Table of contents
Combined revision comparison
...
SoftEther VPN (the subject of this manual) is VPN software that is the next version of "SoftEther". SoftEther VPN is now developed and released as "freeware", from the SoftEther Project at University of Tsukuba, Japan. SoftEther VPN is planned to become open-source (GPL) software in middle of 2013. We are now struggling to translate all Japanese inline comments in the source-code into English. After translation will be completed, the source-code will be released.
...
VPN is a solution for constructing a virtual network. A technique called "tunneling" that enables users to construct a virtual network between two remote points on an existing public IP network and communicate freely is used in thewith VPN.
...
The fact is that not all existing communication applications and protocols support encryption is a possible problem. For example, HTTP protocol includes a protocol called HTTPS which is encrypted by SSL. And this SSH protocol is encrypted from the beginning. Numerous Internet based applications however either do not have an encryption function, or if they do, they might have a problem with packaging or encryption strength.
...
If using these conventional communications protocols with insufficient security are used as they are on WAN such as dedicated lines or the Internet, the data can be intercepted or altered by hacking.
...
Because with the public IP networks such as the Internet, as a rule, any IP packet can be transmitted from a computer of any IP address to another computer of any IP address. If, if data is to be transmitted over the Internet, when communication is to be conducted between a client computer and server computer, the server computer may actually receive packets from a different computer with malicious intent. Nowadays vulnerable operating systems and worms that open security holes in transmission software and server software on the Internet are going around and there is a possibility of infection. Because the computer which directly connected to the Internet is substantially unsafe, it is not recommended that computers that process important communications data for business, etc., be allotted direct Internet global IP addresses and connected to the Internet.
However when sending and receiving data between remote bases via public IP network such as the Internet, as a rule,asarule at least one global IP address port must be open and standing by for communications. This is necessary along with using TCP/IP protocol. Thus when sending and receiving data between computers at remote bases if VPN is not used attainability, it must be secured for IP packets of both computers in which case problems may occur with that has mentioned in security earlierthe previously mentioned security.
...
By using VPN these problems can be easily and reliably solved. In theThe fact that VPN carries out communication with the structure whereby encapsulated packets flowing in the tunnel established between computers at remote bases as it was mentioned earlierwas previously mentioned when establishing the tunnel, user authentication is mutually conducted between the computers and the tunnel is established only if successful. Also once the tunnel is established, as long as physical network communication is not cut off, it is constantly maintained and all the data flowing through the tunnel is encrypted. Andand if electronic signature is added, other computers on the Internet which is not related to the tunnel can no longer interrupt communications of that tunnel.
...
By utilizing the structure of VPN such as previously described, without using dedicated line services that is used to charge high usage fees, with more robust security that dedicated line services, communications can be conducted between computers of any base via the Internet.
...
By using VPN, public networks whereby any computers can communicate freely by IP Internet. It can establish a company dedicated virtual communications network within that network, and a safe and stable independent network that can be constructed without worrying about danger of Internet.
...
Several VPN software and hardware solutions have existed for some time, and since 1998 VPN technology and technologies employing it hashave been used at various sites. For example the following VPN protocols are currently incorporated into several network products and has been used.
...
However many older VPN protocols have the following limitations, and under various circumstances, usesuse must be restricted or cannot be used.
...
The majority of conventional VPN protocols such as in these examples, because VPN communications is realized by an approach unlike ordinary TCP/IP connection-oriented communication model, it cannot carry out VPN communications transcending in many network gateway devices, especially NAT (IP masquerade), almost all proxy servers and firewalls.
Therefore when used, the majority of conventional VPN protocols require a global IP address will be allotted to both of the VPN connection source client computer and connection destination VPN server computer . Oror installation of network gateway devices can be customized so special packets can be processed.
...
Version from 18:45, 3 Mar 2013
...
SoftEther VPN (the subject of this manual) is VPN software that is the next version of "SoftEther". SoftEther VPN is now developed and released as "freeware", from the SoftEther Project at University of Tsukuba, Japan. SoftEther VPN is planned to become open-source (GPL) software in middle of 2013. We are now struggling to translate all Japanese inline comments in the source-code into English. After translation will be completed, the source-code will be released.
...
VPN is a solution for constructing a virtual network. A technique called "tunneling" that enables users to construct a virtual network between two remote points on an existing public IP network and communicate freely is used with VPN.
...
If these conventional communications protocols with insufficient security are used as they are on WAN such as dedicated lines or the Internet, the data can be intercepted or altered by hacking.
...
Because with public IP networks such as the Internet, as a rule, any IP packet can be transmitted from a computer of any IP address to another computer of any IP address, if data is to be transmitted over the Internet, when communication is to be conducted between a client computer and server computer, the server computer may actually receive packets from a different computer with malicious intent. Nowadays vulnerable operating systems and worms that open security holes in transmission software and server software on the Internet are going around and there is possibility of infection. Because the computer directly connected to the Internet is substantially unsafe, it is not recommended that computers that process important communications data for business, etc., be allotted direct Internet global IP addresses and connected to the Internet.
