I setup my SoftEther VPN Setup but looks like something missing his tutorial:
1. After restart your router all configuration will gone
2. iOS devices and other clients cannot get IP address.
3. VPN clients cannot access to local sources.
First you have to enabled SecureNAT for assigning IP address for VPN Clients.
After enable SecureNAT, your VPN clients will get 192.168.30.10+ IP address and your devices will successfully connect to VPN Server
You should be make sure you route's following UDP ports should be open: 500 and 4500
When you creating a bridge on 18th step of @iloub911's tutorial, instead of choosing br0, I choose ath0 Because I want to access all local resources.
The last issue, after restart all settings will gone.
Thanks to @rickyyip123's tutorial:
rickyyip123 wrote:
24. Click edit config
25. Click save to file, save it to somewhere safe, because it contains the secrete of your vpn!!!
26. Then close and exit the program.
27. ~~~~From here, the softether vpn setting is basically done, if you want more advance setting, we will discuss that at the later part of this guide!~~~~
Now we should set our router to work with this thing! (The MOST critical part!)
1. Use notepad to open the config file you just saved
2. Replace all tab character in the file with space (ctrl+h)
3. Copy the whole text to dd-wrt softether config box
4. Click apply settings
5. Jump to administration>commands
*****Updated*****
6. Copy the following to commands box
The most important point is you should be remove all TAB chars in config file. You can use Notepad++ or alternative editor. Step 6 you should copy paste this code AS IS:
Don't type anything for SERVER or/and PASSWORD. I typed as is.
After restart wait 15 second. And your VPN client can connect to server and you have access to local sources. That's it. _________________ Kaan's World | @mkaand | PLEX Archive | Trakt.tv
Last edited by mkaand on Sun Mar 26, 2017 10:13; edited 1 time in total
I tried following these added steps as you suggested.T Everything works fine until I reboot the router then the secure nat needs to be re-enabled. Any way to keep it enabled?
I tried following these added steps as you suggested.T Everything works fine until I reboot the router then the secure nat needs to be re-enabled. Any way to keep it enabled?
Thank you
Hi,
I will explain to you step by step.
1. Turn of your router for 10 sec. Then turn on.
2. Enabled SoftEther VPN Server (If already enabled, just disable and re-enable)
3. Follow these steps http://bouli.ihostfull.com/
4. Enables SecureNAt
5. Make sure your clients can connect via VPN.
6. Click Edit Config button and save config file to your destop
7. Find and remove all TAB characters on you config file (You can use notepad++) this is important!
8. Copy config file and paste to the config window on DDWRT interface (VPN Section)
9. Go to Administration -> Command Section and write:
I had to disable Bridge under the router settings. I was doing everything you suggested but if I kept Bridge enabled as shown in the http://bouli.ihostfull.com/ guide it would never work after rebooting.
I had to disable Bridge under the router settings. I was doing everything you suggested but if I kept Bridge enabled as shown in the http://bouli.ihostfull.com/ guide it would never work after rebooting.
Thank you very much for the help.
You're welcome. Actually I tried to enabled Bridge couple of times but if I enabled, SoftEther Manager doesn't let me connect to Server again. I do not need to bridge, that's why I disabled and It's working like a charm. By the way, you need SoftEther VPN client for Windows 10 I guess. I couldn't achieve connection via built in Windows 10 VPN client. _________________ Kaan's World | @mkaand | PLEX Archive | Trakt.tv
Last edited by mkaand on Sun Mar 26, 2017 10:12; edited 1 time in total
I have tested a few different setups, and have found this to make things a bit easier, in case you have jffs or external storage enabled, as it basically makes it possible to configure and maintain the SoftEther server entirely from the Server Manager GUI, without having to copy information manually to the router, or make any other changes to the router setup.
For this tip, I assume that you have jffs enabled.
First of all, do not enable SoftEther in the web interface. And do not input anything in the configuration box. This will also save you some precious nvram space. If you have it enabled, disable it now, and clear all information in the configuration box, and press save. DO NOT apply it or reboot yet, if you want to keep your existing configuration.
SSH into your box, and:
Code:
mkdir /jffs/etc
(Optional) In case you have some existing configuration you would like to keep, copy it over:
Code:
cp /tmp/var/lib/vpn_server.config /jffs/etc
Add these two lines to the startup-script in the dd-wrt web interface:
Now you can configure the SoftEther server via the Server Manager GUI, which is so well described above. No need to copy any configuration data manually to the router.
If you have not copied an old configuration file, the vpn server will create a default one. The password will be blank for the first login from the GUI.
Posted: Sun Mar 26, 2017 9:18 Post subject: [Updated] Tutorial
I just made small changes in my tutorial. Because SecureNAT feature is not OK for me. SecureNAT provides 192.168.30.1 subnet IP Address for SoftEther Clients. But sometimes my local client also receiving 192.168.30.XXX IP Address. For this reason I found better solution:
1. Follow my above tutorial AS IS.
2. Disable Virtual NAT (SecureNAT)
3. Delete Local Bridge (you created before) on SoftEther Management Console
4. Re-Create your Local Bridge with following settings:
a. Choose your Virtual Hub
b. Select "Bridge with New Tap Device"
c. Type name for this new device (my case "soft")
d. Create Local Bridge button.
5. Edit Config button and save config file on your desktop. Than remove all tap characters with find & replace function of your text editor.
6. Copy this config text and paste into DD-WRT SoftEther Config box.
7. Go to Administration>Commands section.
8. Save this as a startup script:
If you Local bridge name is not soft, you should change above code. tap_BridgeName
That's it! Now my VPN clients are in same subnet. They can see each other. And no problem. SecureNAT is not good. Do not use it. _________________ Kaan's World | @mkaand | PLEX Archive | Trakt.tv
I have the same problem with my lan devices getting IP from virtual nat dhcp instead of lan dhcp. The ONLY way I can get any VPN clients to connect is to have securenet enabled AND it's dhcp server on also. I tried your directions above and didn't work. Not sure what I did differently. Any suggestions?
I have the same problem with my lan devices getting IP from virtual nat dhcp instead of lan dhcp. The ONLY way I can get any VPN clients to connect is to have securenet enabled AND it's dhcp server on also. I tried your directions above and didn't work. Not sure what I did differently. Any suggestions?
YOu should disabled SecureNAT and create tap device (tap_soft). Follow my previous post. But before you test you should wait after restart your router. Because some procedures needs time. LEt's say wait 10 min. before you try to connect via VPN. _________________ Kaan's World | @mkaand | PLEX Archive | Trakt.tv
I'm seeing an error on the 443 listener port but I have no services running already on 443.
Any ideas?
Also, should I not configure the server through the gui and just use the jffs method?
I notice issues like the Softether Manager tries to re-initialize a configuration when it is reopened most of the time. As in, it doesn't recognize mu password but when I try to use a blank password, it starts the setup.
Posted: Thu Jun 14, 2018 13:27 Post subject: Re: softether client
mimzmimz wrote:
is it possible also to setup the router as a client for a softether server?
I didn't test it as a client. But these days I need second router for SoftEther client I am looking for cheap softether DDWRT router. Any advises? _________________ Kaan's World | @mkaand | PLEX Archive | Trakt.tv
But you need to fix step 18 too. I create "soft" interface: