9.2 Installing to Windows and Configuring the Default
Settings
This section describes how to install PacketiX VPN Bridge to
an operating system with Windows 2000 or later. This assumes
that in the Windows operating system, no extra application
software is installed after performing a clean install of the
system. This also assumes that the Windows function for blocking
communication to TCP/IP ports from the outside (firewall
function) is disabled.
9.2.1 Selecting the Installation Mode
As described in 「3.2 Operating Modes」, PacketiX VPN Bridge can be operated in
either service mode or user mode. When configuring VPN Bridge
for use as part of an everyday operation system, we recommend
installing PacketiX VPN Server in Bridge mode. The installer for
the Windows version of VPN Bridge installs the VPN Bridge
program to the system in service mode.
9.2.2 Installation Procedure Using the Installer
Preparing the Installer File
The installation of the Windows version of PacketiX VPN
Bridge is very easy as it is almost completely performed
automatically. To install VPN Bridge , use any of the following
methods to obtain the Windows installer file.
- When PacketiX VPN Bridge 2.0 is purchased as a product,
the installer file is distributed on a CD-ROM. Place the
CD-ROM on the CD-ROM drive of the computer and select the
executable file to install the Windows version of VPN Bridge
.
- You can also download the latest VPN Bridge installer
file from the SoftEther Corporation website (http://www.softether.com/).
We recommend checking the above website for the latest
version of VPN Bridge even if you have the CD-ROM with the
installer file. If you signed a maintenance contract with a
partner using PacketiX VPN 2.0, please contact your partner
representative in advance and check whether the latest
version can be installed.
- If you received the latest version of VPN Bridge on a
CD-ROM or as electronic files from your partner using
PacketiX VPN 2.0, install the software using those files.
The VPN Bridge Windows version installer file is an
executable file with the name
vpnbridge-build-number-win32-x86.exe. At the time of writing
this manual, the installer file of the latest build is
vpnbridge-5070-rtm-win32-x86.exe.
 Figure 9-2-1 VPN Bridge Installer |
Starting the Installer
Start the installer by double-clicking the VPN Bridge
installer file. The Windows Installer-based installer starts
automatically. Using the installation wizard, you can select the
name of the installation directory. (By default, the program is
installed to Program Files\PacketiX VPN Bridge on the
system drive.) The VPN Bridge process writes large log files to
the installation directory, so we recommend selecting an area on
the hard drive that has a large amount of disk space and is
quickly accessible.
Figure 9-2-2 Specifying the VPN Bridge
Installation Directory |
During the installation, the end-user license
agreement may be displayed. Please thoroughly read the
agreement. If you agree to the terms and conditions, the
installation continues.
Figure 9-2-3 VPN Bridge End-User License
Agreement |
The installer automatically registers the
PacketiX VPN Bridge system service and sets the program to
automatically start in background mode at Windows startup.
9.2.3 Optimizing the TCP/IP Communication Settings
The window for optimizing the TCP/IP communication settings
may be displayed during installation of VPN Bridge .
Figure 9-2-4 Changing the TCP/IP Communication
Settings |
The TCP/IP communication settings optimization function can
be used to perform the following.
- Using a TCP/IP send/receive window buffer size of 64 KB
or more by means of the window scaling option can improve
the communication speed over a broadband line.
- The buffer size of the Windows AFD service can be
rewritten to a value for high-speed communication.
However, there are reports that enabling the TCP/IP window
scaling option can create unstable communication or completely
block communication through a firewall device, such as some
transparent proxies. These problems seem to occur with older
versions of firewall devices on a network that do not support
the window scaling option. If, after optimizing the TCP/IP
communication settings, TCP/IP communication becomes unstable,
you can restore the optimized TCP/IP communication settings to
their original settings. To restore the optimized TCP/IP
communication settings (and use the default values of the
operating system), we recommend clicking [Start] > [PacketiX VPN
Bridge ] > [TCP Communication Optimization Utility]], and then
changing the [TCP Incoming Window Size] and [TCP Outgoing Window
Size] values to [Use the default value of the operating system].
Figure 9-2-5 Restoring the TCP/IP Communication
Settings to the Default Values of the Operating
System |
9.2.4 Precautions After Installation
When installation of the Windows version of VPN Bridge is
completed, the PacketiX VPN Bridge service is already running in
the background on the Windows system. Normally, the computer
does not have to be restarted after installation of the program.
However, if you expect to use the local bridge function while
using a network adapter that supports hardware offloading, as
described in 「3.6.10 Points to Note when Local Bridging in Windows」, we recommend that you restart the
computer.
To check whether the VPN Bridge installer properly installed
the PacketiX VPN Bridge service to the Windows system, click
[Control Panel] > [Administrative Tools] > [Services], and check
that [PacketiX VPN Bridge ] is displayed on the list of
services.
9.2.5 Managing VPN Bridge with VPN Server Manager
This section is approximately same as initial setting after
the installation of VPN Server. Please refer to "#7.2.5" about
the initial setting of VPN Server.
9.2.6 Managing with vpncmd
This section is approximately same as initial setting after
the installation of VPN Server. Please refer to "#7.2.6" about
the initial setting of VPN Server.
9.2.7 Starting and Stopping Service
The installer for the Windows version of VPN Bridge
automatically installs the PacketiX VPN Bridge service. This
service continually operates while Windows is running, and it
automatically shuts down when Windows shuts down.
If the service must be restarted for management reasons or
because VPN Bridge operations become unstable, you can click
[Control Panel] > [Administrative Tools] > [Services], and start
or stop the service. An easier and more reliable method is to
call the net command at the command prompt and start or
stop the service.
To stop the service, type the following command.
To start the service, type the following command.
If, in the unlikely event, the VPN Bridge process hangs and
cannot be controlled using the net command, you can use
Task Manager in Windows to forcibly terminate the vpnbridge.exe
process.
9.2.8 Adding and Deleting the Service
You can add or delete the service for the vpnbridge.exe
process using the method described in the description of the
service mode of the Windows PacketiX VPN Bridge in 「3.2.1 Service Mode」. You
can use this method, for example, to move all setting files in
the VPN Bridge installation directory to a different directory
or hard drive, and then re-register the process as a service.
(However, we cannot recommend using this method as the
uninstaller may not be able to properly uninstall the program.)
9.2.9 Limitations when Starting with General User Rights
We recommend operating the Windows version of VPN Bridge as a
service mode program, but you can also start VPN Bridge in the
user mode by using the method described in 「3.2.2 User Mode」. When VPN
Bridge is started in user mode, critical security holes, such as
buffer overruns, exist temporarily on the VPN Bridge , but
because only user accounts starting VPN Bridge in user mode
would be affected if an attack were to occur, VPN Bridge can be
used relatively securely and safely. However, SoftEther
Corporation does not recommend actually operating VPN Bridge in
user mode for the following reasons.
- The local bridge function cannot be used. (For details,
please refer to 「3.6 Local Bridges」.)
- Some features of the disaster recovery function, such as
automatic recovery when an error occurs in a self process,
cannot be used. (For details, please refer to 「3.3.12 Failure Recovery」.)
- To start the VPN Bridge process in user mode, the user
must remained logged on to the server. The user cannot
operate VPN Bridge when the user logs off or when no users
are logged on to the server after Windows starts. For these
reasons, user mode is not suited for actual operation of VPN
Bridge .
|