Openvpn

I make use of openvpn almost on a daily basis when I’m out in the world and use my laptop to connect to the internet. I’ve done several projects related to openvpn which I’ll detail in this page.

For starters:

openvpn.net and their howto. If you’re not familiar with openvpn it is an open source vpn implementation and is cross platform. I’ve had good success with it and it’s fairly easy to setup TLS authentication.

Update 6-17-10 ….

Big openvpn/dd-wrt project lately that has taken a lot of time, but it has solved an issue that I’m sure a lot of network admins have run into. When designing networks and looking to bridge offices with openvpn network admins are advised to pick unique subnets so that 192.168.1.1 in one office can route well over the vpn to 192.168.2.1 in the other office. If both networks (or multiple) use 192.168.1.0/24 there is network address collision – packets get lost and things don’t work. Well, it is possible with the right setup to do NAT on the packets that are traveling over the vpn. Why? Well, let’s say you’re a client of this 192.168.1.0 office network and are out at a wifi hotspot that also happens to be a 192.168.1.0 – you can’t exactly make them change their addressing to avoid conflicts with your business network and migrating an established business network can be a big task. Of course, you could start out your network design by choosing a different subnet and I’ve used this approach several times, but it’s really just a matter of time until you stumble across someone else with the same subnet that needs to vpn into the network and you run into the hairy address conflict problem.

So, we’ve designed a box based on dd-wrt openvpn edition…. This box has a vpn “personality” (client key and configuration to connect to a server out in the internet (a linux vps is the hub of the wheel for our topology and our openvpn server.) That server identifies the box by it’s certificate and gives it an address at 10.111.1.254. It also pushes routes to 10.111.2.0/24 with 10.111.2.254 as the gateway and 10.111.1.0/24 with gw of 10.111.1.254 to our second box which is given a 10.111.2.254 address. On each device in addition to the vpn personality there is a special brew of firewall rules which handles the packet rewriting such that any device that is attached to our two vpn boxes are accessible from the other side even though internally they can share the same 192.168.2.0/24 network. So, each client has it’s own network address (192.168.34.1) and it’s vpn address 10.111.1.1 This has worked well – it did take a lot of time to initially design but we’ve now rolled out two initial installs of it. (Not bad considering that it’s all done with ~$60 dollar router hardware.) In the future I may provide more details on the setup here because as I researched this I found NO ONE explaining step by step how to design this kind of a setup. At this point the only negative with our setup is that two devices behind the same box will not see each other via their vpn address(10.111.1.1/10.111.1.2), but their lan address (192.168.34.1/192.168.34.2) Of course, this plan also allows for mobile vpn clients that aren’t “behind the box” and they register in the 10.111.0.0/24 subnet and they are all screened with the wider subnet via the server so that anything in the 10.111.0.0/16 is pingable from each vpn subnet.

As I said, it’s been a big project and I may be detailing it here, but want to wait until all the dust settles on our setup.

    “”openvpn”" – Google News

    NordVPN was Hacked. Here’s What We Know – The Mac Observer

    1. NordVPN was Hacked. Here’s What We Know  The Mac Observer
    2. NordVPN Hacked, Making MSSPs’ Jobs Harder MSSPs see big trouble ahead when even a top-ranked  Channel Futures
    3. Hacker Breached Servers Belonging to Multiple VPN Providers  BleepingComputer
    4. Row erupts over who to blame after NordVPN says: One of our servers was hacked via remote management tool  The Register
    5. NordVPN Admits Datacenter Hack From Back In 2018  TechNadu
    6. View full coverage on Google News




    ExpressVPN vs TorGuard Comparison (2019) – User-Friendliness vs Advanced Functionality! – TechNadu

    ExpressVPN vs TorGuard Comparison (2019) – User-Friendliness vs Advanced Functionality!  TechNadu



    ExpressVPN vs Surfshark VPN (2019) – Should You Pick a Well-Known Brand or a Newcomer? – TechNadu

    ExpressVPN vs Surfshark VPN (2019) – Should You Pick a Well-Known Brand or a Newcomer?  TechNadu



    StrongVPN – Full Review and Benchmarks – Tom’s Guide

    StrongVPN – Full Review and Benchmarks  Tom’s Guide



    How to Install a VPN on Kodi in 5 Minutes or less – - VENTS Magazine

    How to Install a VPN on Kodi in 5 Minutes or less -  VENTS Magazine



    The Comprehensive Guide to VPN Encryption Ciphers – Analytics Insight

    The Comprehensive Guide to VPN Encryption Ciphers  Analytics Insight



    This just got real: US, UK agencies issue joint VPN security alert – TechBeacon

    This just got real: US, UK agencies issue joint VPN security alert  TechBeacon



    The Best VPN Routers for 2019 – PCMag.com

    The Best VPN Routers for 2019  PCMag.com



    Why Is My VPN so Slow and How Do I Boost My Speed? – Tech Times

    Why Is My VPN so Slow and How Do I Boost My Speed?  Tech Times



    What is OpenVPN? | 5 best OpenVPN clients & What you need to know – proprivacy.com

    What is OpenVPN? | 5 best OpenVPN clients & What you need to know  proprivacy.com

    www.pdf24.org    Send article as PDF   

    Similar Posts


    Switch to our mobile site