Openvpn

I make use of openvpn almost on a daily basis when I’m out in the world and use my laptop to connect to the internet. I’ve done several projects related to openvpn which I’ll detail in this page.

For starters:

openvpn.net and their howto. If you’re not familiar with openvpn it is an open source vpn implementation and is cross platform. I’ve had good success with it and it’s fairly easy to setup TLS authentication.

Update 6-17-10 ….

Big openvpn/dd-wrt project lately that has taken a lot of time, but it has solved an issue that I’m sure a lot of network admins have run into. When designing networks and looking to bridge offices with openvpn network admins are advised to pick unique subnets so that 192.168.1.1 in one office can route well over the vpn to 192.168.2.1 in the other office. If both networks (or multiple) use 192.168.1.0/24 there is network address collision – packets get lost and things don’t work. Well, it is possible with the right setup to do NAT on the packets that are traveling over the vpn. Why? Well, let’s say you’re a client of this 192.168.1.0 office network and are out at a wifi hotspot that also happens to be a 192.168.1.0 – you can’t exactly make them change their addressing to avoid conflicts with your business network and migrating an established business network can be a big task. Of course, you could start out your network design by choosing a different subnet and I’ve used this approach several times, but it’s really just a matter of time until you stumble across someone else with the same subnet that needs to vpn into the network and you run into the hairy address conflict problem.

So, we’ve designed a box based on dd-wrt openvpn edition…. This box has a vpn “personality” (client key and configuration to connect to a server out in the internet (a linux vps is the hub of the wheel for our topology and our openvpn server.) That server identifies the box by it’s certificate and gives it an address at 10.111.1.254. It also pushes routes to 10.111.2.0/24 with 10.111.2.254 as the gateway and 10.111.1.0/24 with gw of 10.111.1.254 to our second box which is given a 10.111.2.254 address. On each device in addition to the vpn personality there is a special brew of firewall rules which handles the packet rewriting such that any device that is attached to our two vpn boxes are accessible from the other side even though internally they can share the same 192.168.2.0/24 network. So, each client has it’s own network address (192.168.34.1) and it’s vpn address 10.111.1.1 This has worked well – it did take a lot of time to initially design but we’ve now rolled out two initial installs of it. (Not bad considering that it’s all done with ~$60 dollar router hardware.) In the future I may provide more details on the setup here because as I researched this I found NO ONE explaining step by step how to design this kind of a setup. At this point the only negative with our setup is that two devices behind the same box will not see each other via their vpn address(10.111.1.1/10.111.1.2), but their lan address (192.168.34.1/192.168.34.2) Of course, this plan also allows for mobile vpn clients that aren’t “behind the box” and they register in the 10.111.0.0/24 subnet and they are all screened with the wider subnet via the server so that anything in the 10.111.0.0/16 is pingable from each vpn subnet.

As I said, it’s been a big project and I may be detailing it here, but want to wait until all the dust settles on our setup.

    “openvpn” – Google News

    Save 75% off a Lifetime subscription to OneVPN – get it for just $29 via Neowin Deals – Neowin


    Neowin
    Save 75% off a Lifetime subscription to OneVPN – get it for just $29 via Neowin Deals
    Neowin
    VPNs offer an invaluable service, cleaning up your internet experience, while keeping you anonymous from hackers and government snoops who may be monitoring your activity. OneVPN provides this secure browsing service on a budget, while maintaining …




    OpenVPN – Der Standard der Open-Source-VPNs in der Praxis – ZDNet.de


    ZDNet.de
    OpenVPN – Der Standard der Open-Source-VPNs in der Praxis
    ZDNet.de
    Wenn Unternehmen im Netzwerk einen eigenen VPN-Server aufbauen, kommt häufig OpenVPN zum Einsatz. Der Open-Source-VPN-Server gehört zu den beliebtesten Lösungen in diesem Bereich. Das liegt an der stabilen Basis von OpenVPN, der …




    openvpn priority pres wondershaper na wl500gp – AbcLinuxu.cz – ABCLinuxu.cz

    openvpn priority pres wondershaper na wl500gp – AbcLinuxu.cz
    ABCLinuxu.cz
    chěl bych se pokusit prioritizovat openvpn traffic na Asus wl500gp. Resp, chtel bych aby bylo pro openvpn minimálně rezervováno 512 kb v obou směrech.

    and more »




    A Defensive Computing term paper on privacy: VPNs, Tor and VPN … – Computerworld


    Computerworld
    A Defensive Computing term paper on privacy: VPNs, Tor and VPN …
    Computerworld
    If I was in high school, tasked with a writing a term paper about online privacy, I might hand in homework that compared and contrasted Tor, consumer VPNs and …

    and more »




    How to use a VPN on the Amazon Fire TV Stick – Expert Reviews


    Expert Reviews
    How to use a VPN on the Amazon Fire TV Stick
    Expert Reviews
    There are a bunch of different ways to go about this via APK installs, but I've gone with the OpenVPN app on Google Play, as it's by far the easiest way to get going. It's worth mentioning at this point that the Fire TV Stick doesn't have Google Play




    MS Radius + OpenVPN mell̩ two factor РHungarian Unix Portal

    MS Radius + OpenVPN mellé two factor
    Hungarian Unix Portal
    Van egy rég óta hiba nélkül menő MS Radius + OpenVPN telepítés (2012-n fut a Radisu szerver és CentOS 7 az OpenVPN). Most előjött az igény, hogy kéne two factor (TOTP mondjuk), ami nem gyártó specifikus (mint pl. az RSA). Neten utánanézve, ez …




    Alternativen zu OpenVPN: Pritunl und SoftEther VPN Project – ZDNet.de


    ZDNet.de
    Alternativen zu OpenVPN: Pritunl und SoftEther VPN Project
    ZDNet.de
    Pritunl nutzt das OpenVPN-Protokoll zur Kommunikation zwischen Client und Server. Die Installation auf Debian, Ubuntu, CentOS oder Fedora erfolgt über den Download in der entsprechenden Distribution, oder durch die Installation der Pakete aus GitHub.




    New OpenVPN Licensing in AWS Marketplace Simplifies Managing … – PR Newswire (press release)

    New OpenVPN Licensing in AWS Marketplace Simplifies Managing …
    PR Newswire (press release)
    OpenVPN Technologies Inc. is bringing its award-winning software to AWS Marketplace, simplifying how businesses securely access their networks.

    and more »




    Windows Phone Users Trying to Bring OpenVPN to Windows 10 Mobile – Softpedia News (blog)


    Softpedia News (blog)
    Windows Phone Users Trying to Bring OpenVPN to Windows 10 Mobile
    Softpedia News (blog)
    If they can't bring Pokemon Go on Windows 10 Mobile, the Windows Phone community decided to focus on something that's more doable, so their next target is now OpenVPN. As a long-time Windows Phone user who needs OpenVPN to connect to the …

    and more »




    Protocol Showdown: PPTP vs OpenVPN – Cloudwards.net – Cloudwards


    Cloudwards
    Protocol Showdown: PPTP vs OpenVPN – Cloudwards.net
    Cloudwards
    While most people assume the biggest factor to consider when selecting a VPN provider is the price, it's also important to take into consideration the strength of …
    Top 10 Best VPN Service Providers of the Moment – GeekSaysGeekSays

    all 3 news articles »


    www.pdf24.org    Send article as PDF   

    Similar Posts


    Switch to our mobile site