Table of contents
Combined revision comparison
...
- When changing the server clustering settings
when using VPN Server Enterprise Edition or Carrier Edition.
...
Fig. 3-3-1 The VPN Server, Virtual Hubs & settings data which can be held by each hub
.
...
Fig. 3-3-2 Methods for administering the VPN Server & VPN Bridge
.
...
Fig. 3-3-3 Changing the VPN Server password.
...
Fig. 3-3-4 X.509 certificate displayed on VPN Server upon connection via web browser
.
...
Initially, the three TCP/IP port numbers 443, 992 and 55558888 are allocated to the VPN Server as listener ports. While as many listener ports as system resources allow can be added, typically one or two ports are sufficient.
...
Fig. 3-3-5 Management of Listeners window
.
...
The Configuration file is created under the file name "vpn_server.config"[vpn_server.config] which is located in the same directory as that containing the VPN Server processes' executable files. The Configuration file is invariably saved whenever the VPN Server settings are changed or its internal structural data is modified (please note that the file may not be saved immediately due to the disk cache running to reduce the number of disk accesses). The VPN Server stops, and when booted the next time, reads the contents of the vpn_server.config file and, based upon said contents, returns to its values prior to termination. The Configuration file therefore allows the VPN Server's structural data to be restored upon launch to how it was prior to shutdown, regardless of when said shutdown occurs. If the Configuration file does not exist on the disk when the VPN Server is launched, the default settings are applied. The default settings are as follows.
- A Virtual Hub named "DEFAULT" is created. User objects, group objects or any other objects do not exist within the Virtual Hub and all of the settings are default ones (i.e. newly created Virtual Hub settings).
- Three listener ports, numbers 443, 992 and 5555,
8888,are registered. - Local bridge and virtual layer 3 switch definitions are not registered.
- A server certificate is automatically generated using random numbers.
- The Internet connection keep-alive function's default values are set.
The Configuration file for the SoftEther VPN Bridge is named "vpn_bridge.config"[vpn_bridge.config] and the Virtual Hub created by default is named "BRIDGE".
...
- The Windows version SoftEther VPN Server automatically sets the Configuration file upon installation so that read/write can only be done by the Administrators group users and SYSTEM (local system authority).
- The UNIX version SoftEther VPN Servers including the Linux version set permission at 700 (read/write for owner only) when creating the Configuration file.
- Use the operating system's file system function to manually change the file permissions. For Windows, Explorer's properties and the "cacls"
[cacls]command can be used. For UNIX, the "chmod"[chmod]command is available. - It is necessary to avoid the use of file system's which do not feature the FAT or FAT32 permission concepts. If the use of such file systems is inevitable, the file permissions should be placed where physical contact with the server computer is not possible. It is also necessary to implement settings to prevent them from being accessed by anyone other than the Administrators even over a network.
...
To save the Configuration file in binary format, create an empty file named "save_binary"[save_binary] in the same directory as the Configuration file. Once this file exists, the Configuration file will automatically be saved in binary format the next time that the VPN Server writes in it. In addition, when the [save_binary] file has been deleted, the Configuration file will automatically be returned to text format the next time that the VPN Server writes in it.
...
#SoftEtherSoftware Configuration File # #Copyright (C) 2004-2005 SoftEther VPN Project. All Rights Reserved. # #You can edit this file when the program is not working. ## http://www.softether.co.jp/declare root { uint ConfigRevision 1 bool IPsecMessageDisplayed false bool VgsMessageDisplayed false declare DDnsClient { bool Disabled false byte Key ki/0ARfOguxYuFAwum5NkqtTNiI= string LocalHostname PC26 string ProxyHostName $ uint ProxyPort 0 uint ProxyType 0 string ProxyUsername $ } declare IPsec { bool EtherIP_IPsec false string IPsec_Secret vpn string L2TP_DefaultHub DEFAULT bool L2TP_IPsec false bool L2TP_Raw false declare EtherIP_IDSettingsList { } } declaredeclareLicenseManager{}declare ListenerList { declare Listener0 { bool DisableDos false bool Enabled true uint Port 443 } declare Listener1 { bool DisableDos false bool Enabled true uint Port 992 } declare Listener2 { bool DisableDos false bool Enabled true uint Port 1194 } declare Listener3 { bool DisableDos false bool