Skip to content
Branch: master
Find file History

README.md

SoftEther VPN Server JSON-RPC API Suite Document

This reference describes all JSON-RPC functions available on SoftEther VPN Server.

You can access to the latest SoftEther VPN Server JSON-RPC Document on GitHub.

What is SoftEther VPN Server JSON-RPC API Suite?

The API Suite allows you to easily develop your original SoftEther VPN Server management application to control the VPN Server (e.g. creating users, adding Virtual Hubs, disconnecting a specified VPN sessions).

  • Almost all control APIs, which the VPN Server provides, are available as JSON-RPC API.
  • You can write your own VPN Server management application in your favorite languages (JavaScript, TypeScript, Java, Python, Ruby, C#, ... etc.)
  • If you are planning to develop your own VPN cloud service, the JSON-RPC API is the best choice to realize the automated operations for the VPN Server.
  • No need to use any specific API client library since all APIs are provided on the JSON-RPC 2.0 Specification. You can use your favorite JSON and HTTPS client library to call any of all APIs in your pure runtime environment.
  • Also, the SoftEther VPN Project provides high-quality JSON-RPC client stub libraries which define all of the API client stub codes. These libraries are written in C#, JavaScript and TypeScript. The Node.js Client Library for VPN Server RPC (vpnrpc) package is also available.

Principle

Entry point

The entry point URL of JSON-RPC is:

https://<vpn_server_hostname>:<port>/api/
  • Older versions of SoftEther VPN before June 2019 don't support JSON-RPC APIs.
  • If you want to completely disable the JSON-RPC on your VPN Server, set the DisableJsonRpcWebApi variable to true on the vpn_server.config.

JSON-RPC specification

You must use HTTPS 1.1 POST method to call each of JSON-RPC APIs.
All APIs are based on the JSON-RPC 2.0 Specification.

  • JSON-RPC Notification is not supported.
  • JSON-RPC Batch is not supported.

"vpnrpc": Node.js Client Library package for VPN Server JSON-RPC

If you are willing to develop your original JSON-RPC client for SoftEther VPN, you can use the JavaScript Client Library for VPN Server RPC (vpnrpc).

  • You can use the vpnrpc library in JavaScript for both web browsers (e.g. Chrome, FireFox or Edge) and Node.js.
  • As a sample code there is the sample.ts program in TypeScript. This sample calls all of available JSON-RPC APIs against the specified SoftEther VPN Server. (Note: This sample code is written in TypeScript.)

You can use the following command to download the vpnrpc library package with Node.js.

$ npm install --save-dev vpnrpc

"vpnrpc.ts": TypeScript Client Library for VPN Server JSON-RPC

If you are willing to develop your original JSON-RPC client for SoftEther VPN, you can use the TypeScript Client Library for VPN Server RPC (vpnrpc.ts).

  • You can use the vpnrpc.ts library in TypeScript / JavaScript for both web browsers (e.g. Chrome, FireFox or Edge) and Node.js.
  • As a sample code there is the sample.ts program in TypeScript. This sample calls one by one all of available JSON-RPC APIs against the specified SoftEther VPN Server.

"vpnserver-jsonrpc-client-csharp": C# Client Library for VPN Server JSON-RPC

If you are willing to develop your original JSON-RPC client for SoftEther VPN, you can use the vpnserver-jsonrpc-client-csharp C# library.

  • The client library codes for C# is written in pure C# 7.3. It works on .NET Core 2.1 or later on Windows, Linux and macOS. Very comfort with Visual Studio for both Windows or macOS.
  • As a sample code there is the VpnServerRpcTest.cs program in C#. This sample calls one by one all of available JSON-RPC APIs against the specified SoftEther VPN Server.

HTTPS Authentication

You must specify the following HTTPS custom headers for authentication on each of requests.

Value Description
X-VPNADMIN-HUBNAME The name of the Virtual Hub if you want to connect to the VPN Server as a Virtual Hub Admin Mode. Specify empty string if you want to connect to the VPN Server as the Entire VPN Server Admin Mode.
X-VPNADMIN-PASSWORD Specify the administration password.
  • You can omit the above HTTPS custom authentication headers if you are calling JSON-RPC APIs from the web browser which is already logged in to the VPN Server with HTTPS Basic Authentication. In such usage the credential of HTTPS Basic Authtication will be used.

Table of contents


"Test" RPC API - Test RPC function

Description

Test RPC function. Input any integer value to the IntValue_u32 field. Then the server will convert the integer to the string, and return the string in the StrValue_str field.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "Test",
  "params": {
    "IntValue_u32": 0
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "IntValue_u32": 0,
    "Int64Value_u64": 0,
    "StrValue_str": "strvalue",
    "UniStrValue_utf": "unistrvalue"
  }
}

Parameters

Name Type Description
IntValue_u32 number (uint32) A 32-bit integer field
Int64Value_u64 number (uint64) A 64-bit integer field
StrValue_str string (ASCII) An Ascii string field
UniStrValue_utf string (UTF8) An UTF-8 string field

"GetServerInfo" RPC API - Get server information

Description

Get server information. This allows you to obtain the server information of the currently connected VPN Server or VPN Bridge. Included in the server information are the version number, build number and build information. You can also obtain information on the current server operation mode and the information of operating system that the server is operating on.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "GetServerInfo",
  "params": {}
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "ServerProductName_str": "serverproductname",
    "ServerVersionString_str": "serverversionstring",
    "ServerBuildInfoString_str": "serverbuildinfostring",
    "ServerVerInt_u32": 0,
    "ServerBuildInt_u32": 0,
    "ServerHostName_str": "serverhostname",
    "ServerType_u32": 0,
    "ServerBuildDate_dt": "2020-08-01T12:24:36.123",
    "ServerFamilyName_str": "serverfamilyname",
    "OsType_u32": 0,
    "OsServicePack_u32": 0,
    "OsSystemName_str": "ossystemname",
    "OsProductName_str": "osproductname",
    "OsVendorName_str": "osvendorname",
    "OsVersion_str": "osversion",
    "KernelName_str": "kernelname",
    "KernelVersion_str": "kernelversion"
  }
}

Parameters

Name Type Description
ServerProductName_str string (ASCII) Server product name
ServerVersionString_str string (ASCII) Server version string
ServerBuildInfoString_str string (ASCII) Server build information string
ServerVerInt_u32 number (uint32) Server version integer value
ServerBuildInt_u32 number (uint32) Server build number integer value
ServerHostName_str string (ASCII) Server host name
ServerType_u32 number (enum) Type of server
Values:
0: Stand-alone server
1: Farm controller server
2: Farm member server
ServerBuildDate_dt Date Build date and time of the server
ServerFamilyName_str string (ASCII) Family name
OsType_u32 number (enum) OS type
Values:
1100: Windows 95
1200: Windows 98
1300: Windows Me
1400: Windows (unknown)
2100: Windows NT 4.0 Workstation
2110: Windows NT 4.0 Server
2111: Windows NT 4.0 Server, Enterprise Edition
2112: Windows NT 4.0 Terminal Server
2113: BackOffice Server 4.5
2114: Small Business Server 4.5
2200: Windows 2000 Professional
2211: Windows 2000 Server
2212: Windows 2000 Advanced Server
2213: Windows 2000 Datacenter Server
2214: BackOffice Server 2000
2215: Small Business Server 2000
2300: Windows XP Home Edition
2301: Windows XP Professional
2410: Windows Server 2003 Web Edition
2411: Windows Server 2003 Standard Edition
2412: Windows Server 2003 Enterprise Edition
2413: Windows Server 2003 DataCenter Edition
2414: BackOffice Server 2003
2415: Small Business Server 2003
2500: Windows Vista
2510: Windows Server 2008
2600: Windows 7
2610: Windows Server 2008 R2
2700: Windows 8
2710: Windows Server 2012
2701: Windows 8.1
2711: Windows Server 2012 R2
2702: Windows 10
2712: Windows Server 10
2800: Windows 11 or later
2810: Windows Server 11 or later
3000: Unknown UNIX
3100: Linux
3200: Solaris
3300: Cygwin
3400: BSD
3500: MacOS X
OsServicePack_u32 number (uint32) Service pack number
OsSystemName_str string (ASCII) OS system name
OsProductName_str string (ASCII) OS product name
OsVendorName_str string (ASCII) OS vendor name
OsVersion_str string (ASCII) OS version
KernelName_str string (ASCII) Kernel name
KernelVersion_str string (ASCII) Kernel version

"GetServerStatus" RPC API - Get Current Server Status

Description

Get Current Server Status. This allows you to obtain in real-time the current status of the currently connected VPN Server or VPN Bridge. You can get statistical information on data communication and the number of different kinds of objects that exist on the server. You can get information on how much memory is being used on the current computer by the OS.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "GetServerStatus",
  "params": {}
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "ServerType_u32": 0,
    "NumTcpConnections_u32": 0,
    "NumTcpConnectionsLocal_u32": 0,
    "NumTcpConnectionsRemote_u32": 0,
    "NumHubTotal_u32": 0,
    "NumHubStandalone_u32": 0,
    "NumHubStatic_u32": 0,
    "NumHubDynamic_u32": 0,
    "NumSessionsTotal_u32": 0,
    "NumSessionsLocal_u32": 0,
    "NumSessionsRemote_u32": 0,
    "NumMacTables_u32": 0,
    "NumIpTables_u32": 0,
    "NumUsers_u32": 0,
    "NumGroups_u32": 0,
    "AssignedBridgeLicenses_u32": 0,
    "AssignedClientLicenses_u32": 0,
    "AssignedBridgeLicensesTotal_u32": 0,
    "AssignedClientLicensesTotal_u32": 0,
    "Recv.BroadcastBytes_u64": 0,
    "Recv.BroadcastCount_u64": 0,
    "Recv.UnicastBytes_u64": 0,
    "Recv.UnicastCount_u64": 0,
    "Send.BroadcastBytes_u64": 0,
    "Send.BroadcastCount_u64": 0,
    "Send.UnicastBytes_u64": 0,
    "Send.UnicastCount_u64": 0,
    "CurrentTime_dt": "2020-08-01T12:24:36.123",
    "CurrentTick_u64": 0,
    "StartTime_dt": "2020-08-01T12:24:36.123",
    "TotalMemory_u64": 0,
    "UsedMemory_u64": 0,
    "FreeMemory_u64": 0,
    "TotalPhys_u64": 0,
    "UsedPhys_u64": 0,
    "FreePhys_u64": 0
  }
}

Parameters

Name Type Description
ServerType_u32 number (enum) Type of server
Values:
0: Stand-alone server
1: Farm controller server
2: Farm member server
NumTcpConnections_u32 number (uint32) Total number of TCP connections
NumTcpConnectionsLocal_u32 number (uint32) Number of Local TCP connections
NumTcpConnectionsRemote_u32 number (uint32) Number of remote TCP connections
NumHubTotal_u32 number (uint32) Total number of HUBs
NumHubStandalone_u32 number (uint32) Nymber of stand-alone HUB
NumHubStatic_u32 number (uint32) Number of static HUBs
NumHubDynamic_u32 number (uint32) Number of Dynamic HUBs
NumSessionsTotal_u32 number (uint32) Total number of sessions
NumSessionsLocal_u32 number (uint32) Number of local VPN sessions
NumSessionsRemote_u32 number (uint32) The number of remote sessions
NumMacTables_u32 number (uint32) Number of MAC table entries (total sum of all Virtual Hubs)
NumIpTables_u32 number (uint32) Number of IP table entries (total sum of all Virtual Hubs)
NumUsers_u32 number (uint32) Number of users (total sum of all Virtual Hubs)
NumGroups_u32 number (uint32) Number of groups (total sum of all Virtual Hubs)
AssignedBridgeLicenses_u32 number (uint32) Number of assigned bridge licenses (Useful to make a commercial version)
AssignedClientLicenses_u32 number (uint32) Number of assigned client licenses (Useful to make a commercial version)
AssignedBridgeLicensesTotal_u32 number (uint32) Number of Assigned bridge license (cluster-wide), useful to make a commercial version
AssignedClientLicensesTotal_u32 number (uint32) Number of assigned client licenses (cluster-wide), useful to make a commercial version
Recv.BroadcastBytes_u64 number (uint64) Number of broadcast packets (Recv)
Recv.BroadcastCount_u64 number (uint64) Broadcast bytes (Recv)
Recv.UnicastBytes_u64 number (uint64) Unicast count (Recv)
Recv.UnicastCount_u64 number (uint64) Unicast bytes (Recv)
Send.BroadcastBytes_u64 number (uint64) Number of broadcast packets (Send)
Send.BroadcastCount_u64 number (uint64) Broadcast bytes (Send)
Send.UnicastBytes_u64 number (uint64) Unicast bytes (Send)
Send.UnicastCount_u64 number (uint64) Unicast bytes (Send)
CurrentTime_dt Date Current time
CurrentTick_u64 number (uint64) 64 bit High-Precision Logical System Clock
StartTime_dt Date VPN Server Start-up time
TotalMemory_u64 number (uint64) Memory information: Total Memory
UsedMemory_u64 number (uint64) Memory information: Used Memory
FreeMemory_u64 number (uint64) Memory information: Free Memory
TotalPhys_u64 number (uint64) Memory information: Total Phys
UsedPhys_u64 number (uint64) Memory information: Used Phys
FreePhys_u64 number (uint64) Memory information: Free Phys

"CreateListener" RPC API - Create New TCP Listener

Description

Create New TCP Listener. This allows you to create a new TCP Listener on the server. By creating the TCP Listener the server starts listening for a connection from clients at the specified TCP/IP port number. A TCP Listener that has been created can be deleted by the DeleteListener API. You can also get a list of TCP Listeners currently registered by using the EnumListener API. To execute this API, you must have VPN Server administrator privileges.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "CreateListener",
  "params": {
    "Port_u32": 0,
    "Enable_bool": false
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "Port_u32": 0,
    "Enable_bool": false
  }
}

Parameters

Name Type Description
Port_u32 number (uint32) Port number (Range: 1 - 65535)
Enable_bool boolean Active state

"EnumListener" RPC API - Get List of TCP Listeners

Description

Get List of TCP Listeners. This allows you to get a list of TCP listeners registered on the current server. You can obtain information on whether the various TCP listeners have a status of operating or error. To call this API, you must have VPN Server administrator privileges.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "EnumListener",
  "params": {}
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "ListenerList": [
      {
        "Ports_u32": 0,
        "Enables_bool": false,
        "Errors_bool": false
      },
      {
        "Ports_u32": 0,
        "Enables_bool": false,
        "Errors_bool": false
      },
      {
        "Ports_u32": 0,
        "Enables_bool": false,
        "Errors_bool": false
      }
    ]
  }
}

Parameters

Name Type Description
ListenerList Array object List of listener items
Ports_u32 number (uint32) TCP port number (range: 1 - 65535)
Enables_bool boolean Active state
Errors_bool boolean The flag to indicate if the error occurred on the listener port

"DeleteListener" RPC API - Delete TCP Listener

Description

Delete TCP Listener. This allows you to delete a TCP Listener that's registered on the server. When the TCP Listener is in a state of operation, the listener will automatically be deleted when its operation stops. You can also get a list of TCP Listeners currently registered by using the EnumListener API. To call this API, you must have VPN Server administrator privileges.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "DeleteListener",
  "params": {
    "Port_u32": 0
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "Port_u32": 0,
    "Enable_bool": false
  }
}

Parameters

Name Type Description
Port_u32 number (uint32) Port number (Range: 1 - 65535)
Enable_bool boolean Active state

"EnableListener" RPC API - Enable / Disable TCP Listener

Description

Enable / Disable TCP Listener. This starts or stops the operation of TCP Listeners registered on the current server. You can also get a list of TCP Listeners currently registered by using the EnumListener API. To call this API, you must have VPN Server administrator privileges.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "EnableListener",
  "params": {
    "Port_u32": 0,
    "Enable_bool": false
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "Port_u32": 0,
    "Enable_bool": false
  }
}

Parameters

Name Type Description
Port_u32 number (uint32) Port number (Range: 1 - 65535)
Enable_bool boolean Active state

"SetServerPassword" RPC API - Set VPN Server Administrator Password

Description

Set VPN Server Administrator Password. This sets the VPN Server administrator password. You can specify the password as a parameter. To call this API, you must have VPN Server administrator privileges.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "SetServerPassword",
  "params": {
    "PlainTextPassword_str": "plaintextpassword"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "PlainTextPassword_str": "plaintextpassword"
  }
}

Parameters

Name Type Description
PlainTextPassword_str string (ASCII) The plaintext password

"SetFarmSetting" RPC API - Set the VPN Server clustering configuration

Description

Set the VPN Server clustering configuration. Use this to set the VPN Server type as Standalone Server, Cluster Controller Server or Cluster Member Server. Standalone server means a VPN Server that does not belong to any cluster in its current state. When VPN Server is installed, by default it will be in standalone server mode. Unless you have particular plans to configure a cluster, we recommend the VPN Server be operated in standalone mode. A cluster controller is the central computer of all member servers of a cluster in the case where a clustering environment is made up of multiple VPN Servers. Multiple cluster members can be added to the cluster as required. A cluster requires one computer to serve this role. The other cluster member servers that are configured in the same cluster begin operation as a cluster member by connecting to the cluster controller. To call this API, you must have VPN Server administrator privileges. Also, when this API is executed, VPN Server will automatically restart. This API cannot be called on VPN Bridge.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "SetFarmSetting",
  "params": {
    "ServerType_u32": 0,
    "NumPort_u32": 0,
    "Ports_u32": [
      1,
      2,
      3
    ],
    "PublicIp_ip": "192.168.0.1",
    "ControllerName_str": "controllername",
    "ControllerPort_u32": 0,
    "MemberPasswordPlaintext_str": "memberpasswordplaintext",
    "Weight_u32": 0,
    "ControllerOnly_bool": false
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "ServerType_u32": 0,
    "NumPort_u32": 0,
    "Ports_u32": [
      1,
      2,
      3
    ],
    "PublicIp_ip": "192.168.0.1",
    "ControllerName_str": "controllername",
    "ControllerPort_u32": 0,
    "MemberPasswordPlaintext_str": "memberpasswordplaintext",
    "Weight_u32": 0,
    "ControllerOnly_bool": false
  }
}

Parameters

Name Type Description
ServerType_u32 number (enum) Type of server
Values:
0: Stand-alone server
1: Farm controller server
2: Farm member server
NumPort_u32 number (uint32) Valid only for Cluster Member servers. Number of the Ports_u32 element.
Ports_u32 number[] (uint32) Valid only for Cluster Member servers. Specify the list of public port numbers on this server. The list must have at least one public port number set, and it is also possible to set multiple public port numbers.
PublicIp_ip string (IP address) Valid only for Cluster Member servers. Specify the public IP address of this server. If you wish to leave public IP address unspecified, specify the empty string. When a public IP address is not specified, the IP address of the network interface used when connecting to the cluster controller will be automatically used.
ControllerName_str string (ASCII) Valid only for Cluster Member servers. Specify the host name or IP address of the destination cluster controller.
ControllerPort_u32 number (uint32) Valid only for Cluster Member servers. Specify the TCP port number of the destination cluster controller.
MemberPasswordPlaintext_str string (ASCII) Valid only for Cluster Member servers. Specify the password required to connect to the destination controller. It needs to be the same as an administrator password on the destination controller.
Weight_u32 number (uint32) This sets a value for the performance standard ratio of this VPN Server. This is the standard value for when load balancing is performed in the cluster. For example, making only one machine 200 while the other members have a status of 100, will regulate that machine to receive twice as many connections as the other members. Specify 1 or higher for the value. If this parameter is left unspecified, 100 will be used.
ControllerOnly_bool boolean Valid only for Cluster Controller server. By specifying true, the VPN Server will operate only as a controller on the cluster and it will always distribute general VPN Client connections to members other than itself. This function is used in high-load environments.

"GetFarmSetting" RPC API - Get Clustering Configuration of Current VPN Server

Description

Get Clustering Configuration of Current VPN Server. You can use this to acquire the clustering configuration of the current VPN Server. To call this API, you must have VPN Server administrator privileges.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "GetFarmSetting",
  "params": {}
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "ServerType_u32": 0,
    "NumPort_u32": 0,
    "Ports_u32": [
      1,
      2,
      3
    ],
    "PublicIp_ip": "192.168.0.1",
    "ControllerName_str": "controllername",
    "ControllerPort_u32": 0,
    "MemberPasswordPlaintext_str": "memberpasswordplaintext",
    "Weight_u32": 0,
    "ControllerOnly_bool": false
  }
}

Parameters

Name Type Description
ServerType_u32 number (enum) Type of server
Values:
0: Stand-alone server
1: Farm controller server
2: Farm member server
NumPort_u32 number (uint32) Valid only for Cluster Member servers. Number of the Ports_u32 element.
Ports_u32 number[] (uint32) Valid only for Cluster Member servers. Specify the list of public port numbers on this server. The list must have at least one public port number set, and it is also possible to set multiple public port numbers.
PublicIp_ip string (IP address) Valid only for Cluster Member servers. Specify the public IP address of this server. If you wish to leave public IP address unspecified, specify the empty string. When a public IP address is not specified, the IP address of the network interface used when connecting to the cluster controller will be automatically used.
ControllerName_str string (ASCII) Valid only for Cluster Member servers. Specify the host name or IP address of the destination cluster controller.
ControllerPort_u32 number (uint32) Valid only for Cluster Member servers. Specify the TCP port number of the destination cluster controller.
MemberPasswordPlaintext_str string (ASCII) Valid only for Cluster Member servers. Specify the password required to connect to the destination controller. It needs to be the same as an administrator password on the destination controller.
Weight_u32 number (uint32) This sets a value for the performance standard ratio of this VPN Server. This is the standard value for when load balancing is performed in the cluster. For example, making only one machine 200 while the other members have a status of 100, will regulate that machine to receive twice as many connections as the other members. Specify 1 or higher for the value. If this parameter is left unspecified, 100 will be used.
ControllerOnly_bool boolean Valid only for Cluster Controller server. By specifying true, the VPN Server will operate only as a controller on the cluster and it will always distribute general VPN Client connections to members other than itself. This function is used in high-load environments.

"GetFarmInfo" RPC API - Get Cluster Member Information

Description

Get Cluster Member Information. When the VPN Server is operating as a cluster controller, you can get information on cluster member servers on that cluster by specifying the IDs of the member servers. You can get the following information about the specified cluster member server: Server Type, Time Connection has been Established, IP Address, Host Name, Points, Public Port List, Number of Operating Virtual Hubs, First Virtual Hub, Number of Sessions and Number of TCP Connections. This API cannot be invoked on VPN Bridge.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "GetFarmInfo",
  "params": {
    "Id_u32": 0
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "Id_u32": 0,
    "Controller_bool": false,
    "ConnectedTime_dt": "2020-08-01T12:24:36.123",
    "Ip_ip": "192.168.0.1",
    "Hostname_str": "hostname",
    "Point_u32": 0,
    "NumPort_u32": 0,
    "Ports_u32": [
      1,
      2,
      3
    ],
    "ServerCert_bin": "SGVsbG8gV29ybGQ=",
    "NumFarmHub_u32": 0,
    "HubsList": [
      {
        "HubName_str": "hubname",
        "DynamicHub_bool": false
      },
      {
        "HubName_str": "hubname",
        "DynamicHub_bool": false
      },
      {
        "HubName_str": "hubname",
        "DynamicHub_bool": false
      }
    ],
    "NumSessions_u32": 0,
    "NumTcpConnections_u32": 0,
    "Weight_u32": 0
  }
}

Parameters

Name Type Description
Id_u32 number (uint32) ID
Controller_bool boolean The flag if the server is Cluster Controller (false: Cluster Member servers)
ConnectedTime_dt Date Connection Established Time
Ip_ip string (IP address) IP address
Hostname_str string (ASCII) Host name
Point_u32 number (uint32) Point
NumPort_u32 number (uint32) Number of Public Ports
Ports_u32 number[] (uint32) Public Ports
ServerCert_bin string (Base64 binary) Server certificate
NumFarmHub_u32 number (uint32) Number of farm HUB
HubsList Array object The hosted Virtual Hub list
NumSessions_u32 number (uint32) Number of hosted VPN sessions
NumTcpConnections_u32 number (uint32) Number of TCP connections
Weight_u32 number (uint32) Performance Standard Ratio
HubName_str string (ASCII) The Virtual Hub name
DynamicHub_bool boolean Dynamic HUB

"EnumFarmMember" RPC API - Get List of Cluster Members

Description

Get List of Cluster Members. Use this API when the VPN Server is operating as a cluster controller to get a list of the cluster member servers on the same cluster, including the cluster controller itself. For each member, the following information is also listed: Type, Connection Start, Host Name, Points, Number of Session, Number of TCP Connections, Number of Operating Virtual Hubs, Using Client Connection License and Using Bridge Connection License. This API cannot be invoked on VPN Bridge.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "EnumFarmMember",
  "params": {}
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "NumFarm_u32": 0,
    "FarmMemberList": [
      {
        "Id_u32": 0,
        "Controller_bool": false,
        "ConnectedTime_dt": "2020-08-01T12:24:36.123",
        "Ip_ip": "192.168.0.1",
        "Hostname_str": "hostname",
        "Point_u32": 0,
        "NumSessions_u32": 0,
        "NumTcpConnections_u32": 0,
        "NumHubs_u32": 0,
        "AssignedClientLicense_u32": 0,
        "AssignedBridgeLicense_u32": 0
      },
      {
        "Id_u32": 0,
        "Controller_bool": false,
        "ConnectedTime_dt": "2020-08-01T12:24:36.123",
        "Ip_ip": "192.168.0.1",
        "Hostname_str": "hostname",
        "Point_u32": 0,
        "NumSessions_u32": 0,
        "NumTcpConnections_u32": 0,
        "NumHubs_u32": 0,
        "AssignedClientLicense_u32": 0,
        "AssignedBridgeLicense_u32": 0
      },
      {
        "Id_u32": 0,
        "Controller_bool": false,
        "ConnectedTime_dt": "2020-08-01T12:24:36.123",
        "Ip_ip": "192.168.0.1",
        "Hostname_str": "hostname",
        "Point_u32": 0,
        "NumSessions_u32": 0,
        "NumTcpConnections_u32": 0,
        "NumHubs_u32": 0,
        "AssignedClientLicense_u32": 0,
        "AssignedBridgeLicense_u32": 0
      }
    ]
  }
}

Parameters

Name Type Description
NumFarm_u32 number (uint32) Number of Cluster Members
FarmMemberList Array object Cluster Members list
Id_u32 number (uint32) ID
Controller_bool boolean Controller
ConnectedTime_dt Date Connection time
Ip_ip string (IP address) IP address
Hostname_str string (ASCII) Host name
Point_u32 number (uint32) Point
NumSessions_u32 number (uint32) Number of sessions
NumTcpConnections_u32 number (uint32) Number of TCP connections
NumHubs_u32 number (uint32) Number of HUBs
AssignedClientLicense_u32 number (uint32) Number of assigned client licenses
AssignedBridgeLicense_u32 number (uint32) Number of assigned bridge licenses

"GetFarmConnectionStatus" RPC API - Get Connection Status to Cluster Controller

Description

Get Connection Status to Cluster Controller. Use this API when the VPN Server is operating as a cluster controller to get the status of connection to the cluster controller. You can get the following information: Controller IP Address, Port Number, Connection Status, Connection Start Time, First Connection Established Time, Current Connection Established Time, Number of Connection Attempts, Number of Successful Connections, Number of Failed Connections. This API cannot be invoked on VPN Bridge.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "GetFarmConnectionStatus",
  "params": {}
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "Ip_ip": "192.168.0.1",
    "Port_u32": 0,
    "Online_bool": false,
    "LastError_u32": 0,
    "StartedTime_dt": "2020-08-01T12:24:36.123",
    "FirstConnectedTime_dt": "2020-08-01T12:24:36.123",
    "CurrentConnectedTime_dt": "2020-08-01T12:24:36.123",
    "NumTry_u32": 0,
    "NumConnected_u32": 0,
    "NumFailed_u32": 0
  }
}

Parameters

Name Type Description
Ip_ip string (IP address) IP address
Port_u32 number (uint32) Port number
Online_bool boolean Online state
LastError_u32 number (uint32) Last error code
StartedTime_dt Date Connection start time
FirstConnectedTime_dt Date First connection time
CurrentConnectedTime_dt Date Connection time of this time
NumTry_u32 number (uint32) Number of retries
NumConnected_u32 number (uint32) Number of connection count
NumFailed_u32 number (uint32) Connection failure count

"SetServerCert" RPC API - Set SSL Certificate and Private Key of VPN Server

Description

Set SSL Certificate and Private Key of VPN Server. You can set the SSL certificate that the VPN Server provides to the connected client and the private key for that certificate. The certificate must be in X.509 format and the private key must be Base 64 encoded format. To call this API, you must have VPN Server administrator privileges.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "SetServerCert",
  "params": {
    "Cert_bin": "SGVsbG8gV29ybGQ=",
    "Key_bin": "SGVsbG8gV29ybGQ="
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "Cert_bin": "SGVsbG8gV29ybGQ=",
    "Key_bin": "SGVsbG8gV29ybGQ="
  }
}

Parameters

Name Type Description
Cert_bin string (Base64 binary) The body of the certificate
Key_bin string (Base64 binary) The body of the private key

"GetServerCert" RPC API - Get SSL Certificate and Private Key of VPN Server

Description

Get SSL Certificate and Private Key of VPN Server. Use this to get the SSL certificate private key that the VPN Server provides to the connected client. To call this API, you must have VPN Server administrator privileges.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "GetServerCert",
  "params": {}
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "Cert_bin": "SGVsbG8gV29ybGQ=",
    "Key_bin": "SGVsbG8gV29ybGQ="
  }
}

Parameters

Name Type Description
Cert_bin string (Base64 binary) The body of the certificate
Key_bin string (Base64 binary) The body of the private key

"GetServerCipher" RPC API - Get the Encrypted Algorithm Used for VPN Communication

Description

Get the Encrypted Algorithm Used for VPN Communication. Use this API to get the current setting of the algorithm used for the electronic signature and encrypted for SSL connection to be used for communication between the VPN Server and the connected client and the list of algorithms that can be used on the VPN Server.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "GetServerCipher",
  "params": {}
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "String_str": "string"
  }
}

Parameters

Name Type Description
String_str string (ASCII) A string value

"SetServerCipher" RPC API - Set the Encrypted Algorithm Used for VPN Communication

Description

Set the Encrypted Algorithm Used for VPN Communication. Use this API to set the algorithm used for the electronic signature and encrypted for SSL connections to be used for communication between the VPN Server and the connected client. By specifying the algorithm name, the specified algorithm will be used later between the VPN Client and VPN Bridge connected to this server and the data will be encrypted. To call this API, you must have VPN Server administrator privileges.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "SetServerCipher",
  "params": {
    "String_str": "string"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "String_str": "string"
  }
}

Parameters

Name Type Description
String_str string (ASCII) A string value

"CreateHub" RPC API - Create New Virtual Hub

Description

Create New Virtual Hub. Use this to create a new Virtual Hub on the VPN Server. The created Virtual Hub will begin operation immediately. When the VPN Server is operating on a cluster, this API is only valid for the cluster controller. Also, the new Virtual Hub will operate as a dynamic Virtual Hub. You can change it to a static Virtual Hub by using the SetHub API. To get a list of Virtual Hubs that are already on the VPN Server, use the EnumHub API. To call this API, you must have VPN Server administrator privileges. Also, this API does not operate on VPN Servers that are operating as a VPN Bridge or cluster member.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "CreateHub",
  "params": {
    "HubName_str": "hubname",
    "AdminPasswordPlainText_str": "adminpasswordplaintext",
    "Online_bool": false,
    "MaxSession_u32": 0,
    "NoEnum_bool": false,
    "HubType_u32": 0
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "AdminPasswordPlainText_str": "adminpasswordplaintext",
    "Online_bool": false,
    "MaxSession_u32": 0,
    "NoEnum_bool": false,
    "HubType_u32": 0
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) Specify the name of the Virtual Hub to create / update.
AdminPasswordPlainText_str string (ASCII) Specify an administrator password when the administrator password is going to be set for the Virtual Hub. On the update, leave it to empty string if you don't want to change the password.
Online_bool boolean Online flag
MaxSession_u32 number (uint32) Maximum number of VPN sessions
NoEnum_bool boolean No Enum flag. By enabling this option, the VPN Client user will be unable to enumerate this Virtual Hub even if they send a Virtual Hub enumeration request to the VPN Server.
HubType_u32 number (enum) Type of the Virtual Hub (Valid only for Clustered VPN Servers)
Values:
0: Stand-alone HUB
1: Static HUB
2: Dynamic HUB

"SetHub" RPC API - Set the Virtual Hub configuration

Description

Set the Virtual Hub configuration. You can call this API to change the configuration of the specified Virtual Hub. You can set the Virtual Hub online or offline. You can set the maximum number of sessions that can be concurrently connected to the Virtual Hub that is currently being managed. You can set the Virtual Hub administrator password. You can set other parameters for the Virtual Hub. Before call this API, you need to obtain the latest state of the Virtual Hub by using the GetHub API.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "SetHub",
  "params": {
    "HubName_str": "hubname",
    "AdminPasswordPlainText_str": "adminpasswordplaintext",
    "Online_bool": false,
    "MaxSession_u32": 0,
    "NoEnum_bool": false,
    "HubType_u32": 0
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "AdminPasswordPlainText_str": "adminpasswordplaintext",
    "Online_bool": false,
    "MaxSession_u32": 0,
    "NoEnum_bool": false,
    "HubType_u32": 0
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) Specify the name of the Virtual Hub to create / update.
AdminPasswordPlainText_str string (ASCII) Specify an administrator password when the administrator password is going to be set for the Virtual Hub. On the update, leave it to empty string if you don't want to change the password.
Online_bool boolean Online flag
MaxSession_u32 number (uint32) Maximum number of VPN sessions
NoEnum_bool boolean No Enum flag. By enabling this option, the VPN Client user will be unable to enumerate this Virtual Hub even if they send a Virtual Hub enumeration request to the VPN Server.
HubType_u32 number (enum) Type of the Virtual Hub (Valid only for Clustered VPN Servers)
Values:
0: Stand-alone HUB
1: Static HUB
2: Dynamic HUB

"GetHub" RPC API - Get the Virtual Hub configuration

Description

Get the Virtual Hub configuration. You can call this API to get the current configuration of the specified Virtual Hub. To change the configuration of the Virtual Hub, call the SetHub API.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "GetHub",
  "params": {
    "HubName_str": "hubname"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "AdminPasswordPlainText_str": "adminpasswordplaintext",
    "Online_bool": false,
    "MaxSession_u32": 0,
    "NoEnum_bool": false,
    "HubType_u32": 0
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) Specify the name of the Virtual Hub to create / update.
AdminPasswordPlainText_str string (ASCII) Specify an administrator password when the administrator password is going to be set for the Virtual Hub. On the update, leave it to empty string if you don't want to change the password.
Online_bool boolean Online flag
MaxSession_u32 number (uint32) Maximum number of VPN sessions
NoEnum_bool boolean No Enum flag. By enabling this option, the VPN Client user will be unable to enumerate this Virtual Hub even if they send a Virtual Hub enumeration request to the VPN Server.
HubType_u32 number (enum) Type of the Virtual Hub (Valid only for Clustered VPN Servers)
Values:
0: Stand-alone HUB
1: Static HUB
2: Dynamic HUB

