VPN server release , developed as a versatile and high-performance alternative to OpenVPN and Microsoft's VPN products. Code licensed under Apache 2.0.
The project supports a wide range of VPN protocols, which allows using the server based on SoftEther VPN with regular Windows (L2TP, SSTP), macOS (L2TP), iOS (L2TP) and Android (L2TP) clients, as well as a transparent replacement for the OpenVPN server. Tools are provided to bypass firewalls and deep packet inspection systems. To make it difficult to detect a tunnel, the technique of camouflaged Ethernet forwarding over HTTPS is also supported, while a virtual network adapter is implemented on the client side, and a virtual Ethernet switch is implemented on the server side.
Among the changes added in the new release:
- Added support , which allows you to create third-party applications to manage the VPN server. Including through JSON-RPC, you can add users and virtual hubs, break certain VPN connections, etc. Code examples for using JSON-RPC have been published for JavaScript, TypeScript, and C#. To disable JSON-RPC, the "DisableJsonRpcWebApi" setting is proposed;
- Added a built-in administrator web-console (https://server/admin/Β» ), which makes it possible to manage the VPN server through a browser. The capabilities of the web interface are still limited;
- Added support for ChaCha20-Poly1305-IETF block cipher AEAD mode;
- Implemented a function to display detailed information about the protocol used in the VPN session;
- Eliminated in the network bridge driver for Windows, which allows you to locally elevate your privileges in the system. The issue only occurs on Windows 8.0 and older editions when using Local Bridge or SecureNAT mode.
Key Soft Ethernet VPN:
- Support for OpenVPN, SSL-VPN (HTTPS), Ethernet over HTTPS, L2TP, IPsec, MS-SSTP, EtherIP, L2TPv3 and Cisco VPN protocols;
- Support for remote-access and site-to-site connection modes, at L2 (Ethernet-bridging) and L3 (IP) levels;
- Compatible with original OpenVPN clients;
- Tunneling SSL-VPN over HTTPS allows you to bypass blocking at the firewall level;
- Ability to create tunnels over ICMP and DNS;
- Built-in dynamic DNS and NAT traversal mechanisms to ensure operation on hosts without a permanent dedicated IP address;
- High performance, providing a connection speed of 1Gbs without significant requirements for the size of RAM and CPU;
- Dual IPv4/IPv6 stack;
- Use for AES 256 and RSA 4096 encryption;
- Availability of a web interface, a graphical configurator for Windows and a multiplatform command line interface in the style of Cisco IOS;
- Providing a firewall that works inside the VPN tunnel;
- Ability to authenticate users through RADIUS, NT domain controllers and X.509 client certificates;
- The presence of a packet inspection mode that allows you to keep a log of transmitted packets;
- Server support for Windows, Linux, FreeBSD, Solaris and macOS. Availability of clients for Windows, Linux, macOS, Android, iOS and Windows Phone.
Source: opennet.ru