Enabled true uint Port 8888 } } declare LocalBridgeList { bool EnableSoftEtherKernelModeDriver true bool ShowAllInterfaces false } declare ServerConfiguration { uint64 AutoDeleteCheckDiskFreeSpaceMin 8589934592 uint AutoSaveConfigSpan 300 bool BackupConfigOnlyWhenModified true104857600uint AutoSaveConfigSpan 300 string CipherName RC4-MD5 uint CurrentBuild 8996 bool DisableDeadLockCheck false bool DisableDosProction false bool DisableIntelAesAcceleration false bool DisableIPv6Listener false bool DisableNatTraversal false bool DisableOpenVPNServer false bool DisableSSTPServer false bool DontBackupConfig false bool EnableVpnAzure false bool EnableVpnOverDns false bool EnableVpnOverIcmp falseboolDisableDosProctionfalse byte HashedPassword +WzqGYrR3VYXrAhKPZLGEHcIwO8= string KeepConnectHost keepalive.se2.softether.com uint KeepConnectInterval 50 uint KeepConnectPort 80 uint KeepConnectProtocol 1 uint MaxConnectionsPerIP 256 uint MaxUnestablishedConnections 1000 bool NoDebugDump false bool NoHighPriorityProcess false bool NoSendSignature false string OpenVPN_UdpPortList 1194 bool SaveDebugLog false byte ServerCert MIIC6DCCAdACAQAwDQYJKoZIhvcNAQEFBQAwOjENMAsGA1UEAxMEUEMyNjENMAsGA1UEChMEUEMyNjENMAsGA1UECxMEUEMyNjELMAkGA1UEBhMCVVMwHhcNMTMwMzAyMDcxMjMzWhcNMzYxMjMxMDcxMjMzWjA6MQ0wCwYDVQQDEwRQQzI2MQ0wCwYDVQQKEwRQQzI2MQ0wCwYDVQQLEwRQQzI2MQswCQYDVQQGEwJVUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKozS1U1Yr3f1wceckua4LLHBLjDuSYQZ3wjfjixzolURxPP8F2L0T7j4F2QOwu+ZFCwT04FpcW8JVx6K3oij+IeYMYWA5mX7MHZHjnMLAQ8oCNV4O5Kju3T2HBGKpGugooYu9GRwPrWx0KiM+SsD3Ifv3KwWPGCwYx9t7Jed4x4Z41cDZH78mdxFFmoyvG4rj78N8L0KofhRhRA0FppBl01tvBsz3faZSbcVE5k0SKvN+CgPgJ4talPzyiHlrP/NKZ7xqJYH7oWbiYtgWX+oFCJ64JKjIgfm11ExYr6NSORzQBfA2YGF+a3NoWWIO3XLH0/6CaYFTlASlvW+UP1BokCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAKky/5DgXQa3FRTuwO762EVBIX+HJUaRLtJV0sUGnqNFQDjq37fa5CkV2tk0Vw5FrHvnPzVQrWISf0QEcNuDIvunI7PcCpFRixOq0fv4d4vXVs8Qm5iGYyD7U2ZycN/Jb/XYo5kbaOan+0q8ngekjuWtNigUYGetrds+xiFRQhfOUwTgPTVMW3akd+8ynv5rE/259j5zWTosmz09oiRlXFMwUJt/vNyAt6htlclfoDb/jP05uZFzCjMHjcf36XhfgnR41qoN4tmgkfEB2kibW0AGnydOkXnp73yB7ueZKPM3YHNJXfdCkids9xZc6p3AfxQVR6bfQ/OOviniFgH8PYQ== byte ServerKey MIIEpQIBAAKCAQEAqjNLVTVivd/XBx5yS5rgsscEuMO5JhBnfCN+OLHOiVRHE8/wXYvRPuPgXZA7C75kULBPTgWlxbwlXHoreiKP4h5gxhYDmZfswdkeOcwsBDygI1Xg7kqO7dPYcEYqka6Cihi70ZHA+tbHQqIz5KwPch+/crBY8YLBjH23sl53jHhnjVwNkfvyZ3EUWajK8biuPvw3wvQqh+FGFEDQWmkGXTW28GzPd9plJtxUTmTRIq834KA+Ani1qU/PKIeWs/80pnvGolgfuhZuJi2BZf6gUInrgkqMiB+bXUTFivo1I5HNAF8DZgYX5rc2hZYg7dcsfT/oJpgVOUBKW9b5Q/UGiQIDAQABAoIBAQCe+IwriVKyIMn6N0DwRzgLJALQBNgBqp7N/2Tc1Y8hDBvbcISFC5wkzrl5Csdr36hZCWT5biL5PxPyfZXwXSnhPRiMzHEOXC3incYym/ac+ndkqckPKYq4rv9hVthZ/BKnpBSB2U7TvBqfrVslAmTm5qpuGDLrWYMokyAqNTwacbHkJ6O7yA5shKH3IUOjWYQaF93JTr4q+KHOFPUaS4+pzAy6ubV1Shy4FbLyZ9+4g/sdPlRuDuGWM5HpG/rypvgB0/d6jPrLMR9qxeihdVsshAbgq9RAqYjOpqQSeH504eZJIg2TGsTbcVU/RdvJhXS4uXbBdJQvCYe/Yk1HhWpFAoGBANPfXtgW/8FC+hUfOILFoYm7rT5yGjhNW6fSsbQSIaGKU2vca19NqVxhzqdTPNsmAWCn7oDQBmUvycPXkamfiRytiyirho3nmkc5de1vvek9gLP9mfO9k+3LveURT6fKOOz/3J6adn5V7wEzTFvmYTy0BMiG1tsHEOI3iUmDka0XAoGBAM2mC4dpGEuBDXFGj8Uislwso26pQUNxPdqeKAMa3MvHFDvirPrAeTv7rsQ+6l/eRrx/LYf3JrLvGEelB7EFpgnzXG9ZG+nnv0j4w7EfTwcjKmRX8UCxXJ5smvGeBwGsTVtUDdoT7DV3NjhfMZjEqKCJ0RRpgMHepxqm1eU1RW1fAoGAMei2YNTaHl52pq8aEsQXT2ikYMdkIcsnQhtBvRdgULtS91+O835J3Pc1RPk4pq8HOAuXBUT7nK5rKvUG3Rw1oknHNCdjpN3f29NPUkU2SVExljSxJVeNF0EdVG6FgxMB4eJLyBi+vPflOzUoUaWtVi1ZyxroVeQOOBu4/VY+5LUCgYEAldWzdLfH8ctXhf8JZXMATVRgx5IecQsjLBQrxwdddEPapD9mFVUDgAbCsU296pfDJjfrbrNOyPSX1iuRzRL2hS2BXcepJOWrY3mM65KKPAMNMgs5Rg90EiHDSuP+6uMlgbNeXFRDuDjhknUZZ9txmXaQlbTBEYAudKa2FciYizUCgYEAsk5gyOSatourftMSP62MVQ7amyHDTVtvNuCbZX78OH3ejmzRw1pl6eDqCGo68i4Swu41RFr+K0c1sF119rwD+Z8rNjOhnFkYJ43WC4NspfCdKa9ZTXFkJxdeBQFD89HNFbDabqQE1ay1qIWB44wt95aNbHzXl0eBGgN7/o/8ehg=0 byte ServerCert *** byte ServerKey ***uint ServerType 0 bool UseKeepConnect true bool UseWebTimePage false bool UseWebUI false declare ServerTraffic { declare RecvTraffic { uint64 BroadcastBytes 0 uint64 BroadcastCount 0 uint64 UnicastBytes 0 uint64 UnicastCount 0 } declare SendTraffic { uint64 BroadcastBytes 0 uint64 BroadcastCount 0 uint64 UnicastBytes 0 uint64 UnicastCount 0 } } declare SyslogSettings { string HostName $ uint Port 0 uint SaveType 0 } }} declare VirtualHUB { declare DEFAULT { uint64 CreatedTime 1362175953422 byte HashedPassword +WzqGYrR3VYXrAhKPZLGEHcIwO8= uint64 LastCommTime 1362175953408 uint64 LastLoginTime 13621759534081133735260692 uint64 LastLoginTime 1133735260692uint NumLogin 0 bool Online true uint RadiusRetryInterval 0 uint RadiusServerPort 1812 string RadiusSuffixFilter $RadiusServerPort1812 byte SecurePassword bpw3X/O5E8a6G6ccnl4uXmDtkwI= uint Type 0 declare AccessList { } declare AdminOption { uint allow_hub_admin_change_option 0 uint deny_bridge 0 uint deny_change_user_password 0 uint deny_empty_password 0 uint