"EnumHub" RPC API - Get List of Virtual Hubs

Description

Get List of Virtual Hubs. Use this to get a list of existing Virtual Hubs on the VPN Server. For each Virtual Hub, you can get the following information: Virtual Hub Name, Status, Type, Number of Users, Number of Groups, Number of Sessions, Number of MAC Tables, Number of IP Tables, Number of Logins, Last Login, and Last Communication. Note that when connecting in Virtual Hub Admin Mode, if in the options of a Virtual Hub that you do not have administrator privileges for, the option Don't Enumerate this Virtual Hub for Anonymous Users is enabled then that Virtual Hub will not be enumerated. If you are connected in Server Admin Mode, then the list of all Virtual Hubs will be displayed. When connecting to and managing a non-cluster-controller cluster member of a clustering environment, only the Virtual Hub currently being hosted by that VPN Server will be displayed. When connecting to a cluster controller for administration purposes, all the Virtual Hubs will be displayed.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "EnumHub",
  "params": {}
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "NumHub_u32": 0,
    "HubList": [
      {
        "HubName_str": "hubname",
        "Online_bool": false,
        "HubType_u32": 0,
        "NumUsers_u32": 0,
        "NumGroups_u32": 0,
        "NumSessions_u32": 0,
        "NumMacTables_u32": 0,
        "NumIpTables_u32": 0,
        "LastCommTime_dt": "2020-08-01T12:24:36.123",
        "LastLoginTime_dt": "2020-08-01T12:24:36.123",
        "CreatedTime_dt": "2020-08-01T12:24:36.123",
        "NumLogin_u32": 0,
        "IsTrafficFilled_bool": false,
        "Ex.Recv.BroadcastBytes_u64": 0,
        "Ex.Recv.BroadcastCount_u64": 0,
        "Ex.Recv.UnicastBytes_u64": 0,
        "Ex.Recv.UnicastCount_u64": 0,
        "Ex.Send.BroadcastBytes_u64": 0,
        "Ex.Send.BroadcastCount_u64": 0,
        "Ex.Send.UnicastBytes_u64": 0,
        "Ex.Send.UnicastCount_u64": 0
      },
      {
        "HubName_str": "hubname",
        "Online_bool": false,
        "HubType_u32": 0,
        "NumUsers_u32": 0,
        "NumGroups_u32": 0,
        "NumSessions_u32": 0,
        "NumMacTables_u32": 0,
        "NumIpTables_u32": 0,
        "LastCommTime_dt": "2020-08-01T12:24:36.123",
        "LastLoginTime_dt": "2020-08-01T12:24:36.123",
        "CreatedTime_dt": "2020-08-01T12:24:36.123",
        "NumLogin_u32": 0,
        "IsTrafficFilled_bool": false,
        "Ex.Recv.BroadcastBytes_u64": 0,
        "Ex.Recv.BroadcastCount_u64": 0,
        "Ex.Recv.UnicastBytes_u64": 0,
        "Ex.Recv.UnicastCount_u64": 0,
        "Ex.Send.BroadcastBytes_u64": 0,
        "Ex.Send.BroadcastCount_u64": 0,
        "Ex.Send.UnicastBytes_u64": 0,
        "Ex.Send.UnicastCount_u64": 0
      },
      {
        "HubName_str": "hubname",
        "Online_bool": false,
        "HubType_u32": 0,
        "NumUsers_u32": 0,
        "NumGroups_u32": 0,
        "NumSessions_u32": 0,
        "NumMacTables_u32": 0,
        "NumIpTables_u32": 0,
        "LastCommTime_dt": "2020-08-01T12:24:36.123",
        "LastLoginTime_dt": "2020-08-01T12:24:36.123",
        "CreatedTime_dt": "2020-08-01T12:24:36.123",
        "NumLogin_u32": 0,
        "IsTrafficFilled_bool": false,
        "Ex.Recv.BroadcastBytes_u64": 0,
        "Ex.Recv.BroadcastCount_u64": 0,
        "Ex.Recv.UnicastBytes_u64": 0,
        "Ex.Recv.UnicastCount_u64": 0,
        "Ex.Send.BroadcastBytes_u64": 0,
        "Ex.Send.BroadcastCount_u64": 0,
        "Ex.Send.UnicastBytes_u64": 0,
        "Ex.Send.UnicastCount_u64": 0
      }
    ]
  }
}

Parameters

Name Type Description
NumHub_u32 number (uint32) Number of Virtual Hubs
HubList Array object Virtual Hubs
HubName_str string (ASCII) The name of the Virtual Hub
Online_bool boolean Online state
HubType_u32 number (enum) Type of HUB (Valid only for Clustered VPN Servers)
Values:
0: Stand-alone HUB
1: Static HUB
2: Dynamic HUB
NumUsers_u32 number (uint32) Number of users
NumGroups_u32 number (uint32) Number of registered groups
NumSessions_u32 number (uint32) Number of registered sessions
NumMacTables_u32 number (uint32) Number of current MAC table entries
NumIpTables_u32 number (uint32) Number of current IP table entries
LastCommTime_dt Date Last communication date and time
LastLoginTime_dt Date Last login date and time
CreatedTime_dt Date Creation date and time
NumLogin_u32 number (uint32) Number of accumulated logins
IsTrafficFilled_bool boolean Whether the traffic information is provided
Ex.Recv.BroadcastBytes_u64 number (uint64) Number of broadcast packets (Recv)
Ex.Recv.BroadcastCount_u64 number (uint64) Broadcast bytes (Recv)
Ex.Recv.UnicastBytes_u64 number (uint64) Unicast count (Recv)
Ex.Recv.UnicastCount_u64 number (uint64) Unicast bytes (Recv)
Ex.Send.BroadcastBytes_u64 number (uint64) Number of broadcast packets (Send)
Ex.Send.BroadcastCount_u64 number (uint64) Broadcast bytes (Send)
Ex.Send.UnicastBytes_u64 number (uint64) Unicast bytes (Send)
Ex.Send.UnicastCount_u64 number (uint64) Unicast bytes (Send)

"DeleteHub" RPC API - Delete Virtual Hub

Description

Delete Virtual Hub. Use this to delete an existing Virtual Hub on the VPN Server. If you delete the Virtual Hub, all sessions that are currently connected to the Virtual Hub will be disconnected and new sessions will be unable to connect to the Virtual Hub. Also, this will also delete all the Hub settings, user objects, group objects, certificates and Cascade Connections. Once you delete the Virtual Hub, it cannot be recovered. To call this API, you must have VPN Server administrator privileges. Also, this API does not operate on VPN Servers that are operating as a VPN Bridge or cluster member.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "DeleteHub",
  "params": {
    "HubName_str": "hubname"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname"
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name

"GetHubRadius" RPC API - Get Setting of RADIUS Server Used for User Authentication

Description

Get Setting of RADIUS Server Used for User Authentication. Use this to get the current settings for the RADIUS server used when a user connects to the currently managed Virtual Hub using RADIUS Server Authentication Mode. This API cannot be invoked on VPN Bridge. You cannot execute this API for Virtual Hubs of VPN Servers operating as a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "GetHubRadius",
  "params": {
    "HubName_str": "hubname"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "RadiusServerName_str": "radiusservername",
    "RadiusPort_u32": 0,
    "RadiusSecret_str": "radiussecret",
    "RadiusRetryInterval_u32": 0
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
RadiusServerName_str string (ASCII) RADIUS server name
RadiusPort_u32 number (uint32) RADIUS port number
RadiusSecret_str string (ASCII) Secret key
RadiusRetryInterval_u32 number (uint32) Radius retry interval

"SetHubRadius" RPC API - Set RADIUS Server to use for User Authentication

Description

Set RADIUS Server to use for User Authentication. To accept users to the currently managed Virtual Hub in RADIUS server authentication mode, you can specify an external RADIUS server that confirms the user name and password. (You can specify multiple hostname by splitting with comma or semicolon.) The RADIUS server must be set to receive requests from IP addresses of this VPN Server. Also, authentication by Password Authentication Protocol (PAP) must be enabled. This API cannot be invoked on VPN Bridge. You cannot execute this API for Virtual Hubs of VPN Servers operating as a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "SetHubRadius",
  "params": {
    "HubName_str": "hubname",
    "RadiusServerName_str": "radiusservername",
    "RadiusPort_u32": 0,
    "RadiusSecret_str": "radiussecret",
    "RadiusRetryInterval_u32": 0
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "RadiusServerName_str": "radiusservername",
    "RadiusPort_u32": 0,
    "RadiusSecret_str": "radiussecret",
    "RadiusRetryInterval_u32": 0
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
RadiusServerName_str string (ASCII) RADIUS server name
RadiusPort_u32 number (uint32) RADIUS port number
RadiusSecret_str string (ASCII) Secret key
RadiusRetryInterval_u32 number (uint32) Radius retry interval

"EnumConnection" RPC API - Get List of TCP Connections Connecting to the VPN Server

Description

Get List of TCP Connections Connecting to the VPN Server. Use this to get a list of TCP/IP connections that are currently connecting to the VPN Server. It does not display the TCP connections that have been established as VPN sessions. To get the list of TCP/IP connections that have been established as VPN sessions, you can use the EnumSession API. You can get the following: Connection Name, Connection Source, Connection Start and Type. To call this API, you must have VPN Server administrator privileges.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "EnumConnection",
  "params": {}
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "NumConnection_u32": 0,
    "ConnectionList": [
      {
        "Name_str": "name",
        "Hostname_str": "hostname",
        "Ip_ip": "192.168.0.1",
        "Port_u32": 0,
        "ConnectedTime_dt": "2020-08-01T12:24:36.123",
        "Type_u32": 0
      },
      {
        "Name_str": "name",
        "Hostname_str": "hostname",
        "Ip_ip": "192.168.0.1",
        "Port_u32": 0,
        "ConnectedTime_dt": "2020-08-01T12:24:36.123",
        "Type_u32": 0
      },
      {
        "Name_str": "name",
        "Hostname_str": "hostname",
        "Ip_ip": "192.168.0.1",
        "Port_u32": 0,
        "ConnectedTime_dt": "2020-08-01T12:24:36.123",
        "Type_u32": 0
      }
    ]
  }
}

Parameters

Name Type Description
NumConnection_u32 number (uint32) Number of connections
ConnectionList Array object Connection list
Name_str string (ASCII) Connection name
Hostname_str string (ASCII) Host name
Ip_ip string (IP address) IP address
Port_u32 number (uint32) Port number
ConnectedTime_dt Date Connected time
Type_u32 number (enum) Connection type
Values:
0: VPN Client
1: During initialization
2: Login connection
3: Additional connection
4: RPC for server farm
5: RPC for Management
6: HUB enumeration
7: Password change
8: SSTP
9: OpenVPN

"DisconnectConnection" RPC API - Disconnect TCP Connections Connecting to the VPN Server

Description

Disconnect TCP Connections Connecting to the VPN Server. Use this to forcefully disconnect specific TCP/IP connections that are connecting to the VPN Server. To call this API, you must have VPN Server administrator privileges.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "DisconnectConnection",
  "params": {
    "Name_str": "name"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "Name_str": "name"
  }
}

Parameters

Name Type Description
Name_str string (ASCII) Connection name

"GetConnectionInfo" RPC API - Get Information of TCP Connections Connecting to the VPN Server

Description

Get Information of TCP Connections Connecting to the VPN Server. Use this to get detailed information of a specific TCP/IP connection that is connecting to the VPN Server. You can get the following information: Connection Name, Connection Type, Source Hostname, Source IP Address, Source Port Number (TCP), Connection Start, Server Product Name, Server Version, Server Build Number, Client Product Name, Client Version, and Client Build Number. To call this API, you must have VPN Server administrator privileges.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "GetConnectionInfo",
  "params": {
    "Name_str": "name"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "Name_str": "name",
    "Type_u32": 0,
    "Hostname_str": "hostname",
    "Ip_ip": "192.168.0.1",
    "Port_u32": 0,
    "ConnectedTime_dt": "2020-08-01T12:24:36.123",
    "ServerStr_str": "serverstr",
    "ServerVer_u32": 0,
    "ServerBuild_u32": 0,
    "ClientStr_str": "clientstr",
    "ClientVer_u32": 0,
    "ClientBuild_u32": 0
  }
}

Parameters

Name Type Description
Name_str string (ASCII) Connection name
Type_u32 number (enum) Type
Values:
0: VPN Client
1: During initialization
2: Login connection
3: Additional connection
4: RPC for server farm
5: RPC for Management
6: HUB enumeration
7: Password change
8: SSTP
9: OpenVPN
Hostname_str string (ASCII) Host name
Ip_ip string (IP address) IP address
Port_u32 number (uint32) Port number
ConnectedTime_dt Date Connected time
ServerStr_str string (ASCII) Server string
ServerVer_u32 number (uint32) Server version
ServerBuild_u32 number (uint32) Server build number
ClientStr_str string (ASCII) Client string
ClientVer_u32 number (uint32) Client version
ClientBuild_u32 number (uint32) Client build number

"SetHubOnline" RPC API - Switch Virtual Hub to Online or Offline

Description

Switch Virtual Hub to Online or Offline. Use this to set the Virtual Hub to online or offline. A Virtual Hub with an offline status cannot receive VPN connections from clients. When you set the Virtual Hub offline, all sessions will be disconnected. A Virtual Hub with an offline status cannot receive VPN connections from clients. This API cannot be invoked on VPN Bridge. You cannot execute this API for Virtual Hubs of VPN Servers operating as a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "SetHubOnline",
  "params": {
    "HubName_str": "hubname",
    "Online_bool": false
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "Online_bool": false
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
Online_bool boolean Online / offline flag

"GetHubStatus" RPC API - Get Current Status of Virtual Hub

Description

Get Current Status of Virtual Hub. Use this to get the current status of the Virtual Hub currently being managed. You can get the following information: Virtual Hub Type, Number of Sessions, Number of Each Type of Object, Number of Logins, Last Login, Last Communication, and Communication Statistical Data.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "GetHubStatus",
  "params": {
    "HubName_str": "hubname"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "Online_bool": false,
    "HubType_u32": 0,
    "NumSessions_u32": 0,
    "NumSessionsClient_u32": 0,
    "NumSessionsBridge_u32": 0,
    "NumAccessLists_u32": 0,
    "NumUsers_u32": 0,
    "NumGroups_u32": 0,
    "NumMacTables_u32": 0,
    "NumIpTables_u32": 0,
    "Recv.BroadcastBytes_u64": 0,
    "Recv.BroadcastCount_u64": 0,
    "Recv.UnicastBytes_u64": 0,
    "Recv.UnicastCount_u64": 0,
    "Send.BroadcastBytes_u64": 0,
    "Send.BroadcastCount_u64": 0,
    "Send.UnicastBytes_u64": 0,
    "Send.UnicastCount_u64": 0,
    "SecureNATEnabled_bool": false,
    "LastCommTime_dt": "2020-08-01T12:24:36.123",
    "LastLoginTime_dt": "2020-08-01T12:24:36.123",
    "CreatedTime_dt": "2020-08-01T12:24:36.123",
    "NumLogin_u32": 0
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
Online_bool boolean Online
HubType_u32 number (enum) Type of HUB
Values:
0: Stand-alone HUB
1: Static HUB
2: Dynamic HUB
NumSessions_u32 number (uint32) Number of sessions
NumSessionsClient_u32 number (uint32) Number of sessions (client mode)
NumSessionsBridge_u32 number (uint32) Number of sessions (bridge mode)
NumAccessLists_u32 number (uint32) Number of Access list entries
NumUsers_u32 number (uint32) Number of users
NumGroups_u32 number (uint32) Number of groups
NumMacTables_u32 number (uint32) Number of MAC table entries
NumIpTables_u32 number (uint32) Number of IP table entries
Recv.BroadcastBytes_u64 number (uint64) Number of broadcast packets (Recv)
Recv.BroadcastCount_u64 number (uint64) Broadcast bytes (Recv)
Recv.UnicastBytes_u64 number (uint64) Unicast count (Recv)
Recv.UnicastCount_u64 number (uint64) Unicast bytes (Recv)
Send.BroadcastBytes_u64 number (uint64) Number of broadcast packets (Send)
Send.BroadcastCount_u64 number (uint64) Broadcast bytes (Send)
Send.UnicastBytes_u64 number (uint64) Unicast bytes (Send)
Send.UnicastCount_u64 number (uint64) Unicast bytes (Send)
SecureNATEnabled_bool boolean Whether SecureNAT is enabled
LastCommTime_dt Date Last communication date and time
LastLoginTime_dt Date Last login date and time
CreatedTime_dt Date Creation date and time
NumLogin_u32 number (uint32) Number of logins

"SetHubLog" RPC API - Set the logging configuration of the Virtual Hub

Description

Set the logging configuration of the Virtual Hub. Use this to enable or disable a security log or packet logs of the Virtual Hub currently being managed, set the save contents of the packet log for each type of packet to be saved, and set the log file switch cycle for the security log or packet log that the currently managed Virtual Hub saves. There are the following packet types: TCP Connection Log, TCP Packet Log, DHCP Packet Log, UDP Packet Log, ICMP Packet Log, IP Packet Log, ARP Packet Log, and Ethernet Packet Log. To get the current setting, you can use the LogGet API. The log file switch cycle can be changed to switch in every second, every minute, every hour, every day, every month or not switch. To get the current setting, you can use the GetHubLog API.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "SetHubLog",
  "params": {
    "HubName_str": "hubname",
    "SaveSecurityLog_bool": false,
    "SecurityLogSwitchType_u32": 0,
    "SavePacketLog_bool": false,
    "PacketLogSwitchType_u32": 0,
    "PacketLogConfig_u32": [
      1,
      2,
      3
    ]
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "SaveSecurityLog_bool": false,
    "SecurityLogSwitchType_u32": 0,
    "SavePacketLog_bool": false,
    "PacketLogSwitchType_u32": 0,
    "PacketLogConfig_u32": [
      1,
      2,
      3
    ]
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
SaveSecurityLog_bool boolean The flag to enable / disable saving the security log
SecurityLogSwitchType_u32 number (enum) The log filename switching setting of the security log
Values:
0: No switching
1: Secondly basis
2: Minutely basis
3: Hourly basis
4: Daily basis
5: Monthly basis
SavePacketLog_bool boolean The flag to enable / disable saving the security log
PacketLogSwitchType_u32 number (enum) The log filename switching settings of the packet logs
Values:
0: No switching
1: Secondly basis
2: Minutely basis
3: Hourly basis
4: Daily basis
5: Monthly basis
PacketLogConfig_u32 number (enum) Specify the save contents of the packet logs (uint * 16 array). The index numbers: TcpConnection = 0, TcpAll = 1, DHCP = 2, UDP = 3, ICMP = 4, IP = 5, ARP = 6, Ethernet = 7.
Values:
0: Not save
1: Only header
2: All payloads

"GetHubLog" RPC API - Get the logging configuration of the Virtual Hub

Description

Get the logging configuration of the Virtual Hub. Use this to get the configuration for a security log or packet logs of the Virtual Hub currently being managed, get the setting for save contents of the packet log for each type of packet to be saved, and get the log file switch cycle for the security log or packet log that the currently managed Virtual Hub saves. To set the current setting, you can use the SetHubLog API.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "GetHubLog",
  "params": {
    "HubName_str": "hubname"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "SaveSecurityLog_bool": false,
    "SecurityLogSwitchType_u32": 0,
    "SavePacketLog_bool": false,
    "PacketLogSwitchType_u32": 0,
    "PacketLogConfig_u32": [
      1,
      2,
      3
    ]
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
SaveSecurityLog_bool boolean The flag to enable / disable saving the security log
SecurityLogSwitchType_u32 number (enum) The log filename switching setting of the security log
Values:
0: No switching
1: Secondly basis
2: Minutely basis
3: Hourly basis
4: Daily basis
5: Monthly basis
SavePacketLog_bool boolean The flag to enable / disable saving the security log
PacketLogSwitchType_u32 number (enum) The log filename switching settings of the packet logs
Values:
0: No switching
1: Secondly basis
2: Minutely basis
3: Hourly basis
4: Daily basis
5: Monthly basis
PacketLogConfig_u32 number (enum) Specify the save contents of the packet logs (uint * 16 array). The index numbers: TcpConnection = 0, TcpAll = 1, DHCP = 2, UDP = 3, ICMP = 4, IP = 5, ARP = 6, Ethernet = 7.
Values:
0: Not save
1: Only header
2: All payloads

"AddCa" RPC API - Add Trusted CA Certificate

Description

Add Trusted CA Certificate. Use this to add a new certificate to a list of CA certificates trusted by the currently managed Virtual Hub. The list of certificate authority certificates that are registered is used to verify certificates when a VPN Client is connected in signed certificate authentication mode. To get a list of the current certificates you can use the EnumCa API. The certificate you add must be saved in the X.509 file format. This API cannot be invoked on VPN Bridge. You cannot execute this API for Virtual Hubs of VPN Servers operating as a member server on a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "AddCa",
  "params": {
    "HubName_str": "hubname",
    "Cert_bin": "SGVsbG8gV29ybGQ="
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "Cert_bin": "SGVsbG8gV29ybGQ="
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
Cert_bin string (Base64 binary) The body of the X.509 certificate

"EnumCa" RPC API - Get List of Trusted CA Certificates

Description

Get List of Trusted CA Certificates. Here you can manage the certificate authority certificates that are trusted by this currently managed Virtual Hub. The list of certificate authority certificates that are registered is used to verify certificates when a VPN Client is connected in signed certificate authentication mode. This API cannot be invoked on VPN Bridge. You cannot execute this API for Virtual Hubs of VPN Servers operating as a member server on a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "EnumCa",
  "params": {
    "HubName_str": "hubname"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "CAList": [
      {
        "Key_u32": 0,
        "SubjectName_utf": "subjectname",
        "IssuerName_utf": "issuername",
        "Expires_dt": "2020-08-01T12:24:36.123"
      },
      {
        "Key_u32": 0,
        "SubjectName_utf": "subjectname",
        "IssuerName_utf": "issuername",
        "Expires_dt": "2020-08-01T12:24:36.123"
      },
      {
        "Key_u32": 0,
        "SubjectName_utf": "subjectname",
        "IssuerName_utf": "issuername",
        "Expires_dt": "2020-08-01T12:24:36.123"
      }
    ]
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
CAList Array object The list of CA
Key_u32 number (uint32) The key id of the item
SubjectName_utf string (UTF8) Subject
IssuerName_utf string (UTF8) Issuer
Expires_dt Date Expiration date

"GetCa" RPC API - Get Trusted CA Certificate

Description

Get Trusted CA Certificate. Use this to get an existing certificate from the list of CA certificates trusted by the currently managed Virtual Hub and save it as a file in X.509 format. This API cannot be invoked on VPN Bridge. You cannot execute this API for Virtual Hubs of VPN Servers operating as a member server on a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "GetCa",
  "params": {
    "HubName_str": "hubname",
    "Key_u32": 0
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "Key_u32": 0,
    "Cert_bin": "SGVsbG8gV29ybGQ="
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
Key_u32 number (uint32) The key id of the certificate
Cert_bin string (Base64 binary) The body of the X.509 certificate

"DeleteCa" RPC API - Delete Trusted CA Certificate

Description

Delete Trusted CA Certificate. Use this to delete an existing certificate from the list of CA certificates trusted by the currently managed Virtual Hub. To get a list of the current certificates you can use the EnumCa API. This API cannot be invoked on VPN Bridge. You cannot execute this API for Virtual Hubs of VPN Servers operating as a member server on a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "DeleteCa",
  "params": {
    "HubName_str": "hubname",
    "Key_u32": 0
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "Key_u32": 0
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
Key_u32 number (uint32) Certificate key id to be deleted

"CreateLink" RPC API - Create New Cascade Connection

Description

Create New Cascade Connection. Use this to create a new Cascade Connection on the currently managed Virtual Hub. By using a Cascade Connection, you can connect this Virtual Hub by Cascade Connection to another Virtual Hub that is operating on the same or a different computer. To create a Cascade Connection, you must specify the name of the Cascade Connection, destination server and destination Virtual Hub and user name. When a new Cascade Connection is created, the type of user authentication is initially set as Anonymous Authentication and the proxy server setting and the verification options of the server certificate is not set. To change these settings and other advanced settings after a Cascade Connection has been created, use the other APIs that include the name "Link". [Warning About Cascade Connections] By connecting using a Cascade Connection you can create a Layer 2 bridge between multiple Virtual Hubs but if the connection is incorrectly configured, a loopback Cascade Connection could inadvertently be created. When using a Cascade Connection function please design the network topology with care. You cannot execute this API for Virtual Hubs of VPN Servers operating as a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "CreateLink",
  "params": {
    "HubName_Ex_str": "hubname_ex",
    "CheckServerCert_bool": false,
    "AccountName_utf": "clientoption_accountname",
    "Hostname_str": "clientoption_hostname",
    "Port_u32": 0,
    "ProxyType_u32": 0,
    "HubName_str": "clientoption_hubname",
    "MaxConnection_u32": 0,
    "UseEncrypt_bool": false,
    "UseCompress_bool": false,
    "HalfConnection_bool": false,
    "AdditionalConnectionInterval_u32": 0,
    "ConnectionDisconnectSpan_u32": 0,
    "AuthType_u32": 0,
    "Username_str": "clientauth_username",
    "HashedPassword_bin": "SGVsbG8gV29ybGQ=",
    "PlainPassword_str": "clientauth_plainpassword",
    "ClientX_bin": "SGVsbG8gV29ybGQ=",
    "ClientK_bin": "SGVsbG8gV29ybGQ=",
    "policy:DHCPFilter_bool": false,
    "policy:DHCPNoServer_bool": false,
    "policy:DHCPForce_bool": false,
    "SecPol_CheckMac_bool": false,
    "SecPol_CheckIP_bool": false,
    "policy:ArpDhcpOnly_bool": false,
    "policy:PrivacyFilter_bool": false,
    "policy:NoServer_bool": false,
    "policy:NoBroadcastLimiter_bool": false,
    "policy:MaxMac_u32": 0,
    "policy:MaxIP_u32": 0,
    "policy:MaxUpload_u32": 0,
    "policy:MaxDownload_u32": 0,
    "policy:RSandRAFilter_bool": false,
    "SecPol_RAFilter_bool": false,
    "policy:DHCPv6Filter_bool": false,
    "policy:DHCPv6NoServer_bool": false,
    "SecPol_CheckIPv6_bool": false,
    "policy:NoServerV6_bool": false,
    "policy:MaxIPv6_u32": 0,
    "policy:FilterIPv4_bool": false,
    "policy:FilterIPv6_bool": false,
    "policy:FilterNonIP_bool": false,
    "policy:NoIPv6DefaultRouterInRA_bool": false,
    "policy:VLanId_u32": 0,
    "policy:Ver3_bool": false
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_Ex_str": "hubname_ex",
    "Online_bool": false,
    "CheckServerCert_bool": false,
    "ServerCert_bin": "SGVsbG8gV29ybGQ=",
    "AccountName_utf": "clientoption_accountname",
    "Hostname_str": "clientoption_hostname",
    "Port_u32": 0,
    "ProxyType_u32": 0,
    "ProxyName_str": "clientoption_proxyname",
    "ProxyPort_u32": 0,
    "ProxyUsername_str": "clientoption_proxyusername",
    "ProxyPassword_str": "clientoption_proxypassword",
    "HubName_str": "clientoption_hubname",
    "MaxConnection_u32": 0,
    "UseEncrypt_bool": false,
    "UseCompress_bool": false,
    "HalfConnection_bool": false,
    "AdditionalConnectionInterval_u32": 0,
    "ConnectionDisconnectSpan_u32": 0,
    "DisableQoS_bool": false,
    "NoTls1_bool": false,
    "NoUdpAcceleration_bool": false,
    "AuthType_u32": 0,
    "Username_str": "clientauth_username",
    "HashedPassword_bin": "SGVsbG8gV29ybGQ=",
    "PlainPassword_str": "clientauth_plainpassword",
    "ClientX_bin": "SGVsbG8gV29ybGQ=",
    "ClientK_bin": "SGVsbG8gV29ybGQ=",
    "policy:DHCPFilter_bool": false,
    "policy:DHCPNoServer_bool": false,
    "policy:DHCPForce_bool": false,
    "SecPol_CheckMac_bool": false,
    "SecPol_CheckIP_bool": false,
    "policy:ArpDhcpOnly_bool": false,
    "policy:PrivacyFilter_bool": false,
    "policy:NoServer_bool": false,
    "policy:NoBroadcastLimiter_bool": false,
    "policy:MaxMac_u32": 0,
    "policy:MaxIP_u32": 0,
    "policy:MaxUpload_u32": 0,
    "policy:MaxDownload_u32": 0,
    "policy:RSandRAFilter_bool": false,
    "SecPol_RAFilter_bool": false,
    "policy:DHCPv6Filter_bool": false,
    "policy:DHCPv6NoServer_bool": false,
    "SecPol_CheckIPv6_bool": false,
    "policy:NoServerV6_bool": false,
    "policy:MaxIPv6_u32": 0,
    "policy:FilterIPv4_bool": false,
    "policy:FilterIPv6_bool": false,
    "policy:FilterNonIP_bool": false,
    "policy:NoIPv6DefaultRouterInRA_bool": false,
    "policy:VLanId_u32": 0,
    "policy:Ver3_bool": false
  }
}

Parameters

Name Type Description
HubName_Ex_str string (ASCII) The Virtual Hub name
Online_bool boolean Online flag
CheckServerCert_bool boolean The flag to enable validation for the server certificate
ServerCert_bin string (Base64 binary) The body of server X.509 certificate to compare. Valid only if the CheckServerCert_bool flag is true.
AccountName_utf string (UTF8) Client Option Parameters: Specify the name of the Cascade Connection
Hostname_str string (ASCII) Client Option Parameters: Specify the hostname of the destination VPN Server. You can also specify by IP address.
Port_u32 number (uint32) Client Option Parameters: Specify the port number of the destination VPN Server.
ProxyType_u32 number (enum) Client Option Parameters: The type of the proxy server
Values:
0: Direct TCP connection
1: Connection via HTTP proxy server
2: Connection via SOCKS proxy server
ProxyName_str string (ASCII) Client Option Parameters: The hostname or IP address of the proxy server name
ProxyPort_u32 number (uint32) Client Option Parameters: The port number of the proxy server
ProxyUsername_str string (ASCII) Client Option Parameters: The username to connect to the proxy server
ProxyPassword_str string (ASCII) Client Option Parameters: The password to connect to the proxy server
HubName_str string (ASCII) Client Option Parameters: The Virtual Hub on the destination VPN Server
MaxConnection_u32 number (uint32) Client Option Parameters: Number of TCP Connections to Use in VPN Communication
UseEncrypt_bool boolean Client Option Parameters: The flag to enable the encryption on the communication
UseCompress_bool boolean Client Option Parameters: Enable / Disable Data Compression when Communicating by Cascade Connection
HalfConnection_bool boolean Client Option Parameters: Specify true when enabling half duplex mode. When using two or more TCP connections for VPN communication, it is possible to use Half Duplex Mode. By enabling half duplex mode it is possible to automatically fix data transmission direction as half and half for each TCP connection. In the case where a VPN using 8 TCP connections is established, for example, when half-duplex is enabled, communication can be fixes so that 4 TCP connections are dedicated to the upload direction and the other 4 connections are dedicated to the download direction.
AdditionalConnectionInterval_u32 number (uint32) Client Option Parameters: Connection attempt interval when additional connection will be established
ConnectionDisconnectSpan_u32 number (uint32) Client Option Parameters: Connection Life of Each TCP Connection (0 for no keep-alive)
DisableQoS_bool boolean Client Option Parameters: Disable QoS Control Function if the value is true
NoTls1_bool boolean Client Option Parameters: Do not use TLS 1.x of the value is true
NoUdpAcceleration_bool boolean Client Option Parameters: Do not use UDP acceleration mode if the value is true
AuthType_u32 number (enum) Authentication type
Values:
0: Anonymous authentication
1: SHA-0 hashed password authentication
2: Plain password authentication
3: Certificate authentication
Username_str string (ASCII) User name
HashedPassword_bin string (Base64 binary) SHA-0 Hashed password. Valid only if ClientAuth_AuthType_u32 == SHA0_Hashed_Password (1). The SHA-0 hashed password must be caluclated by the SHA0(UpperCase(username_ascii_string) + password_ascii_string).
PlainPassword_str string (ASCII) Plaintext Password. Valid only if ClientAuth_AuthType_u32 == PlainPassword (2).
ClientX_bin string (Base64 binary) Client certificate. Valid only if ClientAuth_AuthType_u32 == Cert (3).
ClientK_bin string (Base64 binary) Client private key of the certificate. Valid only if ClientAuth_AuthType_u32 == Cert (3).
policy:DHCPFilter_bool boolean Security policy: Filter DHCP Packets (IPv4). All IPv4 DHCP packets in sessions defined this policy will be filtered.
policy:DHCPNoServer_bool boolean Security policy: Disallow DHCP Server Operation (IPv4). Computers connected to sessions that have this policy setting will not be allowed to become a DHCP server and distribute IPv4 addresses to DHCP clients.
policy:DHCPForce_bool boolean Security policy: Enforce DHCP Allocated IP Addresses (IPv4). Computers in sessions that have this policy setting will only be able to use IPv4 addresses allocated by a DHCP server on the virtual network side.
SecPol_CheckMac_bool boolean Security policy: Prohibit the duplicate MAC address
SecPol_CheckIP_bool boolean Security policy: Prohibit a duplicate IP address (IPv4)
policy:ArpDhcpOnly_bool boolean Security policy: Deny Non-ARP / Non-DHCP / Non-ICMPv6 broadcasts. The sending or receiving of broadcast packets that are not ARP protocol, DHCP protocol, nor ICMPv6 on the virtual network will not be allowed for sessions with this policy setting.
policy:PrivacyFilter_bool boolean Security policy: Privacy Filter Mode. All direct communication between sessions with the privacy filter mode policy setting will be filtered.
policy:NoServer_bool boolean Security policy: Deny Operation as TCP/IP Server (IPv4). Computers of sessions with this policy setting can't listen and accept TCP/IP connections in IPv4.
policy:NoBroadcastLimiter_bool boolean Security policy: Unlimited Number of Broadcasts. If a computer of a session with this policy setting sends broadcast packets of a number unusually larger than what would be considered normal on the virtual network, there will be no automatic limiting.
policy:MaxMac_u32 number (uint32) Security policy: Maximum Number of MAC Addresses. For sessions with this policy setting, this limits the number of MAC addresses per session.
policy:MaxIP_u32 number (uint32) Security policy: Maximum Number of IP Addresses (IPv4). For sessions with this policy setting, this specifies the number of IPv4 addresses that can be registered for a single session.
policy:MaxUpload_u32 number (uint32) Security policy: Upload Bandwidth. For sessions with this policy setting, this limits the traffic bandwidth that is in the inwards direction from outside to inside the Virtual Hub.
policy:MaxDownload_u32 number (uint32) Security policy: Download Bandwidth. For sessions with this policy setting, this limits the traffic bandwidth that is in the outwards direction from inside the Virtual Hub to outside the Virtual Hub.
policy:RSandRAFilter_bool boolean Security policy: Filter RS / RA Packets (IPv6). All ICMPv6 packets which the message-type is 133 (Router Solicitation) or 134 (Router Advertisement) in sessions defined this policy will be filtered. As a result, an IPv6 client will be unable to use IPv6 address prefix auto detection and IPv6 default gateway auto detection.
SecPol_RAFilter_bool boolean Security policy: Filter the router advertisement packet (IPv6)
policy:DHCPv6Filter_bool boolean Security policy: Filter DHCP Packets (IPv6). All IPv6 DHCP packets in sessions defined this policy will be filtered.
policy:DHCPv6NoServer_bool boolean Security policy: Disallow DHCP Server Operation (IPv6). Computers connected to sessions that have this policy setting will not be allowed to become a DHCP server and distribute IPv6 addresses to DHCP clients.
SecPol_CheckIPv6_bool boolean Security policy: Prohibit the duplicate IP address (IPv6)
policy:NoServerV6_bool boolean Security policy: Deny Operation as TCP/IP Server (IPv6). Computers of sessions with this policy setting can't listen and accept TCP/IP connections in IPv6.
policy:MaxIPv6_u32 number (uint32) Security policy: Maximum Number of IP Addresses (IPv6). For sessions with this policy setting, this specifies the number of IPv6 addresses that can be registered for a single session.
policy:FilterIPv4_bool boolean Security policy: Filter All IPv4 Packets. All IPv4 and ARP packets in sessions defined this policy will be filtered.
policy:FilterIPv6_bool boolean Security policy: Filter All IPv6 Packets. All IPv6 packets in sessions defined this policy will be filtered.
policy:FilterNonIP_bool boolean Security policy: Filter All Non-IP Packets. All non-IP packets in sessions defined this policy will be filtered. "Non-IP packet" mean a packet which is not IPv4, ARP nor IPv6. Any tagged-VLAN packets via the Virtual Hub will be regarded as non-IP packets.
policy:NoIPv6DefaultRouterInRA_bool boolean Security policy: No Default-Router on IPv6 RA. In all VPN Sessions defines this policy, any IPv6 RA (Router Advertisement) packet with non-zero value in the router-lifetime will set to zero-value. This is effective to avoid the horrible behavior from the IPv6 routing confusion which is caused by the VPN client's attempts to use the remote-side IPv6 router as its local IPv6 router.
policy:VLanId_u32 number (uint32) Security policy: VLAN ID (IEEE802.1Q). You can specify the VLAN ID on the security policy. All VPN Sessions defines this policy, all Ethernet packets toward the Virtual Hub from the user will be inserted a VLAN tag (IEEE 802.1Q) with the VLAN ID. The user can also receive only packets with a VLAN tag which has the same VLAN ID. (Receiving process removes the VLAN tag automatically.) Any Ethernet packets with any other VLAN IDs or non-VLAN packets will not be received. All VPN Sessions without this policy definition can send / receive any kinds of Ethernet packets regardless of VLAN tags, and VLAN tags are not inserted or removed automatically. Any tagged-VLAN packets via the Virtual Hub will be regarded as non-IP packets. Therefore, tagged-VLAN packets are not subjects for IPv4 / IPv6 security policies, access lists nor other IPv4 / IPv6 specific deep processing.
policy:Ver3_bool boolean Security policy: Whether version 3.0 (must be true)

