Maximum Length of Password

[rms44]

A simple question: What is the maximum length of user authentication passwords ? Depending on this, I want to make a decision on whether to continue with the SoftEther open source version, or switch to the paid version (which allows authentication via client certificates). And while we are on the topic, are there any limitations on the characters that can be used in a password ? Thanks in advance !

[solo]

Passwords are not explicitly limited. The compiled Windows releases offer cert auth for free.

[rms44]

Thank you for your response.
- Understand that password limitations will depend on the environment, and not SoftEther itself.
- Cert Auth: I am using SoftEther VPN 4.0 (Ver 4.43, Build 9799). The server runs on Windows Server 2016, and the client on Windows 11.
SoftEther documentation indeed gives the impression that Individual Certificate Authentication is available:
https://www.softether.org/4-docs/1-manu ... entication
However, when I try to create a user with Individual Certificate Authentication, I get a message "The Certificate Authentication function....has not been implemented on the open-source of SoftEther VPN yet". Please see screenshots below. The message appears after creating a certificate and clicking "OK". It is not possible to save the user unless anonymous or password authentication is selected.

[solo]

Works for me on both 4.42-9788 and 5.02-5374
.

2.png

5.png

6.png

[rms44]

I still have the issue described above, so not sure where the sticking point is. I will try to adjust a few settings and revert with feedback if I can find out what the root cause is.

[rms44]

In case it is use to anyone, I received the following comments from site admin "Cedar" on the Japanese language forum:
"It appears to be 511 characters for password authentication and 255 characters for external linkage.
There does not seem to be a limit on the number of characters that can be used, but it is a good idea to keep the range to 1 byte of readable characters because of the possible effects of differences in operation by platform.
I expect there are no differences in the commercial version".

[solo]

In order to sell PacketiX VPN Server in the Japanese market, SoftEther VPN Server Stable Edition has some functional limitations when it is running on a Japanese IP address. These functional limitations include RADIUS authentication function and DoS attack prevention function. The binary version of SoftEther VPN Server Stable Edition actually includes the implementation of the above security features. And these work only when the IP address is outside Japan. They do not work with Japanese IP address. It is a regional lock system.

https://github.com/SoftEtherVPN/SoftEth ... 1017588749

While Individual Certificate Authentication is not specifically mentioned, I suppose this is the explanation of your problems. Try DE https://dev.azure.com/SoftEther-VPN/004 ... format=zip

[rms44]

The reverse discrimination policy is interesting ! I am on a Japanese IP address so that likely explains the issue. The geographical limitations are not mentioned in section 2.2 of the Japanese version of the manual either. Even the Japanese specifications page referenced in the Githib comments (https://ja.softether.org/3-spec/cureent_limitations) does not explicitly mention the geographical limitations. It just lists certain functions that don't work (period), sort of contradicting section 2.2 of both the Japanese and English versions of the manual. For a Japan-based user like myself it is pretty confusing. I'll consider purchasing the commercial version. Thanks again for your help, very much appreciated.