I am getting stuck in a bit of a rut and not sure if it's a limitation with EC2 servers, my attempts to get it working or a limitation with Softether.
I have an EC2 server with 2 NICs; eth0 and eth1. Each NIC is mapped to a public IP address. Softether is running on the server. I am trying to create an environment where one login (user1) goes out via eth0 and given the public IP assigned to that NIC, for another user (user2) I want to send traffic out via eth1 and the public IP mapped to that.
I am using secureNAT for user1 and that all works successfully. For user2, I have turned off secureNAT and linked the hub to a local bridge device called tap_secondary. I can connect to the internet via both ethernet interfaces so I know they can see the internet.
I've then allocated an ip address of 10.10.11.1/24 to tap_secondary. I'm using dnsmasq to assign IP addresses from this. I can successfully log into the VPN server and user2 is given an IP address from the 10.10.11.0/24 range.
From the linux server I can ping the 10.10.11.xx address allocated to user2 but if I ping using the source IP of eth1 this fails. I've tried numerous guides on IP tables to send traffic from the TAP to eth1 but nothing seems to work successfully. I also cannot ping addresses on the internet from 10.10.11.1 (the ip allocated to tap_secondary).
What's not clear is whether the above should work, whether my IP tables are just not right, whether ec2 supports this and I just seem to be going around in circles.
Any pointers would be helpful.
Many thanks,
Dean
Asked by Dean Baldwin
(1 rep)
Jul 27, 2021, 08:45 AM