"GetLink" RPC API - Get the Cascade Connection Setting

Description

Get the Cascade Connection Setting. Use this to get the Connection Setting of a Cascade Connection that is registered on the currently managed Virtual Hub. To change the Connection Setting contents of the Cascade Connection, use the APIs that include the name "Link" after creating the Cascade Connection. You cannot execute this API for Virtual Hubs of VPN Servers operating as a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "GetLink",
  "params": {
    "HubName_Ex_str": "hubname_ex",
    "AccountName_utf": "clientoption_accountname"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_Ex_str": "hubname_ex",
    "Online_bool": false,
    "CheckServerCert_bool": false,
    "ServerCert_bin": "SGVsbG8gV29ybGQ=",
    "AccountName_utf": "clientoption_accountname",
    "Hostname_str": "clientoption_hostname",
    "Port_u32": 0,
    "ProxyType_u32": 0,
    "ProxyName_str": "clientoption_proxyname",
    "ProxyPort_u32": 0,
    "ProxyUsername_str": "clientoption_proxyusername",
    "ProxyPassword_str": "clientoption_proxypassword",
    "HubName_str": "clientoption_hubname",
    "MaxConnection_u32": 0,
    "UseEncrypt_bool": false,
    "UseCompress_bool": false,
    "HalfConnection_bool": false,
    "AdditionalConnectionInterval_u32": 0,
    "ConnectionDisconnectSpan_u32": 0,
    "DisableQoS_bool": false,
    "NoTls1_bool": false,
    "NoUdpAcceleration_bool": false,
    "AuthType_u32": 0,
    "Username_str": "clientauth_username",
    "HashedPassword_bin": "SGVsbG8gV29ybGQ=",
    "PlainPassword_str": "clientauth_plainpassword",
    "ClientX_bin": "SGVsbG8gV29ybGQ=",
    "ClientK_bin": "SGVsbG8gV29ybGQ=",
    "policy:DHCPFilter_bool": false,
    "policy:DHCPNoServer_bool": false,
    "policy:DHCPForce_bool": false,
    "SecPol_CheckMac_bool": false,
    "SecPol_CheckIP_bool": false,
    "policy:ArpDhcpOnly_bool": false,
    "policy:PrivacyFilter_bool": false,
    "policy:NoServer_bool": false,
    "policy:NoBroadcastLimiter_bool": false,
    "policy:MaxMac_u32": 0,
    "policy:MaxIP_u32": 0,
    "policy:MaxUpload_u32": 0,
    "policy:MaxDownload_u32": 0,
    "policy:RSandRAFilter_bool": false,
    "SecPol_RAFilter_bool": false,
    "policy:DHCPv6Filter_bool": false,
    "policy:DHCPv6NoServer_bool": false,
    "SecPol_CheckIPv6_bool": false,
    "policy:NoServerV6_bool": false,
    "policy:MaxIPv6_u32": 0,
    "policy:FilterIPv4_bool": false,
    "policy:FilterIPv6_bool": false,
    "policy:FilterNonIP_bool": false,
    "policy:NoIPv6DefaultRouterInRA_bool": false,
    "policy:VLanId_u32": 0,
    "policy:Ver3_bool": false
  }
}

Parameters

Name Type Description
HubName_Ex_str string (ASCII) The Virtual Hub name
Online_bool boolean Online flag
CheckServerCert_bool boolean The flag to enable validation for the server certificate
ServerCert_bin string (Base64 binary) The body of server X.509 certificate to compare. Valid only if the CheckServerCert_bool flag is true.
AccountName_utf string (UTF8) Client Option Parameters: Specify the name of the Cascade Connection
Hostname_str string (ASCII) Client Option Parameters: Specify the hostname of the destination VPN Server. You can also specify by IP address.
Port_u32 number (uint32) Client Option Parameters: Specify the port number of the destination VPN Server.
ProxyType_u32 number (enum) Client Option Parameters: The type of the proxy server
Values:
0: Direct TCP connection
1: Connection via HTTP proxy server
2: Connection via SOCKS proxy server
ProxyName_str string (ASCII) Client Option Parameters: The hostname or IP address of the proxy server name
ProxyPort_u32 number (uint32) Client Option Parameters: The port number of the proxy server
ProxyUsername_str string (ASCII) Client Option Parameters: The username to connect to the proxy server
ProxyPassword_str string (ASCII) Client Option Parameters: The password to connect to the proxy server
HubName_str string (ASCII) Client Option Parameters: The Virtual Hub on the destination VPN Server
MaxConnection_u32 number (uint32) Client Option Parameters: Number of TCP Connections to Use in VPN Communication
UseEncrypt_bool boolean Client Option Parameters: The flag to enable the encryption on the communication
UseCompress_bool boolean Client Option Parameters: Enable / Disable Data Compression when Communicating by Cascade Connection
HalfConnection_bool boolean Client Option Parameters: Specify true when enabling half duplex mode. When using two or more TCP connections for VPN communication, it is possible to use Half Duplex Mode. By enabling half duplex mode it is possible to automatically fix data transmission direction as half and half for each TCP connection. In the case where a VPN using 8 TCP connections is established, for example, when half-duplex is enabled, communication can be fixes so that 4 TCP connections are dedicated to the upload direction and the other 4 connections are dedicated to the download direction.
AdditionalConnectionInterval_u32 number (uint32) Client Option Parameters: Connection attempt interval when additional connection will be established
ConnectionDisconnectSpan_u32 number (uint32) Client Option Parameters: Connection Life of Each TCP Connection (0 for no keep-alive)
DisableQoS_bool boolean Client Option Parameters: Disable QoS Control Function if the value is true
NoTls1_bool boolean Client Option Parameters: Do not use TLS 1.x of the value is true
NoUdpAcceleration_bool boolean Client Option Parameters: Do not use UDP acceleration mode if the value is true
AuthType_u32 number (enum) Authentication type
Values:
0: Anonymous authentication
1: SHA-0 hashed password authentication
2: Plain password authentication
3: Certificate authentication
Username_str string (ASCII) User name
HashedPassword_bin string (Base64 binary) SHA-0 Hashed password. Valid only if ClientAuth_AuthType_u32 == SHA0_Hashed_Password (1). The SHA-0 hashed password must be caluclated by the SHA0(UpperCase(username_ascii_string) + password_ascii_string).
PlainPassword_str string (ASCII) Plaintext Password. Valid only if ClientAuth_AuthType_u32 == PlainPassword (2).
ClientX_bin string (Base64 binary) Client certificate. Valid only if ClientAuth_AuthType_u32 == Cert (3).
ClientK_bin string (Base64 binary) Client private key of the certificate. Valid only if ClientAuth_AuthType_u32 == Cert (3).
policy:DHCPFilter_bool boolean Security policy: Filter DHCP Packets (IPv4). All IPv4 DHCP packets in sessions defined this policy will be filtered.
policy:DHCPNoServer_bool boolean Security policy: Disallow DHCP Server Operation (IPv4). Computers connected to sessions that have this policy setting will not be allowed to become a DHCP server and distribute IPv4 addresses to DHCP clients.
policy:DHCPForce_bool boolean Security policy: Enforce DHCP Allocated IP Addresses (IPv4). Computers in sessions that have this policy setting will only be able to use IPv4 addresses allocated by a DHCP server on the virtual network side.
SecPol_CheckMac_bool boolean Security policy: Prohibit the duplicate MAC address
SecPol_CheckIP_bool boolean Security policy: Prohibit a duplicate IP address (IPv4)
policy:ArpDhcpOnly_bool boolean Security policy: Deny Non-ARP / Non-DHCP / Non-ICMPv6 broadcasts. The sending or receiving of broadcast packets that are not ARP protocol, DHCP protocol, nor ICMPv6 on the virtual network will not be allowed for sessions with this policy setting.
policy:PrivacyFilter_bool boolean Security policy: Privacy Filter Mode. All direct communication between sessions with the privacy filter mode policy setting will be filtered.
policy:NoServer_bool boolean Security policy: Deny Operation as TCP/IP Server (IPv4). Computers of sessions with this policy setting can't listen and accept TCP/IP connections in IPv4.
policy:NoBroadcastLimiter_bool boolean Security policy: Unlimited Number of Broadcasts. If a computer of a session with this policy setting sends broadcast packets of a number unusually larger than what would be considered normal on the virtual network, there will be no automatic limiting.
policy:MaxMac_u32 number (uint32) Security policy: Maximum Number of MAC Addresses. For sessions with this policy setting, this limits the number of MAC addresses per session.
policy:MaxIP_u32 number (uint32) Security policy: Maximum Number of IP Addresses (IPv4). For sessions with this policy setting, this specifies the number of IPv4 addresses that can be registered for a single session.
policy:MaxUpload_u32 number (uint32) Security policy: Upload Bandwidth. For sessions with this policy setting, this limits the traffic bandwidth that is in the inwards direction from outside to inside the Virtual Hub.
policy:MaxDownload_u32 number (uint32) Security policy: Download Bandwidth. For sessions with this policy setting, this limits the traffic bandwidth that is in the outwards direction from inside the Virtual Hub to outside the Virtual Hub.
policy:RSandRAFilter_bool boolean Security policy: Filter RS / RA Packets (IPv6). All ICMPv6 packets which the message-type is 133 (Router Solicitation) or 134 (Router Advertisement) in sessions defined this policy will be filtered. As a result, an IPv6 client will be unable to use IPv6 address prefix auto detection and IPv6 default gateway auto detection.
SecPol_RAFilter_bool boolean Security policy: Filter the router advertisement packet (IPv6)
policy:DHCPv6Filter_bool boolean Security policy: Filter DHCP Packets (IPv6). All IPv6 DHCP packets in sessions defined this policy will be filtered.
policy:DHCPv6NoServer_bool boolean Security policy: Disallow DHCP Server Operation (IPv6). Computers connected to sessions that have this policy setting will not be allowed to become a DHCP server and distribute IPv6 addresses to DHCP clients.
SecPol_CheckIPv6_bool boolean Security policy: Prohibit the duplicate IP address (IPv6)
policy:NoServerV6_bool boolean Security policy: Deny Operation as TCP/IP Server (IPv6). Computers of sessions with this policy setting can't listen and accept TCP/IP connections in IPv6.
policy:MaxIPv6_u32 number (uint32) Security policy: Maximum Number of IP Addresses (IPv6). For sessions with this policy setting, this specifies the number of IPv6 addresses that can be registered for a single session.
policy:FilterIPv4_bool boolean Security policy: Filter All IPv4 Packets. All IPv4 and ARP packets in sessions defined this policy will be filtered.
policy:FilterIPv6_bool boolean Security policy: Filter All IPv6 Packets. All IPv6 packets in sessions defined this policy will be filtered.
policy:FilterNonIP_bool boolean Security policy: Filter All Non-IP Packets. All non-IP packets in sessions defined this policy will be filtered. "Non-IP packet" mean a packet which is not IPv4, ARP nor IPv6. Any tagged-VLAN packets via the Virtual Hub will be regarded as non-IP packets.
policy:NoIPv6DefaultRouterInRA_bool boolean Security policy: No Default-Router on IPv6 RA. In all VPN Sessions defines this policy, any IPv6 RA (Router Advertisement) packet with non-zero value in the router-lifetime will set to zero-value. This is effective to avoid the horrible behavior from the IPv6 routing confusion which is caused by the VPN client's attempts to use the remote-side IPv6 router as its local IPv6 router.
policy:VLanId_u32 number (uint32) Security policy: VLAN ID (IEEE802.1Q). You can specify the VLAN ID on the security policy. All VPN Sessions defines this policy, all Ethernet packets toward the Virtual Hub from the user will be inserted a VLAN tag (IEEE 802.1Q) with the VLAN ID. The user can also receive only packets with a VLAN tag which has the same VLAN ID. (Receiving process removes the VLAN tag automatically.) Any Ethernet packets with any other VLAN IDs or non-VLAN packets will not be received. All VPN Sessions without this policy definition can send / receive any kinds of Ethernet packets regardless of VLAN tags, and VLAN tags are not inserted or removed automatically. Any tagged-VLAN packets via the Virtual Hub will be regarded as non-IP packets. Therefore, tagged-VLAN packets are not subjects for IPv4 / IPv6 security policies, access lists nor other IPv4 / IPv6 specific deep processing.
policy:Ver3_bool boolean Security policy: Whether version 3.0 (must be true)

"SetLink" RPC API - Change Existing Cascade Connection

Description

Change Existing Cascade Connection. Use this to alter the setting of an existing Cascade Connection on the currently managed Virtual Hub.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "SetLink",
  "params": {
    "HubName_Ex_str": "hubname_ex",
    "CheckServerCert_bool": false,
    "AccountName_utf": "clientoption_accountname",
    "Hostname_str": "clientoption_hostname",
    "Port_u32": 0,
    "ProxyType_u32": 0,
    "HubName_str": "clientoption_hubname",
    "MaxConnection_u32": 0,
    "UseEncrypt_bool": false,
    "UseCompress_bool": false,
    "HalfConnection_bool": false,
    "AdditionalConnectionInterval_u32": 0,
    "ConnectionDisconnectSpan_u32": 0,
    "AuthType_u32": 0,
    "Username_str": "clientauth_username",
    "HashedPassword_bin": "SGVsbG8gV29ybGQ=",
    "PlainPassword_str": "clientauth_plainpassword",
    "ClientX_bin": "SGVsbG8gV29ybGQ=",
    "ClientK_bin": "SGVsbG8gV29ybGQ=",
    "policy:DHCPFilter_bool": false,
    "policy:DHCPNoServer_bool": false,
    "policy:DHCPForce_bool": false,
    "SecPol_CheckMac_bool": false,
    "SecPol_CheckIP_bool": false,
    "policy:ArpDhcpOnly_bool": false,
    "policy:PrivacyFilter_bool": false,
    "policy:NoServer_bool": false,
    "policy:NoBroadcastLimiter_bool": false,
    "policy:MaxMac_u32": 0,
    "policy:MaxIP_u32": 0,
    "policy:MaxUpload_u32": 0,
    "policy:MaxDownload_u32": 0,
    "policy:RSandRAFilter_bool": false,
    "SecPol_RAFilter_bool": false,
    "policy:DHCPv6Filter_bool": false,
    "policy:DHCPv6NoServer_bool": false,
    "SecPol_CheckIPv6_bool": false,
    "policy:NoServerV6_bool": false,
    "policy:MaxIPv6_u32": 0,
    "policy:FilterIPv4_bool": false,
    "policy:FilterIPv6_bool": false,
    "policy:FilterNonIP_bool": false,
    "policy:NoIPv6DefaultRouterInRA_bool": false,
    "policy:VLanId_u32": 0,
    "policy:Ver3_bool": false
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_Ex_str": "hubname_ex",
    "Online_bool": false,
    "CheckServerCert_bool": false,
    "ServerCert_bin": "SGVsbG8gV29ybGQ=",
    "AccountName_utf": "clientoption_accountname",
    "Hostname_str": "clientoption_hostname",
    "Port_u32": 0,
    "ProxyType_u32": 0,
    "ProxyName_str": "clientoption_proxyname",
    "ProxyPort_u32": 0,
    "ProxyUsername_str": "clientoption_proxyusername",
    "ProxyPassword_str": "clientoption_proxypassword",
    "HubName_str": "clientoption_hubname",
    "MaxConnection_u32": 0,
    "UseEncrypt_bool": false,
    "UseCompress_bool": false,
    "HalfConnection_bool": false,
    "AdditionalConnectionInterval_u32": 0,
    "ConnectionDisconnectSpan_u32": 0,
    "DisableQoS_bool": false,
    "NoTls1_bool": false,
    "NoUdpAcceleration_bool": false,
    "AuthType_u32": 0,
    "Username_str": "clientauth_username",
    "HashedPassword_bin": "SGVsbG8gV29ybGQ=",
    "PlainPassword_str": "clientauth_plainpassword",
    "ClientX_bin": "SGVsbG8gV29ybGQ=",
    "ClientK_bin": "SGVsbG8gV29ybGQ=",
    "policy:DHCPFilter_bool": false,
    "policy:DHCPNoServer_bool": false,
    "policy:DHCPForce_bool": false,
    "SecPol_CheckMac_bool": false,
    "SecPol_CheckIP_bool": false,
    "policy:ArpDhcpOnly_bool": false,
    "policy:PrivacyFilter_bool": false,
    "policy:NoServer_bool": false,
    "policy:NoBroadcastLimiter_bool": false,
    "policy:MaxMac_u32": 0,
    "policy:MaxIP_u32": 0,
    "policy:MaxUpload_u32": 0,
    "policy:MaxDownload_u32": 0,
    "policy:RSandRAFilter_bool": false,
    "SecPol_RAFilter_bool": false,
    "policy:DHCPv6Filter_bool": false,
    "policy:DHCPv6NoServer_bool": false,
    "SecPol_CheckIPv6_bool": false,
    "policy:NoServerV6_bool": false,
    "policy:MaxIPv6_u32": 0,
    "policy:FilterIPv4_bool": false,
    "policy:FilterIPv6_bool": false,
    "policy:FilterNonIP_bool": false,
    "policy:NoIPv6DefaultRouterInRA_bool": false,
    "policy:VLanId_u32": 0,
    "policy:Ver3_bool": false
  }
}

Parameters

Name Type Description
HubName_Ex_str string (ASCII) The Virtual Hub name
Online_bool boolean Online flag
CheckServerCert_bool boolean The flag to enable validation for the server certificate
ServerCert_bin string (Base64 binary) The body of server X.509 certificate to compare. Valid only if the CheckServerCert_bool flag is true.
AccountName_utf string (UTF8) Client Option Parameters: Specify the name of the Cascade Connection
Hostname_str string (ASCII) Client Option Parameters: Specify the hostname of the destination VPN Server. You can also specify by IP address.
Port_u32 number (uint32) Client Option Parameters: Specify the port number of the destination VPN Server.
ProxyType_u32 number (enum) Client Option Parameters: The type of the proxy server
Values:
0: Direct TCP connection
1: Connection via HTTP proxy server
2: Connection via SOCKS proxy server
ProxyName_str string (ASCII) Client Option Parameters: The hostname or IP address of the proxy server name
ProxyPort_u32 number (uint32) Client Option Parameters: The port number of the proxy server
ProxyUsername_str string (ASCII) Client Option Parameters: The username to connect to the proxy server
ProxyPassword_str string (ASCII) Client Option Parameters: The password to connect to the proxy server
HubName_str string (ASCII) Client Option Parameters: The Virtual Hub on the destination VPN Server
MaxConnection_u32 number (uint32) Client Option Parameters: Number of TCP Connections to Use in VPN Communication
UseEncrypt_bool boolean Client Option Parameters: The flag to enable the encryption on the communication
UseCompress_bool boolean Client Option Parameters: Enable / Disable Data Compression when Communicating by Cascade Connection
HalfConnection_bool boolean Client Option Parameters: Specify true when enabling half duplex mode. When using two or more TCP connections for VPN communication, it is possible to use Half Duplex Mode. By enabling half duplex mode it is possible to automatically fix data transmission direction as half and half for each TCP connection. In the case where a VPN using 8 TCP connections is established, for example, when half-duplex is enabled, communication can be fixes so that 4 TCP connections are dedicated to the upload direction and the other 4 connections are dedicated to the download direction.
AdditionalConnectionInterval_u32 number (uint32) Client Option Parameters: Connection attempt interval when additional connection will be established
ConnectionDisconnectSpan_u32 number (uint32) Client Option Parameters: Connection Life of Each TCP Connection (0 for no keep-alive)
DisableQoS_bool boolean Client Option Parameters: Disable QoS Control Function if the value is true
NoTls1_bool boolean Client Option Parameters: Do not use TLS 1.x of the value is true
NoUdpAcceleration_bool boolean Client Option Parameters: Do not use UDP acceleration mode if the value is true
AuthType_u32 number (enum) Authentication type
Values:
0: Anonymous authentication
1: SHA-0 hashed password authentication
2: Plain password authentication
3: Certificate authentication
Username_str string (ASCII) User name
HashedPassword_bin string (Base64 binary) SHA-0 Hashed password. Valid only if ClientAuth_AuthType_u32 == SHA0_Hashed_Password (1). The SHA-0 hashed password must be caluclated by the SHA0(UpperCase(username_ascii_string) + password_ascii_string).
PlainPassword_str string (ASCII) Plaintext Password. Valid only if ClientAuth_AuthType_u32 == PlainPassword (2).
ClientX_bin string (Base64 binary) Client certificate. Valid only if ClientAuth_AuthType_u32 == Cert (3).
ClientK_bin string (Base64 binary) Client private key of the certificate. Valid only if ClientAuth_AuthType_u32 == Cert (3).
policy:DHCPFilter_bool boolean Security policy: Filter DHCP Packets (IPv4). All IPv4 DHCP packets in sessions defined this policy will be filtered.
policy:DHCPNoServer_bool boolean Security policy: Disallow DHCP Server Operation (IPv4). Computers connected to sessions that have this policy setting will not be allowed to become a DHCP server and distribute IPv4 addresses to DHCP clients.
policy:DHCPForce_bool boolean Security policy: Enforce DHCP Allocated IP Addresses (IPv4). Computers in sessions that have this policy setting will only be able to use IPv4 addresses allocated by a DHCP server on the virtual network side.
SecPol_CheckMac_bool boolean Security policy: Prohibit the duplicate MAC address
SecPol_CheckIP_bool boolean Security policy: Prohibit a duplicate IP address (IPv4)
policy:ArpDhcpOnly_bool boolean Security policy: Deny Non-ARP / Non-DHCP / Non-ICMPv6 broadcasts. The sending or receiving of broadcast packets that are not ARP protocol, DHCP protocol, nor ICMPv6 on the virtual network will not be allowed for sessions with this policy setting.
policy:PrivacyFilter_bool boolean Security policy: Privacy Filter Mode. All direct communication between sessions with the privacy filter mode policy setting will be filtered.
policy:NoServer_bool boolean Security policy: Deny Operation as TCP/IP Server (IPv4). Computers of sessions with this policy setting can't listen and accept TCP/IP connections in IPv4.
policy:NoBroadcastLimiter_bool boolean Security policy: Unlimited Number of Broadcasts. If a computer of a session with this policy setting sends broadcast packets of a number unusually larger than what would be considered normal on the virtual network, there will be no automatic limiting.
policy:MaxMac_u32 number (uint32) Security policy: Maximum Number of MAC Addresses. For sessions with this policy setting, this limits the number of MAC addresses per session.
policy:MaxIP_u32 number (uint32) Security policy: Maximum Number of IP Addresses (IPv4). For sessions with this policy setting, this specifies the number of IPv4 addresses that can be registered for a single session.
policy:MaxUpload_u32 number (uint32) Security policy: Upload Bandwidth. For sessions with this policy setting, this limits the traffic bandwidth that is in the inwards direction from outside to inside the Virtual Hub.
policy:MaxDownload_u32 number (uint32) Security policy: Download Bandwidth. For sessions with this policy setting, this limits the traffic bandwidth that is in the outwards direction from inside the Virtual Hub to outside the Virtual Hub.
policy:RSandRAFilter_bool boolean Security policy: Filter RS / RA Packets (IPv6). All ICMPv6 packets which the message-type is 133 (Router Solicitation) or 134 (Router Advertisement) in sessions defined this policy will be filtered. As a result, an IPv6 client will be unable to use IPv6 address prefix auto detection and IPv6 default gateway auto detection.
SecPol_RAFilter_bool boolean Security policy: Filter the router advertisement packet (IPv6)
policy:DHCPv6Filter_bool boolean Security policy: Filter DHCP Packets (IPv6). All IPv6 DHCP packets in sessions defined this policy will be filtered.
policy:DHCPv6NoServer_bool boolean Security policy: Disallow DHCP Server Operation (IPv6). Computers connected to sessions that have this policy setting will not be allowed to become a DHCP server and distribute IPv6 addresses to DHCP clients.
SecPol_CheckIPv6_bool boolean Security policy: Prohibit the duplicate IP address (IPv6)
policy:NoServerV6_bool boolean Security policy: Deny Operation as TCP/IP Server (IPv6). Computers of sessions with this policy setting can't listen and accept TCP/IP connections in IPv6.
policy:MaxIPv6_u32 number (uint32) Security policy: Maximum Number of IP Addresses (IPv6). For sessions with this policy setting, this specifies the number of IPv6 addresses that can be registered for a single session.
policy:FilterIPv4_bool boolean Security policy: Filter All IPv4 Packets. All IPv4 and ARP packets in sessions defined this policy will be filtered.
policy:FilterIPv6_bool boolean Security policy: Filter All IPv6 Packets. All IPv6 packets in sessions defined this policy will be filtered.
policy:FilterNonIP_bool boolean Security policy: Filter All Non-IP Packets. All non-IP packets in sessions defined this policy will be filtered. "Non-IP packet" mean a packet which is not IPv4, ARP nor IPv6. Any tagged-VLAN packets via the Virtual Hub will be regarded as non-IP packets.
policy:NoIPv6DefaultRouterInRA_bool boolean Security policy: No Default-Router on IPv6 RA. In all VPN Sessions defines this policy, any IPv6 RA (Router Advertisement) packet with non-zero value in the router-lifetime will set to zero-value. This is effective to avoid the horrible behavior from the IPv6 routing confusion which is caused by the VPN client's attempts to use the remote-side IPv6 router as its local IPv6 router.
policy:VLanId_u32 number (uint32) Security policy: VLAN ID (IEEE802.1Q). You can specify the VLAN ID on the security policy. All VPN Sessions defines this policy, all Ethernet packets toward the Virtual Hub from the user will be inserted a VLAN tag (IEEE 802.1Q) with the VLAN ID. The user can also receive only packets with a VLAN tag which has the same VLAN ID. (Receiving process removes the VLAN tag automatically.) Any Ethernet packets with any other VLAN IDs or non-VLAN packets will not be received. All VPN Sessions without this policy definition can send / receive any kinds of Ethernet packets regardless of VLAN tags, and VLAN tags are not inserted or removed automatically. Any tagged-VLAN packets via the Virtual Hub will be regarded as non-IP packets. Therefore, tagged-VLAN packets are not subjects for IPv4 / IPv6 security policies, access lists nor other IPv4 / IPv6 specific deep processing.
policy:Ver3_bool boolean Security policy: Whether version 3.0 (must be true)

"EnumLink" RPC API - Get List of Cascade Connections

Description

Get List of Cascade Connections. Use this to get a list of Cascade Connections that are registered on the currently managed Virtual Hub. By using a Cascade Connection, you can connect this Virtual Hub by Layer 2 Cascade Connection to another Virtual Hub that is operating on the same or a different computer. [Warning About Cascade Connections] By connecting using a Cascade Connection you can create a Layer 2 bridge between multiple Virtual Hubs but if the connection is incorrectly configured, a loopback Cascade Connection could inadvertently be created. When using a Cascade Connection function please design the network topology with care. You cannot execute this API for Virtual Hubs of VPN Servers operating as a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "EnumLink",
  "params": {
    "HubName_str": "hubname"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "NumLink_u32": 0,
    "LinkList": [
      {
        "AccountName_utf": "accountname",
        "Online_bool": false,
        "Connected_bool": false,
        "LastError_u32": 0,
        "ConnectedTime_dt": "2020-08-01T12:24:36.123",
        "Hostname_str": "hostname",
        "TargetHubName_str": "targethubname"
      },
      {
        "AccountName_utf": "accountname",
        "Online_bool": false,
        "Connected_bool": false,
        "LastError_u32": 0,
        "ConnectedTime_dt": "2020-08-01T12:24:36.123",
        "Hostname_str": "hostname",
        "TargetHubName_str": "targethubname"
      },
      {
        "AccountName_utf": "accountname",
        "Online_bool": false,
        "Connected_bool": false,
        "LastError_u32": 0,
        "ConnectedTime_dt": "2020-08-01T12:24:36.123",
        "Hostname_str": "hostname",
        "TargetHubName_str": "targethubname"
      }
    ]
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
NumLink_u32 number (uint32) Number of cascade connections
LinkList Array object The list of cascade connections
AccountName_utf string (UTF8) The name of cascade connection
Online_bool boolean Online flag
Connected_bool boolean The flag indicates whether the cascade connection is established
LastError_u32 number (uint32) The error last occurred if the cascade connection is in the fail state
ConnectedTime_dt Date Connection completion time
Hostname_str string (ASCII) Host name of the destination VPN server
TargetHubName_str string (ASCII) The Virtual Hub name

"SetLinkOnline" RPC API - Switch Cascade Connection to Online Status

Description

Switch Cascade Connection to Online Status. When a Cascade Connection registered on the currently managed Virtual Hub is specified, use this to switch that Cascade Connection to online status. The Cascade Connection that is switched to online status begins the process of connecting to the destination VPN Server in accordance with the Connection Setting. The Cascade Connection that is switched to online status will establish normal connection to the VPN Server or continue to attempt connection until it is switched to offline status. You cannot execute this API for Virtual Hubs of VPN Servers operating as a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "SetLinkOnline",
  "params": {
    "HubName_str": "hubname",
    "AccountName_utf": "accountname"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "AccountName_utf": "accountname"
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
AccountName_utf string (UTF8) The name of the cascade connection

"SetLinkOffline" RPC API - Switch Cascade Connection to Offline Status

Description

Switch Cascade Connection to Offline Status. When a Cascade Connection registered on the currently managed Virtual Hub is specified, use this to switch that Cascade Connection to offline status. The Cascade Connection that is switched to offline will not connect to the VPN Server until next time it is switched to the online status using the SetLinkOnline API You cannot execute this API for Virtual Hubs of VPN Servers operating as a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "SetLinkOffline",
  "params": {
    "HubName_str": "hubname",
    "AccountName_utf": "accountname"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "AccountName_utf": "accountname"
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
AccountName_utf string (UTF8) The name of the cascade connection

"DeleteLink" RPC API - Delete Cascade Connection Setting

Description

Delete Cascade Connection Setting. Use this to delete a Cascade Connection that is registered on the currently managed Virtual Hub. If the specified Cascade Connection has a status of online, the connections will be automatically disconnected and then the Cascade Connection will be deleted. You cannot execute this API for Virtual Hubs of VPN Servers operating as a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "DeleteLink",
  "params": {
    "HubName_str": "hubname",
    "AccountName_utf": "accountname"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "AccountName_utf": "accountname"
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
AccountName_utf string (UTF8) The name of the cascade connection

"RenameLink" RPC API - Change Name of Cascade Connection

Description

Change Name of Cascade Connection. When a Cascade Connection registered on the currently managed Virtual Hub is specified, use this to change the name of that Cascade Connection. You cannot execute this API for Virtual Hubs of VPN Servers operating as a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "RenameLink",
  "params": {
    "HubName_str": "hubname",
    "OldAccountName_utf": "oldaccountname",
    "NewAccountName_utf": "newaccountname"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "OldAccountName_utf": "oldaccountname",
    "NewAccountName_utf": "newaccountname"
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
OldAccountName_utf string (UTF8) The old name of the cascade connection
NewAccountName_utf string (UTF8) The new name of the cascade connection

"GetLinkStatus" RPC API - Get Current Cascade Connection Status

Description

Get Current Cascade Connection Status. When a Cascade Connection registered on the currently managed Virtual Hub is specified and that Cascade Connection is currently online, use this to get its connection status and other information. You cannot execute this API for Virtual Hubs of VPN Servers operating as a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "GetLinkStatus",
  "params": {
    "HubName_Ex_str": "hubname_ex",
    "AccountName_utf": "accountname"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_Ex_str": "hubname_ex",
    "AccountName_utf": "accountname",
    "Active_bool": false,
    "Connected_bool": false,
    "SessionStatus_u32": 0,
    "ServerName_str": "servername",
    "ServerPort_u32": 0,
    "ServerProductName_str": "serverproductname",
    "ServerProductVer_u32": 0,
    "ServerProductBuild_u32": 0,
    "ServerX_bin": "SGVsbG8gV29ybGQ=",
    "ClientX_bin": "SGVsbG8gV29ybGQ=",
    "StartTime_dt": "2020-08-01T12:24:36.123",
    "FirstConnectionEstablisiedTime_dt": "2020-08-01T12:24:36.123",
    "CurrentConnectionEstablishTime_dt": "2020-08-01T12:24:36.123",
    "NumConnectionsEatablished_u32": 0,
    "HalfConnection_bool": false,
    "QoS_bool": false,
    "MaxTcpConnections_u32": 0,
    "NumTcpConnections_u32": 0,
    "NumTcpConnectionsUpload_u32": 0,
    "NumTcpConnectionsDownload_u32": 0,
    "UseEncrypt_bool": false,
    "CipherName_str": "ciphername",
    "UseCompress_bool": false,
    "IsRUDPSession_bool": false,
    "UnderlayProtocol_str": "underlayprotocol",
    "IsUdpAccelerationEnabled_bool": false,
    "IsUsingUdpAcceleration_bool": false,
    "SessionName_str": "sessionname",
    "ConnectionName_str": "connectionname",
    "SessionKey_bin": "SGVsbG8gV29ybGQ=",
    "TotalSendSize_u64": 0,
    "TotalRecvSize_u64": 0,
    "TotalSendSizeReal_u64": 0,
    "TotalRecvSizeReal_u64": 0,
    "IsBridgeMode_bool": false,
    "IsMonitorMode_bool": false,
    "VLanId_u32": 0
  }
}

