Hey guys I have been tasked with setting up a new VPN system for our company and SoftEther is what I have settled on. Now in full transparency I don’t entirely know what I am doing as this is my first time doing a project like this on a full blown enterprise network, but I have gotten to the point where I can get a secure tunnel from my home to my office. What I am wondering about is how to assign the appropriate IP to the clients connected to my SoftEther server as it assigns an IP of 169.211.21.3 (or something like that) when I really want it to be more like 10.0.22.83. This weird IP makes me think “Oh right DHCP is not doing its thing.” What I have not been able to figure out is how to either:
A) Manually assign the IP I want to my session (for further testing purposes)
B) Figure out the risks of enabling the virtual DHCP server on the SoftEther server. The docs say I could really mess something up, but I am not sure how to either mitigate the risk or nullify it.
C) Connect to an already existing DHCP server
I have heard the dark rumblings of DHCP going out and chaos ensuing and I don’t want to follow in their footsteps. If anybody needs more info comment below I’ll add it.
EDIT: Oh any if this problem has nothing to do with DHCP and is a symptom of something else, I am open to suggestions
Is there a reason you chose softether? That’s some janky software, and there might be something better for your use case.
You would have to combine SecureNAT or the better performing option is to leave the VPN network ubridged and format connecting usernames as user@hubname then dhcp is in a different broadcast domain.
Or uninstall it and use LogonBox 
Unless you have a good reason not to do so, the easiest way to go about it is generally to stay away from the built-in NAT and bridge directly between the VPN and the primary network adapter. The corporate DHCP server should handle the rest for you, and everything should just work.
That being said, this does prevent you from applying any firewall rules at the VPN box, so if this is a larger network you should be vlanning off your SoftEther server into a DMZ and applying appropriate firewall rules at the router. (You should be doing this anyway)
SoftEther actually works fine when you need a quick and dirty click, click, done VPN complete with self-signed certificates for a few clients that Just Works (and I have used it for exactly this purpose in the past). It’s not a scalable solution, so it really depends on what he means by “full blown enterprise network”. If he’s actually talking about a 5-10 user office where one or two people need a remote connection and there’s rarely any turnover, this will work fine. If he’s talking about hundreds or thousands of users and lots of remote access sessions, I agree with you that he should be looking for a more dedicated gateway/concentrator and PKI solution.
