OpenVPN

OpenVPN is a opensourse Software to establish virtual private network(VPN) via encrypted TLS connections. It provides a secure and encrypted user data communication between different hosts and networks.

• High compatibility and support for many Operation systems (Linux, OS X, Windows, iOS, and Android)
• High stability
• Easy Scalability
• Flexible VPN client extenions
• Easy installation

The following step by step instruction will guide you through a OpenVPN configuration. So basically OpenVPN does have two different modes:

Bridge mode (TAP):

Advantages

• behaves like a real network adapter (except it is a virtual network adapter)
• can transport any network protocols (IPv4, IPv6, Netalk, IPX, etc, etc)
• Works in layer 2, meaning Ethernet frames are passed over the VPN tunnel
• Can be used in bridges

Disadvantages

• causes much more broadcast overhead on the VPN tunnel
• adds the overhead of Ethernet headers on all packets transported over the VPN tunnel
• scales poorly

Routing Mode (TUN)

Advantages

• A lower traffic overhead, transports only traffic which is destined for the VPN client
• Transports only layer 3 IP packets

Disadvantages

• Broadcast traffic is not normally transported
• Can only transport IPv4 (OpenVPN 2.3 adds IPv6)
• Cannot be used in bridges

For this configuration we will use the most common mode, the routing mode.

After you done with the server configuation apply the setting and we will continue with the client configuation.

Generate a static key:

  openvpn --genkey --secret static.key

Copy the static key to both client and server, over a pre-existing secure channel. Server configuration file

  dev tun
  ifconfig 10.8.0.1 10.8.0.2
  secret static.key

Client configuration file

  remote myremote.mydomain
  dev tun
  ifconfig 10.8.0.2 10.8.0.1
  secret static.key

See openvpn.pdf