Parameters

Name Type Description
HubName_Ex_str string (ASCII) The Virtual Hub name
AccountName_utf string (UTF8) The name of the cascade connection
Active_bool boolean The flag whether the cascade connection is enabled
Connected_bool boolean The flag whether the cascade connection is established
SessionStatus_u32 number (enum) The session status
Values:
0: Connecting
1: Negotiating
2: During user authentication
3: Connection complete
4: Wait to retry
5: Idle state
ServerName_str string (ASCII) The destination VPN server name
ServerPort_u32 number (uint32) The port number of the server
ServerProductName_str string (ASCII) Server product name
ServerProductVer_u32 number (uint32) Server product version
ServerProductBuild_u32 number (uint32) Server product build number
ServerX_bin string (Base64 binary) Server's X.509 certificate
ClientX_bin string (Base64 binary) Client certificate
StartTime_dt Date Connection start time
FirstConnectionEstablisiedTime_dt Date Connection completion time of the first connection
CurrentConnectionEstablishTime_dt Date Connection completion time of this connection
NumConnectionsEatablished_u32 number (uint32) Number of connections have been established so far
HalfConnection_bool boolean Half-connection
QoS_bool boolean VoIP / QoS
MaxTcpConnections_u32 number (uint32) Maximum number of the underlying TCP connections
NumTcpConnections_u32 number (uint32) Number of current underlying TCP connections
NumTcpConnectionsUpload_u32 number (uint32) Number of underlying inbound TCP connections
NumTcpConnectionsDownload_u32 number (uint32) Number of underlying outbound TCP connections
UseEncrypt_bool boolean Use of encryption
CipherName_str string (ASCII) Cipher algorithm name
UseCompress_bool boolean Use of compression
IsRUDPSession_bool boolean The flag whether this is a R-UDP session
UnderlayProtocol_str string (ASCII) Underlying physical communication protocol
IsUdpAccelerationEnabled_bool boolean The UDP acceleration is enabled
IsUsingUdpAcceleration_bool boolean The UDP acceleration is being actually used
SessionName_str string (ASCII) Session name
ConnectionName_str string (ASCII) Connection name
SessionKey_bin string (Base64 binary) Session key
TotalSendSize_u64 number (uint64) Total transmitted data size
TotalRecvSize_u64 number (uint64) Total received data size
TotalSendSizeReal_u64 number (uint64) Total transmitted data size (no compression)
TotalRecvSizeReal_u64 number (uint64) Total received data size (no compression)
IsBridgeMode_bool boolean The flag whether the VPN session is Bridge Mode
IsMonitorMode_bool boolean The flag whether the VPN session is Monitor mode
VLanId_u32 number (uint32) VLAN ID

"AddAccess" RPC API - Add Access List Rule

Description

Add Access List Rule. Use this to add a new rule to the access list of the currently managed Virtual Hub. The access list is a set of packet file rules that are applied to packets that flow through the Virtual Hub. You can register multiple rules in an access list and you can also define an priority for each rule. All packets are checked for the conditions specified by the rules registered in the access list and based on the operation that is stipulated by the first matching rule, they either pass or are discarded. Packets that do not match any rule are implicitly allowed to pass. You can also use the access list to generate delays, jitters and packet losses. This API cannot be invoked on VPN Bridge. You cannot execute this API for Virtual Hubs of VPN Servers operating as a member server on a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "AddAccess",
  "params": {
    "HubName_str": "hubname",
    "AccessListSingle": [
      {
        "Id_u32": 0,
        "Note_utf": "note",
        "Active_bool": false,
        "Priority_u32": 0,
        "Discard_bool": false,
        "IsIPv6_bool": false,
        "SrcIpAddress_ip": "192.168.0.1",
        "SrcSubnetMask_ip": "255.255.255.255",
        "DestIpAddress_ip": "192.168.0.1",
        "DestSubnetMask_ip": "255.255.255.255",
        "SrcIpAddress6_bin": "SGVsbG8gV29ybGQ=",
        "SrcSubnetMask6_bin": "SGVsbG8gV29ybGQ=",
        "DestIpAddress6_bin": "SGVsbG8gV29ybGQ=",
        "DestSubnetMask6_bin": "SGVsbG8gV29ybGQ=",
        "Protocol_u32": 0,
        "SrcPortStart_u32": 0,
        "SrcPortEnd_u32": 0,
        "DestPortStart_u32": 0,
        "DestPortEnd_u32": 0,
        "SrcUsername_str": "srcusername",
        "DestUsername_str": "destusername",
        "CheckSrcMac_bool": false,
        "SrcMacAddress_bin": "SGVsbG8gV29ybGQ=",
        "SrcMacMask_bin": "SGVsbG8gV29ybGQ=",
        "CheckDstMac_bool": false,
        "DstMacAddress_bin": "SGVsbG8gV29ybGQ=",
        "DstMacMask_bin": "SGVsbG8gV29ybGQ=",
        "CheckTcpState_bool": false,
        "Established_bool": false,
        "Delay_u32": 0,
        "Jitter_u32": 0,
        "Loss_u32": 0,
        "RedirectUrl_str": "redirecturl"
      }
    ]
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "AccessListSingle": [
      {
        "Id_u32": 0,
        "Note_utf": "note",
        "Active_bool": false,
        "Priority_u32": 0,
        "Discard_bool": false,
        "IsIPv6_bool": false,
        "SrcIpAddress_ip": "192.168.0.1",
        "SrcSubnetMask_ip": "255.255.255.255",
        "DestIpAddress_ip": "192.168.0.1",
        "DestSubnetMask_ip": "255.255.255.255",
        "SrcIpAddress6_bin": "SGVsbG8gV29ybGQ=",
        "SrcSubnetMask6_bin": "SGVsbG8gV29ybGQ=",
        "DestIpAddress6_bin": "SGVsbG8gV29ybGQ=",
        "DestSubnetMask6_bin": "SGVsbG8gV29ybGQ=",
        "Protocol_u32": 0,
        "SrcPortStart_u32": 0,
        "SrcPortEnd_u32": 0,
        "DestPortStart_u32": 0,
        "DestPortEnd_u32": 0,
        "SrcUsername_str": "srcusername",
        "DestUsername_str": "destusername",
        "CheckSrcMac_bool": false,
        "SrcMacAddress_bin": "SGVsbG8gV29ybGQ=",
        "SrcMacMask_bin": "SGVsbG8gV29ybGQ=",
        "CheckDstMac_bool": false,
        "DstMacAddress_bin": "SGVsbG8gV29ybGQ=",
        "DstMacMask_bin": "SGVsbG8gV29ybGQ=",
        "CheckTcpState_bool": false,
        "Established_bool": false,
        "Delay_u32": 0,
        "Jitter_u32": 0,
        "Loss_u32": 0,
        "RedirectUrl_str": "redirecturl"
      }
    ]
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
AccessListSingle Array object Access list (Must be a single item)
Id_u32 number (uint32) ID
Note_utf string (UTF8) Specify a description (note) for this rule
Active_bool boolean Enabled flag (true: enabled, false: disabled)
Priority_u32 number (uint32) Specify an integer of 1 or higher to indicate the priority of the rule. Higher priority is given to rules with the lower priority values.
Discard_bool boolean The flag if the rule is DISCARD operation or PASS operation. When a packet matches this rule condition, this operation is decided. When the operation of the rule is PASS, the packet is allowed to pass, otherwise the packet will be discarded.
IsIPv6_bool boolean The flag if the rule is for IPv6. Specify false for IPv4, or specify true for IPv6.
SrcIpAddress_ip string (IP address) Valid only if the rule is IPv4 mode (IsIPv6_bool == false). Specify a source IPv4 address as a rule condition. You must also specify the SrcSubnetMask_ip field.
SrcSubnetMask_ip string (IP address) Valid only if the rule is IPv4 mode (IsIPv6_bool == false). Specify a source IPv4 subnet mask as a rule condition. "0.0.0.0" means all hosts. "255.255.255.255" means one single host.
DestIpAddress_ip string (IP address) Valid only if the rule is IPv4 mode (IsIPv6_bool == false). Specify a destination IPv4 address as a rule condition. You must also specify the DestSubnetMask_ip field.
DestSubnetMask_ip string (IP address) Valid only if the rule is IPv4 mode (IsIPv6_bool == false). Specify a destination IPv4 subnet mask as a rule condition. "0.0.0.0" means all hosts. "255.255.255.255" means one single host.
SrcIpAddress6_bin string (Base64 binary) Valid only if the rule is IPv6 mode (IsIPv6_bool == true). Specify a source IPv6 address as a rule condition. The field must be a byte array of 16 bytes (128 bits) to contain the IPv6 address in binary form. You must also specify the SrcSubnetMask6_bin field.
SrcSubnetMask6_bin string (Base64 binary) Valid only if the rule is IPv6 mode (IsIPv6_bool == true). Specify a source IPv6 subnet mask as a rule condition. The field must be a byte array of 16 bytes (128 bits) to contain the IPv6 subnet mask in binary form.
DestIpAddress6_bin string (Base64 binary) Valid only if the rule is IPv6 mode (IsIPv6_bool == true). Specify a destination IPv6 address as a rule condition. The field must be a byte array of 16 bytes (128 bits) to contain the IPv6 address in binary form. You must also specify the DestSubnetMask6_bin field.
DestSubnetMask6_bin string (Base64 binary) Valid only if the rule is IPv6 mode (IsIPv6_bool == true). Specify a destination IPv6 subnet mask as a rule condition. The field must be a byte array of 16 bytes (128 bits) to contain the IPv6 subnet mask in binary form.
Protocol_u32 number (enum) The IP protocol number
Values:
1: ICMP for IPv4
6: TCP
17: UDP
58: ICMP for IPv6
SrcPortStart_u32 number (uint32) The Start Value of the Source Port Number Range. If the specified protocol is TCP/IP or UDP/IP, specify the source port number as the rule condition. Protocols other than this will be ignored. When this parameter is not specified, the rules will apply to all port numbers.
SrcPortEnd_u32 number (uint32) The End Value of the Source Port Number Range. If the specified protocol is TCP/IP or UDP/IP, specify the source port number as the rule condition. Protocols other than this will be ignored. When this parameter is not specified, the rules will apply to all port numbers.
DestPortStart_u32 number (uint32) The Start Value of the Destination Port Number Range. If the specified protocol is TCP/IP or UDP/IP, specify the destination port number as the rule condition. Protocols other than this will be ignored. When this parameter is not specified, the rules will apply to all port numbers.
DestPortEnd_u32 number (uint32) The End Value of the Destination Port Number Range. If the specified protocol is TCP/IP or UDP/IP, specify the destination port number as the rule condition. Protocols other than this will be ignored. When this parameter is not specified, the rules will apply to all port numbers.
SrcUsername_str string (ASCII) Source user name. You can apply this rule to only the packets sent by a user session of a user name that has been specified as a rule condition. In this case, specify the user name.
DestUsername_str string (ASCII) Destination user name. You can apply this rule to only the packets received by a user session of a user name that has been specified as a rule condition. In this case, specify the user name.
CheckSrcMac_bool boolean Specify true if you want to check the source MAC address.
SrcMacAddress_bin string (Base64 binary) Source MAC address (6 bytes), valid only if CheckSrcMac_bool == true.
SrcMacMask_bin string (Base64 binary) Source MAC address mask (6 bytes), valid only if CheckSrcMac_bool == true.
CheckDstMac_bool boolean Specify true if you want to check the destination MAC address.
DstMacAddress_bin string (Base64 binary) Destination MAC address (6 bytes), valid only if CheckSrcMac_bool == true.
DstMacMask_bin string (Base64 binary) Destination MAC address mask (6 bytes), valid only if CheckSrcMac_bool == true.
CheckTcpState_bool boolean Specify true if you want to check the state of the TCP connection.
Established_bool boolean Valid only if CheckTcpState_bool == true. Set this field true to match only TCP-established packets. Set this field false to match only TCP-non established packets.
Delay_u32 number (uint32) Set this value to generate delays when packets is passing. Specify the delay period in milliseconds. Specify 0 means no delays to generate. The delays must be 10000 milliseconds at most.
Jitter_u32 number (uint32) Set this value to generate jitters when packets is passing. Specify the ratio of fluctuation of jitters within 0% to 100% range. Specify 0 means no jitters to generate.
Loss_u32 number (uint32) Set this value to generate packet losses when packets is passing. Specify the ratio of packet losses within 0% to 100% range. Specify 0 means no packet losses to generate.
RedirectUrl_str string (ASCII) The specified URL will be mandatory replied to the client as a response for TCP connecting request packets which matches the conditions of this access list entry via this Virtual Hub. To use this setting, you can enforce the web browser of the VPN Client computer to show the specified web site when that web browser tries to access the specific IP address.

"DeleteAccess" RPC API - Delete Rule from Access List

Description

Delete Rule from Access List. Use this to specify a packet filter rule registered on the access list of the currently managed Virtual Hub and delete it. To delete a rule, you must specify that rule's ID. You can display the ID by using the EnumAccess API. If you wish not to delete the rule but to only temporarily disable it, use the SetAccessList API to set the rule status to disable. This API cannot be invoked on VPN Bridge. You cannot execute this API for Virtual Hubs of VPN Servers operating as a member server on a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "DeleteAccess",
  "params": {
    "HubName_str": "hubname",
    "Id_u32": 0
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "Id_u32": 0
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
Id_u32 number (uint32) ID

"EnumAccess" RPC API - Get Access List Rule List

Description

Get Access List Rule List. Use this to get a list of packet filter rules that are registered on access list of the currently managed Virtual Hub. The access list is a set of packet file rules that are applied to packets that flow through the Virtual Hub. You can register multiple rules in an access list and you can also define a priority for each rule. All packets are checked for the conditions specified by the rules registered in the access list and based on the operation that is stipulated by the first matching rule, they either pass or are discarded. Packets that do not match any rule are implicitly allowed to pass. This API cannot be invoked on VPN Bridge. You cannot execute this API for Virtual Hubs of VPN Servers operating as a member server on a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "EnumAccess",
  "params": {
    "HubName_str": "hubname"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "AccessList": [
      {
        "Id_u32": 0,
        "Note_utf": "note",
        "Active_bool": false,
        "Priority_u32": 0,
        "Discard_bool": false,
        "IsIPv6_bool": false,
        "SrcIpAddress_ip": "192.168.0.1",
        "SrcSubnetMask_ip": "255.255.255.255",
        "DestIpAddress_ip": "192.168.0.1",
        "DestSubnetMask_ip": "255.255.255.255",
        "SrcIpAddress6_bin": "SGVsbG8gV29ybGQ=",
        "SrcSubnetMask6_bin": "SGVsbG8gV29ybGQ=",
        "DestIpAddress6_bin": "SGVsbG8gV29ybGQ=",
        "DestSubnetMask6_bin": "SGVsbG8gV29ybGQ=",
        "Protocol_u32": 0,
        "SrcPortStart_u32": 0,
        "SrcPortEnd_u32": 0,
        "DestPortStart_u32": 0,
        "DestPortEnd_u32": 0,
        "SrcUsername_str": "srcusername",
        "DestUsername_str": "destusername",
        "CheckSrcMac_bool": false,
        "SrcMacAddress_bin": "SGVsbG8gV29ybGQ=",
        "SrcMacMask_bin": "SGVsbG8gV29ybGQ=",
        "CheckDstMac_bool": false,
        "DstMacAddress_bin": "SGVsbG8gV29ybGQ=",
        "DstMacMask_bin": "SGVsbG8gV29ybGQ=",
        "CheckTcpState_bool": false,
        "Established_bool": false,
        "Delay_u32": 0,
        "Jitter_u32": 0,
        "Loss_u32": 0,
        "RedirectUrl_str": "redirecturl"
      },
      {
        "Id_u32": 0,
        "Note_utf": "note",
        "Active_bool": false,
        "Priority_u32": 0,
        "Discard_bool": false,
        "IsIPv6_bool": false,
        "SrcIpAddress_ip": "192.168.0.1",
        "SrcSubnetMask_ip": "255.255.255.255",
        "DestIpAddress_ip": "192.168.0.1",
        "DestSubnetMask_ip": "255.255.255.255",
        "SrcIpAddress6_bin": "SGVsbG8gV29ybGQ=",
        "SrcSubnetMask6_bin": "SGVsbG8gV29ybGQ=",
        "DestIpAddress6_bin": "SGVsbG8gV29ybGQ=",
        "DestSubnetMask6_bin": "SGVsbG8gV29ybGQ=",
        "Protocol_u32": 0,
        "SrcPortStart_u32": 0,
        "SrcPortEnd_u32": 0,
        "DestPortStart_u32": 0,
        "DestPortEnd_u32": 0,
        "SrcUsername_str": "srcusername",
        "DestUsername_str": "destusername",
        "CheckSrcMac_bool": false,
        "SrcMacAddress_bin": "SGVsbG8gV29ybGQ=",
        "SrcMacMask_bin": "SGVsbG8gV29ybGQ=",
        "CheckDstMac_bool": false,
        "DstMacAddress_bin": "SGVsbG8gV29ybGQ=",
        "DstMacMask_bin": "SGVsbG8gV29ybGQ=",
        "CheckTcpState_bool": false,
        "Established_bool": false,
        "Delay_u32": 0,
        "Jitter_u32": 0,
        "Loss_u32": 0,
        "RedirectUrl_str": "redirecturl"
      },
      {
        "Id_u32": 0,
        "Note_utf": "note",
        "Active_bool": false,
        "Priority_u32": 0,
        "Discard_bool": false,
        "IsIPv6_bool": false,
        "SrcIpAddress_ip": "192.168.0.1",
        "SrcSubnetMask_ip": "255.255.255.255",
        "DestIpAddress_ip": "192.168.0.1",
        "DestSubnetMask_ip": "255.255.255.255",
        "SrcIpAddress6_bin": "SGVsbG8gV29ybGQ=",
        "SrcSubnetMask6_bin": "SGVsbG8gV29ybGQ=",
        "DestIpAddress6_bin": "SGVsbG8gV29ybGQ=",
        "DestSubnetMask6_bin": "SGVsbG8gV29ybGQ=",
        "Protocol_u32": 0,
        "SrcPortStart_u32": 0,
        "SrcPortEnd_u32": 0,
        "DestPortStart_u32": 0,
        "DestPortEnd_u32": 0,
        "SrcUsername_str": "srcusername",
        "DestUsername_str": "destusername",
        "CheckSrcMac_bool": false,
        "SrcMacAddress_bin": "SGVsbG8gV29ybGQ=",
        "SrcMacMask_bin": "SGVsbG8gV29ybGQ=",
        "CheckDstMac_bool": false,
        "DstMacAddress_bin": "SGVsbG8gV29ybGQ=",
        "DstMacMask_bin": "SGVsbG8gV29ybGQ=",
        "CheckTcpState_bool": false,
        "Established_bool": false,
        "Delay_u32": 0,
        "Jitter_u32": 0,
        "Loss_u32": 0,
        "RedirectUrl_str": "redirecturl"
      }
    ]
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
AccessList Array object Access list
Id_u32 number (uint32) ID
Note_utf string (UTF8) Specify a description (note) for this rule
Active_bool boolean Enabled flag (true: enabled, false: disabled)
Priority_u32 number (uint32) Specify an integer of 1 or higher to indicate the priority of the rule. Higher priority is given to rules with the lower priority values.
Discard_bool boolean The flag if the rule is DISCARD operation or PASS operation. When a packet matches this rule condition, this operation is decided. When the operation of the rule is PASS, the packet is allowed to pass, otherwise the packet will be discarded.
IsIPv6_bool boolean The flag if the rule is for IPv6. Specify false for IPv4, or specify true for IPv6.
SrcIpAddress_ip string (IP address) Valid only if the rule is IPv4 mode (IsIPv6_bool == false). Specify a source IPv4 address as a rule condition. You must also specify the SrcSubnetMask_ip field.
SrcSubnetMask_ip string (IP address) Valid only if the rule is IPv4 mode (IsIPv6_bool == false). Specify a source IPv4 subnet mask as a rule condition. "0.0.0.0" means all hosts. "255.255.255.255" means one single host.
DestIpAddress_ip string (IP address) Valid only if the rule is IPv4 mode (IsIPv6_bool == false). Specify a destination IPv4 address as a rule condition. You must also specify the DestSubnetMask_ip field.
DestSubnetMask_ip string (IP address) Valid only if the rule is IPv4 mode (IsIPv6_bool == false). Specify a destination IPv4 subnet mask as a rule condition. "0.0.0.0" means all hosts. "255.255.255.255" means one single host.
SrcIpAddress6_bin string (Base64 binary) Valid only if the rule is IPv6 mode (IsIPv6_bool == true). Specify a source IPv6 address as a rule condition. The field must be a byte array of 16 bytes (128 bits) to contain the IPv6 address in binary form. You must also specify the SrcSubnetMask6_bin field.
SrcSubnetMask6_bin string (Base64 binary) Valid only if the rule is IPv6 mode (IsIPv6_bool == true). Specify a source IPv6 subnet mask as a rule condition. The field must be a byte array of 16 bytes (128 bits) to contain the IPv6 subnet mask in binary form.
DestIpAddress6_bin string (Base64 binary) Valid only if the rule is IPv6 mode (IsIPv6_bool == true). Specify a destination IPv6 address as a rule condition. The field must be a byte array of 16 bytes (128 bits) to contain the IPv6 address in binary form. You must also specify the DestSubnetMask6_bin field.
DestSubnetMask6_bin string (Base64 binary) Valid only if the rule is IPv6 mode (IsIPv6_bool == true). Specify a destination IPv6 subnet mask as a rule condition. The field must be a byte array of 16 bytes (128 bits) to contain the IPv6 subnet mask in binary form.
Protocol_u32 number (enum) The IP protocol number
Values:
1: ICMP for IPv4
6: TCP
17: UDP
58: ICMP for IPv6
SrcPortStart_u32 number (uint32) The Start Value of the Source Port Number Range. If the specified protocol is TCP/IP or UDP/IP, specify the source port number as the rule condition. Protocols other than this will be ignored. When this parameter is not specified, the rules will apply to all port numbers.
SrcPortEnd_u32 number (uint32) The End Value of the Source Port Number Range. If the specified protocol is TCP/IP or UDP/IP, specify the source port number as the rule condition. Protocols other than this will be ignored. When this parameter is not specified, the rules will apply to all port numbers.
DestPortStart_u32 number (uint32) The Start Value of the Destination Port Number Range. If the specified protocol is TCP/IP or UDP/IP, specify the destination port number as the rule condition. Protocols other than this will be ignored. When this parameter is not specified, the rules will apply to all port numbers.
DestPortEnd_u32 number (uint32) The End Value of the Destination Port Number Range. If the specified protocol is TCP/IP or UDP/IP, specify the destination port number as the rule condition. Protocols other than this will be ignored. When this parameter is not specified, the rules will apply to all port numbers.
SrcUsername_str string (ASCII) Source user name. You can apply this rule to only the packets sent by a user session of a user name that has been specified as a rule condition. In this case, specify the user name.
DestUsername_str string (ASCII) Destination user name. You can apply this rule to only the packets received by a user session of a user name that has been specified as a rule condition. In this case, specify the user name.
CheckSrcMac_bool boolean Specify true if you want to check the source MAC address.
SrcMacAddress_bin string (Base64 binary) Source MAC address (6 bytes), valid only if CheckSrcMac_bool == true.
SrcMacMask_bin string (Base64 binary) Source MAC address mask (6 bytes), valid only if CheckSrcMac_bool == true.
CheckDstMac_bool boolean Specify true if you want to check the destination MAC address.
DstMacAddress_bin string (Base64 binary) Destination MAC address (6 bytes), valid only if CheckSrcMac_bool == true.
DstMacMask_bin string (Base64 binary) Destination MAC address mask (6 bytes), valid only if CheckSrcMac_bool == true.
CheckTcpState_bool boolean Specify true if you want to check the state of the TCP connection.
Established_bool boolean Valid only if CheckTcpState_bool == true. Set this field true to match only TCP-established packets. Set this field false to match only TCP-non established packets.
Delay_u32 number (uint32) Set this value to generate delays when packets is passing. Specify the delay period in milliseconds. Specify 0 means no delays to generate. The delays must be 10000 milliseconds at most.
Jitter_u32 number (uint32) Set this value to generate jitters when packets is passing. Specify the ratio of fluctuation of jitters within 0% to 100% range. Specify 0 means no jitters to generate.
Loss_u32 number (uint32) Set this value to generate packet losses when packets is passing. Specify the ratio of packet losses within 0% to 100% range. Specify 0 means no packet losses to generate.
RedirectUrl_str string (ASCII) The specified URL will be mandatory replied to the client as a response for TCP connecting request packets which matches the conditions of this access list entry via this Virtual Hub. To use this setting, you can enforce the web browser of the VPN Client computer to show the specified web site when that web browser tries to access the specific IP address.

"SetAccessList" RPC API - Replace all access lists on a single bulk API call

Description

Replace all access lists on a single bulk API call. This API removes all existing access list rules on the Virtual Hub, and replace them by new access list rules specified by the parameter.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "SetAccessList",
  "params": {
    "HubName_str": "hubname",
    "AccessList": [
      {
        "Id_u32": 0,
        "Note_utf": "note",
        "Active_bool": false,
        "Priority_u32": 0,
        "Discard_bool": false,
        "IsIPv6_bool": false,
        "SrcIpAddress_ip": "192.168.0.1",
        "SrcSubnetMask_ip": "255.255.255.255",
        "DestIpAddress_ip": "192.168.0.1",
        "DestSubnetMask_ip": "255.255.255.255",
        "SrcIpAddress6_bin": "SGVsbG8gV29ybGQ=",
        "SrcSubnetMask6_bin": "SGVsbG8gV29ybGQ=",
        "DestIpAddress6_bin": "SGVsbG8gV29ybGQ=",
        "DestSubnetMask6_bin": "SGVsbG8gV29ybGQ=",
        "Protocol_u32": 0,
        "SrcPortStart_u32": 0,
        "SrcPortEnd_u32": 0,
        "DestPortStart_u32": 0,
        "DestPortEnd_u32": 0,
        "SrcUsername_str": "srcusername",
        "DestUsername_str": "destusername",
        "CheckSrcMac_bool": false,
        "SrcMacAddress_bin": "SGVsbG8gV29ybGQ=",
        "SrcMacMask_bin": "SGVsbG8gV29ybGQ=",
        "CheckDstMac_bool": false,
        "DstMacAddress_bin": "SGVsbG8gV29ybGQ=",
        "DstMacMask_bin": "SGVsbG8gV29ybGQ=",
        "CheckTcpState_bool": false,
        "Established_bool": false,
        "Delay_u32": 0,
        "Jitter_u32": 0,
        "Loss_u32": 0,
        "RedirectUrl_str": "redirecturl"
      },
      {
        "Id_u32": 0,
        "Note_utf": "note",
        "Active_bool": false,
        "Priority_u32": 0,
        "Discard_bool": false,
        "IsIPv6_bool": false,
        "SrcIpAddress_ip": "192.168.0.1",
        "SrcSubnetMask_ip": "255.255.255.255",
        "DestIpAddress_ip": "192.168.0.1",
        "DestSubnetMask_ip": "255.255.255.255",
        "SrcIpAddress6_bin": "SGVsbG8gV29ybGQ=",
        "SrcSubnetMask6_bin": "SGVsbG8gV29ybGQ=",
        "DestIpAddress6_bin": "SGVsbG8gV29ybGQ=",
        "DestSubnetMask6_bin": "SGVsbG8gV29ybGQ=",
        "Protocol_u32": 0,
        "SrcPortStart_u32": 0,
        "SrcPortEnd_u32": 0,
        "DestPortStart_u32": 0,
        "DestPortEnd_u32": 0,
        "SrcUsername_str": "srcusername",
        "DestUsername_str": "destusername",
        "CheckSrcMac_bool": false,
        "SrcMacAddress_bin": "SGVsbG8gV29ybGQ=",
        "SrcMacMask_bin": "SGVsbG8gV29ybGQ=",
        "CheckDstMac_bool": false,
        "DstMacAddress_bin": "SGVsbG8gV29ybGQ=",
        "DstMacMask_bin": "SGVsbG8gV29ybGQ=",
        "CheckTcpState_bool": false,
        "Established_bool": false,
        "Delay_u32": 0,
        "Jitter_u32": 0,
        "Loss_u32": 0,
        "RedirectUrl_str": "redirecturl"
      },
      {
        "Id_u32": 0,
        "Note_utf": "note",
        "Active_bool": false,
        "Priority_u32": 0,
        "Discard_bool": false,
        "IsIPv6_bool": false,
        "SrcIpAddress_ip": "192.168.0.1",
        "SrcSubnetMask_ip": "255.255.255.255",
        "DestIpAddress_ip": "192.168.0.1",
        "DestSubnetMask_ip": "255.255.255.255",
        "SrcIpAddress6_bin": "SGVsbG8gV29ybGQ=",
        "SrcSubnetMask6_bin": "SGVsbG8gV29ybGQ=",
        "DestIpAddress6_bin": "SGVsbG8gV29ybGQ=",
        "DestSubnetMask6_bin": "SGVsbG8gV29ybGQ=",
        "Protocol_u32": 0,
        "SrcPortStart_u32": 0,
        "SrcPortEnd_u32": 0,
        "DestPortStart_u32": 0,
        "DestPortEnd_u32": 0,
        "SrcUsername_str": "srcusername",
        "DestUsername_str": "destusername",
        "CheckSrcMac_bool": false,
        "SrcMacAddress_bin": "SGVsbG8gV29ybGQ=",
        "SrcMacMask_bin": "SGVsbG8gV29ybGQ=",
        "CheckDstMac_bool": false,
        "DstMacAddress_bin": "SGVsbG8gV29ybGQ=",
        "DstMacMask_bin": "SGVsbG8gV29ybGQ=",
        "CheckTcpState_bool": false,
        "Established_bool": false,
        "Delay_u32": 0,
        "Jitter_u32": 0,
        "Loss_u32": 0,
        "RedirectUrl_str": "redirecturl"
      }
    ]
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "AccessList": [
      {
        "Id_u32": 0,
        "Note_utf": "note",
        "Active_bool": false,
        "Priority_u32": 0,
        "Discard_bool": false,
        "IsIPv6_bool": false,
        "SrcIpAddress_ip": "192.168.0.1",
        "SrcSubnetMask_ip": "255.255.255.255",
        "DestIpAddress_ip": "192.168.0.1",
        "DestSubnetMask_ip": "255.255.255.255",
        "SrcIpAddress6_bin": "SGVsbG8gV29ybGQ=",
        "SrcSubnetMask6_bin": "SGVsbG8gV29ybGQ=",
        "DestIpAddress6_bin": "SGVsbG8gV29ybGQ=",
        "DestSubnetMask6_bin": "SGVsbG8gV29ybGQ=",
        "Protocol_u32": 0,
        "SrcPortStart_u32": 0,
        "SrcPortEnd_u32": 0,
        "DestPortStart_u32": 0,
        "DestPortEnd_u32": 0,
        "SrcUsername_str": "srcusername",
        "DestUsername_str": "destusername",
        "CheckSrcMac_bool": false,
        "SrcMacAddress_bin": "SGVsbG8gV29ybGQ=",
        "SrcMacMask_bin": "SGVsbG8gV29ybGQ=",
        "CheckDstMac_bool": false,
        "DstMacAddress_bin": "SGVsbG8gV29ybGQ=",
        "DstMacMask_bin": "SGVsbG8gV29ybGQ=",
        "CheckTcpState_bool": false,
        "Established_bool": false,
        "Delay_u32": 0,
        "Jitter_u32": 0,
        "Loss_u32": 0,
        "RedirectUrl_str": "redirecturl"
      },
      {
        "Id_u32": 0,
        "Note_utf": "note",
        "Active_bool": false,
        "Priority_u32": 0,
        "Discard_bool": false,
        "IsIPv6_bool": false,
        "SrcIpAddress_ip": "192.168.0.1",
        "SrcSubnetMask_ip": "255.255.255.255",
        "DestIpAddress_ip": "192.168.0.1",
        "DestSubnetMask_ip": "255.255.255.255",
        "SrcIpAddress6_bin": "SGVsbG8gV29ybGQ=",
        "SrcSubnetMask6_bin": "SGVsbG8gV29ybGQ=",
        "DestIpAddress6_bin": "SGVsbG8gV29ybGQ=",
        "DestSubnetMask6_bin": "SGVsbG8gV29ybGQ=",
        "Protocol_u32": 0,
        "SrcPortStart_u32": 0,
        "SrcPortEnd_u32": 0,
        "DestPortStart_u32": 0,
        "DestPortEnd_u32": 0,
        "SrcUsername_str": "srcusername",
        "DestUsername_str": "destusername",
        "CheckSrcMac_bool": false,
        "SrcMacAddress_bin": "SGVsbG8gV29ybGQ=",
        "SrcMacMask_bin": "SGVsbG8gV29ybGQ=",
        "CheckDstMac_bool": false,
        "DstMacAddress_bin": "SGVsbG8gV29ybGQ=",
        "DstMacMask_bin": "SGVsbG8gV29ybGQ=",
        "CheckTcpState_bool": false,
        "Established_bool": false,
        "Delay_u32": 0,
        "Jitter_u32": 0,
        "Loss_u32": 0,
        "RedirectUrl_str": "redirecturl"
      },
      {
        "Id_u32": 0,
        "Note_utf": "note",
        "Active_bool": false,
        "Priority_u32": 0,
        "Discard_bool": false,
        "IsIPv6_bool": false,
        "SrcIpAddress_ip": "192.168.0.1",
        "SrcSubnetMask_ip": "255.255.255.255",
        "DestIpAddress_ip": "192.168.0.1",
        "DestSubnetMask_ip": "255.255.255.255",
        "SrcIpAddress6_bin": "SGVsbG8gV29ybGQ=",
        "SrcSubnetMask6_bin": "SGVsbG8gV29ybGQ=",
        "DestIpAddress6_bin": "SGVsbG8gV29ybGQ=",
        "DestSubnetMask6_bin": "SGVsbG8gV29ybGQ=",
        "Protocol_u32": 0,
        "SrcPortStart_u32": 0,
        "SrcPortEnd_u32": 0,
        "DestPortStart_u32": 0,
        "DestPortEnd_u32": 0,
        "SrcUsername_str": "srcusername",
        "DestUsername_str": "destusername",
        "CheckSrcMac_bool": false,
        "SrcMacAddress_bin": "SGVsbG8gV29ybGQ=",
        "SrcMacMask_bin": "SGVsbG8gV29ybGQ=",
        "CheckDstMac_bool": false,
        "DstMacAddress_bin": "SGVsbG8gV29ybGQ=",
        "DstMacMask_bin": "SGVsbG8gV29ybGQ=",
        "CheckTcpState_bool": false,
        "Established_bool": false,
        "Delay_u32": 0,
        "Jitter_u32": 0,
        "Loss_u32": 0,
        "RedirectUrl_str": "redirecturl"
      }
    ]
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
AccessList Array object Access list
Id_u32 number (uint32) ID
Note_utf string (UTF8) Specify a description (note) for this rule
Active_bool boolean Enabled flag (true: enabled, false: disabled)
Priority_u32 number (uint32) Specify an integer of 1 or higher to indicate the priority of the rule. Higher priority is given to rules with the lower priority values.
Discard_bool boolean The flag if the rule is DISCARD operation or PASS operation. When a packet matches this rule condition, this operation is decided. When the operation of the rule is PASS, the packet is allowed to pass, otherwise the packet will be discarded.
IsIPv6_bool boolean The flag if the rule is for IPv6. Specify false for IPv4, or specify true for IPv6.
SrcIpAddress_ip string (IP address) Valid only if the rule is IPv4 mode (IsIPv6_bool == false). Specify a source IPv4 address as a rule condition. You must also specify the SrcSubnetMask_ip field.
SrcSubnetMask_ip string (IP address) Valid only if the rule is IPv4 mode (IsIPv6_bool == false). Specify a source IPv4 subnet mask as a rule condition. "0.0.0.0" means all hosts. "255.255.255.255" means one single host.
DestIpAddress_ip string (IP address) Valid only if the rule is IPv4 mode (IsIPv6_bool == false). Specify a destination IPv4 address as a rule condition. You must also specify the DestSubnetMask_ip field.
DestSubnetMask_ip string (IP address) Valid only if the rule is IPv4 mode (IsIPv6_bool == false). Specify a destination IPv4 subnet mask as a rule condition. "0.0.0.0" means all hosts. "255.255.255.255" means one single host.
SrcIpAddress6_bin string (Base64 binary) Valid only if the rule is IPv6 mode (IsIPv6_bool == true). Specify a source IPv6 address as a rule condition. The field must be a byte array of 16 bytes (128 bits) to contain the IPv6 address in binary form. You must also specify the SrcSubnetMask6_bin field.
SrcSubnetMask6_bin string (Base64 binary) Valid only if the rule is IPv6 mode (IsIPv6_bool == true). Specify a source IPv6 subnet mask as a rule condition. The field must be a byte array of 16 bytes (128 bits) to contain the IPv6 subnet mask in binary form.
DestIpAddress6_bin string (Base64 binary) Valid only if the rule is IPv6 mode (IsIPv6_bool == true). Specify a destination IPv6 address as a rule condition. The field must be a byte array of 16 bytes (128 bits) to contain the IPv6 address in binary form. You must also specify the DestSubnetMask6_bin field.
DestSubnetMask6_bin string (Base64 binary) Valid only if the rule is IPv6 mode (IsIPv6_bool == true). Specify a destination IPv6 subnet mask as a rule condition. The field must be a byte array of 16 bytes (128 bits) to contain the IPv6 subnet mask in binary form.
Protocol_u32 number (enum) The IP protocol number
Values:
1: ICMP for IPv4
6: TCP
17: UDP
58: ICMP for IPv6
SrcPortStart_u32 number (uint32) The Start Value of the Source Port Number Range. If the specified protocol is TCP/IP or UDP/IP, specify the source port number as the rule condition. Protocols other than this will be ignored. When this parameter is not specified, the rules will apply to all port numbers.
SrcPortEnd_u32 number (uint32) The End Value of the Source Port Number Range. If the specified protocol is TCP/IP or UDP/IP, specify the source port number as the rule condition. Protocols other than this will be ignored. When this parameter is not specified, the rules will apply to all port numbers.
DestPortStart_u32 number (uint32) The Start Value of the Destination Port Number Range. If the specified protocol is TCP/IP or UDP/IP, specify the destination port number as the rule condition. Protocols other than this will be ignored. When this parameter is not specified, the rules will apply to all port numbers.
DestPortEnd_u32 number (uint32) The End Value of the Destination Port Number Range. If the specified protocol is TCP/IP or UDP/IP, specify the destination port number as the rule condition. Protocols other than this will be ignored. When this parameter is not specified, the rules will apply to all port numbers.
SrcUsername_str string (ASCII) Source user name. You can apply this rule to only the packets sent by a user session of a user name that has been specified as a rule condition. In this case, specify the user name.
DestUsername_str string (ASCII) Destination user name. You can apply this rule to only the packets received by a user session of a user name that has been specified as a rule condition. In this case, specify the user name.
CheckSrcMac_bool boolean Specify true if you want to check the source MAC address.
SrcMacAddress_bin string (Base64 binary) Source MAC address (6 bytes), valid only if CheckSrcMac_bool == true.
SrcMacMask_bin string (Base64 binary) Source MAC address mask (6 bytes), valid only if CheckSrcMac_bool == true.
CheckDstMac_bool boolean Specify true if you want to check the destination MAC address.
DstMacAddress_bin string (Base64 binary) Destination MAC address (6 bytes), valid only if CheckSrcMac_bool == true.
DstMacMask_bin string (Base64 binary) Destination MAC address mask (6 bytes), valid only if CheckSrcMac_bool == true.
CheckTcpState_bool boolean Specify true if you want to check the state of the TCP connection.
Established_bool boolean Valid only if CheckTcpState_bool == true. Set this field true to match only TCP-established packets. Set this field false to match only TCP-non established packets.
Delay_u32 number (uint32) Set this value to generate delays when packets is passing. Specify the delay period in milliseconds. Specify 0 means no delays to generate. The delays must be 10000 milliseconds at most.
Jitter_u32 number (uint32) Set this value to generate jitters when packets is passing. Specify the ratio of fluctuation of jitters within 0% to 100% range. Specify 0 means no jitters to generate.
Loss_u32 number (uint32) Set this value to generate packet losses when packets is passing. Specify the ratio of packet losses within 0% to 100% range. Specify 0 means no packet losses to generate.
RedirectUrl_str string (ASCII) The specified URL will be mandatory replied to the client as a response for TCP connecting request packets which matches the conditions of this access list entry via this Virtual Hub. To use this setting, you can enforce the web browser of the VPN Client computer to show the specified web site when that web browser tries to access the specific IP address.

