getting time out on VPN interface for certain ports.
#1
VPN server Software: Softether VPN.
Using pprotocol : L2TO over ip2sec

Now user is connected adn can view each other , Working fine.
Now here's come the proble. 

I installed a radius server for auth another NAS ( openwrt ) which's ip is .110 and it can comunicate with vps , and view the radius server over public ip. But when I am trying the 10.1.1.1(vpn ip) its getting time out. I can ping from 10.1.1.110 to 10.1.1.1 
Radius server is visible from internet to port 1812/1813
I can see radius server from terminal on ip 10.1.1.1 as well.

I have added virtual interface adn added ip 10.1.1.1 to tap_vpn1(Virtual tap interface).

but still no Luck.

I don't have any iptable configured.

Here is route that i have

PHP Code:
10.1.1.0/24 dev tap_vpn1  proto kernel  scope link  src 10.1.1.1

default dev venet0  scope link 
#2
What kind of VPS are you using? Is it a NAT VPS? Because some providers can block some ports. or give you a certain port range.
Thanks For the VPS 18 FreeVPS.

My Post Count:

[Image: img.php?1&userid=13454]

FreeVPS Moderation Team - Make a thread in "VPS Help & Support" for any VPS related issues.

#3
Not its not a natted vps . As I describe its can connect through internet but failed to connect with in lan.
Hope this helps.
#4
Hope this article helps you:

https://www.softether.org/4-docs/1-manua...VPN_Server
Thank you FreeVPS and ZXPlay for VPS 7 and 19

[Image: show_img.php?userid=17170&vpscount=2]


Don't PM me for support, use an appropriate forum to ask for support
#5
If i am not wrong, your VPN is working as it should however, you are unable to transfer data between the two clients connected on the same VLAN. Could you please check the subnet that is being offered by the VPN Server. Generally the subnet for VPN is 255.255.255.254, as per which there is communication between just the server and the client. I think you will need to recheck that.
[Image: img.php?v2=1&userid=19445]
Thank you to freevps.us and http://nodeblade.com for FREE VPS  Angel
#6
Ok here is all the data and hope this will give you the idea.

PC----VPN----Router
PC----VPN----server

They all can see each other every pc can see every pc, Works grate, with no problem.

Now when I install freeradius to VPN , on public ip freeradius is acceptable , but cannot see from private IP.
I think I miss something which causes this tap adaptor cannot sending the ip requests to the server and the req cannot see the server localhost.

Ok so here is some addition to my post.

Here is my ifconfig

Code:
lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:16178 errors:0 dropped:0 overruns:0 frame:0
          TX packets:16178 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:2928433 (2.9 MB)  TX bytes:2928433 (2.9 MB)

tap_vpn1  Link encap:Ethernet  HWaddr 00:ac:45:cd:63:bf
          inet addr:10.10.1.1  Bcast:10.255.255.255  Mask:255.0.0.0
          inet6 addr: fe80::2ac:45ff:fecd:63bf/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2457 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2434 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500
          RX bytes:175297 (175.2 KB)  TX bytes:188608 (188.6 KB)

venet0    Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:127.0.0.2  P-t-P:127.0.0.2  Bcast:0.0.0.0  Mask:255.255.255.255
          UP BROADCAST POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1
          RX packets:1158681 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1341645 errors:0 dropped:29338 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:187601950 (187.6 MB)  TX bytes:335142838 (335.1 MB)

venet0:0  Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:xx.xx.xx.xx  P-t-P:xx.xx.xx.xx  Bcast:xx.xx.xx.xx Mask:255.255.255.255
          UP BROADCAST POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1

The problem is I can freeradius on port 1812 onxx.xx.xx.xx:1812 but could not access from the ip 10.10.1.1:1812

Any idea?
Here is route

Code:
10.10.1.0/24 dev tap_vpn1  scope link
10.0.0.0/8 dev tap_vpn1  proto kernel  scope link  src 10.10.1.1
default dev venet0  scope link
#7
(2016-10-11, 1:57:04 pm)tukai Wrote:  The problem is I can  freeradius on port 1812 onxx.xx.xx.xx:1812 but could not access from the ip 10.10.1.1:1812

Any idea?
Public IP ports are not the same with Private IP. You should configure your router properly so you will be redirected to the right server on LAN.

For instance:
I have public IP 1.2.3.4 If I configure port 9876, it will redirected on 10.10.1.1:1812.

1.2.3.4:1812 is not the same as 10.10.1.1:1812.


Do you get my point?
Thank you FreeVPS and ZXPlay for VPS 7 and 19

[Image: show_img.php?userid=17170&vpscount=2]


Don't PM me for support, use an appropriate forum to ask for support
#8
Well let me give you a little more ref.
Lets imagine VPS as a pc with 2 interface. venet0 is connected to internet and I can use it with my work even the radius server also work in this public ip.
But the second interface have a ip fo 10.10.10.1 and its accacable from all the locacl intranet user, as fer ok.
But when trying to access the freeradius server which usues port 1812-13 , it fails.
I think i need some prerouting tables or something to make it work.
#9
A simple question: why are you not simply using SecureNAT? The local bridge setup is more complex and requires a much more advanced network setup and knowledge. This might be more or less the reason why you are having issues.

Another question: is your freeradius server actually also listening on the IP address of the server that was issued on the VPN network adapter? You can run "netstat -tulpen" to check which process is listening on which IPs/Ports.
#10
No. 1 Yeah you are right I just need the work done.
no2.
Code:
udp        0      0 0.0.0.0:1812            0.0.0.0:*                           111        1600308283  783/freeradius
udp        0      0 0.0.0.0:1813            0.0.0.0:*                           111        1600308284  783/freeradius

Yes they are listinig to all ports.




Users browsing this thread: 1 Guest(s)