However when sending and receiving data between remote bases via public IP network such as the Internet as a rule at least one global IP address port must be open and standing by for communications. This is necessary along with using TCP/IP protocol. Thus when sending and receiving data between computers at remote bases if VPN is not used attainability must be secured for IP packets of both computers in which case problems may occur with the previously mentioned security.
...
By using VPN these problems can be easily and reliably solved. The fact that VPN carries out communication with the structure whereby encapsulated packets flowing in the tunnel established between computers at remote bases as was previously mentioned when establishing the tunnel user authentication is mutually conducted between the computers and the tunnel is established only if successful. Also once the tunnel is established, as long as physical network communication is not cut off, it is constantly maintained and all the data flowing through the tunnel is encrypted and if electronic signature is added, other computers on the Internet not related to the tunnel can no longer interrupt communications of that tunnel.
...
Several VPN software and hardware solutions have existed for some time, and since 1998 VPN technology and technologies employing it have been used at various sites. For example the following VPN protocols are currently incorporated into several network products and used.
...
However many older VPN protocols have the following limitations, and under various circumstances, use must be restricted or cannot be used.
...
Therefore when used, the majority of conventional VPN protocols require a global IP address be allotted to both the VPN connection source client computer and connection destination VPN server computer or installation of network gateway devices customized so special packets can be processed.
...
Version as of 19:45, 15 Jan 2014
...
VPN is a solution for constructing a virtual network. A technique called "tunneling" that enables users to construct a virtual network between two remote points on an existing public IP network and communicate freely is used in the VPN.
...
The fact is that not all existing communication applications and protocols support encryption is a possible problem. For example, HTTP protocol includes a protocol called HTTPS which is encrypted by SSL. And this SSH protocol is encrypted from the beginning. Numerous Internet based applications however either do not have an encryption function, or if they do, they might have a problem with packaging or encryption strength.
...
If using these conventional communications protocols with insufficient security as they are on WAN such as dedicated lines or the Internet, the data can be intercepted or altered by hacking.
...
Because with the public IP networks such as the Internet, as a rule, any IP packet can be transmitted from a computer of any IP address to another computer of any IP address. If data is to be transmitted over the Internet, when communication is to be conducted between a client computer and server computer, the server computer may actually receive packets from a different computer with malicious intent. Nowadays vulnerable operating systems and worms that open security holes in transmission software and server software on the Internet are going around and there is a possibility of infection. Because the computer which directly connected to the Internet is substantially unsafe, it is not recommended that computers that process important communications data for business, etc., be allotted direct Internet global IP addresses and connected to the Internet.
However when sending and receiving data between remote bases via public IP network such as the Internet, as a rule, at least one global IP address port must be open and standing by for communications. This is necessary along with using TCP/IP protocol. Thus when sending and receiving data between computers at remote bases if VPN is not used attainability, it must be secured for IP packets of both computers in which case problems may occur with that has mentioned in security earlier.
...
By using VPN these problems can be easily and reliably solved. In the fact that VPN carries out communication with the structure whereby encapsulated packets flowing in the tunnel established between computers at remote bases as it was mentioned earlier when establishing the tunnel, user authentication is mutually conducted between the computers and the tunnel is established only if successful. Also once the tunnel is established, as long as physical network communication is not cut off, it is constantly maintained and all the data flowing through the tunnel is encrypted. And if electronic signature is added, other computers on the Internet which is not related to the tunnel can no longer interrupt communications of that tunnel.
...
By utilizing the structure of VPN such as previously described, without using dedicated line services that is used to charge high usage fees, with more robust security that dedicated line services, communications can be conducted between computers of any base via the Internet.
...
By using VPN, public networks whereby any computers can communicate freely by IP Internet. It can establish a company dedicated virtual communications network within that network, and a safe and stable independent network that can be constructed without worrying about danger of Internet.
...
Several VPN software and hardware solutions have existed for some time, and since 1998 VPN technology and technologies employing it has been used at various sites. For example the following VPN protocols are currently incorporated into several network products and has been used.
...
However many older VPN protocols have the following limitations, and under various circumstances, uses must be restricted or cannot be used.
...
The majority of conventional VPN protocols such as in these examples, because VPN communications is realized by an approach unlike ordinary TCP/IP connection-oriented communication model, it cannot carry out VPN communications transcending in many network gateway devices, especially NAT (IP masquerade), almost all proxy servers and firewalls.
Therefore when used, the majority of conventional VPN protocols require a global IP address will be allotted to both of the VPN connection source client computer and connection destination VPN server computer. Or installation of network gateway devices can be customized so special packets can be processed.
...
