Table of contents
Combined revision comparison
...
VPN session in the client mode is primarily applied to VPN sessions that is connected from VPN Client to VPN Server. In this way of using conventional VPN Client, it will primarily usage as VPN client for remote access VPN by installing VPN Client on client computers in a remote location, that can creatcreating Virtual Hub and connecting the Virtual Hub to VPN Server.
Therefore with VPN sessions thatWith VPN sessions are established by connection from conventional VPN Client, only one Ethernet device with a MAC address should be connected to VPN on the VPN Client side. In other words, Virtual Network Adapter device driver that is used by VPN Client for connection, is simply connected to Virtual Hub, and the MAC address will allott to the Virtual Network Adapter in which is supposed to be the only network adapter existing on the client side for the concerned VPN session.
Users who actually use computers installed with VPN Client, however it can bridge connectedconnect to a separate physical network adapter on the client computer side by using function of the operating system and it can connect to another IP network by using the IP routing function of the operating system. If this operation is randomly performed by users who is having VPN Client, the user may unintentionally alter the network topology on the VPN administrator side, and they could destroy the uniformity and manageability of the VPN network as a whole.
Thus in a client mode session (i.e., VPN session connected from VPN Client layer 2 bridge or layer 3 routing on the client side of the VPN session), it) is forbidden as a rule. This makes it impossible for users of VPN Client connected to SoftEther VPN Server to connect Virtual Network Adapter on the client computer side to another network. In other words alteration of the network topology or unintentional computer connection to VPN by administrator can be prevented.
By selecting the bridge/router mode as the connection mode for advanced communication setting of VPN Client connection settings, client mode session limitations are canceled so theand bridge and routing on the VPN Client side become possible. For details see 4.4 Making Connection to VPN Server.
If deny security policy bridge and router operation ais enabled for user setting values registered for each Virtual Hub of SoftEther VPN Server, users cannot connect to VPN Server in bridge/router mode (error occurs for VPN connection). For more information on security policy, see 3.5 Virtual Hub Security Features.
...
VPN sessions connected in the monitoring mode can receive all Ethernet frames flowing through the connection source of Virtual Hub as they are. This mode can be used for intercepting Ethernet packets which flowing through Virtual Hub, capturing them using packet capture software, and inspecting all packets such as IDS and IDP. Sessions connected to Virtual Hub in the monitoring mode can receive all Ethernet frames flowing through Virtual Hub, but Ethernet fames cannot oppositely be transmitted to Virtual Hub.
Using this mode enables you to execute the equivalent of functions such as port monitoring and port mirroring whichthat common layer 2 intelligent switching hubs are equipped with.
...
A local bridge session is established when a local bridge connection has created itis created between Virtual Hub of SoftEther VPN Server and a physical network adapter. Unlike a conventional VPN session established by VPN connection from VPN Client / VPN Server / VPN Bridge by SoftEther VPN protocol via a network, the actual communication source for local bridge sessions is a module separate of the computer on which operating VPN Server, also itVPNServeris operating, and is therefore classified as a special session.
...
A cascade connection is a special session generated within a Virtual Hub of cascade connection source VPN Server or VPN Bridge if Virtual Hub of SoftEther VPN Server or SoftEther VPN Bridge operating on a separate computer which is connected to Virtual Hub of SoftEther VPN Server by cascade connection.
In other words, in the case of using cascade connection, a bridge/router mode session, which is the normal session, willis generated by the Virtual Hub of the side being connected to, and a cascade connection session, which is a special session, will creatis created by the Virtual Hub which initiated the cascade connection.
...
A SecureNAT session is a special session that has automatically created internally whenautomaticallycreatedinternallyif the SecureNAT function, which is one of the Virtual Hub functions of SoftEther VPN Server or SoftEther VPN Bridge, is enabled. For more information on SecureNAT function, see 3.7 Virtual NAT & Virtual DHCP Servers.
...
A virtual layer 3 switch session is a special session that has automatically created internally for connection between virtual layer 3 switch and Virtual Hub whenif virtual layer 3 switch function, which is a function of SoftEther VPN Server, is used. For more information on virtual layer 3 switch function, see 3.8 Virtual Layer 3 Switches.
Version from 17:03, 30 Jan 2014
...
VPN session in the client mode is primarily applied to VPN sessions connected from VPN Client to VPN Server. In this way of using conventional VPN Client will primarily usage as VPN client for remote access VPN by installing VPN Client on client computers in a remote location, creating Virtual Hub and connecting the Virtual Hub to VPN Server.
With VPN sessions are established by connection from conventional VPN Client, only one Ethernet device with a MAC address should be connected to VPN on the VPN Client side. In other words, Virtual Network Adapter device driver that is used by VPN Client for connection, is simply connected to Virtual Hub, and the MAC address will allott to the Virtual Network Adapter which is supposed to be the only network adapter existing on the client side for the concerned VPN session.
Users who actually use computers installed with VPN Client, however it can bridge connect to a separate physical network adapter on the client computer side using function of the operating system and it can connect to another IP network by using the IP routing function of the operating system. If this operation is randomly performed by users having VPN Client, the user may unintentionally alter the network topology on the VPN administrator side, and they could destroy the uniformity and manageability of the VPN network as a whole.
Thus in a client mode session (i.e., VPN session connected from VPN Client layer 2 bridge or layer 3 routing on the client side of the VPN session) is forbidden as a rule. This makes it impossible for users of VPN Client connected to SoftEther VPN Server to connect Virtual Network Adapter on the client computer side to another network. In other words alteration of the network topology or unintentional computer connection to VPN by administrator can be prevented.
By selecting the bridge/router mode as the connection mode for advanced communication setting of VPN Client connection settings, client mode session limitations are canceled and bridge and routing on the VPN Client side become possible. For details see 4.4 Making Connection to VPN Server.
