Setting up a VPN with SoftEther

Harold Rosee · September 2016

I guess what I am looking for is a way to may sure the PC is set up correctly. Can I troubleshoot it through another PC? Then when I know it's working I can figure out the iphone.

Harold Rosee · September 2016

Just iphone.

K6OZY · September 2016

Then why are you installing a SoftEther bridge? You only need the server component. Did you follow my video?

Harold Rosee · September 2016

Before your reply I had already seen and printed the instructions that W1EQX had written above. The way I understood the instructions on the Softether site was that for remote access you had to Bridge the VPN Server to the LAN using the Bridge.

I was following:
https://www.softether.org/4-docs/2-howto/1.VPN_for_On-premise/2.Remote_Access_VPN_to_LAN

Now I am really confused.

I guess I will stop and go watch your video.

BTW, my intent is to be able to connect from outside my home network from the IOS Smartsdr app.

Going to watch your video now.

Thanks

K6OZY · September 2016

The connection flow will be:

iPad / iPhone -> L2TP connection using native VPN client in IOS -> home Firewall -> SoftEther Server (running on PC or Raspberry Pi)

Ria · September 2016

When you install the server it installs a bridge component. There's no reason to install that separately. For the iPhone vpn after the wizard you need to click L2TP and select a shared secret. This is also what you put in the "secret" field in the iPhone. This is different from the password for the user account, which you also need to create.

Harold Rosee · September 2016

OK, well, thanks for trying to help. I don't want to fill the forum up with this. I am not a network guy and I am totally lost. I don't even know what questions to ask at this point.

I'll go read some more. Over and out...

K6OZY · September 2016

Harold, shoot me your info offline. I've helped dozens of people get their Flex's working via SoftEther VPN. I think I can get you up and running very quickly. k6ozy [at] arrl [dot] net.

Harold Rosee · September 2016

Ria, Thanks for you help. I am going to have to try and find someone offline to help me.

Take care

Harold Rosee · September 2016

OK. I'll do that. Thanks

K6OZY · September 2016

Above I **** fingered, and said UDP450 UDP4500. It's UDP 500, UDP4500, TCP 5555. I don't want bad information to say on the net confusing people.

Harold Rosee · September 2016

IT Works!!!

I have to say a big Thank You to Chris, K6OZY, for his help. This guy is a ****. It's 12:20 am here in Texas and he just spent a lot of his time helping me set up my VPN.

There is no way I could have done that myself. Of course he tells me if I had watched his video on youtube I could have done it. He has encouraged me to get a Raspberry Pi and run the server on it as Ria also suggested. So tomorrow I am off to the local Microcenter down the street to pick one up.

Chris, thanks again for your time and also the offer to help with the Pi. Help like yours is what sells Flex. Plus the radios are pretty good too:)

Now I can sleep. Goodnight

K6OZY · September 2016

Thanks for the kind words. I just hate seeing people not able to use their radio remotely because of VPN issues.

Lasse Moell · March 2017

OK, so I am next in line for some hand-holding!
Currently have a RPI running as server. Client computer do connect over my cell phone using port 5555 (it seems 443 is a no-no on that provider). But I cannot see the radio on SSDR client, unless I do connect over my LAN (and VPN). The VPN server is on DMZ i.e. no ports should be blocked on that side.

Where to look for those lost broadcast packets from my radio?
Checking ports (externally) 5555 reports open but 500 and 4500 reports open/filtered (UDP), is the RPI not responding?
Should a bridge work better? I thought starting with client it would be easier to verify things....
Is this due to client having a different ip-subnet?
My head about to burst

/Lasse SM5GLC

Ria · March 2017

There does need to be a bridge. Did you use my script or set it up yourself? My script automates it all (except the port forwarding), but if you do it yourself you need to set up the bridge manually.

Open SE-VPN server manager
Log in to the VPN server
Click "Local bridge setting"

Under "New Local Bridge Definition":
Select the virtual hub to create the bridge on (if you did a basic setup there should only be one, choose it)
Under "type to create" select "Bridge with Physical existing network adapter"
Select "eth0" as the LAN adapter
Then click "create local bridge."

The only thing that somewhat concerns me is that your vpn is on a DMZ. It probably won't work that way. It needs to sit on the LAN for the bridge unless you have a 2nd ethernet interface but that is getting into a more complicated setup. The reason is that it needs to be on the same LAN as the radio to receive and forward the VITA-49 broadcast packets. However, if you can route traffic to your LAN from the DMZ, you can specify the IP in SmartSDR for iOS and connect that way.

Lasse Moell · March 2017

YES! That did it! I was setting up everyting accrding to K6OZY... and missed the part with having local bridge enabled. It's up and running, sort of.... My cell phone do not give good enough through put, but I have seen the spectrum! Now I can start to fine-tune things.
A big Thank You Ria!
Cheers and CU on the bands
/Lasse SM5GLC

Lasse Moell · March 2017

Just one thing more, I did try the DMZ as I was a bit confused with my main router when things did not work. Back to the main router and ports properly opened.

Lasse Moell · March 2017

Just a quick update. The VPN runs fine, and I even managed to configure an Orange Pi Zero to do the work. This computer is half the physical size of a R-Pi, and costs about $9! DId a small demo at the local ham club showing how to operate remote.

Setting up a VPN with SoftEther

Answers

Leave a Comment

Welcome!

Quick Links

Categories