Table of contents
Basic Capabilities of SoftEther VPN Server
Maximum Concurrent VPN Sessions
- 4,096 Sessions
Maximum Virtual Hubs
- 4,096 Virtual Hubs
Remote Access VPN
- Layer-2 (Ethernet Bridging)
- Layer-3 (IP Routing)
Site-to-Site VPN
- Layer-2 (Ethernet Bridging)
- Layer-3 (IP Routing)
Traffic Control
- VoIP / QoS Priority Control
- Traffic Shaping for Per Users or Groups
Maximum Objects in a Virtual Hub
- Users: 10,000
- Groups: 10,000
- Access List Entries: 32,768
- MAC Address Table Entries: 65,536
- IP Address Table Entries: 65,536
- Cascade Connections: 128
SecureNAT Function
- Virtual NAT Function: Maximum 4,096 Dynamic Mapping
- User-mode NAT
- Kernel-mode NAT
- Virtual DHCP Function
High Availability and Clustering
- Maximum Cluster Members: 64
- Load Balancing
- Load Balancing Weight Control
- Dynamic Mode Virtual Hub Mapping over Cluster Members
- Static Mode Virtual Hub Mapping over Cluster Members
- Fault Terrance
Security Features
- External User-authentication Methods: RADIUS / NT Domain / Active Directory
- Security Policy Settings for Per User / Per Group
- Security Logs Isolation for Each Virtual Hubs
- Works as System-mode Background Service
- Works as User-mode Program
- DoS Attacks Detection and Protection (SYN Flood)
Management Functions
- VPN Server Manager GUI for Windows
- Command-line Management Utility (vpncmd)
- Listener Ports Dynamic Add / Delete
VPN Protocols Supported by SoftEther VPN Server
- SoftEther VPN Protocol (Ethernet over HTTPS)
- OpenVPN (L3-mode and L2-mode)
- L2TP/IPsec
- MS-SSTP (Microsoft Secure Socket Tunneling Protocol)
- SSTP/IPsec
- EtherIP/IPsec
SoftEther VPN Protocol Specification
- Upper Underlying Protocol: SSL (Secure Socket Layer) 3.0 / TLS (Transport Layer Security) 1.0
- Lower Underlying Protocol: TCP/IP and UDP/IP Hybrid (on IPv4 and IPv6)
- Ciphers:
RC4-MD5, RC4-SHA, AES128-SHA, AES256-SHA, DES-CBC-SHA and DES-CBC3-SHA - Data Compression: zlib
- Session-key: 128bit
- Based Standards: Extended HTTPS over SSL Protocol (RFC2818, RFC 5246)
- WAN Optimization: 1-32 Parallel TCP Connection to Construct a Logical VPN Session
- Persistent Link: Infinite Auto-reconnect Function
- Proxy Support: HTTP Proxy Server, SOCKS Proxy Server
- User-authentication:
- Anonymous
- Standard Password Authentication
- Password Authentication for RADIUS
- Password Authentication for NT Domain and Active Directory
- X.509 RSA PKI Certification Authentication (Key file on Disk)
- X.509 RSA PKI Certification Authentication (PKCS#11 Smart-cards or USB Tokens) - VPN Encapsulation Payload
Ethernet (IEEE802.3) Frames (Up to 1,514bytes or 1,518bytes for IEEE802.1Q VLAN Tags) - Supported VPN Clients: SoftEther VPN Client
- Supported Client OS: Windows and Linux
- Supported VPN Topologies: Remote-access VPN, Site-to-Site VPN (L2-Bridging) and Site-to-Site VPN (L3-Routing)
L2TP/IPsec Sever Function Specifications on SoftEther VPN Server