"CreateUser" RPC API - Create a user

Description

Create a user. Use this to create a new user in the security account database of the currently managed Virtual Hub. By creating a user, the VPN Client can connect to the Virtual Hub by using the authentication information of that user. Note that a user whose user name has been created as "" (a single asterisk character) will automatically be registered as a RADIUS authentication user. For cases where there are users with "" as the name, when a user, whose user name that has been provided when a client connected to a VPN Server does not match existing user names, is able to be authenticated by a RADIUS server or NT domain controller by inputting a user name and password, the authentication settings and security policy settings will follow the setting for the user "*". To change the user information of a user that has been created, use the SetUser API. This API cannot be invoked on VPN Bridge. You cannot execute this API for Virtual Hubs of VPN Servers operating as a member server on a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "CreateUser",
  "params": {
    "HubName_str": "hubname",
    "Name_str": "name",
    "Realname_utf": "realname",
    "Note_utf": "note",
    "ExpireTime_dt": "2020-08-01T12:24:36.123",
    "AuthType_u32": 0,
    "Auth_Password_str": "auth_password",
    "UserX_bin": "SGVsbG8gV29ybGQ=",
    "Serial_bin": "SGVsbG8gV29ybGQ=",
    "CommonName_utf": "auth_rootcert_commonname",
    "RadiusUsername_utf": "auth_radius_radiususername",
    "NtUsername_utf": "auth_nt_ntusername",
    "UsePolicy_bool": false,
    "policy:Access_bool": false,
    "policy:DHCPFilter_bool": false,
    "policy:DHCPNoServer_bool": false,
    "policy:DHCPForce_bool": false,
    "policy:NoBridge_bool": false,
    "policy:NoRouting_bool": false,
    "policy:CheckMac_bool": false,
    "policy:CheckIP_bool": false,
    "policy:ArpDhcpOnly_bool": false,
    "policy:PrivacyFilter_bool": false,
    "policy:NoServer_bool": false,
    "policy:NoBroadcastLimiter_bool": false,
    "policy:MonitorPort_bool": false,
    "policy:MaxConnection_u32": 0,
    "policy:TimeOut_u32": 0,
    "policy:MaxMac_u32": 0,
    "policy:MaxIP_u32": 0,
    "policy:MaxUpload_u32": 0,
    "policy:MaxDownload_u32": 0,
    "policy:FixPassword_bool": false,
    "policy:MultiLogins_u32": 0,
    "policy:NoQoS_bool": false,
    "policy:RSandRAFilter_bool": false,
    "policy:RAFilter_bool": false,
    "policy:DHCPv6Filter_bool": false,
    "policy:DHCPv6NoServer_bool": false,
    "policy:NoRoutingV6_bool": false,
    "policy:CheckIPv6_bool": false,
    "policy:NoServerV6_bool": false,
    "policy:MaxIPv6_u32": 0,
    "policy:NoSavePassword_bool": false,
    "policy:AutoDisconnect_u32": 0,
    "policy:FilterIPv4_bool": false,
    "policy:FilterIPv6_bool": false,
    "policy:FilterNonIP_bool": false,
    "policy:NoIPv6DefaultRouterInRA_bool": false,
    "policy:NoIPv6DefaultRouterInRAWhenIPv6_bool": false,
    "policy:VLanId_u32": 0,
    "policy:Ver3_bool": false
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "Name_str": "name",
    "GroupName_str": "groupname",
    "Realname_utf": "realname",
    "Note_utf": "note",
    "CreatedTime_dt": "2020-08-01T12:24:36.123",
    "UpdatedTime_dt": "2020-08-01T12:24:36.123",
    "ExpireTime_dt": "2020-08-01T12:24:36.123",
    "AuthType_u32": 0,
    "Auth_Password_str": "auth_password",
    "UserX_bin": "SGVsbG8gV29ybGQ=",
    "Serial_bin": "SGVsbG8gV29ybGQ=",
    "CommonName_utf": "auth_rootcert_commonname",
    "RadiusUsername_utf": "auth_radius_radiususername",
    "NtUsername_utf": "auth_nt_ntusername",
    "NumLogin_u32": 0,
    "Recv.BroadcastBytes_u64": 0,
    "Recv.BroadcastCount_u64": 0,
    "Recv.UnicastBytes_u64": 0,
    "Recv.UnicastCount_u64": 0,
    "Send.BroadcastBytes_u64": 0,
    "Send.BroadcastCount_u64": 0,
    "Send.UnicastBytes_u64": 0,
    "Send.UnicastCount_u64": 0,
    "UsePolicy_bool": false,
    "policy:Access_bool": false,
    "policy:DHCPFilter_bool": false,
    "policy:DHCPNoServer_bool": false,
    "policy:DHCPForce_bool": false,
    "policy:NoBridge_bool": false,
    "policy:NoRouting_bool": false,
    "policy:CheckMac_bool": false,
    "policy:CheckIP_bool": false,
    "policy:ArpDhcpOnly_bool": false,
    "policy:PrivacyFilter_bool": false,
    "policy:NoServer_bool": false,
    "policy:NoBroadcastLimiter_bool": false,
    "policy:MonitorPort_bool": false,
    "policy:MaxConnection_u32": 0,
    "policy:TimeOut_u32": 0,
    "policy:MaxMac_u32": 0,
    "policy:MaxIP_u32": 0,
    "policy:MaxUpload_u32": 0,
    "policy:MaxDownload_u32": 0,
    "policy:FixPassword_bool": false,
    "policy:MultiLogins_u32": 0,
    "policy:NoQoS_bool": false,
    "policy:RSandRAFilter_bool": false,
    "policy:RAFilter_bool": false,
    "policy:DHCPv6Filter_bool": false,
    "policy:DHCPv6NoServer_bool": false,
    "policy:NoRoutingV6_bool": false,
    "policy:CheckIPv6_bool": false,
    "policy:NoServerV6_bool": false,
    "policy:MaxIPv6_u32": 0,
    "policy:NoSavePassword_bool": false,
    "policy:AutoDisconnect_u32": 0,
    "policy:FilterIPv4_bool": false,
    "policy:FilterIPv6_bool": false,
    "policy:FilterNonIP_bool": false,
    "policy:NoIPv6DefaultRouterInRA_bool": false,
    "policy:NoIPv6DefaultRouterInRAWhenIPv6_bool": false,
    "policy:VLanId_u32": 0,
    "policy:Ver3_bool": false
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
Name_str string (ASCII) Specify the user name of the user
GroupName_str string (ASCII) Assigned group name for the user
Realname_utf string (UTF8) Optional real name (full name) of the user, allow using any Unicode characters
Note_utf string (UTF8) Optional User Description
CreatedTime_dt Date Creation date and time
UpdatedTime_dt Date Last modified date and time
ExpireTime_dt Date Expiration date and time
AuthType_u32 number (enum) Authentication method of the user
Values:
0: Anonymous authentication
1: Password authentication
2: User certificate authentication
3: Root certificate which is issued by trusted Certificate Authority
4: Radius authentication
5: Windows NT authentication
Auth_Password_str string (ASCII) User password, valid only if AuthType_u32 == Password(1). Valid only to create or set operations.
UserX_bin string (Base64 binary) User certificate, valid only if AuthType_u32 == UserCert(2).
Serial_bin string (Base64 binary) Certificate Serial Number, optional, valid only if AuthType_u32 == RootCert(3).
CommonName_utf string (UTF8) Certificate Common Name, optional, valid only if AuthType_u32 == RootCert(3).
RadiusUsername_utf string (UTF8) Username in RADIUS server, optional, valid only if AuthType_u32 == Radius(4).
NtUsername_utf string (UTF8) Username in NT Domain server, optional, valid only if AuthType_u32 == NT(5).
NumLogin_u32 number (uint32) Number of total logins of the user
Recv.BroadcastBytes_u64 number (uint64) Number of broadcast packets (Recv)
Recv.BroadcastCount_u64 number (uint64) Broadcast bytes (Recv)
Recv.UnicastBytes_u64 number (uint64) Unicast count (Recv)
Recv.UnicastCount_u64 number (uint64) Unicast bytes (Recv)
Send.BroadcastBytes_u64 number (uint64) Number of broadcast packets (Send)
Send.BroadcastCount_u64 number (uint64) Broadcast bytes (Send)
Send.UnicastBytes_u64 number (uint64) Unicast bytes (Send)
Send.UnicastCount_u64 number (uint64) Unicast bytes (Send)
UsePolicy_bool boolean The flag whether to use security policy
policy:Access_bool boolean Security policy: Allow Access. The users, which this policy value is true, have permission to make VPN connection to VPN Server.
policy:DHCPFilter_bool boolean Security policy: Filter DHCP Packets (IPv4). All IPv4 DHCP packets in sessions defined this policy will be filtered.
policy:DHCPNoServer_bool boolean Security policy: Disallow DHCP Server Operation (IPv4). Computers connected to sessions that have this policy setting will not be allowed to become a DHCP server and distribute IPv4 addresses to DHCP clients.
policy:DHCPForce_bool boolean Security policy: Enforce DHCP Allocated IP Addresses (IPv4). Computers in sessions that have this policy setting will only be able to use IPv4 addresses allocated by a DHCP server on the virtual network side.
policy:NoBridge_bool boolean Security policy: Deny Bridge Operation. Bridge-mode connections are denied for user sessions that have this policy setting. Even in cases when the Ethernet Bridge is configured in the client side, communication will not be possible.
policy:NoRouting_bool boolean Security policy: Deny Routing Operation (IPv4). IPv4 routing will be denied for sessions that have this policy setting. Even in the case where the IP router is operating on the user client side, communication will not be possible.
policy:CheckMac_bool boolean Security policy: Deny MAC Addresses Duplication. The use of duplicating MAC addresses that are in use by computers of different sessions cannot be used by sessions with this policy setting.
policy:CheckIP_bool boolean Security policy: Deny IP Address Duplication (IPv4). The use of duplicating IPv4 addresses that are in use by computers of different sessions cannot be used by sessions with this policy setting.
policy:ArpDhcpOnly_bool boolean Security policy: Deny Non-ARP / Non-DHCP / Non-ICMPv6 broadcasts. The sending or receiving of broadcast packets that are not ARP protocol, DHCP protocol, nor ICMPv6 on the virtual network will not be allowed for sessions with this policy setting.
policy:PrivacyFilter_bool boolean Security policy: Privacy Filter Mode. All direct communication between sessions with the privacy filter mode policy setting will be filtered.
policy:NoServer_bool boolean Security policy: Deny Operation as TCP/IP Server (IPv4). Computers of sessions with this policy setting can't listen and accept TCP/IP connections in IPv4.
policy:NoBroadcastLimiter_bool boolean Security policy: Unlimited Number of Broadcasts. If a computer of a session with this policy setting sends broadcast packets of a number unusually larger than what would be considered normal on the virtual network, there will be no automatic limiting.
policy:MonitorPort_bool boolean Security policy: Allow Monitoring Mode. Users with this policy setting will be granted to connect to the Virtual Hub in Monitoring Mode. Sessions in Monitoring Mode are able to monitor (tap) all packets flowing through the Virtual Hub.
policy:MaxConnection_u32 number (uint32) Security policy: Maximum Number of TCP Connections. For sessions with this policy setting, this sets the maximum number of physical TCP connections consists in a physical VPN session.
policy:TimeOut_u32 number (uint32) Security policy: Time-out Period. For sessions with this policy setting, this sets, in seconds, the time-out period to wait before disconnecting a session when communication trouble occurs between the VPN Client / VPN Server.
policy:MaxMac_u32 number (uint32) Security policy: Maximum Number of MAC Addresses. For sessions with this policy setting, this limits the number of MAC addresses per session.
policy:MaxIP_u32 number (uint32) Security policy: Maximum Number of IP Addresses (IPv4). For sessions with this policy setting, this specifies the number of IPv4 addresses that can be registered for a single session.
policy:MaxUpload_u32 number (uint32) Security policy: Upload Bandwidth. For sessions with this policy setting, this limits the traffic bandwidth that is in the inwards direction from outside to inside the Virtual Hub.
policy:MaxDownload_u32 number (uint32) Security policy: Download Bandwidth. For sessions with this policy setting, this limits the traffic bandwidth that is in the outwards direction from inside the Virtual Hub to outside the Virtual Hub.
policy:FixPassword_bool boolean Security policy: Deny Changing Password. The users which use password authentication with this policy setting are not allowed to change their own password from the VPN Client Manager or similar.
policy:MultiLogins_u32 number (uint32) Security policy: Maximum Number of Multiple Logins. Users with this policy setting are unable to have more than this number of concurrent logins. Bridge Mode sessions are not subjects to this policy.
policy:NoQoS_bool boolean Security policy: Deny VoIP / QoS Function. Users with this security policy are unable to use VoIP / QoS functions in VPN connection sessions.
policy:RSandRAFilter_bool boolean Security policy: Filter RS / RA Packets (IPv6). All ICMPv6 packets which the message-type is 133 (Router Solicitation) or 134 (Router Advertisement) in sessions defined this policy will be filtered. As a result, an IPv6 client will be unable to use IPv6 address prefix auto detection and IPv6 default gateway auto detection.
policy:RAFilter_bool boolean Security policy: Filter RA Packets (IPv6). All ICMPv6 packets which the message-type is 134 (Router Advertisement) in sessions defined this policy will be filtered. As a result, a malicious users will be unable to spread illegal IPv6 prefix or default gateway advertisements on the network.
policy:DHCPv6Filter_bool boolean Security policy: Filter DHCP Packets (IPv6). All IPv6 DHCP packets in sessions defined this policy will be filtered.
policy:DHCPv6NoServer_bool boolean Security policy: Disallow DHCP Server Operation (IPv6). Computers connected to sessions that have this policy setting will not be allowed to become a DHCP server and distribute IPv6 addresses to DHCP clients.
policy:NoRoutingV6_bool boolean Security policy: Deny Routing Operation (IPv6). IPv6 routing will be denied for sessions that have this policy setting. Even in the case where the IP router is operating on the user client side, communication will not be possible.
policy:CheckIPv6_bool boolean Security policy: Deny IP Address Duplication (IPv6). The use of duplicating IPv6 addresses that are in use by computers of different sessions cannot be used by sessions with this policy setting.
policy:NoServerV6_bool boolean Security policy: Deny Operation as TCP/IP Server (IPv6). Computers of sessions with this policy setting can't listen and accept TCP/IP connections in IPv6.
policy:MaxIPv6_u32 number (uint32) Security policy: Maximum Number of IP Addresses (IPv6). For sessions with this policy setting, this specifies the number of IPv6 addresses that can be registered for a single session.
policy:NoSavePassword_bool boolean Security policy: Disallow Password Save in VPN Client. For users with this policy setting, when the user is using standard password authentication, the user will be unable to save the password in VPN Client. The user will be required to input passwords for every time to connect a VPN. This will improve the security. If this policy is enabled, VPN Client Version 2.0 will be denied to access.
policy:AutoDisconnect_u32 number (uint32) Security policy: VPN Client Automatic Disconnect. For users with this policy setting, a user's VPN session will be disconnected automatically after the specific period will elapse. In this case no automatic re-connection will be performed. This can prevent a lot of inactive VPN Sessions. If this policy is enabled, VPN Client Version 2.0 will be denied to access.
policy:FilterIPv4_bool boolean Security policy: Filter All IPv4 Packets. All IPv4 and ARP packets in sessions defined this policy will be filtered.
policy:FilterIPv6_bool boolean Security policy: Filter All IPv6 Packets. All IPv6 packets in sessions defined this policy will be filtered.
policy:FilterNonIP_bool boolean Security policy: Filter All Non-IP Packets. All non-IP packets in sessions defined this policy will be filtered. "Non-IP packet" mean a packet which is not IPv4, ARP nor IPv6. Any tagged-VLAN packets via the Virtual Hub will be regarded as non-IP packets.
policy:NoIPv6DefaultRouterInRA_bool boolean Security policy: No Default-Router on IPv6 RA. In all VPN Sessions defines this policy, any IPv6 RA (Router Advertisement) packet with non-zero value in the router-lifetime will set to zero-value. This is effective to avoid the horrible behavior from the IPv6 routing confusion which is caused by the VPN client's attempts to use the remote-side IPv6 router as its local IPv6 router.
policy:NoIPv6DefaultRouterInRAWhenIPv6_bool boolean Security policy: No Default-Router on IPv6 RA (physical IPv6). In all VPN Sessions defines this policy (only when the physical communication protocol between VPN Client / VPN Bridge and VPN Server is IPv6), any IPv6 RA (Router Advertisement) packet with non-zero value in the router-lifetime will set to zero-value. This is effective to avoid the horrible behavior from the IPv6 routing confusion which is caused by the VPN client's attempts to use the remote-side IPv6 router as its local IPv6 router.
policy:VLanId_u32 number (uint32) Security policy: VLAN ID (IEEE802.1Q). You can specify the VLAN ID on the security policy. All VPN Sessions defines this policy, all Ethernet packets toward the Virtual Hub from the user will be inserted a VLAN tag (IEEE 802.1Q) with the VLAN ID. The user can also receive only packets with a VLAN tag which has the same VLAN ID. (Receiving process removes the VLAN tag automatically.) Any Ethernet packets with any other VLAN IDs or non-VLAN packets will not be received. All VPN Sessions without this policy definition can send / receive any kinds of Ethernet packets regardless of VLAN tags, and VLAN tags are not inserted or removed automatically. Any tagged-VLAN packets via the Virtual Hub will be regarded as non-IP packets. Therefore, tagged-VLAN packets are not subjects for IPv4 / IPv6 security policies, access lists nor other IPv4 / IPv6 specific deep processing.
policy:Ver3_bool boolean Security policy: Whether version 3.0 (must be true)

"SetUser" RPC API - Change User Settings

Description

Change User Settings. Use this to change user settings that is registered on the security account database of the currently managed Virtual Hub. The user settings that can be changed using this API are the three items that are specified when a new user is created using the CreateUser API: Group Name, Full Name, and Description. To get the list of currently registered users, use the EnumUser API. This API cannot be invoked on VPN Bridge. You cannot execute this API for Virtual Hubs of VPN Servers operating as a member server on a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "SetUser",
  "params": {
    "HubName_str": "hubname",
    "Name_str": "name",
    "GroupName_str": "groupname",
    "Realname_utf": "realname",
    "Note_utf": "note",
    "ExpireTime_dt": "2020-08-01T12:24:36.123",
    "AuthType_u32": 0,
    "Auth_Password_str": "auth_password",
    "UserX_bin": "SGVsbG8gV29ybGQ=",
    "Serial_bin": "SGVsbG8gV29ybGQ=",
    "CommonName_utf": "auth_rootcert_commonname",
    "RadiusUsername_utf": "auth_radius_radiususername",
    "NtUsername_utf": "auth_nt_ntusername",
    "UsePolicy_bool": false,
    "policy:Access_bool": false,
    "policy:DHCPFilter_bool": false,
    "policy:DHCPNoServer_bool": false,
    "policy:DHCPForce_bool": false,
    "policy:NoBridge_bool": false,
    "policy:NoRouting_bool": false,
    "policy:CheckMac_bool": false,
    "policy:CheckIP_bool": false,
    "policy:ArpDhcpOnly_bool": false,
    "policy:PrivacyFilter_bool": false,
    "policy:NoServer_bool": false,
    "policy:NoBroadcastLimiter_bool": false,
    "policy:MonitorPort_bool": false,
    "policy:MaxConnection_u32": 0,
    "policy:TimeOut_u32": 0,
    "policy:MaxMac_u32": 0,
    "policy:MaxIP_u32": 0,
    "policy:MaxUpload_u32": 0,
    "policy:MaxDownload_u32": 0,
    "policy:FixPassword_bool": false,
    "policy:MultiLogins_u32": 0,
    "policy:NoQoS_bool": false,
    "policy:RSandRAFilter_bool": false,
    "policy:RAFilter_bool": false,
    "policy:DHCPv6Filter_bool": false,
    "policy:DHCPv6NoServer_bool": false,
    "policy:NoRoutingV6_bool": false,
    "policy:CheckIPv6_bool": false,
    "policy:NoServerV6_bool": false,
    "policy:MaxIPv6_u32": 0,
    "policy:NoSavePassword_bool": false,
    "policy:AutoDisconnect_u32": 0,
    "policy:FilterIPv4_bool": false,
    "policy:FilterIPv6_bool": false,
    "policy:FilterNonIP_bool": false,
    "policy:NoIPv6DefaultRouterInRA_bool": false,
    "policy:NoIPv6DefaultRouterInRAWhenIPv6_bool": false,
    "policy:VLanId_u32": 0,
    "policy:Ver3_bool": false
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "Name_str": "name",
    "GroupName_str": "groupname",
    "Realname_utf": "realname",
    "Note_utf": "note",
    "CreatedTime_dt": "2020-08-01T12:24:36.123",
    "UpdatedTime_dt": "2020-08-01T12:24:36.123",
    "ExpireTime_dt": "2020-08-01T12:24:36.123",
    "AuthType_u32": 0,
    "Auth_Password_str": "auth_password",
    "UserX_bin": "SGVsbG8gV29ybGQ=",
    "Serial_bin": "SGVsbG8gV29ybGQ=",
    "CommonName_utf": "auth_rootcert_commonname",
    "RadiusUsername_utf": "auth_radius_radiususername",
    "NtUsername_utf": "auth_nt_ntusername",
    "NumLogin_u32": 0,
    "Recv.BroadcastBytes_u64": 0,
    "Recv.BroadcastCount_u64": 0,
    "Recv.UnicastBytes_u64": 0,
    "Recv.UnicastCount_u64": 0,
    "Send.BroadcastBytes_u64": 0,
    "Send.BroadcastCount_u64": 0,
    "Send.UnicastBytes_u64": 0,
    "Send.UnicastCount_u64": 0,
    "UsePolicy_bool": false,
    "policy:Access_bool": false,
    "policy:DHCPFilter_bool": false,
    "policy:DHCPNoServer_bool": false,
    "policy:DHCPForce_bool": false,
    "policy:NoBridge_bool": false,
    "policy:NoRouting_bool": false,
    "policy:CheckMac_bool": false,
    "policy:CheckIP_bool": false,
    "policy:ArpDhcpOnly_bool": false,
    "policy:PrivacyFilter_bool": false,
    "policy:NoServer_bool": false,
    "policy:NoBroadcastLimiter_bool": false,
    "policy:MonitorPort_bool": false,
    "policy:MaxConnection_u32": 0,
    "policy:TimeOut_u32": 0,
    "policy:MaxMac_u32": 0,
    "policy:MaxIP_u32": 0,
    "policy:MaxUpload_u32": 0,
    "policy:MaxDownload_u32": 0,
    "policy:FixPassword_bool": false,
    "policy:MultiLogins_u32": 0,
    "policy:NoQoS_bool": false,
    "policy:RSandRAFilter_bool": false,
    "policy:RAFilter_bool": false,
    "policy:DHCPv6Filter_bool": false,
    "policy:DHCPv6NoServer_bool": false,
    "policy:NoRoutingV6_bool": false,
    "policy:CheckIPv6_bool": false,
    "policy:NoServerV6_bool": false,
    "policy:MaxIPv6_u32": 0,
    "policy:NoSavePassword_bool": false,
    "policy:AutoDisconnect_u32": 0,
    "policy:FilterIPv4_bool": false,
    "policy:FilterIPv6_bool": false,
    "policy:FilterNonIP_bool": false,
    "policy:NoIPv6DefaultRouterInRA_bool": false,
    "policy:NoIPv6DefaultRouterInRAWhenIPv6_bool": false,
    "policy:VLanId_u32": 0,
    "policy:Ver3_bool": false
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
Name_str string (ASCII) Specify the user name of the user
GroupName_str string (ASCII) Assigned group name for the user
Realname_utf string (UTF8) Optional real name (full name) of the user, allow using any Unicode characters
Note_utf string (UTF8) Optional User Description
CreatedTime_dt Date Creation date and time
UpdatedTime_dt Date Last modified date and time
ExpireTime_dt Date Expiration date and time
AuthType_u32 number (enum) Authentication method of the user
Values:
0: Anonymous authentication
1: Password authentication
2: User certificate authentication
3: Root certificate which is issued by trusted Certificate Authority
4: Radius authentication
5: Windows NT authentication
Auth_Password_str string (ASCII) User password, valid only if AuthType_u32 == Password(1). Valid only to create or set operations.
UserX_bin string (Base64 binary) User certificate, valid only if AuthType_u32 == UserCert(2).
Serial_bin string (Base64 binary) Certificate Serial Number, optional, valid only if AuthType_u32 == RootCert(3).
CommonName_utf string (UTF8) Certificate Common Name, optional, valid only if AuthType_u32 == RootCert(3).
RadiusUsername_utf string (UTF8) Username in RADIUS server, optional, valid only if AuthType_u32 == Radius(4).
NtUsername_utf string (UTF8) Username in NT Domain server, optional, valid only if AuthType_u32 == NT(5).
NumLogin_u32 number (uint32) Number of total logins of the user
Recv.BroadcastBytes_u64 number (uint64) Number of broadcast packets (Recv)
Recv.BroadcastCount_u64 number (uint64) Broadcast bytes (Recv)
Recv.UnicastBytes_u64 number (uint64) Unicast count (Recv)
Recv.UnicastCount_u64 number (uint64) Unicast bytes (Recv)
Send.BroadcastBytes_u64 number (uint64) Number of broadcast packets (Send)
Send.BroadcastCount_u64 number (uint64) Broadcast bytes (Send)
Send.UnicastBytes_u64 number (uint64) Unicast bytes (Send)
Send.UnicastCount_u64 number (uint64) Unicast bytes (Send)
UsePolicy_bool boolean The flag whether to use security policy
policy:Access_bool boolean Security policy: Allow Access. The users, which this policy value is true, have permission to make VPN connection to VPN Server.
policy:DHCPFilter_bool boolean Security policy: Filter DHCP Packets (IPv4). All IPv4 DHCP packets in sessions defined this policy will be filtered.
policy:DHCPNoServer_bool boolean Security policy: Disallow DHCP Server Operation (IPv4). Computers connected to sessions that have this policy setting will not be allowed to become a DHCP server and distribute IPv4 addresses to DHCP clients.
policy:DHCPForce_bool boolean Security policy: Enforce DHCP Allocated IP Addresses (IPv4). Computers in sessions that have this policy setting will only be able to use IPv4 addresses allocated by a DHCP server on the virtual network side.
policy:NoBridge_bool boolean Security policy: Deny Bridge Operation. Bridge-mode connections are denied for user sessions that have this policy setting. Even in cases when the Ethernet Bridge is configured in the client side, communication will not be possible.
policy:NoRouting_bool boolean Security policy: Deny Routing Operation (IPv4). IPv4 routing will be denied for sessions that have this policy setting. Even in the case where the IP router is operating on the user client side, communication will not be possible.
policy:CheckMac_bool boolean Security policy: Deny MAC Addresses Duplication. The use of duplicating MAC addresses that are in use by computers of different sessions cannot be used by sessions with this policy setting.
policy:CheckIP_bool boolean Security policy: Deny IP Address Duplication (IPv4). The use of duplicating IPv4 addresses that are in use by computers of different sessions cannot be used by sessions with this policy setting.
policy:ArpDhcpOnly_bool boolean Security policy: Deny Non-ARP / Non-DHCP / Non-ICMPv6 broadcasts. The sending or receiving of broadcast packets that are not ARP protocol, DHCP protocol, nor ICMPv6 on the virtual network will not be allowed for sessions with this policy setting.
policy:PrivacyFilter_bool boolean Security policy: Privacy Filter Mode. All direct communication between sessions with the privacy filter mode policy setting will be filtered.
policy:NoServer_bool boolean Security policy: Deny Operation as TCP/IP Server (IPv4). Computers of sessions with this policy setting can't listen and accept TCP/IP connections in IPv4.
policy:NoBroadcastLimiter_bool boolean Security policy: Unlimited Number of Broadcasts. If a computer of a session with this policy setting sends broadcast packets of a number unusually larger than what would be considered normal on the virtual network, there will be no automatic limiting.
policy:MonitorPort_bool boolean Security policy: Allow Monitoring Mode. Users with this policy setting will be granted to connect to the Virtual Hub in Monitoring Mode. Sessions in Monitoring Mode are able to monitor (tap) all packets flowing through the Virtual Hub.
policy:MaxConnection_u32 number (uint32) Security policy: Maximum Number of TCP Connections. For sessions with this policy setting, this sets the maximum number of physical TCP connections consists in a physical VPN session.
policy:TimeOut_u32 number (uint32) Security policy: Time-out Period. For sessions with this policy setting, this sets, in seconds, the time-out period to wait before disconnecting a session when communication trouble occurs between the VPN Client / VPN Server.
policy:MaxMac_u32 number (uint32) Security policy: Maximum Number of MAC Addresses. For sessions with this policy setting, this limits the number of MAC addresses per session.
policy:MaxIP_u32 number (uint32) Security policy: Maximum Number of IP Addresses (IPv4). For sessions with this policy setting, this specifies the number of IPv4 addresses that can be registered for a single session.
policy:MaxUpload_u32 number (uint32) Security policy: Upload Bandwidth. For sessions with this policy setting, this limits the traffic bandwidth that is in the inwards direction from outside to inside the Virtual Hub.
policy:MaxDownload_u32 number (uint32) Security policy: Download Bandwidth. For sessions with this policy setting, this limits the traffic bandwidth that is in the outwards direction from inside the Virtual Hub to outside the Virtual Hub.
policy:FixPassword_bool boolean Security policy: Deny Changing Password. The users which use password authentication with this policy setting are not allowed to change their own password from the VPN Client Manager or similar.
policy:MultiLogins_u32 number (uint32) Security policy: Maximum Number of Multiple Logins. Users with this policy setting are unable to have more than this number of concurrent logins. Bridge Mode sessions are not subjects to this policy.
policy:NoQoS_bool boolean Security policy: Deny VoIP / QoS Function. Users with this security policy are unable to use VoIP / QoS functions in VPN connection sessions.
policy:RSandRAFilter_bool boolean Security policy: Filter RS / RA Packets (IPv6). All ICMPv6 packets which the message-type is 133 (Router Solicitation) or 134 (Router Advertisement) in sessions defined this policy will be filtered. As a result, an IPv6 client will be unable to use IPv6 address prefix auto detection and IPv6 default gateway auto detection.
policy:RAFilter_bool boolean Security policy: Filter RA Packets (IPv6). All ICMPv6 packets which the message-type is 134 (Router Advertisement) in sessions defined this policy will be filtered. As a result, a malicious users will be unable to spread illegal IPv6 prefix or default gateway advertisements on the network.
policy:DHCPv6Filter_bool boolean Security policy: Filter DHCP Packets (IPv6). All IPv6 DHCP packets in sessions defined this policy will be filtered.
policy:DHCPv6NoServer_bool boolean Security policy: Disallow DHCP Server Operation (IPv6). Computers connected to sessions that have this policy setting will not be allowed to become a DHCP server and distribute IPv6 addresses to DHCP clients.
policy:NoRoutingV6_bool boolean Security policy: Deny Routing Operation (IPv6). IPv6 routing will be denied for sessions that have this policy setting. Even in the case where the IP router is operating on the user client side, communication will not be possible.
policy:CheckIPv6_bool boolean Security policy: Deny IP Address Duplication (IPv6). The use of duplicating IPv6 addresses that are in use by computers of different sessions cannot be used by sessions with this policy setting.
policy:NoServerV6_bool boolean Security policy: Deny Operation as TCP/IP Server (IPv6). Computers of sessions with this policy setting can't listen and accept TCP/IP connections in IPv6.
policy:MaxIPv6_u32 number (uint32) Security policy: Maximum Number of IP Addresses (IPv6). For sessions with this policy setting, this specifies the number of IPv6 addresses that can be registered for a single session.
policy:NoSavePassword_bool boolean Security policy: Disallow Password Save in VPN Client. For users with this policy setting, when the user is using standard password authentication, the user will be unable to save the password in VPN Client. The user will be required to input passwords for every time to connect a VPN. This will improve the security. If this policy is enabled, VPN Client Version 2.0 will be denied to access.
policy:AutoDisconnect_u32 number (uint32) Security policy: VPN Client Automatic Disconnect. For users with this policy setting, a user's VPN session will be disconnected automatically after the specific period will elapse. In this case no automatic re-connection will be performed. This can prevent a lot of inactive VPN Sessions. If this policy is enabled, VPN Client Version 2.0 will be denied to access.
policy:FilterIPv4_bool boolean Security policy: Filter All IPv4 Packets. All IPv4 and ARP packets in sessions defined this policy will be filtered.
policy:FilterIPv6_bool boolean Security policy: Filter All IPv6 Packets. All IPv6 packets in sessions defined this policy will be filtered.
policy:FilterNonIP_bool boolean Security policy: Filter All Non-IP Packets. All non-IP packets in sessions defined this policy will be filtered. "Non-IP packet" mean a packet which is not IPv4, ARP nor IPv6. Any tagged-VLAN packets via the Virtual Hub will be regarded as non-IP packets.
policy:NoIPv6DefaultRouterInRA_bool boolean Security policy: No Default-Router on IPv6 RA. In all VPN Sessions defines this policy, any IPv6 RA (Router Advertisement) packet with non-zero value in the router-lifetime will set to zero-value. This is effective to avoid the horrible behavior from the IPv6 routing confusion which is caused by the VPN client's attempts to use the remote-side IPv6 router as its local IPv6 router.
policy:NoIPv6DefaultRouterInRAWhenIPv6_bool boolean Security policy: No Default-Router on IPv6 RA (physical IPv6). In all VPN Sessions defines this policy (only when the physical communication protocol between VPN Client / VPN Bridge and VPN Server is IPv6), any IPv6 RA (Router Advertisement) packet with non-zero value in the router-lifetime will set to zero-value. This is effective to avoid the horrible behavior from the IPv6 routing confusion which is caused by the VPN client's attempts to use the remote-side IPv6 router as its local IPv6 router.
policy:VLanId_u32 number (uint32) Security policy: VLAN ID (IEEE802.1Q). You can specify the VLAN ID on the security policy. All VPN Sessions defines this policy, all Ethernet packets toward the Virtual Hub from the user will be inserted a VLAN tag (IEEE 802.1Q) with the VLAN ID. The user can also receive only packets with a VLAN tag which has the same VLAN ID. (Receiving process removes the VLAN tag automatically.) Any Ethernet packets with any other VLAN IDs or non-VLAN packets will not be received. All VPN Sessions without this policy definition can send / receive any kinds of Ethernet packets regardless of VLAN tags, and VLAN tags are not inserted or removed automatically. Any tagged-VLAN packets via the Virtual Hub will be regarded as non-IP packets. Therefore, tagged-VLAN packets are not subjects for IPv4 / IPv6 security policies, access lists nor other IPv4 / IPv6 specific deep processing.
policy:Ver3_bool boolean Security policy: Whether version 3.0 (must be true)