deny_hub_admin_change_ext_option 0 uint deny_qos 0 uint deny_routing 0 uint max_accesslists 0 uint max_bitrates_download 0 uint max_bitrates_upload 0 uint max_groups 0 uint max_multilogins_per_user 0 uint max_sessions 0 uint max_sessions_bridge 0 uint max_sessions_client 0 uint max_sessions_client_bridge_apply 0 uint max_users 0 uint no_access_list_include_file 0 uintmax_sessions0uintmax_users0uint no_cascade 0 uint no_change_access_control_list 0 uint no_change_access_list 0 uint no_change_admin_password 0 uint no_change_cert_list 0 uint no_change_crl_list 0 uint no_change_groups 0 uint no_change_log_config 0 uint no_change_log_switch_type 0 uint no_change_msg 0 uint no_change_users 0 uint no_delay_jitter_packet_loss 0 uintno_change_users0uint no_delete_iptable 0 uint no_delete_mactable 0 uint no_disconnect_session 0 uint no_enum_session 0 uint no_offline 0 uint no_online 0 uint no_query_session 0 uint no_read_log_file 0 uint no_securenat 0 uint no_securenat_enabledhcp 0 uint no_securenat_enablenat 0 } declare CascadeList { } declare LogSetting { uint PacketLogSwitchType 4 uint PACKET_LOG_ARP 0 uint PACKET_LOG_DHCP 1 uint PACKET_LOG_ETHERNET 0 uint PACKET_LOG_ICMP 0 uint PACKET_LOG_IP 0 uint PACKET_LOG_TCP 0 uint PACKET_LOG_TCP_CONN 1 uint PACKET_LOG_UDP 0 bool SavePacketLog true bool SaveSecurityLog true uint SecurityLogSwitchType 4 } declare Message { } declare Option { uint AccessListIncludeFileCacheLifetime 30 uint AdjustTcpMssValue 0 bool ApplyIPv4AccessListOnArpPacket false uint BroadcastStormDetectionThreshold 0 uint ClientMinimumRequiredBuild 0 bool DisableAdjustTcpMss false bool DisableCheckMacOnLocalBridge false bool DisableCorrectIpOffloadChecksum false bool DisableHttpParsing false bool DisableIPParsing false bool DisableKernelModeSecureNAT false bool DisableUdpAcceleration false bool DisableUdpFilterForLocalBridgeNic false bool DisableUserModeSecureNAT false bool FilterBPDU false bool FilterIPv4 false bool FilterIPv6 false bool FilterNonIP false bool FilterOSPF false bool FilterPPPoE false bool ManageOnlyLocalUnicastIPv6 true bool ManageOnlyPrivateIP true uintOption{uint MaxSession 0 bool NoArpPolling false bool NoDhcpPacketLogOutsideHub true bool NoEnum false bool NoIpTable false bool NoIPv4PacketLog false bool NoIPv6AddrPolling false bool NoIPv6DefaultRouterInRAWhenIPv6 true bool NoIPv6PacketLog false bool NoLookBPDUBridgeId false bool NoMacAddressLog true bool NoManageVlanId false bool NoSpinLockForPacketDelay false bool RemoveDefGwOnDhcpForLocalhost true uint RequiredClientId 0 uint SecureNAT_MaxDnsSessionsPerIp 0 uint SecureNAT_MaxIcmpSessionsPerIp 0 uint SecureNAT_MaxTcpSessionsPerIp 0 uint SecureNAT_MaxTcpSynSentPerIp 0 uint SecureNAT_MaxUdpSessionsPerIp 0 string VlanTypeId 0x8100 bool YieldAfterStorePacket falseNoEnumfalse } declare SecureNAT { bool Disabled true bool SaveLog true declare VirtualDhcpServer { string DhcpDnsServerAddress 192.168.30.1 string DhcpDnsServerAddress2 0.0.0.0 string DhcpDomainName sec.softether.co.jpDhcpDomainName$bool DhcpEnabled true uint DhcpExpireTimeSpan 7200 string DhcpGatewayAddress 192.168.30.1 string DhcpLeaseIPEnd 192.168.30.200 string DhcpLeaseIPStart 192.168.30.10 string DhcpSubnetMask 255.255.255.0 } declare VirtualHost { string VirtualHostIp 192.168.30.1 string VirtualHostIpSubnetMask 255.255.255.0 string VirtualHostMacAddress 00-AC-21-11-37-CB80-C3-BA-5E} declare VirtualRouter { bool NatEnabled true uint NatMtu 1500 uint NatTcpTimeout 18007200uint NatUdpTimeout 60 } } declare SecurityAccountDatabase { declare CertList { } declare CrlList { } declare GroupList { } declare IPAccessControlList { } declare UserList { } } declare Traffic { declare RecvTraffic { uint64 BroadcastBytes 0 uint64 BroadcastCount 0 uint64 UnicastBytes 0 uint64 UnicastCount 0 } declare SendTraffic { uint64 BroadcastBytes 0 uint64 BroadcastCount 0 uint64 UnicastBytes 0 uint64 UnicastCount 0 } } } } declare VirtualLayer3SwitchList { } declare VPNGate { string Abuse $ bool IsEnabled false bool LogPermanent false string Message $ bool NoLog false string Owner PC26.sec.softether.co.jp's$20owner } }
...
- Stop the VPN Server program completely if it is operating. A complete stop means ensuring that the vpnserver process is not operating.
- Replace the "vpn_server.config"
[vpn_server.config]file. - Start the VPN Server program.
- Confirm that Configuration has been replaced correctly.
...
Fig. 3-3-6 Automatically saved Configuration history
.
...
Fig. 3-3-7 Virtual Hub statistical information window.
...
Entry | Initial setting values |
Host | keepalive.softether.org |
Host number | 80 |
Packet Send interval | 50 seconds |
Protocol | UDP |
...
Fig. 3-3-8 Keep Alive Internet connection function settings window
.
...
Server status window.Fig. 3-3-9Server status window
...
Fig. 3-3-10 VPN Server information window
.
...
Fig. 3-3-11 Selection window for SSL transmission encryption algorithms
.
...
Fig. 3-3-12 Syslog Transmission function settings window
.
3.3.18 Restricting by IP Address of Remote Administration Connection Source IPsIPAddressRemoteAdministrationConnectionSources
...
Other changes:
- /body/p[8]/a/@class:
" external"⇒ nothing - /body/p[8]/a/@href:
"file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images/3-3-1.gif"⇒ "http://www.softether.org/@api/deki/files/160/=3-3-1.png" - /body/p[8]/a/@title: nothing ⇒ "3-3-1.png"
- /body/p[8]/a/img/@alt:
"Click to enlarge."⇒ "3-3-1.png" - /body/p[8]/a/img/@border:
"2"⇒ nothing - /body/p[8]/a/img/@src:
"file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images_small/3-3-1_small.jpg"⇒ "/@api/deki/files/160/=3-3-1.png?size=webview" - /body/p[8]/a/img/@class: nothing ⇒ "internal default"
- /body/p[8]/a/img/@style: nothing ⇒ "width: 350px; height: 259px;"
- /body/p[9]/@style: nothing ⇒ "text-align: center; "
- /body/p[12]/a/@class:
" external"⇒ nothing - /body/p[12]/a/@href:
"file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images/3-3-2.gif"⇒ "http://www.softether.org/@api/deki/files/161/=3-3-2.png" - /body/p[12]/a/@title: nothing ⇒ "3-3-2.png"
- /body/p[12]/a/img/@alt:
"Click to enlarge."⇒ "3-3-2.png" - /body/p[12]/a/img/@border:
"2"⇒ nothing - /body/p[12]/a/img/@src:
"file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images_small/3-3-2_small.jpg"⇒ "/@api/deki/files/161/=3-3-2.png?size=webview" - /body/p[12]/a/img/@class: nothing ⇒ "internal default"
- /body/p[12]/a/img/@style: nothing ⇒ "width: 350px; height: 278px;"
- /body/p[13]/@style: nothing ⇒ "text-align: center; "
- /body/p[18]/a/@class:
" external"⇒ nothing - /body/p[18]/a/@href:
"file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images/3-3-3.gif"⇒ "http://www.softether.org/@api/deki/files/162/=3-3-3.png" - /body/p[18]/a/@title: nothing ⇒ "3-3-3.png"
- /body/p[18]/a/img/@alt:
"Click to enlarge."⇒ "3-3-3.png" - /body/p[18]/a/img/@border:
"2"⇒ nothing - /body/p[18]/a/img/@src:
"file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images_small/3-3-3_small.jpg"⇒ "/@api/deki/files/162/=3-3-3.png?size=webview" - /body/p[18]/a/img/@class: nothing ⇒ "internal default"
- /body/p[18]/a/img/@style: nothing ⇒ "width: 350px; height: 159px;"
- /body/p[19]/@style: nothing ⇒ "text-align: center; "
- /body/p[26]/a/@class:
" external"⇒ nothing - /body/p[26]/a/@href:
"file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images/3-3-4.gif"⇒ "http://www.softether.org/@api/deki/files/163/=3-3-4.png" - /body/p[26]/a/@title: nothing ⇒ "3-3-4.png"
- /body/p[26]/a/img/@alt:
"Click to enlarge."⇒ "3-3-4.png" - /body/p[26]/a/img/@border:
"2"⇒ nothing - /body/p[26]/a/img/@src:
"file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images_small/3-3-4_small.jpg"⇒ "/@api/deki/files/163/=3-3-4.png?size=webview" - /body/p[26]/a/img/@class: nothing ⇒ "internal default"
- /body/p[26]/a/img/@style: nothing ⇒ "width: 280px; height: 350px;"
- /body/p[27]/@style: nothing ⇒ "text-align: center; "
- /body/p[34]/img/@alt:
"File:C:/TMP/130301vpn4man/VPN4_Manual_(English)/html/images/3-3-5.gif"⇒ "3-3-5.png" - /body/p[34]/img/@border:
"0"⇒ nothing - /body/p[34]/img/@height:
"188"⇒ nothing - /body/p[34]/img/@src:
"file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images/3-3-5.gif"⇒ "/@api/deki/files/164/=3-3-5.png" - /body/p[34]/img/@width:
"315"⇒ nothing - /body/p[34]/img/@class: nothing ⇒ "internal default"
- /body/p[34]/img/@style: nothing ⇒ ""
- /body/p[35]/@style: nothing ⇒ "text-align: center; "
- /body/p[68]/a/@class:
" external"⇒ nothing - /body/p[68]/a/@href:
"file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images/3-3-6.gif"⇒ "http://www.softether.org/@api/deki/files/165/=3-3-6.png" - /body/p[68]/a/@title: nothing ⇒ "3-3-6.png"
- /body/p[68]/a/img/@alt:
"Click to enlarge."⇒ "3-3-6.png" - /body/p[68]/a/img/@border:
"2"⇒ nothing - /body/p[68]/a/img/@src:
"file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images_small/3-3-6_small.jpg"⇒ "/@api/deki/files/165/=3-3-6.png?size=webview" - /body/p[68]/a/img/@class: nothing ⇒ "internal default"
- /body/p[68]/a/img/@style: nothing ⇒ "width: 550px; height: 278px;"
- /body/p[69]/@style: nothing ⇒ "text-align: center; "
- /body/p[79]/a/@class:
" external"⇒ nothing - /body/p[79]/a/@href:
"file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images/3-3-7.gif"⇒ "http://www.softether.org/@api/deki/files/166/=3-3-7.png" - /body/p[79]/a/@title: nothing ⇒ "3-3-7.png"
- /body/p[79]/a/img/@alt:
"Click to enlarge."⇒ "3-3-7.png" - /body/p[79]/a/img/@border:
"2"⇒ nothing - /body/p[79]/a/img/@src:
"file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images_small/3-3-7_small.jpg"⇒ "/@api/deki/files/166/=3-3-7.png?size=webview" - /body/p[79]/a/img/@class: nothing ⇒ "internal default"
- /body/p[79]/a/img/@style: nothing ⇒ "width: 550px; height: 435px;"
- /body/p[80]/@style: nothing ⇒ "text-align: center; "
- /body/p[111]/a/@class:
" external"⇒ nothing - /body/p[111]/a/@href:
"file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images/3-3-8.gif"⇒ "http://www.softether.org/@api/deki/files/167/=3-3-8.png" - /body/p[111]/a/@title: nothing ⇒ "3-3-8.png"
- /body/p[111]/a/img/@alt:
"Click to enlarge."⇒ "3-3-8.png" - /body/p[111]/a/img/@border:
"2"⇒ nothing - /body/p[111]/a/img/@src:
"file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images_small/3-3-8_small.jpg"⇒ "/@api/deki/files/167/=3-3-8.png?size=webview" - /body/p[111]/a/img/@class: nothing ⇒ "internal default"
- /body/p[111]/a/img/@style: nothing ⇒ "width: 350px; height: 226px;"
- /body/p[112]/@style: nothing ⇒ "text-align: center; "
- /body/p[114]/a/@class:
" external"⇒ nothing - /body/p[114]/a/@href:
"file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images/3-3-9.gif"⇒ "http://www.softether.org/@api/deki/files/168/=3-3-9.png" - /body/p[114]/a/@title: nothing ⇒ "3-3-9.png"
- /body/p[114]/a/img/@alt:
"Click to enlarge."⇒ "3-3-9.png" - /body/p[114]/a/img/@border:
"2"⇒ nothing - /body/p[114]/a/img/@src:
"file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images_small/3-3-9_small.jpg"⇒ "/@api/deki/files/168/=3-3-9.png?size=webview" - /body/p[114]/a/img/@class: nothing ⇒ "internal default"
- /body/p[114]/a/img/@style: nothing ⇒ "width: 550px; height: 435px;"
- /body/p[115]/@style: nothing ⇒ "text-align: center; "
- /body/p[119]/a/@class:
" external"⇒ nothing - /body/p[119]/a/@href:
"file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images/3-3-10.gif"⇒ "http://www.softether.org/@api/deki/files/169/=3-3-10.png" - /body/p[119]/a/@title: nothing ⇒ "3-3-10.png"
- /body/p[119]/a/img/@alt:
"Click to enlarge."⇒ "3-3-10.png" - /body/p[119]/a/img/@border:
"2"⇒ nothing - /body/p[119]/a/img/@src:
"file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images_small/3-3-10_small.jpg"⇒ "/@api/deki/files/169/=3-3-10.png?size=webview" - /body/p[119]/a/img/@class: nothing ⇒ "internal default"
- /body/p[119]/a/img/@style: nothing ⇒ "width: 550px; height: 435px;"
- /body/p[120]/@style: nothing ⇒ "text-align: center; "
- /body/p[123]/a/img/@alt:
"File:C:/TMP/130301vpn4man/VPN4_Manual_(English)/html/images/3-3-11.gif"⇒ "3-3-11.png" - /body/p[123]/a/img/@border:
"0"⇒ nothing - /body/p[123]/a/img/@height:
"217"⇒ nothing - /body/p[123]/a/img/@src:
"file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images/3-3-11.gif"⇒ "/@api/deki/files/170/=3-3-11.png?size=webview" - /body/p[123]/a/img/@width:
"391"⇒ nothing - /body/p[123]/a/img/@class: nothing ⇒ "internal default"
- /body/p[123]/a/img/@style: nothing ⇒ "width: 350px; height: 202px;"
- /body/p[124]/@style: nothing ⇒ "text-align: center; "
- /body/p[132]/a/img/@alt:
"File:C:/TMP/130301vpn4man/VPN4_Manual_(English)/html/images/3-3-12.gif"⇒ "3-3-12.png" - /body/p[132]/a/img/@border:
"0"⇒ nothing - /body/p[132]/a/img/@src:
"file:///C:/TMP/130301vpn4man/VPN4%20Manual%20(English)/html/images/3-3-12.gif"⇒ "/@api/deki/files/171/=3-3-12.png?size=webview" - /body/p[132]/a/img/@class: nothing ⇒ "internal default"
- /body/p[132]/a/img/@style: nothing ⇒ "width: 350px; height: 143px;"
- /body/p[133]/@style: nothing ⇒ "text-align: center; "
Version from 16:05, 2 Mar 2013
...
- When changing the server clustering settings
when using VPN Server Enterprise Edition or Carrier Edition.
...
...
...
...
...
Initially, the three TCP/IP port numbers 443, 992 and 8888 are allocated to the VPN Server as listener ports. While as many listener ports as system resources allow can be added, typically one or two ports are sufficient.
...
|
...
The Configuration file is created under the file name [vpn_server.config] which is located in the same directory as that containing the VPN Server processes' executable files. The Configuration file is invariably saved whenever the VPN Server settings are changed or its internal structural data is modified (please note that the file may not be saved immediately due to the disk cache running to reduce the number of disk accesses). The VPN Server stops, and when booted the next time, reads the contents of the vpn_server.config file and, based upon said contents, returns to its values prior to termination. The Configuration file therefore allows the VPN Server's structural data to be restored upon launch to how it was prior to shutdown, regardless of when said shutdown occurs. If the Configuration file does not exist on the disk when the VPN Server is launched, the default settings are applied. The default settings are as follows.
- A Virtual Hub named "DEFAULT" is created. User objects, group objects or any other objects do not exist within the Virtual Hub and all of the settings are default ones (i.e. newly created Virtual Hub settings).
- Three listener ports, numbers 443, 992 and
8888,are registered. - Local bridge and virtual layer 3 switch definitions are not registered.
- A server certificate is automatically generated using random numbers.
- The Internet connection keep-alive function's default values are set.
The Configuration file for the SoftEther VPN Bridge is named [vpn_bridge.config] and the Virtual Hub created by default is named "BRIDGE".
...
- The Windows version SoftEther VPN Server automatically sets the Configuration file upon installation so that read/write can only be done by the Administrators group users and SYSTEM (local system authority).
- The UNIX version SoftEther VPN Servers including the Linux version set permission at 700 (read/write for owner only) when creating the Configuration file.
- Use the operating system's file system function to manually change the file permissions. For Windows, Explorer's properties and the
[cacls]command can be used. For UNIX, the[chmod]command is available. - It is necessary to avoid the use of file system's which do not feature the FAT or FAT32 permission concepts. If the use of such file systems is inevitable, the file permissions should be placed where physical contact with the server computer is not possible. It is also necessary to implement settings to prevent them from being accessed by anyone other than the Administrators even over a network.
