1.2 SoftEther VPN Components

    SoftEther VPN is composed of VPN Server, VPN Client, VPN Bridge and several common software components. When using SoftEther VPN, depending on what software is installed on your computer, it is necessary to understand VPN construction and whether or not it can be operated. A list of software and a description of the functions and roles are provided here.

    1.2.1 SoftEther VPN Server

    Role of SoftEther VPN Server

    SoftEther VPN Server is the most important software for the SoftEther VPN system. Just as the name suggests, SoftEther VPN Server plays the role of VPN server to accept connections from remotely located VPN Client and VPN Bridge through the network.

    Installation of SoftEther VPN Server is necessary no matter what form VPN is realized. The reason for this is because only SoftEther VPN Server accept connection from VPN Client and VPN Bridge.

    Multiple Virtual Hubs can be created for SoftEther VPN Server and Ethernet frames which can be exchanged within Virtual Hub. For more information on Virtual Hub, see 1.4 VPN Processing Principle and Communication Method.

    If a new VPN session is connected to Virtual Hub for other VPN Server, concerning Ethernet frames flowing through user authentication function Virtual Hub, the majority of the functions required for network administration such as packet filtering by access list of security policy are provided. For more information on these functions, see 3. SoftEther VPN Server Manual.

    If multiple Virtual Hubs are created within SoftEther VPN Server, a virtual layer 3 switch function is provided to conduct IP routing among Virtual Hubs. A detailed description of a virtual layer 3 switch function is provided in 3.8 Virtual Layer 3 Switches.

    1-2-1.png

    Multiple Virtual Hubs and virtual layer 3 switches can be created for a single SoftEther VPN Server.

    Local Bridge

    SoftEther VPN Server can perform bridge connection by layer 2 with Ethernet segment of network adapter connected to computer operating any Virtual Hub and its SoftEther VPN Server. This is called a local bridge. A detailed description of local bridges is provided in 3.6 Local Bridges. A SoftEther VPN Server in local bridge status can connect to the SoftEther VPN Server from a remote location and access the bridge destination network. For specific configuration method, see 10.4 Build a Generic Remote Access VPN.

    VPN among hubs can be easily realized by cascade connection from Virtual Hub connected by local bridge to a hub at a remote location to Virtual Hub connected by local bridge on SoftEther VPN Server side. For specific configuration method, see 10.5 Build a LAN-to-LAN VPN (Using L2 Bridge).

    1-2-2.png

    Bridge connection between Virtual Hub and physical network adapter by local bridge function.

    Cascade Connection

    Virtual Hub which is operated by SoftEther VPN Server can be connected with Virtual Hub operated by SoftEther VPN Server on same or separate computer by cascade connection. Cascade connection can also be accepted from SoftEther VPN Bridge operating on a separate computer. By connecting two or more different Ethernet segments using cascade connection, you can use the two LANs, which were originally separate from each other as LAN of a single segment. A detailed description of cascade connection is provided in 3.4 Virtual Hub Functions.

    1-2-3.png

    Cascade connection established between Virtual Hub and Virtual Hub.

    Location of SoftEther VPN Server

    If constructing VPN by SoftEther VPN, in most cases VPN can be designed/constructed by establishing connection from a hub other that the one the with the SoftEther VPN Server by SoftEther VPN Bridge or SoftEther VPN Client. Because it is a single organization, thus it is basic to set up a SoftEther VPN Server for constructing VPN. For specific location, see 10.2 Common Concepts and Knowledge.

    1-2-4.png

    Location of SoftEther VPN Server and SoftEther VPN Bridge.

    1.2.2 SoftEther VPN Client

    Role of SoftEther VPN Client

    SoftEther VPN Client is VPN client software that functions as a Virtual Network Adapter which can be connected to Virtual Hub of SoftEther VPN Server. With a computer installed with SoftEther VPN Client, the user can access via the Internet with only simple settings, and can carry out random communication by connecting to Virtual Hub of SoftEther VPN Server via Virtual Network Adapter.

    For details concerning SoftEther VPN Client, see 4. SoftEther VPN Client Manual.

    1-2-5.png

    VPN connection to Virtual Hub by SoftEther VPN Client.

    Virtual Network Adapter

    If using SoftEther VPN Client, communications are carried out by creating a Virtual Network Adapter recognized a single Network Adapter by the operating system and all applications using communications. Consequently a computer installed with SoftEther VPN Client can carry out VPN communications via Virtual Network Adapter for an application.

    1-2-6.png

    Virtual Network Adapter.

