New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Bug] SecureNAT DHCP does not give any IP address, if client is re-connecting, and if set to Fixed IPv4: #1947
Comments
we might have better design for that machinery. I recall similar approach in another projects, you end with encoding json in comment, and it was a nightmare. but regardless to poor design, it looks like a bug. I really wonder how other users use it |
as for APIPA (169.254.x.x addressing), it might be explicitly disabled https://www.itprotoday.com/windows-78/how-can-i-disable-apipa#close-modal (but it won't make dhcp leases working) |
Setting a fix IP for each user is possible if you separate your DHCP and set custom MAC addresses in "NOTE" section About the DHCP lease time, there seems to be a bug, even I did not face it, but some users reported |
@shakibamoshiri Sadly setting up a separate DHCP is not a solution, because I need to see the list of user=PC + IP addresses to be able to react within 5 seconds, if the user is getting into trouble. Managing 100 groups + 300 users + 300 MAC addresses + 300 IPs in separate lists would make everyone insane. Also if I turn off SecureNAT, how do I push routing to the clients? The solution would be if somebody would FIX these errors! This is the log, what is happening when the client is trying to re-connect but does not get any IP address:
|
while it does not look like a fix submitted by @hiura2023 recently (there were no REQUEST/RESPONSE), I'd suggest to try new version anyway https://github.com/SoftEtherVPN/SoftEtherVPN/releases/tag/5.02.5183 |
@chipitsine Thank you for the suggestion, I will try it as soon as I have some time for it. But to be honest, I do not have any more hope for any up-to-date SoftEther development any more. And an other huge problem I've detected with SE:
If both server and the client app would use Wireguard and everything would be automated for it with just 1 click, this speed would probably improve, but it won't be able to use P2P ever. OFF:During this year I've found this site: awesome-tunneling Setup-wise the best I've found was the self-hosted ZeroTier but as it turned out:
Second best would be headscale, but it will be difficult to set up 100+ separated groups using a text/JSON based "rule list configuration" called ACL. Currently I'm trying to solve it with N2N . There are less and less solution which can support both Win7 32 bit clients + Android+iOS too. |
How did you donate? |
@PizzaProgram Question2: |
Yes.
1 client PC = 1 user = 1 IP address .
No. |
Pull request below will dissolve only DHCP sequence. |
There are installers built with PR
https://github.com/SoftEtherVPN/SoftEtherVPN/actions/runs/8844193026#artifacts
…On Fri, Apr 26, 2024, 09:08 hiura2023 ***@***.***> wrote:
Pull request below will dissolve this issue.
#1989 <#1989>
—
Reply to this email directly, view it on GitHub
<#1947 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAQ5KUEI7LGD7PXSTRCHXALY7H4QTAVCNFSM6AAAAABCSSDTSKVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDANZYG43DENJWGI>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
@PizzaProgram When VPN connection is broken due to some reason, VPN server can not detect it immediately. Attached A: My test environment: |
@PizzaProgram Attached A: |
①As to reassigning static IP address. ②If necessary, do the following. |
The only way currently to set a Fixed IP address for a client, is to write it to the user's "note" field:
But there is a serious bug I'd like to report, which makes the whole VPN useless at enterprise level:
169.154.x.x
)So basically if any fixed IP client is disconnecting from the VPN, it will be unreachable until DHCP lease time is over, no matter how many times it tries to get it's IP address again. (And the DHCP lease time is normally set to maximum, otherwise the client is always disconnecting for renewal! Which is also a very very bad behaviour.)
I guess the reason is because:
I've just tested it with latest DE server upgraded with
make
. (5.02.5180) DE,with latest client. [Night build of the Dev. Client] 2023-12-03 (v5.02.5369) downloaded from Azure srv.
The text was updated successfully, but these errors were encountered: