Table of contents

10.2 Common Concepts and Knowledge

    Table of contents
    to the older version or return to version archive.

    Combined revision comparison

    Comparing version 15:45, 21 Jan 2024 by puripuri2100 with version 02:25, 26 Jan 2024 by puripuri2100.

    ...

    • When the administrator of the server you are about to install VPN Server on will be the same as the VPN Server administrator
      In this case you can install VPN Server yourself. Once the VPN Server install is completed you will be able to set all administrator passwords.
    • When the administrator of the server you are about to install VPN Server on is not going to be the VPN Server administrator
      In this case you must request that the server's administrator (root or Administrator) install VPN Server for you. Once the installation has been completed log in locally or remotely to the VPN Server service by using the VPN server administration tool and set all administrator passwords.
      If you are going to operate VPN Server in User Mode (see section 3.2.2 User Mode3.2 Operating Modes for more information) and you can log into the server machine as a general user then you can use VPN Server under your own user privileges without asking the system administrator. However, this method is not recommended.

    ...

    Once you have installed VPN Server you must decide how many Virtual Hubs to create, their names, and what purpose each will serve. If you wish to give Virtual Hub administrator rights to another user then set the Virtual Hub administrator password and give your administrator rights to that user. (See section 3.3.4 Administration Authority3.4 Virtual Hub Functions for more information.)

    ...

    You must allow TCP/IP traffic to pass through at least 2 of the VPN Server TCP/IP listen ports described in section 3.3.6 Listener Ports3.3 VPN Server Administration. Under most situations we recommend you to open traffic to port 443. The reason for this is that using this port VPN Clients can easily send VPN packets through firewalls or proxy servers masked as HTTPS data.

    ...

    With conventional firewall or NAT hardware you can configure them to allow TCP/IP traffic to pass through at least port 443 (HTTPS). However a few extremely secure networks will filter data addressed to port 443 from the Internet. In that case, if there is another port which you can route TCP/IP traffic through you can use that port to allow VPN Server to be seen from the Internet. (See section 3.3.6 Listener Ports3.3 VPN Server Administration for more information on how to change port numbers.)

    ...

    However, if there will be many users logging in to the VPN Server with each entering their own authentication data (such as for a PC-to-PC VPN or a remote access VPN) you must choose your user authentication method wisely. Please refer to section 10.4.3 Examining User Authentication Methods10.4 Build a Generic Remote Access VPN for more information on selecting an authentication method for remote access VPNs.

    ...

    In most cases you can build a sufficient VPN with only the local bridging functionality to connect the Virtual Hub to a physical LAN (see section 3.6 Local Bridges) and the cascade connection functionality to connect Virtual Hubs together (see section 3.4.11 Cascade Connection3.4 Virtual Hub Functions).

    ...

    Please refer to section 3.7.5 Virtual DHCP Server3.7 Virtual NAT & Virtual DHCP Servers for more information about the Virtual DHCP Server functionality.

    ...

    Please refer to section 3.7.3 Virtual NAT3.7 Virtual NAT & Virtual DHCP Servers for more information about Virtual NAT.

    ...

    Other changes:

    1. /body/ul[2]/li[2]/a/@href: "mks://localhost/4-docs/1-manual/3/3.2""mks://localhost/4-docs/1-manual/3/3.2#3.2.2_User_Mode"
    2. /body/ul[2]/li[2]/a/@title: "4-docs/1-manual/3/3.2""3.2.2 User Mode"
    3. /body/p[9]/a/@href: "mks://localhost/4-docs/1-manual/3/3.4""mks://localhost/4-docs/1-manual/3/3.3#3.3.4_Administration_Authority"
    4. /body/p[9]/a/@title: "4-docs/1-manual/3/3.4""3.3.4 Administration Authority"
    5. /body/p[12]/a/@href: "mks://localhost/4-docs/1-manual/3/3.3""mks://localhost/4-docs/1-manual/3/3.3#3.3.6_Listener_Ports"
    6. /body/p[12]/a/@title: "4-docs/1-manual/3/3.3""3.3.6 Listener Ports"
    7. /body/p[18]/a/@href: "mks://localhost/4-docs/1-manual/3/3.3""mks://localhost/4-docs/1-manual/3/3.3#3.3.6_Listener_Ports"
    8. /body/p[18]/a/@title: "4-docs/1-manual/3/3.3""3.3.6 Listener Ports"
    9. /body/p[22]/a/@href: "mks://localhost/4-docs/1-manual/A/10.4""mks://localhost/4-docs/1-manual/A/10.4#10.4.3_Examining_User_Authentication_Methods"
    10. /body/p[22]/a/@title: "4-docs/1-manual/A/10.4""10.4.3 Examining User Authentication Methods"
    11. /body/p[25]/a[2]/@href: "mks://localhost/4-docs/1-manual/3/3.4""mks://localhost/4-docs/1-manual/3/3.4#3.4.11_Cascade_Connection_Functions"
    12. /body/p[25]/a[2]/@title: "4-docs/1-manual/3/3.4""3.4.11 Cascade Connection Functions"
    13. /body/p[30]/a/@href: "mks://localhost/4-docs/1-manual/3/3.7""mks://localhost/4-docs/1-manual/3/3.7#3.7.5_Virtual_DHCP_Server"
    14. /body/p[30]/a/@title: "4-docs/1-manual/3/3.7""3.7.5 Virtual DHCP Server"
    15. /body/p[33]/a/@href: "mks://localhost/4-docs/1-manual/3/3.7""mks://localhost/4-docs/1-manual/3/3.7#3.7.3_Virtual_NAT"
    16. /body/p[33]/a/@title: "4-docs/1-manual/3/3.7""3.7.3 Virtual NAT"

    Version from 15:45, 21 Jan 2024

    This revision modified by puripuri2100 (Ban)

    ...

    • When the administrator of the server you are about to install VPN Server on will be the same as the VPN Server administrator
      In this case you can install VPN Server yourself. Once the VPN Server install is completed you will be able to set all administrator passwords.
    • When the administrator of the server you are about to install VPN Server on is not going to be the VPN Server administrator
      In this case you must request that the server's administrator (root or Administrator) install VPN Server for you. Once the installation has been completed log in locally or remotely to the VPN Server service by using the VPN server administration tool and set all administrator passwords.
      If you are going to operate VPN Server in User Mode (see section 3.2 Operating Modes for more information) and you can log into the server machine as a general user then you can use VPN Server under your own user privileges without asking the system administrator. However, this method is not recommended.

    ...

    Once you have installed VPN Server you must decide how many Virtual Hubs to create, their names, and what purpose each will serve. If you wish to give Virtual Hub administrator rights to another user then set the Virtual Hub administrator password and give your administrator rights to that user. (See section 3.4 Virtual Hub Functions for more information.)

    ...

    You must allow TCP/IP traffic to pass through at least 2 of the VPN Server TCP/IP listen ports described in section 3.3 VPN Server Administration. Under most situations we recommend you to open traffic to port 443. The reason for this is that using this port VPN Clients can easily send VPN packets through firewalls or proxy servers masked as HTTPS data.

    ...

    With conventional firewall or NAT hardware you can configure them to allow TCP/IP traffic to pass through at least port 443 (HTTPS). However a few extremely secure networks will filter data addressed to port 443 from the Internet. In that case, if there is another port which you can route TCP/IP traffic through you can use that port to allow VPN Server to be seen from the Internet. (See section 3.3 VPN Server Administration for more information on how to change port numbers.)

    ...

    However, if there will be many users logging in to the VPN Server with each entering their own authentication data (such as for a PC-to-PC VPN or a remote access VPN) you must choose your user authentication method wisely. Please refer to section 10.4 Build a Generic Remote Access VPN for more information on selecting an authentication method for remote access VPNs.

    ...

    In most cases you can build a sufficient VPN with only the local bridging functionality to connect the Virtual Hub to a physical LAN (see section 3.6 Local Bridges) and the cascade connection functionality to connect Virtual Hubs together (see section 3.4 Virtual Hub Functions).

    ...

    Please refer to section 3.7 Virtual NAT & Virtual DHCP Servers for more information about the Virtual DHCP Server functionality.

    ...

    Please refer to section 3.7 Virtual NAT & Virtual DHCP Servers for more information about Virtual NAT.

    ...

    Current version

    This revision modified by puripuri2100 (Ban)

    ...

    • When the administrator of the server you are about to install VPN Server on will be the same as the VPN Server administrator
      In this case you can install VPN Server yourself. Once the VPN Server install is completed you will be able to set all administrator passwords.
    • When the administrator of the server you are about to install VPN Server on is not going to be the VPN Server administrator
      In this case you must request that the server's administrator (root or Administrator) install VPN Server for you. Once the installation has been completed log in locally or remotely to the VPN Server service by using the VPN server administration tool and set all administrator passwords.
      If you are going to operate VPN Server in User Mode (see section 3.2.2 User Mode for more information) and you can log into the server machine as a general user then you can use VPN Server under your own user privileges without asking the system administrator. However, this method is not recommended.

    ...

    Once you have installed VPN Server you must decide how many Virtual Hubs to create, their names, and what purpose each will serve. If you wish to give Virtual Hub administrator rights to another user then set the Virtual Hub administrator password and give your administrator rights to that user. (See section 3.3.4 Administration Authority for more information.)

    ...

    You must allow TCP/IP traffic to pass through at least 2 of the VPN Server TCP/IP listen ports described in section 3.3.6 Listener Ports. Under most situations we recommend you to open traffic to port 443. The reason for this is that using this port VPN Clients can easily send VPN packets through firewalls or proxy servers masked as HTTPS data.

    ...

    With conventional firewall or NAT hardware you can configure them to allow TCP/IP traffic to pass through at least port 443 (HTTPS). However a few extremely secure networks will filter data addressed to port 443 from the Internet. In that case, if there is another port which you can route TCP/IP traffic through you can use that port to allow VPN Server to be seen from the Internet. (See section 3.3.6 Listener Ports for more information on how to change port numbers.)

    ...

    However, if there will be many users logging in to the VPN Server with each entering their own authentication data (such as for a PC-to-PC VPN or a remote access VPN) you must choose your user authentication method wisely. Please refer to section 10.4.3 Examining User Authentication Methods for more information on selecting an authentication method for remote access VPNs.

    ...

    In most cases you can build a sufficient VPN with only the local bridging functionality to connect the Virtual Hub to a physical LAN (see section 3.6 Local Bridges) and the cascade connection functionality to connect Virtual Hubs together (see section 3.4.11 Cascade Connection Functions).

    ...

    Please refer to section 3.7.5 Virtual DHCP Server for more information about the Virtual DHCP Server functionality.

    ...

    Please refer to section 3.7.3 Virtual NAT for more information about Virtual NAT.

    ...