OS' and subnets I'll use the following for illustration.

Code: Select all

SE server
Virtual DHCP: 192.168.22.10-200 no default gateway

LAN1
PC1 192.168.8.1

LAN2
PC2 192.168.111.105
PC3 192.168.111.101

- from the server get "openvpn_site_to_site_bridge_l2.ovpn" config
- mod it if necessary (eg forwarded port/protocol, cipher/data-ciphers, etc.)
- on PC2 set OpenVPN TAP NIC to a static IP, eg 192.168.22.2
- on PC2 run services.msc and start the "Routing and Remote Access" service
- on PC2 start the OpenVPN client

on LAN2's router add static route:
ip route add 192.168.22.0/24 via 192.168.111.105
- if the router does not support static routes, add persistent static route to every PC which needs to cross-connect:
route -p add 192.168.22.0 mask 255.255.255.0 192.168.111.105

- on PC1 start the SE client
- on PC1: route add 192.168.111.0 mask 255.255.255.0 192.168.22.2

PC2

Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.111.1  192.168.111.105     25

PC3

route -p add 192.168.22.0 mask 255.255.255.0 192.168.111.105

Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.111.1  192.168.111.101     25

PC1

route -p add 192.168.111.0 mask 255.255.255.0 192.168.22.2

Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.8.1   192.168.8.101       9
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1
      192.168.8.0    255.255.255.0    192.168.8.101   192.168.8.101       9
    192.168.8.101  255.255.255.255        127.0.0.1       127.0.0.1       9
    192.168.8.255  255.255.255.255    192.168.8.101   192.168.8.101       9
     192.168.22.0    255.255.255.0    192.168.22.11   192.168.22.11       1
    192.168.22.11  255.255.255.255        127.0.0.1       127.0.0.1       1
   192.168.22.255  255.255.255.255    192.168.22.11   192.168.22.11       1
    192.168.111.0    255.255.255.0     192.168.22.2   192.168.22.11       1

ping 192.168.111.105
Pinging 192.168.111.105 with 32 bytes of data:
Reply from 192.168.111.105: bytes=32 time=166ms TTL=127
Reply from 192.168.111.105: bytes=32 time=61ms TTL=127
Reply from 192.168.111.105: bytes=32 time=86ms TTL=127
Reply from 192.168.111.105: bytes=32 time=86ms TTL=127

ping 192.168.111.101
Pinging 192.168.111.101 with 32 bytes of data:
Reply from 192.168.111.101: bytes=32 time=98ms TTL=127
Reply from 192.168.111.101: bytes=32 time=90ms TTL=127
Reply from 192.168.111.101: bytes=32 time=541ms TTL=127
Reply from 192.168.111.101: bytes=32 time=105ms TTL=127

It's not trivial but if you insist on OpenVPN client then this is the way to go.

[valant98]

Thanks a lot for the reply, this was the solution for me. Cheers!