【aims】
◎ Use AD as the account verification method。
◎ Client side uses independent network segment,And get IP automatically。
◎ Client side will only flow VPN for specific network segment traffic,Go online (Internet) will not。
◎ Client can connect to other network segments within the enterprise。
[Version difference]
SoftEther VPN:
◎ Open source code (Open Source)。
◎ Free。
◎ Some functions”may”Restricted,As in SecureNAT “Static routing table” Features。
PacketiX VPN:
◎ Commercial version (Commercial)。
【About SoftEther VPN..】
◎ "Language Settings" can change language。
【Listener List (TCP/IP port)】
◎ You can decide which port to use for connection according to your needs。
◎ TCP 443 Used for MS-SSTP。
◎ TCP 992 Telnet used for encryption。
◎ TCP 1194 Used for OpenVPN
◎ TCP 5555 Used for SoftEther VPN。
【Various function buttons below】
◎ All can be disabled。
◎ When "Local Bridge Setting" is enabled,The client side is equivalent to the server side in the same network segment。
◎ Disable "Dynamic DNS Setting",Need to be modified “vpn_server.config” files,And after deactivation,In SecureNAT “Static routing table” Function will not be available,A message about this feature cannot be used in this free version will pop up。
【User】
◎ If you want to string with AD,Server must be joined to the domain,Then choose “NT Domain Authentication”,Then it will automatically compare the "User Name" field with the AD account。
◎ If the "User Name" field is different from the AD account,You can check "Specify User Name on Authentication Server",And enter the AD account below。
【SecureNAT Configuration】
◎ Enable NAT and DHCP functions。
◎ Please make sure that the previous "Local Bridge Setting" function is disabled,Otherwise, enabling DHCP will cause the server's existing network segment to receive the IP from this DHCP Server。
◎ "Edit the static routing table to push" below, add other network segments within the company that the Client will be connected to。If you want the client to access the Internet via VPN (Internet),Can join 0.0.0.0 routing。
[Known issues]
◎ If you turn off "Dynamic DNS Setting",Will cause the static routing table function of SecureNAT to be unavailable。
◎ After enabling the NAT function of SecureNAT,If client side uses SQL connection (Such as ERP system),Idle 40 Seconds later,The TCP connection will be dropped by the VPN Server,原因不明。This question has already been 2018 Annual return issue To the official,But so far (2020/07) Still unresolved。
【參考連結】
- [Q&A] Ask about Softether VPN server settings – Signboard Network – Batch kick Industrial Square
- VPN times out when waiting for SQL queries – SoftEther VPN User Forum
- VPN times out when waiting for SQL queries · Issue #482 · SoftEtherVPN / SoftEtherVPN · GitHub
[…] Then I found SoftEther VPN from Japan,After spending some time researching and building,I thought this set should work,Unexpectedly, when I was doing the test,,Found a drop SQL connection bug in SoftEther VPN,And netizens have reported the issue for two years,The official still has not corrected,So I had to reluctantly give up。 How to set up SoftEther VPN,Refer to [Notes] SoftEther VPN Server settings。 […]