...
To save the Configuration file in binary format, create an empty file named [save_binary] in the same directory as the Configuration file. Once this file exists, the Configuration file will automatically be saved in binary format the next time that the VPN Server writes in it. In addition, when the [save_binary] file has been deleted, the Configuration file will automatically be returned to text format the next time that the VPN Server writes in it.
...
# |
...
- Stop the VPN Server program completely if it is operating. A complete stop means ensuring that the vpnserver process is not operating.
- Replace the
[vpn_server.config]file. - Start the VPN Server program.
- Confirm that Configuration has been replaced correctly.
...
...
...
Entry | Initial setting values |
Host | keepalive. |
Host number | 80 |
Packet Send interval | 50 seconds |
Protocol |
...
...
...
...
|
...
|
...
3.3.18 Restricting IP Address Remote Administration Connection Sources
...
Current version
...
The VPN Server, Virtual Hubs & settings data which can be held by each hub.
...
Methods for administering the VPN Server & VPN Bridge.
...
Changing the VPN Server password.
...
X.509 certificate displayed on VPN Server upon connection via web browser.
...
Initially, the three TCP/IP port numbers 443, 992 and 5555 are allocated to the VPN Server as listener ports. While as many listener ports as system resources allow can be added, typically one or two ports are sufficient.
...
Management of Listeners window.
...
The Configuration file is created under the file name "vpn_server.config" which is located in the same directory as that containing the VPN Server processes' executable files. The Configuration file is invariably saved whenever the VPN Server settings are changed or its internal structural data is modified (please note that the file may not be saved immediately due to the disk cache running to reduce the number of disk accesses). The VPN Server stops, and when booted the next time, reads the contents of the vpn_server.config file and, based upon said contents, returns to its values prior to termination. The Configuration file therefore allows the VPN Server's structural data to be restored upon launch to how it was prior to shutdown, regardless of when said shutdown occurs. If the Configuration file does not exist on the disk when the VPN Server is launched, the default settings are applied. The default settings are as follows.
- A Virtual Hub named "DEFAULT" is created. User objects, group objects or any other objects do not exist within the Virtual Hub and all of the settings are default ones (i.e. newly created Virtual Hub settings).
- Three listener ports, numbers 443, 992 and 5555, are registered.
- Local bridge and virtual layer 3 switch definitions are not registered.
- A server certificate is automatically generated using random numbers.
- The Internet connection keep-alive function's default values are set.
The Configuration file for the SoftEther VPN Bridge is named "vpn_bridge.config" and the Virtual Hub created by default is named "BRIDGE".
...
- The Windows version SoftEther VPN Server automatically sets the Configuration file upon installation so that read/write can only be done by the Administrators group users and SYSTEM (local system authority).
- The UNIX version SoftEther VPN Servers including the Linux version set permission at 700 (read/write for owner only) when creating the Configuration file.
- Use the operating system's file system function to manually change the file permissions. For Windows, Explorer's properties and the "cacls" command can be used. For UNIX, the "chmod" command is available.
- It is necessary to avoid the use of file system's which do not feature the FAT or FAT32 permission concepts. If the use of such file systems is inevitable, the file permissions should be placed where physical contact with the server computer is not possible. It is also necessary to implement settings to prevent them from being accessed by anyone other than the Administrators even over a network.
...
To save the Configuration file in binary format, create an empty file named "save_binary" in the same directory as the Configuration file. Once this file exists, the Configuration file will automatically be saved in binary format the next time that the VPN Server writes in it. In addition, when the [save_binary] file has been deleted, the Configuration file will automatically be returned to text format the next time that the VPN Server writes in it.
...
# Software Configuration File # # You can edit this file when the program is not working. # declare root { uint ConfigRevision 1 bool IPsecMessageDisplayed false bool VgsMessageDisplayed false declare DDnsClient { bool Disabled false byte Key ki/0ARfOguxYuFAwum5NkqtTNiI= string LocalHostname PC26 string ProxyHostName $ uint ProxyPort 0 uint ProxyType 0 string ProxyUsername $ } declare IPsec { bool EtherIP_IPsec false string IPsec_Secret vpn string L2TP_DefaultHub DEFAULT bool L2TP_IPsec false bool L2TP_Raw false declare EtherIP_IDSettingsList { } } declare ListenerList { declare Listener0 { bool DisableDos false bool Enabled true uint Port 443 } declare Listener1 { bool DisableDos false bool Enabled true uint Port 992 } declare Listener2 { bool DisableDos false bool Enabled true uint Port 1194 } declare Listener3 { bool DisableDos false bool Enabled true uint Port 8888 } } declare LocalBridgeList { bool EnableSoftEtherKernelModeDriver true bool ShowAllInterfaces false } declare ServerConfiguration { uint64 AutoDeleteCheckDiskFreeSpaceMin 8589934592 uint AutoSaveConfigSpan 300 bool BackupConfigOnlyWhenModified true string CipherName RC4-MD5 uint CurrentBuild 8996 bool DisableDeadLockCheck false bool DisableDosProction false bool DisableIntelAesAcceleration false bool DisableIPv6Listener false bool DisableNatTraversal false bool DisableOpenVPNServer false bool DisableSSTPServer false bool DontBackupConfig false bool EnableVpnAzure false bool EnableVpnOverDns false bool EnableVpnOverIcmp false byte HashedPassword +WzqGYrR3VYXrAhKPZLGEHcIwO8= string KeepConnectHost keepalive.se2.softether.com uint KeepConnectInterval 50 uint KeepConnectPort 80 uint KeepConnectProtocol 1 uint MaxConnectionsPerIP 256 uint MaxUnestablishedConnections 1000 bool NoDebugDump false bool NoHighPriorityProcess false bool NoSendSignature false string OpenVPN_UdpPortList 1194 bool SaveDebugLog false byte ServerCert MIIC6DCCAdACAQAwDQYJKoZIhvcNAQEFBQAwOjENMAsGA1UEAxMEUEMyNjENMAsGA1UEChMEUEMyNjENMAsGA1UECxMEUEMyNjELMAkGA1UEBhMCVVMwHhcNMTMwMzAyMDcxMjMzWhcNMzYxMjMxMDcxMjMzWjA6MQ0wCwYDVQQDEwRQQzI2MQ0wCwYDVQQKEwRQQzI2MQ0wCwYDVQQLEwRQQzI2MQswCQYDVQQGEwJVUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKozS1U1Yr3f1wceckua4LLHBLjDuSYQZ3wjfjixzolURxPP8F2L0T7j4F2QOwu+ZFCwT04FpcW8JVx6K3oij+IeYMYWA5mX7MHZHjnMLAQ8oCNV4O5Kju3T2HBGKpGugooYu9GRwPrWx0KiM+SsD3Ifv3KwWPGCwYx9t7Jed4x4Z41cDZH78mdxFFmoyvG4rj78N8L0KofhRhRA0FppBl01tvBsz3faZSbcVE5k0SKvN+CgPgJ4talPzyiHlrP/NKZ7xqJYH7oWbiYtgWX+oFCJ64JKjIgfm11ExYr6NSORzQBfA2YGF+a3NoWWIO3XLH0/6CaYFTlASlvW+UP1BokCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAKky/5DgXQa3FRTuwO762EVBIX+HJUaRLtJV0sUGnqNFQDjq37fa5CkV2tk0Vw5FrHvnPzVQrWISf0QEcNuDIvunI7PcCpFRixOq0fv4d4vXVs8Qm5iGYyD7U2ZycN/Jb/XYo5kbaOan+0q8ngekjuWtNigUYGetrds+xiFRQhfOUwTgPTVMW3akd+8ynv5rE/259j5zWTosmz09oiRlXFMwUJt/vNyAt6htlclfoDb/jP05uZFzCjMHjcf36XhfgnR41qoN4tmgkfEB2kibW0AGnydOkXnp73yB7ueZKPM3YHNJXfdCkids9xZc6p3AfxQVR6bfQ/OOviniFgH8PYQ== byte ServerKey MIIEpQIBAAKCAQEAqjNLVTVivd/XBx5yS5rgsscEuMO5JhBnfCN+OLHOiVRHE8/wXYvRPuPgXZA7C75kULBPTgWlxbwlXHoreiKP4h5gxhYDmZfswdkeOcwsBDygI1Xg7kqO7dPYcEYqka6Cihi70ZHA+tbHQqIz5KwPch+/crBY8YLBjH23sl53jHhnjVwNkfvyZ3EUWajK8biuPvw3wvQqh+FGFEDQWmkGXTW28GzPd9plJtxUTmTRIq834KA+Ani1qU/PKIeWs/80pnvGolgfuhZuJi2BZf6gUInrgkqMiB+bXUTFivo1I5HNAF8DZgYX5rc2hZYg7dcsfT/oJpgVOUBKW9b5Q/UGiQIDAQABAoIBAQCe+IwriVKyIMn6N0DwRzgLJALQBNgBqp7N/2Tc1Y8hDBvbcISFC5wkzrl5Csdr36hZCWT5biL5PxPyfZXwXSnhPRiMzHEOXC3incYym/ac+ndkqckPKYq4rv9hVthZ/BKnpBSB2U7TvBqfrVslAmTm5qpuGDLrWYMokyAqNTwacbHkJ6O7yA5shKH3IUOjWYQaF93JTr4q+KHOFPUaS4+pzAy6ubV1Shy4FbLyZ9+4g/sdPlRuDuGWM5HpG/rypvgB0/d6jPrLMR9qxeihdVsshAbgq9RAqYjOpqQSeH504eZJIg2TGsTbcVU/RdvJhXS4uXbBdJQvCYe/Yk1HhWpFAoGBANPfXtgW/8FC+hUfOILFoYm7rT5yGjhNW6fSsbQSIaGKU2vca19NqVxhzqdTPNsmAWCn7oDQBmUvycPXkamfiRytiyirho3nmkc5de1vvek9gLP9mfO9k+3LveURT6fKOOz/3J6adn5V7wEzTFvmYTy0BMiG1tsHEOI3iUmDka0XAoGBAM2mC4dpGEuBDXFGj8Uislwso26pQUNxPdqeKAMa3MvHFDvirPrAeTv7rsQ+6l/eRrx/LYf3JrLvGEelB7EFpgnzXG9ZG+nnv0j4w7EfTwcjKmRX8UCxXJ5smvGeBwGsTVtUDdoT7DV3NjhfMZjEqKCJ0RRpgMHepxqm1eU1RW1fAoGAMei2YNTaHl52pq8aEsQXT2ikYMdkIcsnQhtBvRdgULtS91+O835J3Pc1RPk4pq8HOAuXBUT7nK5rKvUG3Rw1oknHNCdjpN3f29NPUkU2SVExljSxJVeNF0EdVG6FgxMB4eJLyBi+vPflOzUoUaWtVi1ZyxroVeQOOBu4/VY+5LUCgYEAldWzdLfH8ctXhf8JZXMATVRgx5IecQsjLBQrxwdddEPapD9mFVUDgAbCsU296pfDJjfrbrNOyPSX1iuRzRL2hS2BXcepJOWrY3mM65KKPAMNMgs5Rg90EiHDSuP+6uMlgbNeXFRDuDjhknUZZ9txmXaQlbTBEYAudKa2FciYizUCgYEAsk5gyOSatourftMSP62MVQ7amyHDTVtvNuCbZX78OH3ejmzRw1pl6eDqCGo68i4Swu41RFr+K0c1sF119rwD+Z8rNjOhnFkYJ43WC4NspfCdKa9ZTXFkJxdeBQFD89HNFbDabqQE1ay1qIWB44wt95aNbHzXl0eBGgN7/o/8ehg= uint ServerType 0 bool UseKeepConnect true bool UseWebTimePage false bool UseWebUI false declare ServerTraffic { declare RecvTraffic { uint64 BroadcastBytes 0 uint64 BroadcastCount 0 uint64 UnicastBytes 0 uint64 UnicastCount 0 } declare SendTraffic { uint64 BroadcastBytes 0 uint64 BroadcastCount 0 uint64 UnicastBytes 0 uint64 UnicastCount 0 } } declare SyslogSettings { string HostName $ uint Port 0 uint SaveType 0 } } declare VirtualHUB { declare DEFAULT { uint64 CreatedTime 1362175953422 byte HashedPassword +WzqGYrR3VYXrAhKPZLGEHcIwO8= uint64 LastCommTime 1362175953408 uint64 LastLoginTime 1362175953408 uint NumLogin 0 bool Online true uint RadiusRetryInterval 0 uint RadiusServerPort 1812 string RadiusSuffixFilter $ byte SecurePassword bpw3X/O5E8a6G6ccnl4uXmDtkwI= uint Type 0 declare AccessList { } declare AdminOption { uint