SoftEther VPN PC-to-LAN on WinCE, without using Bridge

814 views Asked by At

I need to connect from a client PC to a LAN, using a VPN thru a Windows Compact Embedded 7 Panel PC.

I'm using SoftEther and the server is hosted on an external VPS (I use this infrastructure to take advantage of hole punching).

I decided to use SoftEther because it is the only server L2TP which I'm able to connect to from a WinCE7 (I'm open also to other options, but WinCE accept just L2TP or PPTP connections and I can't connect to servers that use xl2tpd, due to some problem of the IPsec configuration on WinCE).

I was able to make the system work using Win10 PC instead of the WinCE7 as client, I installed SoftEther Bridge on it, made a cascade connection to the server and everything worked fine.

The problem is that SoftEther Bridge software is not available for WinCE (arm), so I'm trying to do that by connecting from WinCE like a client (with the built-in VPN functionality of WinCE) and trying to make some rules and routes on both WinCE and Server to forward all the traffic to 10.10.10.xxx via the WinCE PC, using it as a router.

  • WinCE has a physical interface eth0 with address 10.10.10.50 and ppp0 interface of the VPN with address 192.168.30.10
  • Client has ppp0 interface of the VPN with address 192.168.30.11
  • I'm using SecureNAT of SoftEther Server, which creates a virtual host with address 192.168.30.1

I want to reach 10.10.10.xxx from Client PC 192.168.30.11, so on the client PC I added:

sudo ip route add 10.10.10.0/24 via 192.168.30.11 dev ppp0

Now I'm trying to redirect all traffic to 10.10.10.0/24 on the server, to WinCE panel 192.168.30.10, but using SecureNAT, on the VPS I don't have the control of the interfaces used by SoftEther, and I can't find where I can specify this routing rule on the SoftEther VPN Server Manager Software.

I also tried to disable the secureNAT (following this guide), creating a tap_soft interface on the VPS with address 192.168.30.1. In this way, I was able to ping 192.168.30.xxx clients connected to the VPN, but adding

sudo ip route add 10.10.10.0/24 via 192.168.30.10 dev tap_soft

doesn't work, no package arrives at 192.168.30.10.

I'm attaching a graphical diagram to flex my Paint skills: VPN diagram

0

There are 0 answers