"GetUser" RPC API - Get User Settings

Description

Get User Settings. Use this to get user settings information that is registered on the security account database of the currently managed Virtual Hub. The information that you can get using this API are User Name, Full Name, Group Name, Expiration Date, Security Policy, and Auth Type, as well as parameters that are specified as auth type attributes and the statistical data of that user. To get the list of currently registered users, use the EnumUser API. This API cannot be invoked on VPN Bridge. You cannot execute this API for Virtual Hubs of VPN Servers operating as a member server on a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "GetUser",
  "params": {
    "HubName_str": "hubname",
    "Name_str": "name"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "Name_str": "name",
    "GroupName_str": "groupname",
    "Realname_utf": "realname",
    "Note_utf": "note",
    "CreatedTime_dt": "2020-08-01T12:24:36.123",
    "UpdatedTime_dt": "2020-08-01T12:24:36.123",
    "ExpireTime_dt": "2020-08-01T12:24:36.123",
    "AuthType_u32": 0,
    "Auth_Password_str": "auth_password",
    "UserX_bin": "SGVsbG8gV29ybGQ=",
    "Serial_bin": "SGVsbG8gV29ybGQ=",
    "CommonName_utf": "auth_rootcert_commonname",
    "RadiusUsername_utf": "auth_radius_radiususername",
    "NtUsername_utf": "auth_nt_ntusername",
    "NumLogin_u32": 0,
    "Recv.BroadcastBytes_u64": 0,
    "Recv.BroadcastCount_u64": 0,
    "Recv.UnicastBytes_u64": 0,
    "Recv.UnicastCount_u64": 0,
    "Send.BroadcastBytes_u64": 0,
    "Send.BroadcastCount_u64": 0,
    "Send.UnicastBytes_u64": 0,
    "Send.UnicastCount_u64": 0,
    "UsePolicy_bool": false,
    "policy:Access_bool": false,
    "policy:DHCPFilter_bool": false,
    "policy:DHCPNoServer_bool": false,
    "policy:DHCPForce_bool": false,
    "policy:NoBridge_bool": false,
    "policy:NoRouting_bool": false,
    "policy:CheckMac_bool": false,
    "policy:CheckIP_bool": false,
    "policy:ArpDhcpOnly_bool": false,
    "policy:PrivacyFilter_bool": false,
    "policy:NoServer_bool": false,
    "policy:NoBroadcastLimiter_bool": false,
    "policy:MonitorPort_bool": false,
    "policy:MaxConnection_u32": 0,
    "policy:TimeOut_u32": 0,
    "policy:MaxMac_u32": 0,
    "policy:MaxIP_u32": 0,
    "policy:MaxUpload_u32": 0,
    "policy:MaxDownload_u32": 0,
    "policy:FixPassword_bool": false,
    "policy:MultiLogins_u32": 0,
    "policy:NoQoS_bool": false,
    "policy:RSandRAFilter_bool": false,
    "policy:RAFilter_bool": false,
    "policy:DHCPv6Filter_bool": false,
    "policy:DHCPv6NoServer_bool": false,
    "policy:NoRoutingV6_bool": false,
    "policy:CheckIPv6_bool": false,
    "policy:NoServerV6_bool": false,
    "policy:MaxIPv6_u32": 0,
    "policy:NoSavePassword_bool": false,
    "policy:AutoDisconnect_u32": 0,
    "policy:FilterIPv4_bool": false,
    "policy:FilterIPv6_bool": false,
    "policy:FilterNonIP_bool": false,
    "policy:NoIPv6DefaultRouterInRA_bool": false,
    "policy:NoIPv6DefaultRouterInRAWhenIPv6_bool": false,
    "policy:VLanId_u32": 0,
    "policy:Ver3_bool": false
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
Name_str string (ASCII) Specify the user name of the user
GroupName_str string (ASCII) Assigned group name for the user
Realname_utf string (UTF8) Optional real name (full name) of the user, allow using any Unicode characters
Note_utf string (UTF8) Optional User Description
CreatedTime_dt Date Creation date and time
UpdatedTime_dt Date Last modified date and time
ExpireTime_dt Date Expiration date and time
AuthType_u32 number (enum) Authentication method of the user
Values:
0: Anonymous authentication
1: Password authentication
2: User certificate authentication
3: Root certificate which is issued by trusted Certificate Authority
4: Radius authentication
5: Windows NT authentication
Auth_Password_str string (ASCII) User password, valid only if AuthType_u32 == Password(1). Valid only to create or set operations.
UserX_bin string (Base64 binary) User certificate, valid only if AuthType_u32 == UserCert(2).
Serial_bin string (Base64 binary) Certificate Serial Number, optional, valid only if AuthType_u32 == RootCert(3).
CommonName_utf string (UTF8) Certificate Common Name, optional, valid only if AuthType_u32 == RootCert(3).
RadiusUsername_utf string (UTF8) Username in RADIUS server, optional, valid only if AuthType_u32 == Radius(4).
NtUsername_utf string (UTF8) Username in NT Domain server, optional, valid only if AuthType_u32 == NT(5).
NumLogin_u32 number (uint32) Number of total logins of the user
Recv.BroadcastBytes_u64 number (uint64) Number of broadcast packets (Recv)
Recv.BroadcastCount_u64 number (uint64) Broadcast bytes (Recv)
Recv.UnicastBytes_u64 number (uint64) Unicast count (Recv)
Recv.UnicastCount_u64 number (uint64) Unicast bytes (Recv)
Send.BroadcastBytes_u64 number (uint64) Number of broadcast packets (Send)
Send.BroadcastCount_u64 number (uint64) Broadcast bytes (Send)
Send.UnicastBytes_u64 number (uint64) Unicast bytes (Send)
Send.UnicastCount_u64 number (uint64) Unicast bytes (Send)
UsePolicy_bool boolean The flag whether to use security policy
policy:Access_bool boolean Security policy: Allow Access. The users, which this policy value is true, have permission to make VPN connection to VPN Server.
policy:DHCPFilter_bool boolean Security policy: Filter DHCP Packets (IPv4). All IPv4 DHCP packets in sessions defined this policy will be filtered.
policy:DHCPNoServer_bool boolean Security policy: Disallow DHCP Server Operation (IPv4). Computers connected to sessions that have this policy setting will not be allowed to become a DHCP server and distribute IPv4 addresses to DHCP clients.
policy:DHCPForce_bool boolean Security policy: Enforce DHCP Allocated IP Addresses (IPv4). Computers in sessions that have this policy setting will only be able to use IPv4 addresses allocated by a DHCP server on the virtual network side.
policy:NoBridge_bool boolean Security policy: Deny Bridge Operation. Bridge-mode connections are denied for user sessions that have this policy setting. Even in cases when the Ethernet Bridge is configured in the client side, communication will not be possible.
policy:NoRouting_bool boolean Security policy: Deny Routing Operation (IPv4). IPv4 routing will be denied for sessions that have this policy setting. Even in the case where the IP router is operating on the user client side, communication will not be possible.
policy:CheckMac_bool boolean Security policy: Deny MAC Addresses Duplication. The use of duplicating MAC addresses that are in use by computers of different sessions cannot be used by sessions with this policy setting.
policy:CheckIP_bool boolean Security policy: Deny IP Address Duplication (IPv4). The use of duplicating IPv4 addresses that are in use by computers of different sessions cannot be used by sessions with this policy setting.
policy:ArpDhcpOnly_bool boolean Security policy: Deny Non-ARP / Non-DHCP / Non-ICMPv6 broadcasts. The sending or receiving of broadcast packets that are not ARP protocol, DHCP protocol, nor ICMPv6 on the virtual network will not be allowed for sessions with this policy setting.
policy:PrivacyFilter_bool boolean Security policy: Privacy Filter Mode. All direct communication between sessions with the privacy filter mode policy setting will be filtered.
policy:NoServer_bool boolean Security policy: Deny Operation as TCP/IP Server (IPv4). Computers of sessions with this policy setting can't listen and accept TCP/IP connections in IPv4.
policy:NoBroadcastLimiter_bool boolean Security policy: Unlimited Number of Broadcasts. If a computer of a session with this policy setting sends broadcast packets of a number unusually larger than what would be considered normal on the virtual network, there will be no automatic limiting.
policy:MonitorPort_bool boolean Security policy: Allow Monitoring Mode. Users with this policy setting will be granted to connect to the Virtual Hub in Monitoring Mode. Sessions in Monitoring Mode are able to monitor (tap) all packets flowing through the Virtual Hub.
policy:MaxConnection_u32 number (uint32) Security policy: Maximum Number of TCP Connections. For sessions with this policy setting, this sets the maximum number of physical TCP connections consists in a physical VPN session.
policy:TimeOut_u32 number (uint32) Security policy: Time-out Period. For sessions with this policy setting, this sets, in seconds, the time-out period to wait before disconnecting a session when communication trouble occurs between the VPN Client / VPN Server.
policy:MaxMac_u32 number (uint32) Security policy: Maximum Number of MAC Addresses. For sessions with this policy setting, this limits the number of MAC addresses per session.
policy:MaxIP_u32 number (uint32) Security policy: Maximum Number of IP Addresses (IPv4). For sessions with this policy setting, this specifies the number of IPv4 addresses that can be registered for a single session.
policy:MaxUpload_u32 number (uint32) Security policy: Upload Bandwidth. For sessions with this policy setting, this limits the traffic bandwidth that is in the inwards direction from outside to inside the Virtual Hub.
policy:MaxDownload_u32 number (uint32) Security policy: Download Bandwidth. For sessions with this policy setting, this limits the traffic bandwidth that is in the outwards direction from inside the Virtual Hub to outside the Virtual Hub.
policy:FixPassword_bool boolean Security policy: Deny Changing Password. The users which use password authentication with this policy setting are not allowed to change their own password from the VPN Client Manager or similar.
policy:MultiLogins_u32 number (uint32) Security policy: Maximum Number of Multiple Logins. Users with this policy setting are unable to have more than this number of concurrent logins. Bridge Mode sessions are not subjects to this policy.
policy:NoQoS_bool boolean Security policy: Deny VoIP / QoS Function. Users with this security policy are unable to use VoIP / QoS functions in VPN connection sessions.
policy:RSandRAFilter_bool boolean Security policy: Filter RS / RA Packets (IPv6). All ICMPv6 packets which the message-type is 133 (Router Solicitation) or 134 (Router Advertisement) in sessions defined this policy will be filtered. As a result, an IPv6 client will be unable to use IPv6 address prefix auto detection and IPv6 default gateway auto detection.
policy:RAFilter_bool boolean Security policy: Filter RA Packets (IPv6). All ICMPv6 packets which the message-type is 134 (Router Advertisement) in sessions defined this policy will be filtered. As a result, a malicious users will be unable to spread illegal IPv6 prefix or default gateway advertisements on the network.
policy:DHCPv6Filter_bool boolean Security policy: Filter DHCP Packets (IPv6). All IPv6 DHCP packets in sessions defined this policy will be filtered.
policy:DHCPv6NoServer_bool boolean Security policy: Disallow DHCP Server Operation (IPv6). Computers connected to sessions that have this policy setting will not be allowed to become a DHCP server and distribute IPv6 addresses to DHCP clients.
policy:NoRoutingV6_bool boolean Security policy: Deny Routing Operation (IPv6). IPv6 routing will be denied for sessions that have this policy setting. Even in the case where the IP router is operating on the user client side, communication will not be possible.
policy:CheckIPv6_bool boolean Security policy: Deny IP Address Duplication (IPv6). The use of duplicating IPv6 addresses that are in use by computers of different sessions cannot be used by sessions with this policy setting.
policy:NoServerV6_bool boolean Security policy: Deny Operation as TCP/IP Server (IPv6). Computers of sessions with this policy setting can't listen and accept TCP/IP connections in IPv6.
policy:MaxIPv6_u32 number (uint32) Security policy: Maximum Number of IP Addresses (IPv6). For sessions with this policy setting, this specifies the number of IPv6 addresses that can be registered for a single session.
policy:NoSavePassword_bool boolean Security policy: Disallow Password Save in VPN Client. For users with this policy setting, when the user is using standard password authentication, the user will be unable to save the password in VPN Client. The user will be required to input passwords for every time to connect a VPN. This will improve the security. If this policy is enabled, VPN Client Version 2.0 will be denied to access.
policy:AutoDisconnect_u32 number (uint32) Security policy: VPN Client Automatic Disconnect. For users with this policy setting, a user's VPN session will be disconnected automatically after the specific period will elapse. In this case no automatic re-connection will be performed. This can prevent a lot of inactive VPN Sessions. If this policy is enabled, VPN Client Version 2.0 will be denied to access.
policy:FilterIPv4_bool boolean Security policy: Filter All IPv4 Packets. All IPv4 and ARP packets in sessions defined this policy will be filtered.
policy:FilterIPv6_bool boolean Security policy: Filter All IPv6 Packets. All IPv6 packets in sessions defined this policy will be filtered.
policy:FilterNonIP_bool boolean Security policy: Filter All Non-IP Packets. All non-IP packets in sessions defined this policy will be filtered. "Non-IP packet" mean a packet which is not IPv4, ARP nor IPv6. Any tagged-VLAN packets via the Virtual Hub will be regarded as non-IP packets.
policy:NoIPv6DefaultRouterInRA_bool boolean Security policy: No Default-Router on IPv6 RA. In all VPN Sessions defines this policy, any IPv6 RA (Router Advertisement) packet with non-zero value in the router-lifetime will set to zero-value. This is effective to avoid the horrible behavior from the IPv6 routing confusion which is caused by the VPN client's attempts to use the remote-side IPv6 router as its local IPv6 router.
policy:NoIPv6DefaultRouterInRAWhenIPv6_bool boolean Security policy: No Default-Router on IPv6 RA (physical IPv6). In all VPN Sessions defines this policy (only when the physical communication protocol between VPN Client / VPN Bridge and VPN Server is IPv6), any IPv6 RA (Router Advertisement) packet with non-zero value in the router-lifetime will set to zero-value. This is effective to avoid the horrible behavior from the IPv6 routing confusion which is caused by the VPN client's attempts to use the remote-side IPv6 router as its local IPv6 router.
policy:VLanId_u32 number (uint32) Security policy: VLAN ID (IEEE802.1Q). You can specify the VLAN ID on the security policy. All VPN Sessions defines this policy, all Ethernet packets toward the Virtual Hub from the user will be inserted a VLAN tag (IEEE 802.1Q) with the VLAN ID. The user can also receive only packets with a VLAN tag which has the same VLAN ID. (Receiving process removes the VLAN tag automatically.) Any Ethernet packets with any other VLAN IDs or non-VLAN packets will not be received. All VPN Sessions without this policy definition can send / receive any kinds of Ethernet packets regardless of VLAN tags, and VLAN tags are not inserted or removed automatically. Any tagged-VLAN packets via the Virtual Hub will be regarded as non-IP packets. Therefore, tagged-VLAN packets are not subjects for IPv4 / IPv6 security policies, access lists nor other IPv4 / IPv6 specific deep processing.
policy:Ver3_bool boolean Security policy: Whether version 3.0 (must be true)

"DeleteUser" RPC API - Delete a user

Description

Delete a user. Use this to delete a user that is registered on the security account database of the currently managed Virtual Hub. By deleting the user, that user will no long be able to connect to the Virtual Hub. You can use the SetUser API to set the user's security policy to deny access instead of deleting a user, set the user to be temporarily denied from logging in. To get the list of currently registered users, use the EnumUser API. This API cannot be invoked on VPN Bridge. You cannot execute this API for Virtual Hubs of VPN Servers operating as a member server on a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "DeleteUser",
  "params": {
    "HubName_str": "hubname",
    "Name_str": "name"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "Name_str": "name"
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
Name_str string (ASCII) User or group name

"EnumUser" RPC API - Get List of Users

Description

Get List of Users. Use this to get a list of users that are registered on the security account database of the currently managed Virtual Hub. This API cannot be invoked on VPN Bridge. You cannot execute this API for Virtual Hubs of VPN Servers operating as a member server on a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "EnumUser",
  "params": {
    "HubName_str": "hubname"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "UserList": [
      {
        "Name_str": "name",
        "GroupName_str": "groupname",
        "Realname_utf": "realname",
        "Note_utf": "note",
        "AuthType_u32": 0,
        "NumLogin_u32": 0,
        "LastLoginTime_dt": "2020-08-01T12:24:36.123",
        "DenyAccess_bool": false,
        "IsTrafficFilled_bool": false,
        "IsExpiresFilled_bool": false,
        "Expires_dt": "2020-08-01T12:24:36.123",
        "Ex.Recv.BroadcastBytes_u64": 0,
        "Ex.Recv.BroadcastCount_u64": 0,
        "Ex.Recv.UnicastBytes_u64": 0,
        "Ex.Recv.UnicastCount_u64": 0,
        "Ex.Send.BroadcastBytes_u64": 0,
        "Ex.Send.BroadcastCount_u64": 0,
        "Ex.Send.UnicastBytes_u64": 0,
        "Ex.Send.UnicastCount_u64": 0
      },
      {
        "Name_str": "name",
        "GroupName_str": "groupname",
        "Realname_utf": "realname",
        "Note_utf": "note",
        "AuthType_u32": 0,
        "NumLogin_u32": 0,
        "LastLoginTime_dt": "2020-08-01T12:24:36.123",
        "DenyAccess_bool": false,
        "IsTrafficFilled_bool": false,
        "IsExpiresFilled_bool": false,
        "Expires_dt": "2020-08-01T12:24:36.123",
        "Ex.Recv.BroadcastBytes_u64": 0,
        "Ex.Recv.BroadcastCount_u64": 0,
        "Ex.Recv.UnicastBytes_u64": 0,
        "Ex.Recv.UnicastCount_u64": 0,
        "Ex.Send.BroadcastBytes_u64": 0,
        "Ex.Send.BroadcastCount_u64": 0,
        "Ex.Send.UnicastBytes_u64": 0,
        "Ex.Send.UnicastCount_u64": 0
      },
      {
        "Name_str": "name",
        "GroupName_str": "groupname",
        "Realname_utf": "realname",
        "Note_utf": "note",
        "AuthType_u32": 0,
        "NumLogin_u32": 0,
        "LastLoginTime_dt": "2020-08-01T12:24:36.123",
        "DenyAccess_bool": false,
        "IsTrafficFilled_bool": false,
        "IsExpiresFilled_bool": false,
        "Expires_dt": "2020-08-01T12:24:36.123",
        "Ex.Recv.BroadcastBytes_u64": 0,
        "Ex.Recv.BroadcastCount_u64": 0,
        "Ex.Recv.UnicastBytes_u64": 0,
        "Ex.Recv.UnicastCount_u64": 0,
        "Ex.Send.BroadcastBytes_u64": 0,
        "Ex.Send.BroadcastCount_u64": 0,
        "Ex.Send.UnicastBytes_u64": 0,
        "Ex.Send.UnicastCount_u64": 0
      }
    ]
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
UserList Array object User list
Name_str string (ASCII) User name
GroupName_str string (ASCII) Group name
Realname_utf string (UTF8) Real name
Note_utf string (UTF8) Note
AuthType_u32 number (enum) Authentication method
Values:
0: Anonymous authentication
1: Password authentication
2: User certificate authentication
3: Root certificate which is issued by trusted Certificate Authority
4: Radius authentication
5: Windows NT authentication
NumLogin_u32 number (uint32) Number of logins
LastLoginTime_dt Date Last login date and time
DenyAccess_bool boolean Access denied
IsTrafficFilled_bool boolean Flag of whether the traffic variable is set
IsExpiresFilled_bool boolean Flag of whether expiration date variable is set
Expires_dt Date Expiration date
Ex.Recv.BroadcastBytes_u64 number (uint64) Number of broadcast packets (Recv)
Ex.Recv.BroadcastCount_u64 number (uint64) Broadcast bytes (Recv)
Ex.Recv.UnicastBytes_u64 number (uint64) Unicast count (Recv)
Ex.Recv.UnicastCount_u64 number (uint64) Unicast bytes (Recv)
Ex.Send.BroadcastBytes_u64 number (uint64) Number of broadcast packets (Send)
Ex.Send.BroadcastCount_u64 number (uint64) Broadcast bytes (Send)
Ex.Send.UnicastBytes_u64 number (uint64) Unicast bytes (Send)
Ex.Send.UnicastCount_u64 number (uint64) Unicast bytes (Send)

"CreateGroup" RPC API - Create Group

Description

Create Group. Use this to create a new group in the security account database of the currently managed Virtual Hub. You can register multiple users in a group. To register users in a group use the SetUser API. This API cannot be invoked on VPN Bridge. You cannot execute this API for Virtual Hubs of VPN Servers operating as a member server on a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "CreateGroup",
  "params": {
    "HubName_str": "hubname",
    "Name_str": "name",
    "Realname_utf": "realname",
    "Note_utf": "note",
    "UsePolicy_bool": false,
    "policy:Access_bool": false,
    "policy:DHCPFilter_bool": false,
    "policy:DHCPNoServer_bool": false,
    "policy:DHCPForce_bool": false,
    "policy:NoBridge_bool": false,
    "policy:NoRouting_bool": false,
    "policy:CheckMac_bool": false,
    "policy:CheckIP_bool": false,
    "policy:ArpDhcpOnly_bool": false,
    "policy:PrivacyFilter_bool": false,
    "policy:NoServer_bool": false,
    "policy:NoBroadcastLimiter_bool": false,
    "policy:MonitorPort_bool": false,
    "policy:MaxConnection_u32": 0,
    "policy:TimeOut_u32": 0,
    "policy:MaxMac_u32": 0,
    "policy:MaxIP_u32": 0,
    "policy:MaxUpload_u32": 0,
    "policy:MaxDownload_u32": 0,
    "policy:FixPassword_bool": false,
    "policy:MultiLogins_u32": 0,
    "policy:NoQoS_bool": false,
    "policy:RSandRAFilter_bool": false,
    "policy:RAFilter_bool": false,
    "policy:DHCPv6Filter_bool": false,
    "policy:DHCPv6NoServer_bool": false,
    "policy:NoRoutingV6_bool": false,
    "policy:CheckIPv6_bool": false,
    "policy:NoServerV6_bool": false,
    "policy:MaxIPv6_u32": 0,
    "policy:NoSavePassword_bool": false,
    "policy:AutoDisconnect_u32": 0,
    "policy:FilterIPv4_bool": false,
    "policy:FilterIPv6_bool": false,
    "policy:FilterNonIP_bool": false,
    "policy:NoIPv6DefaultRouterInRA_bool": false,
    "policy:NoIPv6DefaultRouterInRAWhenIPv6_bool": false,
    "policy:VLanId_u32": 0,
    "policy:Ver3_bool": false
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "Name_str": "name",
    "Realname_utf": "realname",
    "Note_utf": "note",
    "Recv.BroadcastBytes_u64": 0,
    "Recv.BroadcastCount_u64": 0,
    "Recv.UnicastBytes_u64": 0,
    "Recv.UnicastCount_u64": 0,
    "Send.BroadcastBytes_u64": 0,
    "Send.BroadcastCount_u64": 0,
    "Send.UnicastBytes_u64": 0,
    "Send.UnicastCount_u64": 0,
    "UsePolicy_bool": false,
    "policy:Access_bool": false,
    "policy:DHCPFilter_bool": false,
    "policy:DHCPNoServer_bool": false,
    "policy:DHCPForce_bool": false,
    "policy:NoBridge_bool": false,
    "policy:NoRouting_bool": false,
    "policy:CheckMac_bool": false,
    "policy:CheckIP_bool": false,
    "policy:ArpDhcpOnly_bool": false,
    "policy:PrivacyFilter_bool": false,
    "policy:NoServer_bool": false,
    "policy:NoBroadcastLimiter_bool": false,
    "policy:MonitorPort_bool": false,
    "policy:MaxConnection_u32": 0,
    "policy:TimeOut_u32": 0,
    "policy:MaxMac_u32": 0,
    "policy:MaxIP_u32": 0,
    "policy:MaxUpload_u32": 0,
    "policy:MaxDownload_u32": 0,
    "policy:FixPassword_bool": false,
    "policy:MultiLogins_u32": 0,
    "policy:NoQoS_bool": false,
    "policy:RSandRAFilter_bool": false,
    "policy:RAFilter_bool": false,
    "policy:DHCPv6Filter_bool": false,
    "policy:DHCPv6NoServer_bool": false,
    "policy:NoRoutingV6_bool": false,
    "policy:CheckIPv6_bool": false,
    "policy:NoServerV6_bool": false,
    "policy:MaxIPv6_u32": 0,
    "policy:NoSavePassword_bool": false,
    "policy:AutoDisconnect_u32": 0,
    "policy:FilterIPv4_bool": false,
    "policy:FilterIPv6_bool": false,
    "policy:FilterNonIP_bool": false,
    "policy:NoIPv6DefaultRouterInRA_bool": false,
    "policy:NoIPv6DefaultRouterInRAWhenIPv6_bool": false,
    "policy:VLanId_u32": 0,
    "policy:Ver3_bool": false
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
Name_str string (ASCII) The group name
Realname_utf string (UTF8) Optional real name (full name) of the group, allow using any Unicode characters
Note_utf string (UTF8) Optional, specify a description of the group
Recv.BroadcastBytes_u64 number (uint64) Number of broadcast packets (Recv)
Recv.BroadcastCount_u64 number (uint64) Broadcast bytes (Recv)
Recv.UnicastBytes_u64 number (uint64) Unicast count (Recv)
Recv.UnicastCount_u64 number (uint64) Unicast bytes (Recv)
Send.BroadcastBytes_u64 number (uint64) Number of broadcast packets (Send)
Send.BroadcastCount_u64 number (uint64) Broadcast bytes (Send)
Send.UnicastBytes_u64 number (uint64) Unicast bytes (Send)
Send.UnicastCount_u64 number (uint64) Unicast bytes (Send)
UsePolicy_bool boolean The flag whether to use security policy
policy:Access_bool boolean Security policy: Allow Access. The users, which this policy value is true, have permission to make VPN connection to VPN Server.
policy:DHCPFilter_bool boolean Security policy: Filter DHCP Packets (IPv4). All IPv4 DHCP packets in sessions defined this policy will be filtered.
policy:DHCPNoServer_bool boolean Security policy: Disallow DHCP Server Operation (IPv4). Computers connected to sessions that have this policy setting will not be allowed to become a DHCP server and distribute IPv4 addresses to DHCP clients.
policy:DHCPForce_bool boolean Security policy: Enforce DHCP Allocated IP Addresses (IPv4). Computers in sessions that have this policy setting will only be able to use IPv4 addresses allocated by a DHCP server on the virtual network side.
policy:NoBridge_bool boolean Security policy: Deny Bridge Operation. Bridge-mode connections are denied for user sessions that have this policy setting. Even in cases when the Ethernet Bridge is configured in the client side, communication will not be possible.
policy:NoRouting_bool boolean Security policy: Deny Routing Operation (IPv4). IPv4 routing will be denied for sessions that have this policy setting. Even in the case where the IP router is operating on the user client side, communication will not be possible.
policy:CheckMac_bool boolean Security policy: Deny MAC Addresses Duplication. The use of duplicating MAC addresses that are in use by computers of different sessions cannot be used by sessions with this policy setting.
policy:CheckIP_bool boolean Security policy: Deny IP Address Duplication (IPv4). The use of duplicating IPv4 addresses that are in use by computers of different sessions cannot be used by sessions with this policy setting.
policy:ArpDhcpOnly_bool boolean Security policy: Deny Non-ARP / Non-DHCP / Non-ICMPv6 broadcasts. The sending or receiving of broadcast packets that are not ARP protocol, DHCP protocol, nor ICMPv6 on the virtual network will not be allowed for sessions with this policy setting.
policy:PrivacyFilter_bool boolean Security policy: Privacy Filter Mode. All direct communication between sessions with the privacy filter mode policy setting will be filtered.
policy:NoServer_bool boolean Security policy: Deny Operation as TCP/IP Server (IPv4). Computers of sessions with this policy setting can't listen and accept TCP/IP connections in IPv4.
policy:NoBroadcastLimiter_bool boolean Security policy: Unlimited Number of Broadcasts. If a computer of a session with this policy setting sends broadcast packets of a number unusually larger than what would be considered normal on the virtual network, there will be no automatic limiting.
policy:MonitorPort_bool boolean Security policy: Allow Monitoring Mode. Users with this policy setting will be granted to connect to the Virtual Hub in Monitoring Mode. Sessions in Monitoring Mode are able to monitor (tap) all packets flowing through the Virtual Hub.
policy:MaxConnection_u32 number (uint32) Security policy: Maximum Number of TCP Connections. For sessions with this policy setting, this sets the maximum number of physical TCP connections consists in a physical VPN session.
policy:TimeOut_u32 number (uint32) Security policy: Time-out Period. For sessions with this policy setting, this sets, in seconds, the time-out period to wait before disconnecting a session when communication trouble occurs between the VPN Client / VPN Server.
policy:MaxMac_u32 number (uint32) Security policy: Maximum Number of MAC Addresses. For sessions with this policy setting, this limits the number of MAC addresses per session.
policy:MaxIP_u32 number (uint32) Security policy: Maximum Number of IP Addresses (IPv4). For sessions with this policy setting, this specifies the number of IPv4 addresses that can be registered for a single session.
policy:MaxUpload_u32 number (uint32) Security policy: Upload Bandwidth. For sessions with this policy setting, this limits the traffic bandwidth that is in the inwards direction from outside to inside the Virtual Hub.
policy:MaxDownload_u32 number (uint32) Security policy: Download Bandwidth. For sessions with this policy setting, this limits the traffic bandwidth that is in the outwards direction from inside the Virtual Hub to outside the Virtual Hub.
policy:FixPassword_bool boolean Security policy: Deny Changing Password. The users which use password authentication with this policy setting are not allowed to change their own password from the VPN Client Manager or similar.
policy:MultiLogins_u32 number (uint32) Security policy: Maximum Number of Multiple Logins. Users with this policy setting are unable to have more than this number of concurrent logins. Bridge Mode sessions are not subjects to this policy.
policy:NoQoS_bool boolean Security policy: Deny VoIP / QoS Function. Users with this security policy are unable to use VoIP / QoS functions in VPN connection sessions.
policy:RSandRAFilter_bool boolean Security policy: Filter RS / RA Packets (IPv6). All ICMPv6 packets which the message-type is 133 (Router Solicitation) or 134 (Router Advertisement) in sessions defined this policy will be filtered. As a result, an IPv6 client will be unable to use IPv6 address prefix auto detection and IPv6 default gateway auto detection.
policy:RAFilter_bool boolean Security policy: Filter RA Packets (IPv6). All ICMPv6 packets which the message-type is 134 (Router Advertisement) in sessions defined this policy will be filtered. As a result, a malicious users will be unable to spread illegal IPv6 prefix or default gateway advertisements on the network.
policy:DHCPv6Filter_bool boolean Security policy: Filter DHCP Packets (IPv6). All IPv6 DHCP packets in sessions defined this policy will be filtered.
policy:DHCPv6NoServer_bool boolean Security policy: Disallow DHCP Server Operation (IPv6). Computers connected to sessions that have this policy setting will not be allowed to become a DHCP server and distribute IPv6 addresses to DHCP clients.
policy:NoRoutingV6_bool boolean Security policy: Deny Routing Operation (IPv6). IPv6 routing will be denied for sessions that have this policy setting. Even in the case where the IP router is operating on the user client side, communication will not be possible.
policy:CheckIPv6_bool boolean Security policy: Deny IP Address Duplication (IPv6). The use of duplicating IPv6 addresses that are in use by computers of different sessions cannot be used by sessions with this policy setting.
policy:NoServerV6_bool boolean Security policy: Deny Operation as TCP/IP Server (IPv6). Computers of sessions with this policy setting can't listen and accept TCP/IP connections in IPv6.
policy:MaxIPv6_u32 number (uint32) Security policy: Maximum Number of IP Addresses (IPv6). For sessions with this policy setting, this specifies the number of IPv6 addresses that can be registered for a single session.
policy:NoSavePassword_bool boolean Security policy: Disallow Password Save in VPN Client. For users with this policy setting, when the user is using standard password authentication, the user will be unable to save the password in VPN Client. The user will be required to input passwords for every time to connect a VPN. This will improve the security. If this policy is enabled, VPN Client Version 2.0 will be denied to access.
policy:AutoDisconnect_u32 number (uint32) Security policy: VPN Client Automatic Disconnect. For users with this policy setting, a user's VPN session will be disconnected automatically after the specific period will elapse. In this case no automatic re-connection will be performed. This can prevent a lot of inactive VPN Sessions. If this policy is enabled, VPN Client Version 2.0 will be denied to access.
policy:FilterIPv4_bool boolean Security policy: Filter All IPv4 Packets. All IPv4 and ARP packets in sessions defined this policy will be filtered.
policy:FilterIPv6_bool boolean Security policy: Filter All IPv6 Packets. All IPv6 packets in sessions defined this policy will be filtered.
policy:FilterNonIP_bool boolean Security policy: Filter All Non-IP Packets. All non-IP packets in sessions defined this policy will be filtered. "Non-IP packet" mean a packet which is not IPv4, ARP nor IPv6. Any tagged-VLAN packets via the Virtual Hub will be regarded as non-IP packets.
policy:NoIPv6DefaultRouterInRA_bool boolean Security policy: No Default-Router on IPv6 RA. In all VPN Sessions defines this policy, any IPv6 RA (Router Advertisement) packet with non-zero value in the router-lifetime will set to zero-value. This is effective to avoid the horrible behavior from the IPv6 routing confusion which is caused by the VPN client's attempts to use the remote-side IPv6 router as its local IPv6 router.
policy:NoIPv6DefaultRouterInRAWhenIPv6_bool boolean Security policy: No Default-Router on IPv6 RA (physical IPv6). In all VPN Sessions defines this policy (only when the physical communication protocol between VPN Client / VPN Bridge and VPN Server is IPv6), any IPv6 RA (Router Advertisement) packet with non-zero value in the router-lifetime will set to zero-value. This is effective to avoid the horrible behavior from the IPv6 routing confusion which is caused by the VPN client's attempts to use the remote-side IPv6 router as its local IPv6 router.
policy:VLanId_u32 number (uint32) Security policy: VLAN ID (IEEE802.1Q). You can specify the VLAN ID on the security policy. All VPN Sessions defines this policy, all Ethernet packets toward the Virtual Hub from the user will be inserted a VLAN tag (IEEE 802.1Q) with the VLAN ID. The user can also receive only packets with a VLAN tag which has the same VLAN ID. (Receiving process removes the VLAN tag automatically.) Any Ethernet packets with any other VLAN IDs or non-VLAN packets will not be received. All VPN Sessions without this policy definition can send / receive any kinds of Ethernet packets regardless of VLAN tags, and VLAN tags are not inserted or removed automatically. Any tagged-VLAN packets via the Virtual Hub will be regarded as non-IP packets. Therefore, tagged-VLAN packets are not subjects for IPv4 / IPv6 security policies, access lists nor other IPv4 / IPv6 specific deep processing.
policy:Ver3_bool boolean Security policy: Whether version 3.0 (must be true)

