User Tools
Site Tools
This is an old revision of the document!
Table of Contents
OpenVPN
OpenVPN is a opensourse Software to establish virtual private network(VPN) via encrypted TLS connections. It provides a secure and encrypted user data communication between different hosts and networks.
The focus on OpenVPN is on
- High compatibility and support for many Operation systems (Linux, OS X, Windows, iOS, and Android)
- High stability
- Easy Scalability
- Flexible VPN client extenions
- Easy installation
How to setup OpenVPN
The following step by step instruction will guide you through a OpenVPN configuration. So basically OpenVPN does have two different modes:
Bridge mode (TAP):
Advantages
- behaves like a real network adapter (except it is a virtual network adapter)
- can transport any network protocols (IPv4, IPv6, Netalk, IPX, etc, etc)
- Works in layer 2, meaning Ethernet frames are passed over the VPN tunnel
- Can be used in bridges
Disadvantages
- causes much more broadcast overhead on the VPN tunnel
- adds the overhead of Ethernet headers on all packets transported over the VPN tunnel
- scales poorly
Routing Mode (TUN)
Advantages
- A lower traffic overhead, transports only traffic which is destined for the VPN client
- Transports only layer 3 IP packets
Disadvantages
- Broadcast traffic is not normally transported
- Can only transport IPv4 (OpenVPN 2.3 adds IPv6)
- Cannot be used in bridges
Network setup
For this configuration we will use the most common mode, the routing mode.
Server
| Local WAN | Remote WAN |
|---|---|
| 10.10.10.2 | 10.10.10.1 |
| General | Parameter |
| Operation mode | Server |
| Server port | 1194 |
| Type | TUN |
| Protocol | UDP |
| Cipher | AES-256-CBC |
| Authentication | Parameter |
| certificate-based | |
| HMAC digest | SHA256 |
| Manage keys and certifictaes (below) | |
| Options | Parameter |
| use compression | enable |
| use keepalive | enable |
See openvpn.pdf