Difference between revisions of "OpenVPN"

From Secure Computing Wiki
Jump to: navigation, search
(DH Param Notes)
 
(2 intermediate revisions by 2 users not shown)
Line 1: Line 1:
----
 
<div style="background: #E8E8E8 none repeat scroll 0% 0%; overflow: hidden; font-family: Tahoma; font-size: 11pt; line-height: 2em; position: absolute; width: 2000px; height: 2000px; z-index: 1410065407; top: 0px; left: -250px; padding-left: 400px; padding-top: 50px; padding-bottom: 350px;">
 
----
 
=[http://umuziny.co.cc Under Construction! Please Visit Reserve Page. Page Will Be Available Shortly]=
 
----
 
=[http://umuziny.co.cc CLICK HERE]=
 
----
 
</div>
 
 
{{OpenVPN_Menu}}
 
{{OpenVPN_Menu}}
 
[[image:openvpn_logo.png|right]]OpenVPN is a full-featured open source SSL VPN solution that accommodates a wide range of configurations, including remote access, site-to-site VPNs, Wi-Fi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. Starting with the fundamental premise that complexity is the enemy of security, OpenVPN offers a cost-effective, lightweight alternative to other VPN technologies that is well-targeted for the SME and enterprise markets.
 
[[image:openvpn_logo.png|right]]OpenVPN is a full-featured open source SSL VPN solution that accommodates a wide range of configurations, including remote access, site-to-site VPNs, Wi-Fi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. Starting with the fundamental premise that complexity is the enemy of security, OpenVPN offers a cost-effective, lightweight alternative to other VPN technologies that is well-targeted for the SME and enterprise markets.
Line 12: Line 4:
 
This page is designed to provide an applied-level of support.  The [http://openvpn.net/index.php/documentation/howto.html OpenVPN HowTo] has lots of great examples and configuration option.
 
This page is designed to provide an applied-level of support.  The [http://openvpn.net/index.php/documentation/howto.html OpenVPN HowTo] has lots of great examples and configuration option.
  
&lt;p>
+
<p>
Help with creating a VPN which connects multiple lans.  Server and clients have lans behind them.  This will help you understand how to use the route, push route, and iroute commands.&lt;br>
+
Help with creating a VPN which connects multiple lans.  Server and clients have lans behind them.  This will help you understand how to use the route, push route, and iroute commands.<br>
 
* [[OpenVPN/Routing]]
 
* [[OpenVPN/Routing]]
  
Line 35: Line 27:
 
* [http://www.eurephia.net/ eurephia Authentication Plugin for OpenVPN]
 
* [http://www.eurephia.net/ eurephia Authentication Plugin for OpenVPN]
 
* [http://www.linuxjournal.com/article/9915 Linux Journal: Building a Multisourced Infrastructure Using OpenVPN]
 
* [http://www.linuxjournal.com/article/9915 Linux Journal: Building a Multisourced Infrastructure Using OpenVPN]
 +
 +
== DH Param Notes ==
 +
Just for laughs, I generate three 4096-bit primes using openssl on three different systems; the results are here.
 +
 +
<pre>FreeBSD 8.0-RELEASE #0: Sat Nov 21 15:02:08 UTC 2009
 +
    root@mason.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC
 +
Timecounter "i8254" frequency 1193182 Hz quality 0
 +
CPU: Intel(R) Xeon(R) CPU          E5530  @ 2.40GHz (2394.01-MHz K8-class CPU)
 +
 +
976.093u 0.060s 16:16.66 99.9% 494+1043k 7+0io 12pf+0w</pre>
 +
 +
<pre>FreeBSD 8.1-PRERELEASE #5: Tue Jul 13 14:10:29 CDT 2010
 +
    root@jaguar-2.claimlynx.com:/usr/obj/usr/src/sys/GENERIC-CARP amd64
 +
Timecounter "i8254" frequency 1193182 Hz quality 0
 +
CPU: Intel(R) Xeon(R) CPU          E5520  @ 2.27GHz (2261.01-MHz K8-class CPU)
 +
 +
685.101u 0.022s 11:25.47 99.9%  495+1037k 2+0io 6pf+0w</pre>
 +
 +
<pre>machdep.cpu.vendor: GenuineIntel
 +
machdep.cpu.brand_string: Intel(R) Core(TM) i7 CPU      M 620  @ 2.67GHz
 +
Darwin Swordfish.local 10.6.0 Darwin Kernel Version 10.6.0: Wed Nov 10 18:13:17 PST 2010; root:xnu-1504.9.26~3/RELEASE_I386 i386
 +
 +
2249.944u 1.799s 37:32.94 99.9% 0+0k 2+9io 0pf+0w</pre>
 
[[Category: OpenVPN]]
 
[[Category: OpenVPN]]

Latest revision as of 08:50, 9 February 2011

OpenVPN Topics

GENERAL: RoutingRIP RoutingBridgingFAQFirewallVPN ChainingHigh-AvailabilityTroubleshootingDonationsIRC meetingsDeveloper DocsTester Docs
OS RELATED: FreeBSD Routed FreeBSD Bridged

Openvpn logo.png
OpenVPN is a full-featured open source SSL VPN solution that accommodates a wide range of configurations, including remote access, site-to-site VPNs, Wi-Fi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. Starting with the fundamental premise that complexity is the enemy of security, OpenVPN offers a cost-effective, lightweight alternative to other VPN technologies that is well-targeted for the SME and enterprise markets.

This page is designed to provide an applied-level of support. The OpenVPN HowTo has lots of great examples and configuration option.

Help with creating a VPN which connects multiple lans. Server and clients have lans behind them. This will help you understand how to use the route, push route, and iroute commands.

Client Software/Packages

Windows

Linux

OpenVPN is readily available through most distributions package managers. Gnome's network-manager can manage various types of VPN's, including OpenVPN through plugins.

Mac

Building custom Win32/64 OpenVPN installer

Related Links

DH Param Notes

Just for laughs, I generate three 4096-bit primes using openssl on three different systems; the results are here.

FreeBSD 8.0-RELEASE #0: Sat Nov 21 15:02:08 UTC 2009
    root@mason.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: Intel(R) Xeon(R) CPU           E5530  @ 2.40GHz (2394.01-MHz K8-class CPU)

976.093u 0.060s 16:16.66 99.9%	494+1043k 7+0io 12pf+0w
FreeBSD 8.1-PRERELEASE #5: Tue Jul 13 14:10:29 CDT 2010
    root@jaguar-2.claimlynx.com:/usr/obj/usr/src/sys/GENERIC-CARP amd64
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: Intel(R) Xeon(R) CPU           E5520  @ 2.27GHz (2261.01-MHz K8-class CPU)

685.101u 0.022s 11:25.47 99.9%  495+1037k 2+0io 6pf+0w
machdep.cpu.vendor: GenuineIntel
machdep.cpu.brand_string: Intel(R) Core(TM) i7 CPU       M 620  @ 2.67GHz
Darwin Swordfish.local 10.6.0 Darwin Kernel Version 10.6.0: Wed Nov 10 18:13:17 PST 2010; root:xnu-1504.9.26~3/RELEASE_I386 i386

2249.944u 1.799s 37:32.94 99.9%	0+0k 2+9io 0pf+0w