Le phrojekthi isekela izinhlobonhlobo zezivumelwano ze-VPN, ezikuvumela ukuthi usebenzise iseva esekelwe ku-SoftEther VPN ene-Windows ejwayelekile (L2TP, SSTP), i-macOS (L2TP), i-iOS (L2TP) kanye namaklayenti we-Android (L2TP), kanye ukumiselela okusobala kweseva ye-OpenVPN. Ihlinzeka ngamathuluzi okudlula ama-firewall namasistimu okuhlola amaphakethe ajulile. Ukwenza kube nzima kakhulu ukubonwa umhubhe, indlela yokudlulisa i-Ethernet efihlekile phezu kwe-HTTPS nayo iyasekelwa, kuyilapho i-adaptha yenethiwekhi ebonakalayo isetshenziswa ohlangothini lweklayenti, bese kusetshenziswa iswishi ye-Ethernet ebonakalayo ohlangothini lweseva.
Phakathi kwezinguquko ezengezwe ekukhishweni okusha:
- Ukwesekwa okwengeziwe
I-JSON-RPC API , okukuvumela ukuthi udale izinhlelo zokusebenza zezinkampani zangaphandle ukuze uphathe iseva ye-VPN. Kubandakanya ukusebenzisa i-JSON-RPC, ungangeza abasebenzisi namahabhu abonakalayo, uphule ukuxhumana okuthile kwe-VPN, njll. Izibonelo zekhodi zokusebenzisa i-JSON-RPC zishicilelwe i-JavaScript, i-TypeScript, ne-C#. Ukuze ukhubaze i-JSON-RPC, isilungiselelo se-βDisableJsonRpcWebApiβ siyaphakanyiswa; - Ikhonsoli yomqondisi wewebhu eyakhelwe ngaphakathi yengeziwe (https://server/admin/"), okwenza kube nokwenzeka ukuphatha iseva ye-VPN ngesiphequluli. Amakhono esixhumi esibonakalayo sewebhu asanqunyelwe;
- Ukwesekwa okwengeziwe kwemodi yokubethela ibhulokhi ye-AEAD i-ChaCha20-Poly1305-IETF;
- Kwenziwe umsebenzi wokubonisa imininingwane enemininingwane mayelana nephrothokholi esetshenziswe kuseshini ye-VPN;
- Kuqediwe
ukuba sengozini kumshayeli webhuloho lenethiwekhi leWindows, elikuvumela ukuthi ukhulise amalungelo akho endaweni yangakini. Inkinga ivela kuphela ku-Windows 8.0 nezinguqulo ezindala uma usebenzisa i-Local Bridge noma imodi ye-SecureNAT.
Ukhiye
- Isekela i-OpenVPN, SSL-VPN (HTTPS), Ethernet phezu kwe-HTTPS, L2TP, IPsec, MS-SSTP, EtherIP, L2TPv3 kanye ne-Cisco VPN protocol;
- Ukusekelwa kwezindlela zokufinyelela kude nesayithi ukuya kusayithi, kumazinga we-L2 (Ethernet-bridging) kanye ne-L3 (IP);
- Ihambisana namaklayenti okuqala e-OpenVPN;
- Umhubhe we-SSL-VPN nge-HTTPS ikuvumela ukuthi udlule ukuvinjwa ezingeni le-firewall;
- Ikhono lokudala imigudu phezu kwe-ICMP ne-DNS;
- I-DNS enamandla eyakhelwe ngaphakathi kanye nezindlela zokudlula ze-NAT zokuqinisekisa ukusebenza kubabungazi ngaphandle kwekheli le-IP elizinikele unomphela;
- Ukusebenza okuphezulu, ukuhlinzeka ngesivinini sokuxhuma se-1Gbs ngaphandle kwezidingo ezibalulekile zosayizi we-RAM ne-CPU;
- Isitaki se-IPv4/IPv6 esikabili;
- Sebenzisa i-AES 256 ne-RSA 4096 ukuze ubhale ngemfihlo;
- Ukutholakala kwesixhumi esibonakalayo sewebhu, isihleli sesithombe seWindows kanye nesixhumi esibonakalayo somugqa womyalo wezingxenyekazi eziningi ngesitayela seCisco IOS;
- Ukunikeza i-firewall esebenza ngaphakathi komhubhe we-VPN;
- Ikhono lokuqinisekisa abasebenzisi nge-RADIUS, izilawuli zesizinda se-NT nezitifiketi zeklayenti ze-X.509;
- Ukutholakala kwemodi yokuhlola iphakethe evumela ukuthi ugcine irekhodi lamaphakethe adlulisiwe;
- Ukusekelwa kweseva kweWindows, Linux, FreeBSD, Solaris kanye ne-macOS. Ukutholakala kwamaklayenti eWindows, Linux, macOS, Android, iOS kanye neWindows Phone.
Source: opennet.ru