Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


SoftEther - Very powerful, easy-to-use, multi-protocol VPN software - Page 4
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

SoftEther - Very powerful, easy-to-use, multi-protocol VPN software

12467

Comments

  • @Freek First thing, Does your vps provider enable tun for you by default?

  • FreekFreek Member

    @lincoln said: @Freek First thing, Does your vps provider enable tun for you by default?

    Thanks for the quick reply!
    Yes, this is on Xen PV which should have tun/tap enabled by default. I've used it in the past :)

  • FreekFreek Member

    So I followed @calimansi 's and @ClownJugglar 's steps and am now able to connect, but I'm not getting an IP.

    I was unsure about some things, so here are the assumptions I made:

    • I changed 'tun' to 'tap' in the OVPN file, as we've created a tap interface on the VPS. Without this, I kept getting authentication failure.
    • I was unable to create a TAP interface through SSH, so I used the Softether Management Utility instead. It shows up correctly on my VPS if typing ifconfig.

    @ClownJugglar said: You need to create the TAP device and assign it an IP address BEFORE starting dhcpd.

    I read this step too late and created a TAP device after starting dhcpd. Also, I was unsure which IP to assign to the TAP interface so I just went with 10.0.0.1, is that OK?
    To makeup for creating the device after starting dhcpd, I rebooted the server, this should be sufficient right?

    @ClownJugglar said: sudo iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j SNAT --to-source xxx.xxx.xxx.xxx

    I used this IPtable rule instead of calamansi 's IPtable tule.

    Thanks in advance.

  • @lincoln said: try update this line proto udp to proto tcp

    Thank you! Changing UDP->TCP fixed it.

  • lumaluma Member

    Anyone figure out how to get the linux client out of easy mode so that it can be administered via the client manager gui?

    This project has potential but they need to concentrate on linux a bit!

  • FreekFreek Member
    edited April 2013

    Small bump, still haven't been able to fix my issue above. I can connect via OpenVPN but I can't get an IP. Would love to use this.
    This is how I set it up:

    `./vpscmd
    natdisable, dhcpdisable, securenatdisable //Disable all the NAT stuff;
    bridgecreate /DEVICE:tap0 /TAP:yes //If this doesn't work, try setting it up through Softether's Windows Management interface;
    EXIT

    run: ifconfig tap_tap0 192.168.1.254

    edit: /etc/default/isc-dhcp-server
    INTERFACES="tap_tap0"

    apt-get install isc-dhcp-server apt-get install

    edit: /etc/dhcp/dhcpd.conf
    ddns-update-style none;
    option domain-name "XXX";
    option domain-name-servers 8.8.8.8, 8.8.4.4;
    default-lease-time 600;
    max-lease-time 7200;
    option subnet-mask 255.255.255.0;
    option broadcast-address 192.168.1.255;
    option routers 192.168.1.254;
    subnet 192.168.1.0 netmask 255.255.255.0 {
    range 192.168.1.10 192.168.1.100;
    range 192.168.1.150 192.168.1.200;
    }

    run: iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j SNAT --to-source VPS.IP.ADDRESS.HERE

    Open the generated .OVPN file:
    Change 'tun' to 'tap', as we've setup a TAP bridge.
    Also, without doing this, I kept getting an authentication failure`

    Thanks guys!

  • FreekFreek Member

    I managed to get things up and running. The key was in the iptables command. The Iptables command given by calamansi/clownjuggelar is for OpenVZ. Was trying to set it up on XenPV. Here are the steps I did:
    http://pastebin.com/EYXphBsj

    I noticed that DNS requests aren't being tunneled. Can anyone else confirm this?

    @NanoG6 said: how do I connect trough ICMP/DNS? I can't see the way to do so on client side. There is only enable/disable settings on server manager.

    I contacted the developer of Softether and he said this:
    The SoftEther VPN client attempts to connect by all method automatically.
    User can't specify connecting method expressly

  • nikcnikc Member

    @freek anychance of a guide ? would love to get this going without using the slower secureNAT.

  • FreekFreek Member

    @nikc said: @freek anychance of a guide ? would love to get this going without using the slower secureNAT.

    Sure, I'll write one up in the next few days.
    I am just waiting for the dev of Softether to answer my question on how to tunnel DNS requests as well.

