IPSec VPN to Softether Server



  • Hello,

    We are running a Softether VPN server with L2TP/IPSec configuration in the main office. Our clients can connect to it on their Windows notebooks with the native VPN client, so they are able to access resources from the server within the main office.

    Now we have a small secondary office, where also sits a pfsense box. To connect these clients to the main office, i would like to do it via the pfsense (as a vpn client), rather than connecting every client seperately.

    Is this possible somehow?

    Kind Regards



  • Does no one have any help for this?



  • @endy66:

    Does no one have any help for this?

    So you want a VPN tunnel from the main office to the secondary office, so all users in the secondary office can use the main office resources?
    If so just setup a new site to site VPN at your main office and get your pfsence box to connect.

    lets say your main office is 10.0.1.0/24 and your secondary office is 10.0.2.0/24 just make sure you put your local subnet and remote subnet the right way round.



  • Thank you NASMAN for your reply. I saw the documentation of a site to site vpn between two pfsense boxes. But i want to use the softether vpn server (configured as L2TP/IPSec), and connect the pfsense from the secondary office to that vpn server over L2TP/IPSec, but i haven't found any guide to configure the pfsense so far.



  • @endy66:

    Thank you NASMAN for your reply. I saw the documentation of a site to site vpn between two pfsense boxes. But i want to use the softether vpn server (configured as L2TP/IPSec), and connect the pfsense from the secondary office to that vpn server over L2TP/IPSec, but i haven't found any guide to configure the pfsense so far.

    It will not be hard, just try it and post what you have done here.



  • The problem is, that i have not found a way to provide username and password.
    My VPN Server uses L2TP/IPSec with PSK and username / password authentication.


  • LAYER 8 Netgate

    There is no facility for pfSense to be an L2TP/IPsec VPN client like that. Use IPsec Site-to-Site.



  • Ok thank you, then i have to go with OpenVPN as SoftEther Server does Support it?


  • LAYER 8 Netgate

    I know nothing about Softether but if it supports OpenVPN it should work.



  • Yes it does. Now i have enabled the OpenVPN on SoftEther. The pfSense does connect and get an IP from the server. But after a few seconds it gets disconnected, the log on the pfSense shows me the following error:

    openvpn Authenticate/Decrypt packet error: missing payload

    I haven't found anything about this error, so what could this be?


  • LAYER 8 Netgate

    You need a site-to-site solution, not remote access. You are looking to route subnets over the connection, not connect a single endpoint with a single IP address.

    This is not a softether support forum.

    You probably have a crypto mismatch.

    You will need to provide MUCH more information, such as the configuration on the server side, their recommended client configuration settings, and the pfSense configuration.



  • Problem solved! Now i can connect my pfsense box as a client to my SoftEther server. The problem was the latest (RTM) Version of SoftEther server, which seems to have an issue with OpenVPN. After installing an earlier version, everything is working as expected.


Log in to reply