SoftEther Error 13 with HAProxy or SNIProxy

I set up an HAProxy (also tried SNIProxy) on my EdgeRouter, sharing port 443 for internal port forwarding and SoftEther Server on Router.

When I connect to port 443 from another SoftEther Server, I got a Timeout error, my error message was in Simplified Chinese on my Windows box, I googled and found other ppl meet same error, English message like:

Error (Error Code 13):
Time-out occurred during VPN session communication. It is possible the connection from the client to the VPN Server has been disconnected.

In my case, external SE connect to RouterIP:443, HAProxy(SNIProxy) listens on 443 and split SE connections to localhost:24443 which is listened by SoftEther on Router.

Since HAProxy/SNIProxy does not handles UDP packets, I tried to set up an port forwarding for UDP 443, not working.

The only solution is TICK the ‘Disable UDP Acceleration / 禁用 UDP 加速功能功能 / UDP 高速化機能を無効にする’ from:
Manage Virtual Hub -> Manage Cascade Connections -> Edit -> Advanced Settings -> Disable UDP Acceleration

SoftEther Error 13 with HAProxy or SNIProxy by @sskaje:

Incoming search terms:

L2TP Remote Access Server on UBNT EdgeRouter

EdgeRouter Lite with Firmware 1.9.0

L2TP PSK Mode.

WAN interface: eth1
VPN Subnets:

Run commands below in ‘configure mode’.

1 Configure IPSec

2 Configure L2TP

3 Configure DNS
Make sure you have following lines, otherwise you can get DNS resolved.

L2TP Remote Access Server on UBNT EdgeRouter by @sskaje:

Incoming search terms:

EdgeRouter Lite: Source Based Routing

I have on my eth0 as LAN, VPN set up.
For some cases, I want to visit some web site via VPN, I set up a socks 5 proxy.
But socks 5 is not an option for iPhone & Android by default.

So I added to eth0 at the same time, traffic from are all forwarded to VPN interface.

If I want my iPhone traffic fully routed to VPN, I just need to change my iPhone WiFi addresses.

EdgeRouter Lite: Source Based Routing by @sskaje:

EdgeRouter PPtP Server访问本地DNS服务

UBNT EdgeRouter 自带了PPTP Server,典型的配置方法是


路由端抓 UDP 53 的包,可以看到pptp客户端发出的dns请求,但是没有回包。

man dnsmasq

-i, –interface=
Listen only on the specified interface(s). Dnsmasq automatically adds the loopback (local) interface to the list of interfaces to use when the –interface option is used. If no –interface or –listen-address options
are given dnsmasq listens on all available interfaces except any given in –except-interface options. IP alias interfaces (eg “eth1:0”) cannot be used with –interface or –except-interface options, use –listen-
address instead. A simple wildcard, consisting of a trailing ‘*’, can be used in –interface and –except-interface options.

尝试了加一个 interface=pptp*,无效。
顺手先把dnsmasq的请求隔离到一个新的网段,服务端的local-ip设成,推送dns,再设置options ‘listen-address=’,解决。

EdgeRouter PPtP Server访问本地DNS服务 by @sskaje:

Incoming search terms:

Set up OpenVPN Site-to-Site on UBNT EdgeRouter Lite

不同的是,我一端是Ubuntu Linux,另一端是EdgeRouter Lite。

PPTP的方案参考:EdgeOS PPTP VPN客户端配置


Ubuntu Linux,
EdgeRouter Lite,

配置EdgeRouter Lite

SSH到Ubnt EdgeRouter Lite






把EdgeRouter的 /config/auth/secret 复制到 /etc/openvpn/er-site2site-static.key

编辑 /etc/openvpn/server.conf



在EdgeRouter ping Linux

在Linux ping EdgeRouter



参考下一篇文章 UBNT EdgeOS 配置设备路由(interface-route)的方法

Set up OpenVPN Site-to-Site on UBNT EdgeRouter Lite by @sskaje:

Incoming search terms: