Table of contents
Combined revision comparison
...
Furthermore, if your LAN only has private IP addresses and VPN Bridge can only be installed with system administrator rights, you can still set up a remote access VPN by using SecureNAT. (See section # 10.11 Exploit SecureNAT for Remote Access into Firewall without Any Permission# for for details.) In this case, you are dealing with a LAN that has many limitations imposed upon it, but by utilizing SecureNAT you should be able to enable remote access to the LAN without the need for any administrator rights. However, you will still need to receive permission to do so from the network's administrator beforehand.
...
VPN Server and VPN Bridge of virtual Hub have basic DHCP server function. When this DHCP server function is enabled, client computers connected to layer 2 segment of virtual Hub are assigned IP addresses, and receive notification of default gateway and the address of DNS server. The way of using basic DHCP server, see #3.7#.
3.7 Virtual NAT & Virtual DHCP Servers.
...
- Connect to the Virtual Hub from VPN Client in monitoring mode. This will enable the VPN Client's Virtual Network Adapter to capture all packets going through the Virtual Hub. Now you can use snort or some other IDS software on the Virtual Network Adapter to view the packets going through the Virtual Hub. For more information please refer to 1.6 VPN Communication Details
#1.6.10#and#4.4.17#.4.4 Making Connection to VPN Server. However, this method only allows for the use of a software based IDS. - By using the method described in section
#3.6.8#,3.6 Local Bridges, you can out all of the packets going through the Virtual Hub from the LAN port of the physical network adapter connected to the computer running VPN Server. This method will allow you to use hardware based IDS to view all of the packets going through a Virtual Hub.
...
11.2.9 Hello World !
...
11.2.10 Performing Administration Via TELNET as Supported in SoftEther 1.0 (old version)
With SoftEther 1.0 (old version),1.0, you could perform Virtual Hub administration with TELNET. You can use TELNET or SSH to perform administration on SoftEther VPN Server as well. For this, you will need a separate TELNET or SSH server. (Operating systems such as UNIX or Windows 2000 and higher usually come with a TELNET or SSH server already.) From the administrative console you can connect to the server you want to perform administration on. Then, in that console session you can execute vpncmd which will allow you to perform administrative tasks through TELNET or SSH. Please see section 6. Command Line Management Utility Manual#6# for more information on how to use vpncmd.
...
As described in section #3.9Clustering#,, VPN Server's clustering capabilities will automatically introduce fault-tolerance between the cluster member servers. However, the standard capabilities of VPN Server do not implement any fault-tolerance for the cluster controller itself. Therefore, if the cluster controller has a power failure, hardware failure (such as a memory error), or some other failure, the cluster controller's job can not automatically be transferred to another computer. We strongly recommend that you use Registered ECC memory, RAID, UPS, and other such features to increase the stability of your cluster controller server if you are setting up a large scale cluster.
...
As described in #3.5.11#,3.5 Virtual Hub Security Features, you can limit computer access not only username but also physical IP address.
...
When connecting to VPN Server, the encryption algorithm with SSL encryption session uses RC4-MD5 by default. You can change the encryption algorithm which has longer bit length than that. In detail, see #3.3.15#.
3.3 VPN Server Administration.
...
The detail about using tagged VLAN packet on virtual Hub and localbridge connection function when using VPN Server and VPN Bridge, see #3.6.7#.
3.6 Local Bridges.
...
The MAC address of virtual network adapter on VPN Client can be changed. The way of changing, see "Changing Advanced Setting" of #4.3.2#.4.3 Virtual Network Adapter. you can also change the setting with NicSetSetting of vpncmd command.
...
The virtual network adapter of VPN Client reports a communication speed as 100Mbps to windows. This value can be changed at will. In detail, see "Changing Advanced Setting" of #4.3.2#.
4.3 Virtual Network Adapter.
...
When connecting to VPN Server with VPN Client, you can enter a password with password authentication not to save one. In detail, see "Information Required for Standard Password Authentication and RADIUS or NT Domain Authentication" of #4.4.7#.
4.4 Making Connection to VPN Server.
...
You can create multiple Virtual Network Adapters and connection configurations with VPN Client and designate each connection configuration to use a separate Virtual Network Adapter. This allows a single VPN client computer to easily connect to multiple VPN Servers or Virtual Hubs at the same time. This is the same concept as if you installed multiple physical network adapters to your computer and connected each one to a different LAN. Please refer to section #4#4. SoftEther VPN Client Manual for more information.
...
By using SecureNAT you can easily provide remote access to a network which normally can not be connected to from the Internet. You can even do so without having administrator rights on the computers on that network. However, you will still need permission from that network's administrator beforehand. Please refer to section #10.11Exploit SecureNAT for Remote Access into Firewall without Any Permission# for more information.
Version from 21:15, 2 Mar 2013
...
Furthermore, if your LAN only has private IP addresses and VPN Bridge can only be installed with system administrator rights, you can still set up a remote access VPN by using SecureNAT. (See section #10.11# for details.) In this case, you are dealing with a LAN that has many limitations imposed upon it, but by utilizing SecureNAT you should be able to enable remote access to the LAN without the need for any administrator rights. However, you will still need to receive permission to do so from the network's administrator beforehand.
...
VPN Server and VPN Bridge of virtual Hub have basic DHCP server function. When this DHCP server function is enabled, client computers connected to layer 2 segment of virtual Hub are assigned IP addresses, and receive notification of default gateway and the address of DNS server. The way of using basic DHCP server, see #3.7#.
...
- Connect to the Virtual Hub from VPN Client in monitoring mode. This will enable the VPN Client's Virtual Network Adapter to capture all packets going through the Virtual Hub. Now you can use snort or some other IDS software on the Virtual Network Adapter to view the packets going through the Virtual Hub. For more information please refer to
#1.6.10#and#4.4.17#.However, this method only allows for the use of a software based IDS. - By using the method described in section
#3.6.8#,you can out all of the packets going through the Virtual Hub from the LAN port of the physical network adapter connected to the computer running VPN Server. This method will allow you to use hardware based IDS to view all of the packets going through a Virtual Hub.
...
With SoftEther 1.0, you could perform Virtual Hub administration with TELNET. You can use TELNET or SSH to perform administration on SoftEther VPN Server as well. For this, you will need a separate TELNET or SSH server. (Operating systems such as UNIX or Windows 2000 and higher usually come with a TELNET or SSH server already.) From the administrative console you can connect to the server you want to perform administration on. Then, in that console session you can execute vpncmd which will allow you to perform administrative tasks through TELNET or SSH. Please see section #6# for more information on how to use vpncmd.
...
As described in section #3.9#, VPN Server's clustering capabilities will automatically introduce fault-tolerance between the cluster member servers. However, the standard capabilities of VPN Server do not implement any fault-tolerance for the cluster controller itself. Therefore, if the cluster controller has a power failure, hardware failure (such as a memory error), or some other failure, the cluster controller's job can not automatically be transferred to another computer. We strongly recommend that you use Registered ECC memory, RAID, UPS, and other such features to increase the stability of your cluster controller server if you are setting up a large scale cluster.
...
As described in #3.5.11#, you can limit computer access not only username but also physical IP address.
...
When connecting to VPN Server, the encryption algorithm with SSL encryption session uses RC4-MD5 by default. You can change the encryption algorithm which has longer bit length than that. In detail, see #3.3.15#.
...
The detail about using tagged VLAN packet on virtual Hub and localbridge connection function when using VPN Server and VPN Bridge, see #3.6.7#.
...
The MAC address of virtual network adapter on VPN Client can be changed. The way of changing, see "Changing Advanced Setting" of #4.3.2#. you can also change the setting with NicSetSetting of vpncmd command.
...
The virtual network adapter of VPN Client reports a communication speed as 100Mbps to windows. This value can be changed at will. In detail, see "Changing Advanced Setting" of #4.3.2#.
...
When connecting to VPN Server with VPN Client, you can enter a password with password authentication not to save one. In detail, see "Information Required for Standard Password Authentication and RADIUS or NT Domain Authentication" of #4.4.7#.
...
You can create multiple Virtual Network Adapters and connection configurations with VPN Client and designate each connection configuration to use a separate Virtual Network Adapter. This allows a single VPN client computer to easily connect to multiple VPN Servers or Virtual Hubs at the same time. This is the same concept as if you installed multiple physical network adapters to your computer and connected each one to a different LAN. Please refer to section #4# for more information.
...
By using SecureNAT you can easily provide remote access to a network which normally can not be connected to from the Internet. You can even do so without having administrator rights on the computers on that network. However, you will still need permission from that network's administrator beforehand. Please refer to section #10.11# for more information.
Version as of 18:19, 4 Mar 2013
...
Furthermore, if your LAN only has private IP addresses and VPN Bridge can only be installed with system administrator rights, you can still set up a remote access VPN by using SecureNAT. (See section 10.11 Exploit SecureNAT for Remote Access into Firewall without Any Permission for details.) In this case, you are dealing with a LAN that has many limitations imposed upon it, but by utilizing SecureNAT you should be able to enable remote access to the LAN without the need for any administrator rights. However, you will still need to receive permission to do so from the network's administrator beforehand.
...
VPN Server and VPN Bridge of virtual Hub have basic DHCP server function. When this DHCP server function is enabled, client computers connected to layer 2 segment of virtual Hub are assigned IP addresses, and receive notification of default gateway and the address of DNS server. The way of using basic DHCP server, see 3.7 Virtual NAT & Virtual DHCP Servers.
...
- Connect to the Virtual Hub from VPN Client in monitoring mode. This will enable the VPN Client's Virtual Network Adapter to capture all packets going through the Virtual Hub. Now you can use snort or some other IDS software on the Virtual Network Adapter to view the packets going through the Virtual Hub. For more information please refer to 1.6 VPN Communication Details and 4.4 Making Connection to VPN Server. However, this method only allows for the use of a software based IDS.
- By using the method described in section 3.6 Local Bridges, you can out all of the packets going through the Virtual Hub from the LAN port of the physical network adapter connected to the computer running VPN Server. This method will allow you to use hardware based IDS to view all of the packets going through a Virtual Hub.
...
11.2.9 Hello World !
...
11.2.10 Performing Administration Via TELNET as Supported in SoftEther 1.0 (old version)
With SoftEther 1.0 (old version), you could perform Virtual Hub administration with TELNET. You can use TELNET or SSH to perform administration on SoftEther VPN Server as well. For this, you will need a separate TELNET or SSH server. (Operating systems such as UNIX or Windows 2000 and higher usually come with a TELNET or SSH server already.) From the administrative console you can connect to the server you want to perform administration on. Then, in that console session you can execute vpncmd which will allow you to perform administrative tasks through TELNET or SSH. Please see section 6. Command Line Management Utility Manual for more information on how to use vpncmd.
...
As described in section 3.9Clustering, VPN Server's clustering capabilities will automatically introduce fault-tolerance between the cluster member servers. However, the standard capabilities of VPN Server do not implement any fault-tolerance for the cluster controller itself. Therefore, if the cluster controller has a power failure, hardware failure (such as a memory error), or some other failure, the cluster controller's job can not automatically be transferred to another computer. We strongly recommend that you use Registered ECC memory, RAID, UPS, and other such features to increase the stability of your cluster controller server if you are setting up a large scale cluster.
...
As described in 3.5 Virtual Hub Security Features, you can limit computer access not only username but also physical IP address.
...
When connecting to VPN Server, the encryption algorithm with SSL encryption session uses RC4-MD5 by default. You can change the encryption algorithm which has longer bit length than that. In detail, see 3.3 VPN Server Administration.
...
The detail about using tagged VLAN packet on virtual Hub and localbridge connection function when using VPN Server and VPN Bridge, see 3.6 Local Bridges.
...
The MAC address of virtual network adapter on VPN Client can be changed. The way of changing, see "Changing Advanced Setting" of 4.3 Virtual Network Adapter. you can also change the setting with NicSetSetting of vpncmd command.
...
The virtual network adapter of VPN Client reports a communication speed as 100Mbps to windows. This value can be changed at will. In detail, see "Changing Advanced Setting" of 4.3 Virtual Network Adapter.
...
When connecting to VPN Server with VPN Client, you can enter a password with password authentication not to save one. In detail, see "Information Required for Standard Password Authentication and RADIUS or NT Domain Authentication" of 4.4 Making Connection to VPN Server.
...
You can create multiple Virtual Network Adapters and connection configurations with VPN Client and designate each connection configuration to use a separate Virtual Network Adapter. This allows a single VPN client computer to easily connect to multiple VPN Servers or Virtual Hubs at the same time. This is the same concept as if you installed multiple physical network adapters to your computer and connected each one to a different LAN. Please refer to section 4. SoftEther VPN Client Manual for more information.
...
By using SecureNAT you can easily provide remote access to a network which normally can not be connected to from the Internet. You can even do so without having administrator rights on the computers on that network. However, you will still need permission from that network's administrator beforehand. Please refer to section 10.11Exploit SecureNAT for Remote Access into Firewall without Any Permission for more information.