"SetGroup" RPC API - Set group settings

Description

Set group settings. Use this to set group settings that is registered on the security account database of the currently managed Virtual Hub. To get the list of currently registered groups, use the EnumGroup API. This API cannot be invoked on VPN Bridge. You cannot execute this API for Virtual Hubs of VPN Servers operating as a member server on a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "SetGroup",
  "params": {
    "HubName_str": "hubname",
    "Name_str": "name",
    "Realname_utf": "realname",
    "Note_utf": "note",
    "UsePolicy_bool": false,
    "policy:Access_bool": false,
    "policy:DHCPFilter_bool": false,
    "policy:DHCPNoServer_bool": false,
    "policy:DHCPForce_bool": false,
    "policy:NoBridge_bool": false,
    "policy:NoRouting_bool": false,
    "policy:CheckMac_bool": false,
    "policy:CheckIP_bool": false,
    "policy:ArpDhcpOnly_bool": false,
    "policy:PrivacyFilter_bool": false,
    "policy:NoServer_bool": false,
    "policy:NoBroadcastLimiter_bool": false,
    "policy:MonitorPort_bool": false,
    "policy:MaxConnection_u32": 0,
    "policy:TimeOut_u32": 0,
    "policy:MaxMac_u32": 0,
    "policy:MaxIP_u32": 0,
    "policy:MaxUpload_u32": 0,
    "policy:MaxDownload_u32": 0,
    "policy:FixPassword_bool": false,
    "policy:MultiLogins_u32": 0,
    "policy:NoQoS_bool": false,
    "policy:RSandRAFilter_bool": false,
    "policy:RAFilter_bool": false,
    "policy:DHCPv6Filter_bool": false,
    "policy:DHCPv6NoServer_bool": false,
    "policy:NoRoutingV6_bool": false,
    "policy:CheckIPv6_bool": false,
    "policy:NoServerV6_bool": false,
    "policy:MaxIPv6_u32": 0,
    "policy:NoSavePassword_bool": false,
    "policy:AutoDisconnect_u32": 0,
    "policy:FilterIPv4_bool": false,
    "policy:FilterIPv6_bool": false,
    "policy:FilterNonIP_bool": false,
    "policy:NoIPv6DefaultRouterInRA_bool": false,
    "policy:NoIPv6DefaultRouterInRAWhenIPv6_bool": false,
    "policy:VLanId_u32": 0,
    "policy:Ver3_bool": false
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "Name_str": "name",
    "Realname_utf": "realname",
    "Note_utf": "note",
    "Recv.BroadcastBytes_u64": 0,
    "Recv.BroadcastCount_u64": 0,
    "Recv.UnicastBytes_u64": 0,
    "Recv.UnicastCount_u64": 0,
    "Send.BroadcastBytes_u64": 0,
    "Send.BroadcastCount_u64": 0,
    "Send.UnicastBytes_u64": 0,
    "Send.UnicastCount_u64": 0,
    "UsePolicy_bool": false,
    "policy:Access_bool": false,
    "policy:DHCPFilter_bool": false,
    "policy:DHCPNoServer_bool": false,
    "policy:DHCPForce_bool": false,
    "policy:NoBridge_bool": false,
    "policy:NoRouting_bool": false,
    "policy:CheckMac_bool": false,
    "policy:CheckIP_bool": false,
    "policy:ArpDhcpOnly_bool": false,
    "policy:PrivacyFilter_bool": false,
    "policy:NoServer_bool": false,
    "policy:NoBroadcastLimiter_bool": false,
    "policy:MonitorPort_bool": false,
    "policy:MaxConnection_u32": 0,
    "policy:TimeOut_u32": 0,
    "policy:MaxMac_u32": 0,
    "policy:MaxIP_u32": 0,
    "policy:MaxUpload_u32": 0,
    "policy:MaxDownload_u32": 0,
    "policy:FixPassword_bool": false,
    "policy:MultiLogins_u32": 0,
    "policy:NoQoS_bool": false,
    "policy:RSandRAFilter_bool": false,
    "policy:RAFilter_bool": false,
    "policy:DHCPv6Filter_bool": false,
    "policy:DHCPv6NoServer_bool": false,
    "policy:NoRoutingV6_bool": false,
    "policy:CheckIPv6_bool": false,
    "policy:NoServerV6_bool": false,
    "policy:MaxIPv6_u32": 0,
    "policy:NoSavePassword_bool": false,
    "policy:AutoDisconnect_u32": 0,
    "policy:FilterIPv4_bool": false,
    "policy:FilterIPv6_bool": false,
    "policy:FilterNonIP_bool": false,
    "policy:NoIPv6DefaultRouterInRA_bool": false,
    "policy:NoIPv6DefaultRouterInRAWhenIPv6_bool": false,
    "policy:VLanId_u32": 0,
    "policy:Ver3_bool": false
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
Name_str string (ASCII) The group name
Realname_utf string (UTF8) Optional real name (full name) of the group, allow using any Unicode characters
Note_utf string (UTF8) Optional, specify a description of the group
Recv.BroadcastBytes_u64 number (uint64) Number of broadcast packets (Recv)
Recv.BroadcastCount_u64 number (uint64) Broadcast bytes (Recv)
Recv.UnicastBytes_u64 number (uint64) Unicast count (Recv)
Recv.UnicastCount_u64 number (uint64) Unicast bytes (Recv)
Send.BroadcastBytes_u64 number (uint64) Number of broadcast packets (Send)
Send.BroadcastCount_u64 number (uint64) Broadcast bytes (Send)
Send.UnicastBytes_u64 number (uint64) Unicast bytes (Send)
Send.UnicastCount_u64 number (uint64) Unicast bytes (Send)
UsePolicy_bool boolean The flag whether to use security policy
policy:Access_bool boolean Security policy: Allow Access. The users, which this policy value is true, have permission to make VPN connection to VPN Server.
policy:DHCPFilter_bool boolean Security policy: Filter DHCP Packets (IPv4). All IPv4 DHCP packets in sessions defined this policy will be filtered.
policy:DHCPNoServer_bool boolean Security policy: Disallow DHCP Server Operation (IPv4). Computers connected to sessions that have this policy setting will not be allowed to become a DHCP server and distribute IPv4 addresses to DHCP clients.
policy:DHCPForce_bool boolean Security policy: Enforce DHCP Allocated IP Addresses (IPv4). Computers in sessions that have this policy setting will only be able to use IPv4 addresses allocated by a DHCP server on the virtual network side.
policy:NoBridge_bool boolean Security policy: Deny Bridge Operation. Bridge-mode connections are denied for user sessions that have this policy setting. Even in cases when the Ethernet Bridge is configured in the client side, communication will not be possible.
policy:NoRouting_bool boolean Security policy: Deny Routing Operation (IPv4). IPv4 routing will be denied for sessions that have this policy setting. Even in the case where the IP router is operating on the user client side, communication will not be possible.
policy:CheckMac_bool boolean Security policy: Deny MAC Addresses Duplication. The use of duplicating MAC addresses that are in use by computers of different sessions cannot be used by sessions with this policy setting.
policy:CheckIP_bool boolean Security policy: Deny IP Address Duplication (IPv4). The use of duplicating IPv4 addresses that are in use by computers of different sessions cannot be used by sessions with this policy setting.
policy:ArpDhcpOnly_bool boolean Security policy: Deny Non-ARP / Non-DHCP / Non-ICMPv6 broadcasts. The sending or receiving of broadcast packets that are not ARP protocol, DHCP protocol, nor ICMPv6 on the virtual network will not be allowed for sessions with this policy setting.
policy:PrivacyFilter_bool boolean Security policy: Privacy Filter Mode. All direct communication between sessions with the privacy filter mode policy setting will be filtered.
policy:NoServer_bool boolean Security policy: Deny Operation as TCP/IP Server (IPv4). Computers of sessions with this policy setting can't listen and accept TCP/IP connections in IPv4.
policy:NoBroadcastLimiter_bool boolean Security policy: Unlimited Number of Broadcasts. If a computer of a session with this policy setting sends broadcast packets of a number unusually larger than what would be considered normal on the virtual network, there will be no automatic limiting.
policy:MonitorPort_bool boolean Security policy: Allow Monitoring Mode. Users with this policy setting will be granted to connect to the Virtual Hub in Monitoring Mode. Sessions in Monitoring Mode are able to monitor (tap) all packets flowing through the Virtual Hub.
policy:MaxConnection_u32 number (uint32) Security policy: Maximum Number of TCP Connections. For sessions with this policy setting, this sets the maximum number of physical TCP connections consists in a physical VPN session.
policy:TimeOut_u32 number (uint32) Security policy: Time-out Period. For sessions with this policy setting, this sets, in seconds, the time-out period to wait before disconnecting a session when communication trouble occurs between the VPN Client / VPN Server.
policy:MaxMac_u32 number (uint32) Security policy: Maximum Number of MAC Addresses. For sessions with this policy setting, this limits the number of MAC addresses per session.
policy:MaxIP_u32 number (uint32) Security policy: Maximum Number of IP Addresses (IPv4). For sessions with this policy setting, this specifies the number of IPv4 addresses that can be registered for a single session.
policy:MaxUpload_u32 number (uint32) Security policy: Upload Bandwidth. For sessions with this policy setting, this limits the traffic bandwidth that is in the inwards direction from outside to inside the Virtual Hub.
policy:MaxDownload_u32 number (uint32) Security policy: Download Bandwidth. For sessions with this policy setting, this limits the traffic bandwidth that is in the outwards direction from inside the Virtual Hub to outside the Virtual Hub.
policy:FixPassword_bool boolean Security policy: Deny Changing Password. The users which use password authentication with this policy setting are not allowed to change their own password from the VPN Client Manager or similar.
policy:MultiLogins_u32 number (uint32) Security policy: Maximum Number of Multiple Logins. Users with this policy setting are unable to have more than this number of concurrent logins. Bridge Mode sessions are not subjects to this policy.
policy:NoQoS_bool boolean Security policy: Deny VoIP / QoS Function. Users with this security policy are unable to use VoIP / QoS functions in VPN connection sessions.
policy:RSandRAFilter_bool boolean Security policy: Filter RS / RA Packets (IPv6). All ICMPv6 packets which the message-type is 133 (Router Solicitation) or 134 (Router Advertisement) in sessions defined this policy will be filtered. As a result, an IPv6 client will be unable to use IPv6 address prefix auto detection and IPv6 default gateway auto detection.
policy:RAFilter_bool boolean Security policy: Filter RA Packets (IPv6). All ICMPv6 packets which the message-type is 134 (Router Advertisement) in sessions defined this policy will be filtered. As a result, a malicious users will be unable to spread illegal IPv6 prefix or default gateway advertisements on the network.
policy:DHCPv6Filter_bool boolean Security policy: Filter DHCP Packets (IPv6). All IPv6 DHCP packets in sessions defined this policy will be filtered.
policy:DHCPv6NoServer_bool boolean Security policy: Disallow DHCP Server Operation (IPv6). Computers connected to sessions that have this policy setting will not be allowed to become a DHCP server and distribute IPv6 addresses to DHCP clients.
policy:NoRoutingV6_bool boolean Security policy: Deny Routing Operation (IPv6). IPv6 routing will be denied for sessions that have this policy setting. Even in the case where the IP router is operating on the user client side, communication will not be possible.
policy:CheckIPv6_bool boolean Security policy: Deny IP Address Duplication (IPv6). The use of duplicating IPv6 addresses that are in use by computers of different sessions cannot be used by sessions with this policy setting.
policy:NoServerV6_bool boolean Security policy: Deny Operation as TCP/IP Server (IPv6). Computers of sessions with this policy setting can't listen and accept TCP/IP connections in IPv6.
policy:MaxIPv6_u32 number (uint32) Security policy: Maximum Number of IP Addresses (IPv6). For sessions with this policy setting, this specifies the number of IPv6 addresses that can be registered for a single session.
policy:NoSavePassword_bool boolean Security policy: Disallow Password Save in VPN Client. For users with this policy setting, when the user is using standard password authentication, the user will be unable to save the password in VPN Client. The user will be required to input passwords for every time to connect a VPN. This will improve the security. If this policy is enabled, VPN Client Version 2.0 will be denied to access.
policy:AutoDisconnect_u32 number (uint32) Security policy: VPN Client Automatic Disconnect. For users with this policy setting, a user's VPN session will be disconnected automatically after the specific period will elapse. In this case no automatic re-connection will be performed. This can prevent a lot of inactive VPN Sessions. If this policy is enabled, VPN Client Version 2.0 will be denied to access.
policy:FilterIPv4_bool boolean Security policy: Filter All IPv4 Packets. All IPv4 and ARP packets in sessions defined this policy will be filtered.
policy:FilterIPv6_bool boolean Security policy: Filter All IPv6 Packets. All IPv6 packets in sessions defined this policy will be filtered.
policy:FilterNonIP_bool boolean Security policy: Filter All Non-IP Packets. All non-IP packets in sessions defined this policy will be filtered. "Non-IP packet" mean a packet which is not IPv4, ARP nor IPv6. Any tagged-VLAN packets via the Virtual Hub will be regarded as non-IP packets.
policy:NoIPv6DefaultRouterInRA_bool boolean Security policy: No Default-Router on IPv6 RA. In all VPN Sessions defines this policy, any IPv6 RA (Router Advertisement) packet with non-zero value in the router-lifetime will set to zero-value. This is effective to avoid the horrible behavior from the IPv6 routing confusion which is caused by the VPN client's attempts to use the remote-side IPv6 router as its local IPv6 router.
policy:NoIPv6DefaultRouterInRAWhenIPv6_bool boolean Security policy: No Default-Router on IPv6 RA (physical IPv6). In all VPN Sessions defines this policy (only when the physical communication protocol between VPN Client / VPN Bridge and VPN Server is IPv6), any IPv6 RA (Router Advertisement) packet with non-zero value in the router-lifetime will set to zero-value. This is effective to avoid the horrible behavior from the IPv6 routing confusion which is caused by the VPN client's attempts to use the remote-side IPv6 router as its local IPv6 router.
policy:VLanId_u32 number (uint32) Security policy: VLAN ID (IEEE802.1Q). You can specify the VLAN ID on the security policy. All VPN Sessions defines this policy, all Ethernet packets toward the Virtual Hub from the user will be inserted a VLAN tag (IEEE 802.1Q) with the VLAN ID. The user can also receive only packets with a VLAN tag which has the same VLAN ID. (Receiving process removes the VLAN tag automatically.) Any Ethernet packets with any other VLAN IDs or non-VLAN packets will not be received. All VPN Sessions without this policy definition can send / receive any kinds of Ethernet packets regardless of VLAN tags, and VLAN tags are not inserted or removed automatically. Any tagged-VLAN packets via the Virtual Hub will be regarded as non-IP packets. Therefore, tagged-VLAN packets are not subjects for IPv4 / IPv6 security policies, access lists nor other IPv4 / IPv6 specific deep processing.
policy:Ver3_bool boolean Security policy: Whether version 3.0 (must be true)

"GetGroup" RPC API - Get Group Setting (Sync mode)

Description

Get Group Setting (Sync mode). Use this to get the setting of a group that is registered on the security account database of the currently managed Virtual Hub. To get the list of currently registered groups, use the EnumGroup API. This API cannot be invoked on VPN Bridge. You cannot execute this API for Virtual Hubs of VPN Servers operating as a member server on a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "GetGroup",
  "params": {
    "HubName_str": "hubname",
    "Name_str": "name"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "Name_str": "name",
    "Realname_utf": "realname",
    "Note_utf": "note",
    "Recv.BroadcastBytes_u64": 0,
    "Recv.BroadcastCount_u64": 0,
    "Recv.UnicastBytes_u64": 0,
    "Recv.UnicastCount_u64": 0,
    "Send.BroadcastBytes_u64": 0,
    "Send.BroadcastCount_u64": 0,
    "Send.UnicastBytes_u64": 0,
    "Send.UnicastCount_u64": 0,
    "UsePolicy_bool": false,
    "policy:Access_bool": false,
    "policy:DHCPFilter_bool": false,
    "policy:DHCPNoServer_bool": false,
    "policy:DHCPForce_bool": false,
    "policy:NoBridge_bool": false,
    "policy:NoRouting_bool": false,
    "policy:CheckMac_bool": false,
    "policy:CheckIP_bool": false,
    "policy:ArpDhcpOnly_bool": false,
    "policy:PrivacyFilter_bool": false,
    "policy:NoServer_bool": false,
    "policy:NoBroadcastLimiter_bool": false,
    "policy:MonitorPort_bool": false,
    "policy:MaxConnection_u32": 0,
    "policy:TimeOut_u32": 0,
    "policy:MaxMac_u32": 0,
    "policy:MaxIP_u32": 0,
    "policy:MaxUpload_u32": 0,
    "policy:MaxDownload_u32": 0,
    "policy:FixPassword_bool": false,
    "policy:MultiLogins_u32": 0,
    "policy:NoQoS_bool": false,
    "policy:RSandRAFilter_bool": false,
    "policy:RAFilter_bool": false,
    "policy:DHCPv6Filter_bool": false,
    "policy:DHCPv6NoServer_bool": false,
    "policy:NoRoutingV6_bool": false,
    "policy:CheckIPv6_bool": false,
    "policy:NoServerV6_bool": false,
    "policy:MaxIPv6_u32": 0,
    "policy:NoSavePassword_bool": false,
    "policy:AutoDisconnect_u32": 0,
    "policy:FilterIPv4_bool": false,
    "policy:FilterIPv6_bool": false,
    "policy:FilterNonIP_bool": false,
    "policy:NoIPv6DefaultRouterInRA_bool": false,
    "policy:NoIPv6DefaultRouterInRAWhenIPv6_bool": false,
    "policy:VLanId_u32": 0,
    "policy:Ver3_bool": false
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
Name_str string (ASCII) The group name
Realname_utf string (UTF8) Optional real name (full name) of the group, allow using any Unicode characters
Note_utf string (UTF8) Optional, specify a description of the group
Recv.BroadcastBytes_u64 number (uint64) Number of broadcast packets (Recv)
Recv.BroadcastCount_u64 number (uint64) Broadcast bytes (Recv)
Recv.UnicastBytes_u64 number (uint64) Unicast count (Recv)
Recv.UnicastCount_u64 number (uint64) Unicast bytes (Recv)
Send.BroadcastBytes_u64 number (uint64) Number of broadcast packets (Send)
Send.BroadcastCount_u64 number (uint64) Broadcast bytes (Send)
Send.UnicastBytes_u64 number (uint64) Unicast bytes (Send)
Send.UnicastCount_u64 number (uint64) Unicast bytes (Send)
UsePolicy_bool boolean The flag whether to use security policy
policy:Access_bool boolean Security policy: Allow Access. The users, which this policy value is true, have permission to make VPN connection to VPN Server.
policy:DHCPFilter_bool boolean Security policy: Filter DHCP Packets (IPv4). All IPv4 DHCP packets in sessions defined this policy will be filtered.
policy:DHCPNoServer_bool boolean Security policy: Disallow DHCP Server Operation (IPv4). Computers connected to sessions that have this policy setting will not be allowed to become a DHCP server and distribute IPv4 addresses to DHCP clients.
policy:DHCPForce_bool boolean Security policy: Enforce DHCP Allocated IP Addresses (IPv4). Computers in sessions that have this policy setting will only be able to use IPv4 addresses allocated by a DHCP server on the virtual network side.
policy:NoBridge_bool boolean Security policy: Deny Bridge Operation. Bridge-mode connections are denied for user sessions that have this policy setting. Even in cases when the Ethernet Bridge is configured in the client side, communication will not be possible.
policy:NoRouting_bool boolean Security policy: Deny Routing Operation (IPv4). IPv4 routing will be denied for sessions that have this policy setting. Even in the case where the IP router is operating on the user client side, communication will not be possible.
policy:CheckMac_bool boolean Security policy: Deny MAC Addresses Duplication. The use of duplicating MAC addresses that are in use by computers of different sessions cannot be used by sessions with this policy setting.
policy:CheckIP_bool boolean Security policy: Deny IP Address Duplication (IPv4). The use of duplicating IPv4 addresses that are in use by computers of different sessions cannot be used by sessions with this policy setting.
policy:ArpDhcpOnly_bool boolean Security policy: Deny Non-ARP / Non-DHCP / Non-ICMPv6 broadcasts. The sending or receiving of broadcast packets that are not ARP protocol, DHCP protocol, nor ICMPv6 on the virtual network will not be allowed for sessions with this policy setting.
policy:PrivacyFilter_bool boolean Security policy: Privacy Filter Mode. All direct communication between sessions with the privacy filter mode policy setting will be filtered.
policy:NoServer_bool boolean Security policy: Deny Operation as TCP/IP Server (IPv4). Computers of sessions with this policy setting can't listen and accept TCP/IP connections in IPv4.
policy:NoBroadcastLimiter_bool boolean Security policy: Unlimited Number of Broadcasts. If a computer of a session with this policy setting sends broadcast packets of a number unusually larger than what would be considered normal on the virtual network, there will be no automatic limiting.
policy:MonitorPort_bool boolean Security policy: Allow Monitoring Mode. Users with this policy setting will be granted to connect to the Virtual Hub in Monitoring Mode. Sessions in Monitoring Mode are able to monitor (tap) all packets flowing through the Virtual Hub.
policy:MaxConnection_u32 number (uint32) Security policy: Maximum Number of TCP Connections. For sessions with this policy setting, this sets the maximum number of physical TCP connections consists in a physical VPN session.
policy:TimeOut_u32 number (uint32) Security policy: Time-out Period. For sessions with this policy setting, this sets, in seconds, the time-out period to wait before disconnecting a session when communication trouble occurs between the VPN Client / VPN Server.
policy:MaxMac_u32 number (uint32) Security policy: Maximum Number of MAC Addresses. For sessions with this policy setting, this limits the number of MAC addresses per session.
policy:MaxIP_u32 number (uint32) Security policy: Maximum Number of IP Addresses (IPv4). For sessions with this policy setting, this specifies the number of IPv4 addresses that can be registered for a single session.
policy:MaxUpload_u32 number (uint32) Security policy: Upload Bandwidth. For sessions with this policy setting, this limits the traffic bandwidth that is in the inwards direction from outside to inside the Virtual Hub.
policy:MaxDownload_u32 number (uint32) Security policy: Download Bandwidth. For sessions with this policy setting, this limits the traffic bandwidth that is in the outwards direction from inside the Virtual Hub to outside the Virtual Hub.
policy:FixPassword_bool boolean Security policy: Deny Changing Password. The users which use password authentication with this policy setting are not allowed to change their own password from the VPN Client Manager or similar.
policy:MultiLogins_u32 number (uint32) Security policy: Maximum Number of Multiple Logins. Users with this policy setting are unable to have more than this number of concurrent logins. Bridge Mode sessions are not subjects to this policy.
policy:NoQoS_bool boolean Security policy: Deny VoIP / QoS Function. Users with this security policy are unable to use VoIP / QoS functions in VPN connection sessions.
policy:RSandRAFilter_bool boolean Security policy: Filter RS / RA Packets (IPv6). All ICMPv6 packets which the message-type is 133 (Router Solicitation) or 134 (Router Advertisement) in sessions defined this policy will be filtered. As a result, an IPv6 client will be unable to use IPv6 address prefix auto detection and IPv6 default gateway auto detection.
policy:RAFilter_bool boolean Security policy: Filter RA Packets (IPv6). All ICMPv6 packets which the message-type is 134 (Router Advertisement) in sessions defined this policy will be filtered. As a result, a malicious users will be unable to spread illegal IPv6 prefix or default gateway advertisements on the network.
policy:DHCPv6Filter_bool boolean Security policy: Filter DHCP Packets (IPv6). All IPv6 DHCP packets in sessions defined this policy will be filtered.
policy:DHCPv6NoServer_bool boolean Security policy: Disallow DHCP Server Operation (IPv6). Computers connected to sessions that have this policy setting will not be allowed to become a DHCP server and distribute IPv6 addresses to DHCP clients.
policy:NoRoutingV6_bool boolean Security policy: Deny Routing Operation (IPv6). IPv6 routing will be denied for sessions that have this policy setting. Even in the case where the IP router is operating on the user client side, communication will not be possible.
policy:CheckIPv6_bool boolean Security policy: Deny IP Address Duplication (IPv6). The use of duplicating IPv6 addresses that are in use by computers of different sessions cannot be used by sessions with this policy setting.
policy:NoServerV6_bool boolean Security policy: Deny Operation as TCP/IP Server (IPv6). Computers of sessions with this policy setting can't listen and accept TCP/IP connections in IPv6.
policy:MaxIPv6_u32 number (uint32) Security policy: Maximum Number of IP Addresses (IPv6). For sessions with this policy setting, this specifies the number of IPv6 addresses that can be registered for a single session.
policy:NoSavePassword_bool boolean Security policy: Disallow Password Save in VPN Client. For users with this policy setting, when the user is using standard password authentication, the user will be unable to save the password in VPN Client. The user will be required to input passwords for every time to connect a VPN. This will improve the security. If this policy is enabled, VPN Client Version 2.0 will be denied to access.
policy:AutoDisconnect_u32 number (uint32) Security policy: VPN Client Automatic Disconnect. For users with this policy setting, a user's VPN session will be disconnected automatically after the specific period will elapse. In this case no automatic re-connection will be performed. This can prevent a lot of inactive VPN Sessions. If this policy is enabled, VPN Client Version 2.0 will be denied to access.
policy:FilterIPv4_bool boolean Security policy: Filter All IPv4 Packets. All IPv4 and ARP packets in sessions defined this policy will be filtered.
policy:FilterIPv6_bool boolean Security policy: Filter All IPv6 Packets. All IPv6 packets in sessions defined this policy will be filtered.
policy:FilterNonIP_bool boolean Security policy: Filter All Non-IP Packets. All non-IP packets in sessions defined this policy will be filtered. "Non-IP packet" mean a packet which is not IPv4, ARP nor IPv6. Any tagged-VLAN packets via the Virtual Hub will be regarded as non-IP packets.
policy:NoIPv6DefaultRouterInRA_bool boolean Security policy: No Default-Router on IPv6 RA. In all VPN Sessions defines this policy, any IPv6 RA (Router Advertisement) packet with non-zero value in the router-lifetime will set to zero-value. This is effective to avoid the horrible behavior from the IPv6 routing confusion which is caused by the VPN client's attempts to use the remote-side IPv6 router as its local IPv6 router.
policy:NoIPv6DefaultRouterInRAWhenIPv6_bool boolean Security policy: No Default-Router on IPv6 RA (physical IPv6). In all VPN Sessions defines this policy (only when the physical communication protocol between VPN Client / VPN Bridge and VPN Server is IPv6), any IPv6 RA (Router Advertisement) packet with non-zero value in the router-lifetime will set to zero-value. This is effective to avoid the horrible behavior from the IPv6 routing confusion which is caused by the VPN client's attempts to use the remote-side IPv6 router as its local IPv6 router.
policy:VLanId_u32 number (uint32) Security policy: VLAN ID (IEEE802.1Q). You can specify the VLAN ID on the security policy. All VPN Sessions defines this policy, all Ethernet packets toward the Virtual Hub from the user will be inserted a VLAN tag (IEEE 802.1Q) with the VLAN ID. The user can also receive only packets with a VLAN tag which has the same VLAN ID. (Receiving process removes the VLAN tag automatically.) Any Ethernet packets with any other VLAN IDs or non-VLAN packets will not be received. All VPN Sessions without this policy definition can send / receive any kinds of Ethernet packets regardless of VLAN tags, and VLAN tags are not inserted or removed automatically. Any tagged-VLAN packets via the Virtual Hub will be regarded as non-IP packets. Therefore, tagged-VLAN packets are not subjects for IPv4 / IPv6 security policies, access lists nor other IPv4 / IPv6 specific deep processing.
policy:Ver3_bool boolean Security policy: Whether version 3.0 (must be true)

"DeleteGroup" RPC API - Delete User from Group

Description

Delete User from Group. Use this to delete a specified user from the group that is registered on the security account database of the currently managed Virtual Hub. By deleting a user from the group, that user becomes unassigned. To get the list of currently registered groups, use the EnumGroup API. This API cannot be invoked on VPN Bridge. You cannot execute this API for Virtual Hubs of VPN Servers operating as a member server on a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "DeleteGroup",
  "params": {
    "HubName_str": "hubname",
    "Name_str": "name"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "Name_str": "name"
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
Name_str string (ASCII) User or group name

"EnumGroup" RPC API - Get List of Groups

Description

Get List of Groups. Use this to get a list of groups that are registered on the security account database of the currently managed Virtual Hub. This API cannot be invoked on VPN Bridge. You cannot execute this API for Virtual Hubs of VPN Servers operating as a member server on a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "EnumGroup",
  "params": {
    "HubName_str": "hubname"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "GroupList": [
      {
        "Name_str": "name",
        "Realname_utf": "realname",
        "Note_utf": "note",
        "NumUsers_u32": 0,
        "DenyAccess_bool": false
      },
      {
        "Name_str": "name",
        "Realname_utf": "realname",
        "Note_utf": "note",
        "NumUsers_u32": 0,
        "DenyAccess_bool": false
      },
      {
        "Name_str": "name",
        "Realname_utf": "realname",
        "Note_utf": "note",
        "NumUsers_u32": 0,
        "DenyAccess_bool": false
      }
    ]
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
GroupList Array object Group list
Name_str string (ASCII) User name
Realname_utf string (UTF8) Real name
Note_utf string (UTF8) Note
NumUsers_u32 number (uint32) Number of users
DenyAccess_bool boolean Access denied

"EnumSession" RPC API - Get List of Connected VPN Sessions

Description

Get List of Connected VPN Sessions. Use this to get a list of the sessions connected to the Virtual Hub currently being managed. In the list of sessions, the following information will be obtained for each connection: Session Name, Session Site, User Name, Source Host Name, TCP Connection, Transfer Bytes and Transfer Packets. If the currently connected VPN Server is a cluster controller and the currently managed Virtual Hub is a static Virtual Hub, you can get an all-linked-together list of all sessions connected to that Virtual Hub on all cluster members. In all other cases, only the list of sessions that are actually connected to the currently managed VPN Server will be obtained.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "EnumSession",
  "params": {
    "HubName_str": "hubname"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "SessionList": [
      {
        "Name_str": "name",
        "RemoteSession_bool": false,
        "RemoteHostname_str": "remotehostname",
        "Username_str": "username",
        "ClientIP_ip": "192.168.0.1",
        "Hostname_str": "hostname",
        "MaxNumTcp_u32": 0,
        "CurrentNumTcp_u32": 0,
        "PacketSize_u64": 0,
        "PacketNum_u64": 0,
        "LinkMode_bool": false,
        "SecureNATMode_bool": false,
        "BridgeMode_bool": false,
        "Layer3Mode_bool": false,
        "Client_BridgeMode_bool": false,
        "Client_MonitorMode_bool": false,
        "VLanId_u32": 0,
        "UniqueId_bin": "SGVsbG8gV29ybGQ=",
        "CreatedTime_dt": "2020-08-01T12:24:36.123",
        "LastCommTime_dt": "2020-08-01T12:24:36.123"
      },
      {
        "Name_str": "name",
        "RemoteSession_bool": false,
        "RemoteHostname_str": "remotehostname",
        "Username_str": "username",
        "ClientIP_ip": "192.168.0.1",
        "Hostname_str": "hostname",
        "MaxNumTcp_u32": 0,
        "CurrentNumTcp_u32": 0,
        "PacketSize_u64": 0,
        "PacketNum_u64": 0,
        "LinkMode_bool": false,
        "SecureNATMode_bool": false,
        "BridgeMode_bool": false,
        "Layer3Mode_bool": false,
        "Client_BridgeMode_bool": false,
        "Client_MonitorMode_bool": false,
        "VLanId_u32": 0,
        "UniqueId_bin": "SGVsbG8gV29ybGQ=",
        "CreatedTime_dt": "2020-08-01T12:24:36.123",
        "LastCommTime_dt": "2020-08-01T12:24:36.123"
      },
      {
        "Name_str": "name",
        "RemoteSession_bool": false,
        "RemoteHostname_str": "remotehostname",
        "Username_str": "username",
        "ClientIP_ip": "192.168.0.1",
        "Hostname_str": "hostname",
        "MaxNumTcp_u32": 0,
        "CurrentNumTcp_u32": 0,
        "PacketSize_u64": 0,
        "PacketNum_u64": 0,
        "LinkMode_bool": false,
        "SecureNATMode_bool": false,
        "BridgeMode_bool": false,
        "Layer3Mode_bool": false,
        "Client_BridgeMode_bool": false,
        "Client_MonitorMode_bool": false,
        "VLanId_u32": 0,
        "UniqueId_bin": "SGVsbG8gV29ybGQ=",
        "CreatedTime_dt": "2020-08-01T12:24:36.123",
        "LastCommTime_dt": "2020-08-01T12:24:36.123"
      }
    ]
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
SessionList Array object VPN sessions list
Name_str string (ASCII) Session name
RemoteSession_bool boolean Remote session
RemoteHostname_str string (ASCII) Remote server name
Username_str string (ASCII) User name
ClientIP_ip string (IP address) IP address
Hostname_str string (ASCII) Host name
MaxNumTcp_u32 number (uint32) Maximum number of underlying TCP connections
CurrentNumTcp_u32 number (uint32) Number of current underlying TCP connections
PacketSize_u64 number (uint64) Packet size transmitted
PacketNum_u64 number (uint64) Number of packets transmitted
LinkMode_bool boolean Is a Cascade VPN session
SecureNATMode_bool boolean Is a SecureNAT VPN session
BridgeMode_bool boolean Is the VPN session for Local Bridge
Layer3Mode_bool boolean Is a Layer-3 Switch VPN session
Client_BridgeMode_bool boolean Is in Bridge Mode
Client_MonitorMode_bool boolean Is in Monitor Mode
VLanId_u32 number (uint32) VLAN ID
UniqueId_bin string (Base64 binary) Unique ID of the VPN Session
CreatedTime_dt Date Creation date and time
LastCommTime_dt Date Last communication date and time