allow_hub_admin_change_option 0 uint deny_bridge 0 uint deny_change_user_password 0 uint deny_empty_password 0 uint deny_hub_admin_change_ext_option 0 uint deny_qos 0 uint deny_routing 0 uint max_accesslists 0 uint max_bitrates_download 0 uint max_bitrates_upload 0 uint max_groups 0 uint max_multilogins_per_user 0 uint max_sessions 0 uint max_sessions_bridge 0 uint max_sessions_client 0 uint max_sessions_client_bridge_apply 0 uint max_users 0 uint no_access_list_include_file 0 uint no_cascade 0 uint no_change_access_control_list 0 uint no_change_access_list 0 uint no_change_admin_password 0 uint no_change_cert_list 0 uint no_change_crl_list 0 uint no_change_groups 0 uint no_change_log_config 0 uint no_change_log_switch_type 0 uint no_change_msg 0 uint no_change_users 0 uint no_delay_jitter_packet_loss 0 uint no_delete_iptable 0 uint no_delete_mactable 0 uint no_disconnect_session 0 uint no_enum_session 0 uint no_offline 0 uint no_online 0 uint no_query_session 0 uint no_read_log_file 0 uint no_securenat 0 uint no_securenat_enabledhcp 0 uint no_securenat_enablenat 0 } declare CascadeList { } declare LogSetting { uint PacketLogSwitchType 4 uint PACKET_LOG_ARP 0 uint PACKET_LOG_DHCP 1 uint PACKET_LOG_ETHERNET 0 uint PACKET_LOG_ICMP 0 uint PACKET_LOG_IP 0 uint PACKET_LOG_TCP 0 uint PACKET_LOG_TCP_CONN 1 uint PACKET_LOG_UDP 0 bool SavePacketLog true bool SaveSecurityLog true uint SecurityLogSwitchType 4 } declare Message { } declare Option { uint AccessListIncludeFileCacheLifetime 30 uint AdjustTcpMssValue 0 bool ApplyIPv4AccessListOnArpPacket false uint BroadcastStormDetectionThreshold 0 uint ClientMinimumRequiredBuild 0 bool DisableAdjustTcpMss false bool DisableCheckMacOnLocalBridge false bool DisableCorrectIpOffloadChecksum false bool DisableHttpParsing false bool DisableIPParsing false bool DisableKernelModeSecureNAT false bool DisableUdpAcceleration false bool DisableUdpFilterForLocalBridgeNic false bool DisableUserModeSecureNAT false bool FilterBPDU false bool FilterIPv4 false bool FilterIPv6 false bool FilterNonIP false bool FilterOSPF false bool FilterPPPoE false bool ManageOnlyLocalUnicastIPv6 true bool ManageOnlyPrivateIP true uint MaxSession 0 bool NoArpPolling false bool NoDhcpPacketLogOutsideHub true bool NoEnum false bool NoIpTable false bool NoIPv4PacketLog false bool NoIPv6AddrPolling false bool NoIPv6DefaultRouterInRAWhenIPv6 true bool NoIPv6PacketLog false bool NoLookBPDUBridgeId false bool NoMacAddressLog true bool NoManageVlanId false bool NoSpinLockForPacketDelay false bool RemoveDefGwOnDhcpForLocalhost true uint RequiredClientId 0 uint SecureNAT_MaxDnsSessionsPerIp 0 uint SecureNAT_MaxIcmpSessionsPerIp 0 uint SecureNAT_MaxTcpSessionsPerIp 0 uint SecureNAT_MaxTcpSynSentPerIp 0 uint SecureNAT_MaxUdpSessionsPerIp 0 string VlanTypeId 0x8100 bool YieldAfterStorePacket false } declare SecureNAT { bool Disabled true bool SaveLog true declare VirtualDhcpServer { string DhcpDnsServerAddress 192.168.30.1 string DhcpDnsServerAddress2 0.0.0.0 string DhcpDomainName sec.softether.co.jp bool DhcpEnabled true uint DhcpExpireTimeSpan 7200 string DhcpGatewayAddress 192.168.30.1 string DhcpLeaseIPEnd 192.168.30.200 string DhcpLeaseIPStart 192.168.30.10 string DhcpSubnetMask 255.255.255.0 } declare VirtualHost { string VirtualHostIp 192.168.30.1 string VirtualHostIpSubnetMask 255.255.255.0 string VirtualHostMacAddress 00-AC-21-11-37-CB } declare VirtualRouter { bool NatEnabled true uint NatMtu 1500 uint NatTcpTimeout 1800 uint NatUdpTimeout 60 } } declare SecurityAccountDatabase { declare CertList { } declare CrlList { } declare GroupList { } declare IPAccessControlList { } declare UserList { } } declare Traffic { declare RecvTraffic { uint64 BroadcastBytes 0 uint64 BroadcastCount 0 uint64 UnicastBytes 0 uint64 UnicastCount 0 } declare SendTraffic { uint64 BroadcastBytes 0 uint64 BroadcastCount 0 uint64 UnicastBytes 0 uint64 UnicastCount 0 } } } } declare VirtualLayer3SwitchList { } declare VPNGate { string Abuse $ bool IsEnabled false bool LogPermanent false string Message $ bool NoLog false string Owner PC26.sec.softether.co.jp's$20owner } }
...
- Stop the VPN Server program completely if it is operating. A complete stop means ensuring that the vpnserver process is not operating.
- Replace the "vpn_server.config" file.
- Start the VPN Server program.
- Confirm that Configuration has been replaced correctly.
...
Automatically saved Configuration history.
...
Virtual Hub statistical information window.
...
Entry | Initial setting values |
Host | keepalive.softether.org |
Host number | 80 |
Packet Send interval | 50 seconds |
Protocol | UDP/IP Protocol |
...
Keep Alive Internet connection function settings window.
...
Server status window.
...
VPN Server information window.
...
Selection window for SSL transmission encryption algorithms.
...
Syslog Transmission function settings window.
3.3.18 Restricting by IP Address of Remote Administration Connection Source IPs
...