To construct a VPN server in an enterprise with a large number of users, the administrator may be required to implement measures to simplify VPN Client user operations and provide remote management of VPN Client on client computers. This section describes how to properly manage a large number of VPN Client users in a large-scale environment.
4.7.1 Remote Management of VPN Client
VPN Client Manager is normally used to connect to and control the VPN Client service running on a local computer, but by properly configuring the settings, you can also VPN Client Manager to remotely operate VPN Client services running on remote computers.
Setting VPN Client to Allow Remote Management
To enable the remote operation of the VPN Client service running on a remote computer, [Allow Remote Management of VPN Client Service] must be enabled on the setting of the VPN Client service at the remote destination. The user can enable this option by clicking [Options] on the [Tool] menu of VPN Client Manager.
A password must also be set for VPN Client with enabled remote management. The user can set the password by clicking [Set Password] on the [Tool] menu.
By checking the boxes next to [Set password] and [Only Request Password For Remote Operation] on the [Password Setting] window, you can set the local computer to not request a password when starting VPN Client Manager and only request a password when connecting for remote operation.
Remote Management Setup Window.
Remotely Connecting to VPN Client on a Separate Computer
You can remotely connect to and manage SoftEther VPN Client running on a separate computer by clicking [Start] > [SoftEther VPN Client Manager] > [Manage SoftEther VPN Client on a Separate Computer]. Specify the name of the destination SoftEther VPN Client computer in [Computer name] and click [OK].
Window for Remotely Connecting to VPN Client on a Separate Computer.
By remotely operating SoftEther VPN Client on a separate computer, the administrator can, for example, configure the proper connection settings for a user that does not understand the connection method without the administrator having to go to that user's computer.
The following operations cannot be performed with VPN Client Manager when connected to a remote VPN Client.
- Adding a Virtual Network Adapter or reinstalling a device driver
- Configuring smart card settings
- Displaying network devices on a remotely connected VPN Client
- Using a TCP Optimization Utility
4.7.2 Distributing Configuration Files
The configuration data of VPN Client is automatically saved to vpn_client.config in the directory where SoftEther VPN Client is installed. Each time VPN Client is started, this file is read and the configuration data is managed and maintained. By replacing the vpn_client.config file, you can back up or roll back the operations or configuration data of VPN Client at any time, and the file can also be copied to other computers.
The administrator can configure the default settings of VPN Client and then distribute the vpn_client.config file to client computers, thereby providing the default settings across the VPN in advance.
The contents of the vpn_client.config file cannot be directly replaced while the VPN Client service is running. First stop the VPN Client service, and then change the vpn_client.config file and restart the VPN Client service.
To stop the VPN Client service running on a VPN client computer, execute the net stop vpnclient command. To start the VPN Client service, execute the net start vpnclient command.
4.7.3 Distributing a Connection Setting File to Users
You can export the connection setting data of VPN Client, as described in 4.4 Making Connection to VPN Server. The exported file can be sent by e-mail to VPN Client users who can then simply double-click the received connection setting file to register that connection setting to VPN Client on the user's computer.
Because the connection setting file is comprised of simple text data, the system administrator can automatically create this file for each user. In this way, connection setting files with the necessary settings can be created and distributed to a large number of VPN Client users to ensure that even users with little knowledge of VPN connection settings can easily connect to the VPN.