"GetSessionStatus" RPC API - Get Session Status

Description

Get Session Status. Use this to specify a session currently connected to the currently managed Virtual Hub and get the session information. The session status includes the following: source host name and user name, version information, time information, number of TCP connections, communication parameters, session key, statistical information on data transferred, and other client and server information. To get the list of currently connected sessions, use the EnumSession API.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "GetSessionStatus",
  "params": {
    "HubName_str": "hubname",
    "Name_str": "name"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "Name_str": "name",
    "Username_str": "username",
    "RealUsername_str": "realusername",
    "GroupName_str": "groupname",
    "LinkMode_bool": false,
    "Client_Ip_Address_ip": "192.168.0.1",
    "SessionStatus_ClientHostName_str": "clienthostname",
    "Active_bool": false,
    "Connected_bool": false,
    "SessionStatus_u32": 0,
    "ServerName_str": "servername",
    "ServerPort_u32": 0,
    "ServerProductName_str": "serverproductname",
    "ServerProductVer_u32": 0,
    "ServerProductBuild_u32": 0,
    "StartTime_dt": "2020-08-01T12:24:36.123",
    "FirstConnectionEstablisiedTime_dt": "2020-08-01T12:24:36.123",
    "CurrentConnectionEstablishTime_dt": "2020-08-01T12:24:36.123",
    "NumConnectionsEatablished_u32": 0,
    "HalfConnection_bool": false,
    "QoS_bool": false,
    "MaxTcpConnections_u32": 0,
    "NumTcpConnections_u32": 0,
    "NumTcpConnectionsUpload_u32": 0,
    "NumTcpConnectionsDownload_u32": 0,
    "UseEncrypt_bool": false,
    "CipherName_str": "ciphername",
    "UseCompress_bool": false,
    "IsRUDPSession_bool": false,
    "UnderlayProtocol_str": "underlayprotocol",
    "IsUdpAccelerationEnabled_bool": false,
    "IsUsingUdpAcceleration_bool": false,
    "SessionName_str": "sessionname",
    "ConnectionName_str": "connectionname",
    "SessionKey_bin": "SGVsbG8gV29ybGQ=",
    "TotalSendSize_u64": 0,
    "TotalRecvSize_u64": 0,
    "TotalSendSizeReal_u64": 0,
    "TotalRecvSizeReal_u64": 0,
    "IsBridgeMode_bool": false,
    "IsMonitorMode_bool": false,
    "VLanId_u32": 0,
    "ClientProductName_str": "clientproductname",
    "ClientProductVer_u32": 0,
    "ClientProductBuild_u32": 0,
    "ClientOsName_str": "clientosname",
    "ClientOsVer_str": "clientosver",
    "ClientOsProductId_str": "clientosproductid",
    "ClientHostname_str": "clienthostname",
    "UniqueId_bin": "SGVsbG8gV29ybGQ="
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
Name_str string (ASCII) VPN session name
Username_str string (ASCII) User name
RealUsername_str string (ASCII) Real user name which was used for the authentication
GroupName_str string (ASCII) Group name
LinkMode_bool boolean Is Cascade Session
Client_Ip_Address_ip string (IP address) Client IP address
SessionStatus_ClientHostName_str string (ASCII) Client host name
Active_bool boolean Operation flag
Connected_bool boolean Connected flag
SessionStatus_u32 number (enum) State of the client session
Values:
0: Connecting
1: Negotiating
2: During user authentication
3: Connection complete
4: Wait to retry
5: Idle state
ServerName_str string (ASCII) Server name
ServerPort_u32 number (uint32) Port number of the server
ServerProductName_str string (ASCII) Server product name
ServerProductVer_u32 number (uint32) Server product version
ServerProductBuild_u32 number (uint32) Server product build number
StartTime_dt Date Connection start time
FirstConnectionEstablisiedTime_dt Date Connection completion time of the first connection
CurrentConnectionEstablishTime_dt Date Connection completion time of this connection
NumConnectionsEatablished_u32 number (uint32) Number of connections have been established so far
HalfConnection_bool boolean Half-connection
QoS_bool boolean VoIP / QoS
MaxTcpConnections_u32 number (uint32) Maximum number of the underlying TCP connections
NumTcpConnections_u32 number (uint32) Number of current underlying TCP connections
NumTcpConnectionsUpload_u32 number (uint32) Number of inbound underlying connections
NumTcpConnectionsDownload_u32 number (uint32) Number of outbound underlying connections
UseEncrypt_bool boolean Use of encryption
CipherName_str string (ASCII) Cipher algorithm name
UseCompress_bool boolean Use of compression
IsRUDPSession_bool boolean Is R-UDP session
UnderlayProtocol_str string (ASCII) Physical underlying communication protocol
IsUdpAccelerationEnabled_bool boolean The UDP acceleration is enabled
IsUsingUdpAcceleration_bool boolean Using the UDP acceleration function
SessionName_str string (ASCII) VPN session name
ConnectionName_str string (ASCII) Connection name
SessionKey_bin string (Base64 binary) Session key
TotalSendSize_u64 number (uint64) Total transmitted data size
TotalRecvSize_u64 number (uint64) Total received data size
TotalSendSizeReal_u64 number (uint64) Total transmitted data size (no compression)
TotalRecvSizeReal_u64 number (uint64) Total received data size (no compression)
IsBridgeMode_bool boolean Is Bridge Mode
IsMonitorMode_bool boolean Is Monitor mode
VLanId_u32 number (uint32) VLAN ID
ClientProductName_str string (ASCII) Client product name
ClientProductVer_u32 number (uint32) Client version
ClientProductBuild_u32 number (uint32) Client build number
ClientOsName_str string (ASCII) Client OS name
ClientOsVer_str string (ASCII) Client OS version
ClientOsProductId_str string (ASCII) Client OS Product ID
ClientHostname_str string (ASCII) Client host name
UniqueId_bin string (Base64 binary) Unique ID

"DeleteSession" RPC API - Disconnect Session

Description

Disconnect Session. Use this to specify a session currently connected to the currently managed Virtual Hub and forcefully disconnect that session using manager privileges. Note that when communication is disconnected by settings on the source client side and the automatically reconnect option is enabled, it is possible that the client will reconnect. To get the list of currently connected sessions, use the EnumSession API.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "DeleteSession",
  "params": {
    "HubName_str": "hubname",
    "Name_str": "name"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "Name_str": "name"
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
Name_str string (ASCII) Session name

"EnumMacTable" RPC API - Get the MAC Address Table Database

Description

Get the MAC Address Table Database. Use this to get the MAC address table database that is held by the currently managed Virtual Hub. The MAC address table database is a table that the Virtual Hub requires to perform the action of switching Ethernet frames and the Virtual Hub decides the sorting destination session of each Ethernet frame based on the MAC address table database. The MAC address database is built by the Virtual Hub automatically analyzing the contents of the communication.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "EnumMacTable",
  "params": {
    "HubName_str": "hubname"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "MacTable": [
      {
        "Key_u32": 0,
        "SessionName_str": "sessionname",
        "MacAddress_bin": "SGVsbG8gV29ybGQ=",
        "CreatedTime_dt": "2020-08-01T12:24:36.123",
        "UpdatedTime_dt": "2020-08-01T12:24:36.123",
        "RemoteItem_bool": false,
        "RemoteHostname_str": "remotehostname",
        "VlanId_u32": 0
      },
      {
        "Key_u32": 0,
        "SessionName_str": "sessionname",
        "MacAddress_bin": "SGVsbG8gV29ybGQ=",
        "CreatedTime_dt": "2020-08-01T12:24:36.123",
        "UpdatedTime_dt": "2020-08-01T12:24:36.123",
        "RemoteItem_bool": false,
        "RemoteHostname_str": "remotehostname",
        "VlanId_u32": 0
      },
      {
        "Key_u32": 0,
        "SessionName_str": "sessionname",
        "MacAddress_bin": "SGVsbG8gV29ybGQ=",
        "CreatedTime_dt": "2020-08-01T12:24:36.123",
        "UpdatedTime_dt": "2020-08-01T12:24:36.123",
        "RemoteItem_bool": false,
        "RemoteHostname_str": "remotehostname",
        "VlanId_u32": 0
      }
    ]
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
MacTable Array object MAC table
Key_u32 number (uint32) Key ID
SessionName_str string (ASCII) Session name
MacAddress_bin string (Base64 binary) MAC address
CreatedTime_dt Date Creation date and time
UpdatedTime_dt Date Updating date
RemoteItem_bool boolean Remote items
RemoteHostname_str string (ASCII) Remote host name
VlanId_u32 number (uint32) VLAN ID

"DeleteMacTable" RPC API - Delete MAC Address Table Entry

Description

Delete MAC Address Table Entry. Use this API to operate the MAC address table database held by the currently managed Virtual Hub and delete a specified MAC address table entry from the database. To get the contents of the current MAC address table database use the EnumMacTable API.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "DeleteMacTable",
  "params": {
    "HubName_str": "hubname",
    "Key_u32": 0
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "Key_u32": 0
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
Key_u32 number (uint32) Key ID

"EnumIpTable" RPC API - Get the IP Address Table Database

Description

Get the IP Address Table Database. Use this to get the IP address table database that is held by the currently managed Virtual Hub. The IP address table database is a table that is automatically generated by analyzing the contents of communication so that the Virtual Hub can always know which session is using which IP address and it is frequently used by the engine that applies the Virtual Hub security policy. By specifying the session name you can get the IP address table entry that has been associated with that session.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "EnumIpTable",
  "params": {
    "HubName_str": "hubname"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "IpTable": [
      {
        "Key_u32": 0,
        "SessionName_str": "sessionname",
        "IpAddress_ip": "192.168.0.1",
        "DhcpAllocated_bool": false,
        "CreatedTime_dt": "2020-08-01T12:24:36.123",
        "UpdatedTime_dt": "2020-08-01T12:24:36.123",
        "RemoteItem_bool": false,
        "RemoteHostname_str": "remotehostname"
      },
      {
        "Key_u32": 0,
        "SessionName_str": "sessionname",
        "IpAddress_ip": "192.168.0.1",
        "DhcpAllocated_bool": false,
        "CreatedTime_dt": "2020-08-01T12:24:36.123",
        "UpdatedTime_dt": "2020-08-01T12:24:36.123",
        "RemoteItem_bool": false,
        "RemoteHostname_str": "remotehostname"
      },
      {
        "Key_u32": 0,
        "SessionName_str": "sessionname",
        "IpAddress_ip": "192.168.0.1",
        "DhcpAllocated_bool": false,
        "CreatedTime_dt": "2020-08-01T12:24:36.123",
        "UpdatedTime_dt": "2020-08-01T12:24:36.123",
        "RemoteItem_bool": false,
        "RemoteHostname_str": "remotehostname"
      }
    ]
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
IpTable Array object MAC table
Key_u32 number (uint32) Key ID
SessionName_str string (ASCII) Session name
IpAddress_ip string (IP address) IP address
DhcpAllocated_bool boolean Assigned by the DHCP
CreatedTime_dt Date Creation date and time
UpdatedTime_dt Date Updating date
RemoteItem_bool boolean Remote items
RemoteHostname_str string (ASCII) Remote host name

"DeleteIpTable" RPC API - Delete IP Address Table Entry

Description

Delete IP Address Table Entry. Use this API to operate the IP address table database held by the currently managed Virtual Hub and delete a specified IP address table entry from the database. To get the contents of the current IP address table database use the EnumIpTable API.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "DeleteIpTable",
  "params": {
    "HubName_str": "hubname",
    "Key_u32": 0
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "Key_u32": 0
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name
Key_u32 number (uint32) Key ID

"SetKeep" RPC API - Set the Keep Alive Internet Connection Function

Description

Set the Keep Alive Internet Connection Function. Use this to set the destination host name etc. of the Keep Alive Internet Connection Function. For network connection environments where connections will automatically be disconnected where there are periods of no communication that are longer than a set period, by using the Keep Alive Internet Connection Function, it is possible to keep alive the Internet connection by sending packets to a nominated server on the Internet at set intervals. When using this API, you can specify the following: Host Name, Port Number, Packet Send Interval, and Protocol. Packets sent to keep alive the Internet connection will have random content and personal information that could identify a computer or user is not sent. You can use the SetKeep API to enable/disable the Keep Alive Internet Connection Function. To execute this API on a VPN Server or VPN Bridge, you must have administrator privileges.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "SetKeep",
  "params": {
    "UseKeepConnect_bool": false,
    "KeepConnectHost_str": "keepconnecthost",
    "KeepConnectPort_u32": 0,
    "KeepConnectProtocol_u32": 0,
    "KeepConnectInterval_u32": 0
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "UseKeepConnect_bool": false,
    "KeepConnectHost_str": "keepconnecthost",
    "KeepConnectPort_u32": 0,
    "KeepConnectProtocol_u32": 0,
    "KeepConnectInterval_u32": 0
  }
}

Parameters

Name Type Description
UseKeepConnect_bool boolean The flag to enable keep-alive to the Internet
KeepConnectHost_str string (ASCII) Specify the host name or IP address of the destination
KeepConnectPort_u32 number (uint32) Specify the port number of the destination
KeepConnectProtocol_u32 number (enum) Protocol type
Values:
0: TCP
1: UDP
KeepConnectInterval_u32 number (uint32) Interval Between Packets Sends (Seconds)

"GetKeep" RPC API - Get the Keep Alive Internet Connection Function

Description

Get the Keep Alive Internet Connection Function. Use this to get the current setting contents of the Keep Alive Internet Connection Function. In addition to the destination's Host Name, Port Number, Packet Send Interval and Protocol, you can obtain the current enabled/disabled status of the Keep Alive Internet Connection Function.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "GetKeep",
  "params": {}
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "UseKeepConnect_bool": false,
    "KeepConnectHost_str": "keepconnecthost",
    "KeepConnectPort_u32": 0,
    "KeepConnectProtocol_u32": 0,
    "KeepConnectInterval_u32": 0
  }
}

Parameters

Name Type Description
UseKeepConnect_bool boolean The flag to enable keep-alive to the Internet
KeepConnectHost_str string (ASCII) Specify the host name or IP address of the destination
KeepConnectPort_u32 number (uint32) Specify the port number of the destination
KeepConnectProtocol_u32 number (enum) Protocol type
Values:
0: TCP
1: UDP
KeepConnectInterval_u32 number (uint32) Interval Between Packets Sends (Seconds)

"EnableSecureNAT" RPC API - Enable the Virtual NAT and DHCP Server Function (SecureNAT Function)

Description

Enable the Virtual NAT and DHCP Server Function (SecureNAT Function). Use this to enable the Virtual NAT and DHCP Server function (SecureNAT Function) on the currently managed Virtual Hub and begin its operation. Before executing this API, you must first check the setting contents of the current Virtual NAT function and DHCP Server function using the SetSecureNATOption API and GetSecureNATOption API. By enabling the SecureNAT function, you can virtually operate a NAT router (IP masquerade) and the DHCP Server function on a virtual network on the Virtual Hub. [Warning about SecureNAT Function] The SecureNAT function is recommended only for system administrators and people with a detailed knowledge of networks. If you use the SecureNAT function correctly, it is possible to achieve a safe form of remote access via a VPN. However when used in the wrong way, it can put the entire network in danger. Anyone who does not have a thorough knowledge of networks and anyone who does not have the network administrator's permission must not enable the SecureNAT function. For a detailed explanation of the SecureNAT function, please refer to the VPN Server's manual and online documentation. You cannot execute this API for Virtual Hubs of VPN Servers operating as a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "EnableSecureNAT",
  "params": {
    "HubName_str": "hubname"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname"
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name

"DisableSecureNAT" RPC API - Disable the Virtual NAT and DHCP Server Function (SecureNAT Function)

Description

Disable the Virtual NAT and DHCP Server Function (SecureNAT Function). Use this to disable the Virtual NAT and DHCP Server function (SecureNAT Function) on the currently managed Virtual Hub. By executing this API the Virtual NAT function immediately stops operating and the Virtual DHCP Server function deletes the DHCP lease database and stops the service. You cannot execute this API for Virtual Hubs of VPN Servers operating as a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "DisableSecureNAT",
  "params": {
    "HubName_str": "hubname"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname"
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) The Virtual Hub name

"SetSecureNATOption" RPC API - Change Settings of SecureNAT Function

Description

Change Settings of SecureNAT Function. Use this to change and save the virtual host network interface settings, virtual NAT function settings and virtual DHCP server settings of the Virtual NAT and DHCP Server function (SecureNAT function) on the currently managed Virtual Hub. The SecureNAT function holds one virtual network adapter on the L2 segment inside the Virtual Hub and it has been assigned a MAC address and an IP address. By doing this, another host connected to the same L2 segment is able to communicate with the SecureNAT virtual host as if it is an actual IP host existing on the network. [Warning about SecureNAT Function] The SecureNAT function is recommended only for system administrators and people with a detailed knowledge of networks. If you use the SecureNAT function correctly, it is possible to achieve a safe form of remote access via a VPN. However when used in the wrong way, it can put the entire network in danger. Anyone who does not have a thorough knowledge of networks and anyone who does not have the network administrators permission must not enable the SecureNAT function. For a detailed explanation of the SecureNAT function, please refer to the VPN Server's manual and online documentation. You cannot execute this API for Virtual Hubs of VPN Servers operating as a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "SetSecureNATOption",
  "params": {
    "RpcHubName_str": "rpchubname",
    "MacAddress_bin": "SGVsbG8gV29ybGQ=",
    "Ip_ip": "192.168.0.1",
    "Mask_ip": "255.255.255.255",
    "UseNat_bool": false,
    "Mtu_u32": 0,
    "NatTcpTimeout_u32": 0,
    "NatUdpTimeout_u32": 0,
    "UseDhcp_bool": false,
    "DhcpLeaseIPStart_ip": "192.168.0.1",
    "DhcpLeaseIPEnd_ip": "192.168.0.1",
    "DhcpSubnetMask_ip": "255.255.255.255",
    "DhcpExpireTimeSpan_u32": 0,
    "DhcpGatewayAddress_ip": "192.168.0.1",
    "DhcpDnsServerAddress_ip": "192.168.0.1",
    "DhcpDnsServerAddress2_ip": "192.168.0.1",
    "DhcpDomainName_str": "dhcpdomainname",
    "SaveLog_bool": false,
    "ApplyDhcpPushRoutes_bool": false,
    "DhcpPushRoutes_str": "dhcppushroutes"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "RpcHubName_str": "rpchubname",
    "MacAddress_bin": "SGVsbG8gV29ybGQ=",
    "Ip_ip": "192.168.0.1",
    "Mask_ip": "255.255.255.255",
    "UseNat_bool": false,
    "Mtu_u32": 0,
    "NatTcpTimeout_u32": 0,
    "NatUdpTimeout_u32": 0,
    "UseDhcp_bool": false,
    "DhcpLeaseIPStart_ip": "192.168.0.1",
    "DhcpLeaseIPEnd_ip": "192.168.0.1",
    "DhcpSubnetMask_ip": "255.255.255.255",
    "DhcpExpireTimeSpan_u32": 0,
    "DhcpGatewayAddress_ip": "192.168.0.1",
    "DhcpDnsServerAddress_ip": "192.168.0.1",
    "DhcpDnsServerAddress2_ip": "192.168.0.1",
    "DhcpDomainName_str": "dhcpdomainname",
    "SaveLog_bool": false,
    "ApplyDhcpPushRoutes_bool": false,
    "DhcpPushRoutes_str": "dhcppushroutes"
  }
}

Parameters

Name Type Description
RpcHubName_str string (ASCII) Target Virtual HUB name
MacAddress_bin string (Base64 binary) MAC address
Ip_ip string (IP address) IP address
Mask_ip string (IP address) Subnet mask
UseNat_bool boolean Use flag of the Virtual NAT function
Mtu_u32 number (uint32) MTU value (Standard: 1500)
NatTcpTimeout_u32 number (uint32) NAT TCP timeout in seconds
NatUdpTimeout_u32 number (uint32) NAT UDP timeout in seconds
UseDhcp_bool boolean Using flag of DHCP function
DhcpLeaseIPStart_ip string (IP address) Specify the start point of the address band to be distributed to the client. (Example: 192.168.30.10)
DhcpLeaseIPEnd_ip string (IP address) Specify the end point of the address band to be distributed to the client. (Example: 192.168.30.200)
DhcpSubnetMask_ip string (IP address) Specify the subnet mask to be specified for the client. (Example: 255.255.255.0)
DhcpExpireTimeSpan_u32 number (uint32) Specify the expiration date in second units for leasing an IP address to a client.
DhcpGatewayAddress_ip string (IP address) Specify the IP address of the default gateway to be notified to the client. You can specify a SecureNAT Virtual Host IP address for this when the SecureNAT Function's Virtual NAT Function has been enabled and is being used also. If you specify 0 or none, then the client will not be notified of the default gateway.
DhcpDnsServerAddress_ip string (IP address) Specify the IP address of the primary DNS Server to be notified to the client. You can specify a SecureNAT Virtual Host IP address for this when the SecureNAT Function's Virtual NAT Function has been enabled and is being used also. If you specify empty, then the client will not be notified of the DNS Server address.
DhcpDnsServerAddress2_ip string (IP address) Specify the IP address of the secondary DNS Server to be notified to the client. You can specify a SecureNAT Virtual Host IP address for this when the SecureNAT Function's Virtual NAT Function has been enabled and is being used also. If you specify empty, then the client will not be notified of the DNS Server address.
DhcpDomainName_str string (ASCII) Specify the domain name to be notified to the client. If you specify none, then the client will not be notified of the domain name.
SaveLog_bool boolean Specify whether or not to save the Virtual DHCP Server operation in the Virtual Hub security log. Specify true to save it. This value is interlinked with the Virtual NAT Function log save setting.
ApplyDhcpPushRoutes_bool boolean The flag to enable the DhcpPushRoutes_str field.
DhcpPushRoutes_str string (ASCII) Specify the static routing table to push. Example: "192.168.5.0/255.255.255.0/192.168.4.254, 10.0.0.0/255.0.0.0/192.168.4.253" Split multiple entries (maximum: 64 entries) by comma or space characters. Each entry must be specified in the "IP network address/subnet mask/gateway IP address" format. This Virtual DHCP Server can push the classless static routes (RFC 3442) with DHCP reply messages to VPN clients. Whether or not a VPN client can recognize the classless static routes (RFC 3442) depends on the target VPN client software. SoftEther VPN Client and OpenVPN Client are supporting the classless static routes. On L2TP/IPsec and MS-SSTP protocols, the compatibility depends on the implementation of the client software. You can realize the split tunneling if you clear the default gateway field on the Virtual DHCP Server options. On the client side, L2TP/IPsec and MS-SSTP clients need to be configured not to set up the default gateway for the split tunneling usage. You can also push the classless static routes (RFC 3442) by your existing external DHCP server. In that case, disable the Virtual DHCP Server function on SecureNAT, and you need not to set up the classless routes on this API. See the RFC 3442 to understand the classless routes.

"GetSecureNATOption" RPC API - Get Settings of SecureNAT Function

Description

Get Settings of SecureNAT Function. This API get the registered settings for the SecureNAT function which is set by the SetSecureNATOption API.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "GetSecureNATOption",
  "params": {
    "RpcHubName_str": "rpchubname"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "RpcHubName_str": "rpchubname",
    "MacAddress_bin": "SGVsbG8gV29ybGQ=",
    "Ip_ip": "192.168.0.1",
    "Mask_ip": "255.255.255.255",
    "UseNat_bool": false,
    "Mtu_u32": 0,
    "NatTcpTimeout_u32": 0,
    "NatUdpTimeout_u32": 0,
    "UseDhcp_bool": false,
    "DhcpLeaseIPStart_ip": "192.168.0.1",
    "DhcpLeaseIPEnd_ip": "192.168.0.1",
    "DhcpSubnetMask_ip": "255.255.255.255",
    "DhcpExpireTimeSpan_u32": 0,
    "DhcpGatewayAddress_ip": "192.168.0.1",
    "DhcpDnsServerAddress_ip": "192.168.0.1",
    "DhcpDnsServerAddress2_ip": "192.168.0.1",
    "DhcpDomainName_str": "dhcpdomainname",
    "SaveLog_bool": false,
    "ApplyDhcpPushRoutes_bool": false,
    "DhcpPushRoutes_str": "dhcppushroutes"
  }
}

Parameters

Name Type Description
RpcHubName_str string (ASCII) Target Virtual HUB name
MacAddress_bin string (Base64 binary) MAC address
Ip_ip string (IP address) IP address
Mask_ip string (IP address) Subnet mask
UseNat_bool boolean Use flag of the Virtual NAT function
Mtu_u32 number (uint32) MTU value (Standard: 1500)
NatTcpTimeout_u32 number (uint32) NAT TCP timeout in seconds
NatUdpTimeout_u32 number (uint32) NAT UDP timeout in seconds
UseDhcp_bool boolean Using flag of DHCP function
DhcpLeaseIPStart_ip string (IP address) Specify the start point of the address band to be distributed to the client. (Example: 192.168.30.10)
DhcpLeaseIPEnd_ip string (IP address) Specify the end point of the address band to be distributed to the client. (Example: 192.168.30.200)
DhcpSubnetMask_ip string (IP address) Specify the subnet mask to be specified for the client. (Example: 255.255.255.0)
DhcpExpireTimeSpan_u32 number (uint32) Specify the expiration date in second units for leasing an IP address to a client.
DhcpGatewayAddress_ip string (IP address) Specify the IP address of the default gateway to be notified to the client. You can specify a SecureNAT Virtual Host IP address for this when the SecureNAT Function's Virtual NAT Function has been enabled and is being used also. If you specify 0 or none, then the client will not be notified of the default gateway.
DhcpDnsServerAddress_ip string (IP address) Specify the IP address of the primary DNS Server to be notified to the client. You can specify a SecureNAT Virtual Host IP address for this when the SecureNAT Function's Virtual NAT Function has been enabled and is being used also. If you specify empty, then the client will not be notified of the DNS Server address.
DhcpDnsServerAddress2_ip string (IP address) Specify the IP address of the secondary DNS Server to be notified to the client. You can specify a SecureNAT Virtual Host IP address for this when the SecureNAT Function's Virtual NAT Function has been enabled and is being used also. If you specify empty, then the client will not be notified of the DNS Server address.
DhcpDomainName_str string (ASCII) Specify the domain name to be notified to the client. If you specify none, then the client will not be notified of the domain name.
SaveLog_bool boolean Specify whether or not to save the Virtual DHCP Server operation in the Virtual Hub security log. Specify true to save it. This value is interlinked with the Virtual NAT Function log save setting.
ApplyDhcpPushRoutes_bool boolean The flag to enable the DhcpPushRoutes_str field.
DhcpPushRoutes_str string (ASCII) Specify the static routing table to push. Example: "192.168.5.0/255.255.255.0/192.168.4.254, 10.0.0.0/255.0.0.0/192.168.4.253" Split multiple entries (maximum: 64 entries) by comma or space characters. Each entry must be specified in the "IP network address/subnet mask/gateway IP address" format. This Virtual DHCP Server can push the classless static routes (RFC 3442) with DHCP reply messages to VPN clients. Whether or not a VPN client can recognize the classless static routes (RFC 3442) depends on the target VPN client software. SoftEther VPN Client and OpenVPN Client are supporting the classless static routes. On L2TP/IPsec and MS-SSTP protocols, the compatibility depends on the implementation of the client software. You can realize the split tunneling if you clear the default gateway field on the Virtual DHCP Server options. On the client side, L2TP/IPsec and MS-SSTP clients need to be configured not to set up the default gateway for the split tunneling usage. You can also push the classless static routes (RFC 3442) by your existing external DHCP server. In that case, disable the Virtual DHCP Server function on SecureNAT, and you need not to set up the classless routes on this API. See the RFC 3442 to understand the classless routes.

"EnumNAT" RPC API - Get Virtual NAT Function Session Table of SecureNAT Function

Description

Get Virtual NAT Function Session Table of SecureNAT Function. Use this to get the table of TCP and UDP sessions currently communicating via the Virtual NAT (NAT table) in cases when the Virtual NAT function is operating on the currently managed Virtual Hub. You cannot execute this API for Virtual Hubs of VPN Servers operating as a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "EnumNAT",
  "params": {
    "HubName_str": "hubname"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "NatTable": [
      {
        "Id_u32": 0,
        "Protocol_u32": 0,
        "SrcIp_ip": "192.168.0.1",
        "SrcHost_str": "srchost",
        "SrcPort_u32": 0,
        "DestIp_ip": "192.168.0.1",
        "DestHost_str": "desthost",
        "DestPort_u32": 0,
        "CreatedTime_dt": "2020-08-01T12:24:36.123",
        "LastCommTime_dt": "2020-08-01T12:24:36.123",
        "SendSize_u64": 0,
        "RecvSize_u64": 0,
        "TcpStatus_u32": 0
      },
      {
        "Id_u32": 0,
        "Protocol_u32": 0,
        "SrcIp_ip": "192.168.0.1",
        "SrcHost_str": "srchost",
        "SrcPort_u32": 0,
        "DestIp_ip": "192.168.0.1",
        "DestHost_str": "desthost",
        "DestPort_u32": 0,
        "CreatedTime_dt": "2020-08-01T12:24:36.123",
        "LastCommTime_dt": "2020-08-01T12:24:36.123",
        "SendSize_u64": 0,
        "RecvSize_u64": 0,
        "TcpStatus_u32": 0
      },
      {
        "Id_u32": 0,
        "Protocol_u32": 0,
        "SrcIp_ip": "192.168.0.1",
        "SrcHost_str": "srchost",
        "SrcPort_u32": 0,
        "DestIp_ip": "192.168.0.1",
        "DestHost_str": "desthost",
        "DestPort_u32": 0,
        "CreatedTime_dt": "2020-08-01T12:24:36.123",
        "LastCommTime_dt": "2020-08-01T12:24:36.123",
        "SendSize_u64": 0,
        "RecvSize_u64": 0,
        "TcpStatus_u32": 0
      }
    ]
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) Virtual Hub Name
NatTable Array object NAT item
Id_u32 number (uint32) ID
Protocol_u32 number (enum) Protocol
Values:
0: TCP
1: UDP
2: DNS
3: ICMP
SrcIp_ip string (IP address) Source IP address
SrcHost_str string (ASCII) Source host name
SrcPort_u32 number (uint32) Source port number
DestIp_ip string (IP address) Destination IP address
DestHost_str string (ASCII) Destination host name
DestPort_u32 number (uint32) Destination port number
CreatedTime_dt Date Connection time
LastCommTime_dt Date Last communication time
SendSize_u64 number (uint64) Transmission size
RecvSize_u64 number (uint64) Receive size
TcpStatus_u32 number (enum) TCP state
Values:
0: Connecting
1: Send the RST (Connection failure or disconnected)
2: Connection complete
3: Connection established
4: Wait for socket disconnection

"EnumDHCP" RPC API - Get Virtual DHCP Server Function Lease Table of SecureNAT Function

Description

Get Virtual DHCP Server Function Lease Table of SecureNAT Function. Use this to get the lease table of IP addresses, held by the Virtual DHCP Server, that are assigned to clients in cases when the Virtual NAT function is operating on the currently managed Virtual Hub. You cannot execute this API for Virtual Hubs of VPN Servers operating as a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "EnumDHCP",
  "params": {
    "HubName_str": "hubname"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "DhcpTable": [
      {
        "Id_u32": 0,
        "LeasedTime_dt": "2020-08-01T12:24:36.123",
        "ExpireTime_dt": "2020-08-01T12:24:36.123",
        "MacAddress_bin": "SGVsbG8gV29ybGQ=",
        "IpAddress_ip": "192.168.0.1",
        "Mask_u32": 0,
        "Hostname_str": "hostname"
      },
      {
        "Id_u32": 0,
        "LeasedTime_dt": "2020-08-01T12:24:36.123",
        "ExpireTime_dt": "2020-08-01T12:24:36.123",
        "MacAddress_bin": "SGVsbG8gV29ybGQ=",
        "IpAddress_ip": "192.168.0.1",
        "Mask_u32": 0,
        "Hostname_str": "hostname"
      },
      {
        "Id_u32": 0,
        "LeasedTime_dt": "2020-08-01T12:24:36.123",
        "ExpireTime_dt": "2020-08-01T12:24:36.123",
        "MacAddress_bin": "SGVsbG8gV29ybGQ=",
        "IpAddress_ip": "192.168.0.1",
        "Mask_u32": 0,
        "Hostname_str": "hostname"
      }
    ]
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) Virtual Hub Name
DhcpTable Array object DHCP Item
Id_u32 number (uint32) ID
LeasedTime_dt Date Lease time
ExpireTime_dt Date Expiration date
MacAddress_bin string (Base64 binary) MAC address
IpAddress_ip string (IP address) IP address
Mask_u32 number (uint32) Subnet mask
Hostname_str string (ASCII) Host name

"GetSecureNATStatus" RPC API - Get the Operating Status of the Virtual NAT and DHCP Server Function (SecureNAT Function)

Description

Get the Operating Status of the Virtual NAT and DHCP Server Function (SecureNAT Function). Use this to get the operating status of the Virtual NAT and DHCP Server function (SecureNAT Function) when it is operating on the currently managed Virtual Hub. You cannot execute this API for Virtual Hubs of VPN Servers operating as a cluster.

Input JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "method": "GetSecureNATStatus",
  "params": {
    "HubName_str": "hubname"
  }
}

Output JSON-RPC Format

{
  "jsonrpc": "2.0",
  "id": "rpc_call_id",
  "result": {
    "HubName_str": "hubname",
    "NumTcpSessions_u32": 0,
    "NumUdpSessions_u32": 0,
    "NumIcmpSessions_u32": 0,
    "NumDnsSessions_u32": 0,
    "NumDhcpClients_u32": 0,
    "IsKernelMode_bool": false,
    "IsRawIpMode_bool": false
  }
}

Parameters

Name Type Description
HubName_str string (ASCII) Virtual Hub Name
NumTcpSessions_u32