Nat traversal and other questions.
Posted: Wed Jul 15, 2015 10:21 am
Hello,
I'm curious about a few things about SoftEther VPN.
1.
What exactly is the nat-traversal technique used in SoftEther VPN?
I've been browsing through the website a little and if I remember well, I've found reference to Hole punching, but I don't understand how the server can punch a hole into the NAT for any incoming connection.
According to some documentation I found here: https://www.usenix.org/legacy/event/use ... d/ford.pdf,
the hole has to be specifically opened towards the (ip,port) of the client attempting to connect to the SoftEther VPN, and therefore it cannot be done without an external "Rendez-vous" server.
Can someone explain me how things runs in SoftEther VPN?
2.
2.1. Is there an option to explicitly enable/disable NAT-Traversal inside vpn_client.conf?
2.2 Is NAT-T enable by default?
2.3 If yes(2.2), should I add "/tcp" at the end of the server hostname to disable it as suggested by the Windows GUI?
3.
3.1. Is VPN Azure related with the hole punching method and/or the nat-traversal technique used in SoftEther VPN?
3.2 If yes(3.1), can it be used to create direct tunnels from client to server without relaying every packet
on the vpnazure servers (and thus avoid a potential extra latency)
4.
4.1. Is VPN Azure Server open source?
(Cedar/AzureServer.c is emtpy ...)
4.2. If no(4.1) , is it intended to stay closed in the future, or is it temporary?
5.
Is VPN Azure related to Microsoft Azure cloud services or is it just a coincidence if they are called by the same name?
EDIT:
6.
Is there a way to run a script automatically when the client service has created the virtual interface in Linux
(i.e. can I do something like:
...
declare UnixVLan
{
declare vpn
{
bool Enable true
bool MacAdress 00:AC:....
string UpScript "ifup vpn_vpn" # IS THERE SUCH AN OPTION or an equivalent ?
}
}
...
)
I may have made some mistakes with my english, just ask if there is something that you don't understand.
Thank you.
I'm curious about a few things about SoftEther VPN.
1.
What exactly is the nat-traversal technique used in SoftEther VPN?
I've been browsing through the website a little and if I remember well, I've found reference to Hole punching, but I don't understand how the server can punch a hole into the NAT for any incoming connection.
According to some documentation I found here: https://www.usenix.org/legacy/event/use ... d/ford.pdf,
the hole has to be specifically opened towards the (ip,port) of the client attempting to connect to the SoftEther VPN, and therefore it cannot be done without an external "Rendez-vous" server.
Can someone explain me how things runs in SoftEther VPN?
2.
2.1. Is there an option to explicitly enable/disable NAT-Traversal inside vpn_client.conf?
2.2 Is NAT-T enable by default?
2.3 If yes(2.2), should I add "/tcp" at the end of the server hostname to disable it as suggested by the Windows GUI?
3.
3.1. Is VPN Azure related with the hole punching method and/or the nat-traversal technique used in SoftEther VPN?
3.2 If yes(3.1), can it be used to create direct tunnels from client to server without relaying every packet
on the vpnazure servers (and thus avoid a potential extra latency)
4.
4.1. Is VPN Azure Server open source?
(Cedar/AzureServer.c is emtpy ...)
4.2. If no(4.1) , is it intended to stay closed in the future, or is it temporary?
5.
Is VPN Azure related to Microsoft Azure cloud services or is it just a coincidence if they are called by the same name?
EDIT:
6.
Is there a way to run a script automatically when the client service has created the virtual interface in Linux
(i.e. can I do something like:
...
declare UnixVLan
{
declare vpn
{
bool Enable true
bool MacAdress 00:AC:....
string UpScript "ifup vpn_vpn" # IS THERE SUCH AN OPTION or an equivalent ?
}
}
...
)
I may have made some mistakes with my english, just ask if there is something that you don't understand.
Thank you.