Specification

Table of contents

1. Basic Capabilities of SoftEther VPN Server
1. 1.1. Maximum Concurrent VPN Sessions
2. 1.2. Maximum Virtual Hubs
3. 1.3. Remote Access VPN
4. 1.4. Site-to-Site VPN
5. 1.5. Traffic Control
6. 1.6. Maximum Objects in a Virtual Hub
7. 1.7. SecureNAT Function
8. 1.8. High Availability and Clustering
9. 1.9. Security Features
10. 1.10. Management Functions
2. VPN Protocols Supported by SoftEther VPN Server
1. 2.1. SoftEther VPN Protocol Specification
2. 2.2. L2TP/IPsec Sever Function Specifications on SoftEther VPN Server

Version as of 03:58, 20 May 2024

Return to Version archive.

View current version

Basic Capabilities of SoftEther VPN Server

Maximum Concurrent VPN Sessions

4,096 Sessions

Maximum Virtual Hubs

4,096 Virtual Hubs

Remote Access VPN

Layer-2 (Ethernet Bridging)
Layer-3 (IP Routing)

Site-to-Site VPN

Layer-2 (Ethernet Bridging)
Layer-3 (IP Routing)

Traffic Control

VoIP / QoS Priority Control
Traffic Shaping for Per Users or Groups

Maximum Objects in a Virtual Hub

Users: 10,000
Groups: 10,000
Access List Entries: 32,768
MAC Address Table Entries: 65,536
IP Address Table Entries: 65,536
Cascade Connections: 128

SecureNAT Function

Virtual NAT Function: Maximum 4,096 Dynamic Mapping
User-mode NAT
Kernel-mode NAT
Virtual DHCP Function

High Availability and Clustering

Maximum Cluster Members: 64
Load Balancing
Load Balancing Weight Control
Dynamic Mode Virtual Hub Mapping over Cluster Members
Static Mode Virtual Hub Mapping over Cluster Members
Fault Terrance

Security Features

External User-authentication Methods: RADIUS / NT Domain / Active Directory
Security Policy Settings for Per User / Per Group
Security Logs Isolation for Each Virtual Hubs
Works as System-mode Background Service
Works as User-mode Program
DoS Attacks Detection and Protection (SYN Flood)

Management Functions

VPN Server Manager GUI for Windows
Command-line Management Utility (vpncmd)
Listener Ports Dynamic Add / Delete

VPN Protocols Supported by SoftEther VPN Server

SoftEther VPN Protocol (Ethernet over HTTPS)
OpenVPN (L3-mode and L2-mode)
L2TP/IPsec
MS-SSTP (Microsoft Secure Socket Tunneling Protocol)
SSTP/IPsec
EtherIP/IPsec

SoftEther VPN Protocol Specification

Upper Underlying Protocol: SSL (Secure Socket Layer) 3.0 / TLS (Transport Layer Security) 1.0
Lower Underlying Protocol: TCP/IP and UDP/IP Hybrid (on IPv4 and IPv6)
Ciphers:
RC4-MD5, RC4-SHA, AES128-SHA, AES256-SHA, DES-CBC-SHA and DES-CBC3-SHA
Data Compression: zlib
Session-key: 128bit
Based Standards: Extended HTTPS over SSL Protocol (RFC2818, RFC 5246)
WAN Optimization: 1-32 Parallel TCP Connection to Construct a Logical VPN Session
Persistent Link: Infinite Auto-reconnect Function
Proxy Support: HTTP Proxy Server, SOCKS Proxy Server
User-authentication:
- Anonymous
- Standard Password Authentication
- Password Authentication for RADIUS
- Password Authentication for NT Domain and Active Directory
- X.509 RSA PKI Certification Authentication (Key file on Disk)
- X.509 RSA PKI Certification Authentication (PKCS#11 Smart-cards or USB Tokens)
VPN Encapsulation Payload
Ethernet (IEEE802.3) Frames (Up to 1,514bytes or 1,518bytes for IEEE802.1Q VLAN Tags)
Supported VPN Clients: SoftEther VPN Client
Supported Client OS: Windows and Linux
Supported VPN Topologies: Remote-access VPN, Site-to-Site VPN (L2-Bridging) and Site-to-Site VPN (L3-Routing)

L2TP/IPsec Sever Function Specifications on SoftEther VPN Server