OpenVPN
=======

These are utilized on our routers for the SSL VPNS​​

You can utilize openvpn to make Routed or Bridged vpn tunnels.

Routed use TUN interfaces which make the connected client on a seperate subnet. Thus the client can only access the server and nothing beyond. If there were routes setup on the server to reach the lan, and routes on the lan computers setup to reach the client, and routes on the client to reach the servers lan through the server, then it would be possible to make the client communicate to the whole lan in a client to site fasion. Now if the server happens to be your router then a client to site connection is alot easier to setup, because everyone already has routes pointing at the router, so thats a few less routes to worry about.

Bridge use TAP interfaces which make the connected client on the same subnet using bridges. The client thus has access to the whole server network. THese are harder to setup but it achieves client to site in less steps. You can also use these to setup site to site vpns, but I wont jump into that topic.

There are 3 types of security with openvpn

1. no security – i wont dwell into this one
2. shared secret key – uses a file – Ill cover this for client to client vpn using routed openvpn setup.
3. ssl/tls certificates (and you can use password or no password authentication)- ill cover this with no password for Routed VPN (client to client) and also ill cover this with the no password option for Bridge VPN (client to site)

ROUTED VPN ARTICLE FOR CLIENT 2 CLIENT SETUP:
ONE – ROUTED VPNS LINK
Covers:
1. Routed VPN Setup using the simple shared key setup
2. Routed VPN Setup using the PKI security with SSL/TLS certificates

BRIDGED VPN ARTICLE FOR SITE 2 CLIENT SETUP WITH SSL/TLS KEYS:
TWO – BRIDGED VPN CLIENT 2 SITE WITH SSL KEYS
Covers:
1. Just how to make a Bridge VPN with PKI Security with SSL/TLS certificates

Its not advised to use a simple shared secret type of security if they have access to your whole network.

BRIDGED VPN ARTICLE FOR SITE 2 CLIENT SETUP WITH STATIC KEYS:
THREE – BRIDGED VPN CLIENT 2 SITE WITH STATIC KEYS

————-

WINDOWS CLIENTS: http://openvpn.se/download.html Just put your keys in C:\Program Files\OpenVPN\config\ and name your openvpn.conf as anyname.ovpn and put into same folder, minor changes might have to accompany the actual config (not the keys) these changes can be googled for:

http://openvpn.net/index.php/open-source/documentation/miscellaneous/76-ethernet-bridging.html

This shows how to its different between linux and windows clients, not much.. as an install tip: run the setup file as admin, if your in windows 8, run the setup file in win7 compatability mode 🙂
​