If deny security policy bridge and router operation is enabled for user setting values registered for each Virtual Hub of SoftEther VPN Server, users cannot connect to VPN Server in bridge/router mode (error occurs for VPN connection). For more information on security policy, see 3.5 Virtual Hub Security Features.
...
Using this mode enables you to execute the equivalent of functions such as port monitoring and port mirroring that common layer 2 intelligent switching hubs are equipped with.
...
A local bridge session is established when a local bridge connection is created between Virtual Hub of SoftEther VPN Server and a physical network adapter. Unlike a conventional VPN session established by VPN connection from VPN Client / VPN Server / VPN Bridge by SoftEther VPN protocol via a network, the actual communication source for local bridge sessions is a module separate of the computer on which VPN Serveris operating, and is therefore classified as a special session.
...
In other words, in the case of using cascade connection, a bridge/router mode session, which is the normal session, is generated by the Virtual Hub of the side being connected to, and a cascade connection session, which is a special session, is created by the Virtual Hub which initiated the cascade connection.
...
A SecureNAT session is a special session automatically created internally if the SecureNAT function, which is one of the Virtual Hub functions of SoftEther VPN Server or SoftEther VPN Bridge, is enabled. For more information on SecureNAT function, see 3.7 Virtual NAT & Virtual DHCP Servers.
...
A virtual layer 3 switch session is a special session automatically created internally for connection between virtual layer 3 switch and Virtual Hub if virtual layer 3 switch function, which is a function of SoftEther VPN Server, is used. For more information on virtual layer 3 switch function, see 3.8 Virtual Layer 3 Switches.
Version as of 15:57, 1 Feb 2014
...
VPN session in the client mode is primarily applied to VPN sessions that is connected from VPN Client to VPN Server. In this way of using conventional VPN Client, it will primarily usage as VPN client for remote access VPN by installing VPN Client on client computers in a remote location, that can creat Virtual Hub and connecting the Virtual Hub to VPN Server.
Therefore with VPN sessions that are established by connection from conventional VPN Client, only one Ethernet device with a MAC address should be connected to VPN on the VPN Client side. In other words, Virtual Network Adapter device driver that is used by VPN Client for connection, is simply connected to Virtual Hub, and the MAC address will allott to the Virtual Network Adapter in which is supposed to be the only network adapter existing on the client side for the concerned VPN session.
Users who actually use computers installed with VPN Client, however it can bridge connected to a separate physical network adapter on the client computer side by using function of the operating system and it can connect to another IP network by using the IP routing function of the operating system. If this operation is randomly performed by users who is having VPN Client, the user may unintentionally alter the network topology on the VPN administrator side, and they could destroy the uniformity and manageability of the VPN network as a whole.
Thus in a client mode session (i.e., VPN session connected from VPN Client layer 2 bridge or layer 3 routing on the client side of the VPN session), it is forbidden as a rule. This makes it impossible for users of VPN Client connected to SoftEther VPN Server to connect Virtual Network Adapter on the client computer side to another network. In other words alteration of the network topology or unintentional computer connection to VPN by administrator can be prevented.
By selecting the bridge/router mode as the connection mode for advanced communication setting of VPN Client connection settings, client mode session limitations are canceled so the bridge and routing on the VPN Client side become possible. For details see 4.4 Making Connection to VPN Server.
If deny security policy bridge and router operation a enabled for user setting values registered for each Virtual Hub of SoftEther VPN Server, users cannot connect to VPN Server in bridge/router mode (error occurs for VPN connection). For more information on security policy, see 3.5 Virtual Hub Security Features.
...
VPN sessions connected in the monitoring mode can receive all Ethernet frames flowing through the connection source of Virtual Hub as they are. This mode can be used for intercepting Ethernet packets which flowing through Virtual Hub, capturing them using packet capture software, and inspecting all packets such as IDS and IDP. Sessions connected to Virtual Hub in the monitoring mode can receive all Ethernet frames flowing through Virtual Hub, but Ethernet fames cannot oppositely be transmitted to Virtual Hub.
Using this mode enables you to execute the equivalent of functions such as port monitoring and port mirroring which common layer 2 intelligent switching hubs are equipped with.
...
A local bridge session is established when a local bridge connection has created it between Virtual Hub of SoftEther VPN Server and a physical network adapter. Unlike a conventional VPN session established by VPN connection from VPN Client / VPN Server / VPN Bridge by SoftEther VPN protocol via a network, the actual communication source for local bridge sessions is a module separate of the computer on which operating VPN Server, also it is therefore classified as a special session.
...
A cascade connection is a special session generated within a Virtual Hub of cascade connection source VPN Server or VPN Bridge if Virtual Hub of SoftEther VPN Server or SoftEther VPN Bridge operating on a separate computer which is connected to Virtual Hub of SoftEther VPN Server by cascade connection.
In other words, in the case of using cascade connection, a bridge/router mode session, which is the normal session, will generated by the Virtual Hub of the side being connected to, and a cascade connection session, which is a special session, will creat by the Virtual Hub which initiated the cascade connection.
...
A SecureNAT session is a special session that has automatically created internally when the SecureNAT function, which is one of the Virtual Hub functions of SoftEther VPN Server or SoftEther VPN Bridge, is enabled. For more information on SecureNAT function, see 3.7 Virtual NAT & Virtual DHCP Servers.
...
A virtual layer 3 switch session is a special session that has automatically created internally for connection between virtual layer 3 switch and Virtual Hub when virtual layer 3 switch function, which is a function of SoftEther VPN Server, is used. For more information on virtual layer 3 switch function, see 3.8 Virtual Layer 3 Switches.