    Bridge between Virtual Network Adapter and Physical Network Adapter

    Because Virtual Network Adapter is implemented as a device driver recognized by the operating system as a single network adapter, if there is a bridge function between the operating system and network adapter, it makes bridge connection between Virtual Network Adapter and physical network adapter possible. For details see 4.3 Virtual Network Adapter. As cascade connection and local bridge are supported for SoftEther VPN Server and SoftEther VPN Bridge, this method is not used so much on SoftEther VPN.

    1.2.3 SoftEther VPN Bridge

    Role of SoftEther VPN Bridge

    SoftEther VPN Bridge is software that enables cascade connection to Virtual Hub of SoftEther VPN Server operating at a remote location, and also enables VPN connection to be the layer 2 bridge connection between a physical network adapter and computer running SoftEther VPN Bridge. SoftEther VPN Bridge will be the optimal software for introducing to computer connected by LAN of the hub if you want to bridge connect hub LAN at a remote location to VPN configured by SoftEther VPN Server (in other words Virtual Hub operating on SoftEther VPN Server).

    For details concerning SoftEther VPN Bridge, see 5. SoftEther VPN Bridge Manual.

    1-2-7.png

    Bridge connection to remote hub by SoftEther VPN Bridge.

    SoftEther VPN Bridge and SoftEther VPN Server

    SoftEther VPN Bridge is technically software optimized for bridge hub by removing the function for creating multiple Virtual Hubs and function for accepting connection from SoftEther VPN Server and SoftEther VPN Client of other computer from the software program of SoftEther VPN Server. When SoftEther VPN Bridge is installed, a single Virtual Hubs named "BRIDGE" will be created. The network administrator makes a local bridge with the LAN of the hub to bridge the Virtual Hubs and connects to the Virtual Hubs of the SoftEther VPN Server of the connection destination.

    1-2-8.png

    Difference between SoftEther VPN Server and SoftEther VPN Bridge.

    Local Bridge and Cascade Connection

    A Virtual Hub named "BRIDGE" exists in SoftEther VPN Bridge, but you can connect from "BRIDGE" Virtual Hub to Virtual Hub of SoftEther VPN Server which is operating at a remote location and the physical network adapter of the computer such as running "BRIDGE" Virtual Hub and SoftEther VPN Bridge can be connected by local bridge function.

    The cascade connection function and local bridge function are therefore the same as those with which SoftEther VPN Server is equipping.

    1.2.4 SoftEther VPN Server Manager

    SoftEther VPN Server Manager is an administration utility equipped with graphical user interface (GUI) for administrating by connecting to SoftEther VPN Server and SoftEther VPN Bridge in the administration mode. Only the Windows version SoftEther VPN Server Manager is now currently provided.

    Using SoftEther VPN Server Manager enables administration by connecting by TCP/IP to SoftEther VPN Server and SoftEther VPN Bridge from a remote location. SoftEther VPN Server Manager can also be used as a stand-alone by installing on a computer terminal for administration.

    When SoftEther VPN Server Manager, the user does not have to memorize difficult operating procedure or command lines. Most operations are accomplished by mouse click or keyboard input of necessary items.

    1-2-9.png

    SoftEther VPN Server Manager.

     

    1.2.5 SoftEther VPN Command Line Management Utility (vpncmd)

    The SoftEther VPN command line management utility (vpncmd) is a command user interface (CUI) administration utility for carrying out administration by connecting to SoftEther VPN Server, SoftEther VPN Client and SoftEther VPN Bridge.

    Currently on the Windows version of SoftEther VPN Server Manager is offered. Although vpncmd programs are offered for all platforms on which SoftEther VPN Server operates. Thus enabling administration by same method, no matter which platform is used.

    This manual contains a command reference for vpncmd commands. For details see 6. Command Line Management Utility Manual.

    With vpncmd, all operations are accomplished by command input. Although the program contains detailed command to help with usage methods and explanations, you can refer to the manual each time inputting commands. In that case you don't have to memorize the commands and the number of times key input which is required and reduced by an automatic input complement function. When calling out vpncmd commands, batch command line script can be passed as a command line argument, automatic processing can be executed, and processing results can be written in a file.

    1-2-10.png

    SoftEther VPN command line management utility (vpncmd).

    1.2.6 Other Included Utilities

    The following utilities are contained in SoftEther VPN.

    • Communication throughput measurement utility
    • TCP/IP communications setting optimization utility

    For further information on these utilities, see 7.2 Install on Windows and Initial Configurations and 4.8 Measuring Effective Throughput.