  • FreekFreek Member

    If someone could shed some light on how to tunnel DNS requests I can finish my tutorial and submit it to LowEndBox...... I have everything covered so far I believe. The initial server setup (with SecureNAT or Local Bridge on Xen/OpenVZ), client setup (OpenVPN & SoftEther), how to upgrade SoftEther, just need to know how to tunnel DNS requests.....

  • lumaluma Member

    @Freek

    Looking forward to your guide! How about writing the guide in the meantime and once they reply edit it for the DNS requests? :)

    Thanks and good work!

  • fanfan Veteran

    @Freek

    Looking forward to the tutorial too! I tried to setup a local bridge following your pastebin post earlier but it didn't worked out for me (connected but no DHCP address was assigned). So far only SecureNAT works for me at the cost of speed.

  • fanfan Veteran

    Attention! I've discovered it's quite possible that the Chinese firewall got the ability to detect & block softether VPN recently, the test servers I used were all immediately blocked and remained inaccessible from mainland China so far, but all are accessible from other locations according to just-ping.

    @dnobori Many of the IP's on VPNGate were also blocked.

  • proteusproteus Member

    Any luck connecting over DNS/ICMP (not tunneling DNS)?

  • i believe that you cant explicitly connect via any of the tunneling method
    it will also connect with whatever that suite best.
    ICMP so far, not seeing it yet,
    But DNS yes, I've seen it. It will shown as "VPN over DNS" when you view properties of connected server when using softether client

  • FreekFreek Member
    edited May 2013

    @johnlth93 said: i believe that you cant explicitly connect via any of the tunneling method

    it will also connect with whatever that suite best.

    Correct.

    @johnlth93 said: But DNS yes, I've seen it. It will shown as "VPN over DNS" when you view properties of connected server when using softether client

    You mean tunnel DNS requests as well? If so, this is different. AFAIK It just means VPN over port 53 in case all other ports are broken?

    PS. My tutorial is ready any day now. Sorry for the delay. Busy with all kinds of stuff.

  • proteusproteus Member

    @Freek said: AFAIK It just means VPN over port 53 in case all other ports are broken?

    Yes, and is it over TCP or UDP?

  • @Freek - any chance you can release your how to with just what you have so far?

  • @gavster said:
    Freek - any chance you can release your how to with just what you have so far?

    Hi there. I'm sorry I didn't get back to you guys. I've been kinda busy. I will see if I can find my notes from back then and setup everything to see if it's still up to date.
    Please allow another week or so for me to do so. If I don't respond, PM me and nag me because I tend to forget things!

  • spekkspekk Member
    edited August 2013

    From what I saw, this software is closed source?

    A no-no for VPN software, by my standards anyway.

  • NyrNyr Community Contributor, Veteran

    @spekk they were planning on open sourcing it, if I remember correctly.

  • dnwkdnwk Member

    @Nyr said:
    University of Tsukuba published this project a few days ago.

    In only a few minutes, you can have a very powerful VPN server installed and configured to connect from virtually any machine. PPTP, L2TP, and OpenVPN are all supported and the server it's very flexible for any configuration you may need.

    Aditionally, you can do IPv6 over IPv4 and IPv4 over IPv6 with near-zero configuration. I think it's really awesome and more people should know about this.

    http://www.softether.org/

    Is there anyway to get it on Ubuntu? I only successfully get it on CentOS.

  • @dnwk said:
    Is there anyway to get it on Ubuntu? I only successfully get it on CentOS.

    I managed to deploy it on Debian, so it should work.

  • dnwkdnwk Member

    @darknyan said:
    I managed to deploy it on Debian, so it should work.

    How did you do it?

  • JohnRoeJohnRoe Member
    edited August 2013

    wow.. such a great software.. I installled it on centos.
    btw, how can I use dns tunnel on openvpn server?? I didnt see any option to enable or disable it

  • @dnwk I have a post about debian-based installation. http://linc01n.github.io/blog/2013/03/19/softether-on-vps/

  • @lincoln said:
    dnwk I have a post about debian-based installation. http://linc01n.github.io/blog/2013/03/19/softether-on-vps/

    followed your tutorial.. work great on my centos :)
    btw, is there any way to connect over dns?

  • @psycholyzern said:
    btw, is there any way to connect over dns?

    seems nobody know.. or, maybe the function cant be used

  • Has anyone had the problem with softether that you can log into the vpn (l2tp, server is using SecureNat DHCP) but not get out to the internet?

  • it looks like there is no open source yet? Anyway, that VPN over ICMP, and VPN over DNS made me change my mind about this program, I will see how I can try it

Sign In or Register to comment.