OpenVPN



The last time I used openvpn, it was version 1.x and only supported a single connection per running process. So, if you had a server that you wanted to support multiple clients connecting, you had to… have multiple ports open to the outside world (unless you did something VERY fancy), and had to have as many openvpn processes open and listening for connections, as you had clients you expected to connect. It wasn’t a pretty setup unless you had a small number (1-5) that you expected to connect. Fortunately that has changed with the 2.0 series of openvpn and it’s really matured as a vpn solution.


For starters, this is a client/server protocol and it’s cross platform. These are nice features for VPN software. There are a variety of ways to setup openvpn. One is without encryption (mostly for troubleshooting), the next is a “shared secret” method which has you copy a “secret file” to each machine and that is used for authenticating to the vpn. There are advantages to this… easy setup. The disadvantages though are many…. what if someone loses the key? what if the key is broken, then ALL present/past/future communications could be compromised… you can’t setup for multiple clients with the secret file based authentication. So, the next is TLS (certificate authority) based encryption.

I’ve done this and get things setup, but the hardest part here is getting your authentication keys setup and signed… after that the setup get’s quite easy.

With openvpn you have to allow incoming udp connections on one port to get to the openvpn server machine. The current port is 1194. (It is possible to work it over Tcp as well..) Earlier in their development I think they used 5000, it is configurable in setup so it could be anything you want that doesn’t conflict with other services.

server has to be specified in the openvpn servers configuration file IF you want multiple machines to be able to connect to the same openvpn server. Routing can be pushed to each of the clients as well.

Overall, I’ve liked openvpns configurability… it’s quite flexible and gives many choices. My main intent for using it is from my laptop to encrypt my wireless connection. I expect even from outside my network I may route all traffic through the VPN for true secure web browsing/etc….

Given the choice between hamachi and openvpn… I’d probably pick openvpn because I feel like I have a bit more control over it. (There was one machine I couldn’t get hamachi to connect to…) That said, hamachi is an easier secure vpn solution for beginners.

Related Posts

Blog Traffic Exchange Related Posts Blog Traffic Exchange Related Websites
  • Corporate Blog Security Issues If you are planning on starting your own corporate blog or executive blog, or if you already have a corporate blog that you are writing in, then one of your greatest concerns should be corporate blog security issues. There are a variety of different corporate blogging security issues that you......
  • Hidden IP Address Easy Information When connecting on the Internet, your property computer is assigned a public Ip. As you visit Websites or other Internet servers, that public Ip is transmitted and recorded in log files kept on those servers. Access logs leave behind a trail of one's Internet activity. When it were possible to......
  • Solidifying WP Security Designed with PHP, and powered by mySQL directories, WordPress is used by an amazing 8.5% of all websites. Web delivered spyware and web page hacking are becoming progressively more common. With such a lot of web content using WordPress as a CMS, any security weaknesses in the CMS structure or......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site