OpenWRT + SoftEther Client
I have a home server with a SoftEther installed in Ubuntu and I want to setup a OpenWRT router from outside as a client and, of course, connect some devices to my SoftEther VPN Server through that router.
I can connect to the SoftEther server directly from my laptop and it works great but I simply cannot make it work via the router. It says that it is connected to the VPN but I can’t pass traffic through it.
Does anybody have this setup and is willing to help me?
I thought SodtEther server supported more VPN protocols and didn’t need a specific client side software. OpenVPN should be somewhat supported, but they have their own wire protocol implementation, so YMMV.
It says that it is connected to the VPN but I can’t pass traffic through it.
The first test is to see if your OpenWrt router is connected to your SoftEther server. The first test would be ‘ping’ (to see if there is data traffic) and the second test would be ‘curl -4 ifconfig.co’ (to see its gateway).
If that is working well, then if you want to direct router traffic to your SoftEther encrypted network, then I would use the OpenWrt firewall zone system to do this.
[OpenWrt Wiki] SoftEther VPN Client ← this could be helpful.
Indeed, it supports basically everything, but the speed on OpenVpn is veeeeerrrry slow. I got a max of 50-60 mbps on OpenVPN while on SoftEther I get around 6-700 mbps.
I pinged 192.168.30.1 - the softether gateway and it works and I pinged other devices from the virtual LAN and there is a connection. I get internet on the main router WAN but can’t make the router route the internet through the VPN if it makes any sense.
I followed that guide to the letter with no luck, followed another guide that uses the softether bridge, same. Combined them, nada. Used some config from the OpenVPN guide, still the same…
That sounds like the wrong cipher. Either ensure your CPU supports on both sides supports the AES-NI instructions or if both sides supports ChCha-Poly ciphers. And if you use --auth, use SHA1 or SHA256. In addition reduce your tun-mtu to 1400.
As a reference point to what OpenVPN is capable of when correctly configured on device with CPUs with AES support: New: NitroWall for Professional Network Security | Nitrokey
On the OpenWrt router, what is the result of ‘curl -4 ifconfig.co’
This is to test the connection between the OpenWrt device (client) and your SoftEther VPN server.
I have an AMD 5800H and an I3-10110U, I think they both support it. But nevertheless, I don’t think the router cpu has it.
It gives me the external IP of the host network, not the VPN one.
Sorry for the late reply.
Check if you can use ChaCha-Poly (openvpn --show-ciphers). That will most likely improve the performance somewhat.
Here’s my experience: I have a Chromecast (the old one, just casting). The Chromecast needs to be on the same VPN as your casting device (phone or computer).
I make the vpn connection with Wireguard. Then, for the Chromecast and the casting device, I made a ‘virtual wireless access point’ (VWAP). The VWAP goes straight to the Wireguard network. A good example of a VWAP is a ‘guest’ network.
If this is what you would like to do, then make sure your VPN is in order then set up your wireless access point (or virtual, if you want) to use the VPN.