Book Image

OpenVPN: Building and Integrating Virtual Private Networks

Book Image

OpenVPN: Building and Integrating Virtual Private Networks

Overview of this book

OpenVPN is a powerful, open source SSL VPN application. It can secure site-to-site connections, WiFi and enterprise-scale remote connections. While being a full-featured VPN solution, OpenVPN is easy to use and does not suffer from the complexity that characterizes other IPSec VPN implementations. It uses the secure and stable TLS/SSL mechanisms for authentication and encryption. This book is an easy introduction to this popular VPN application. After introducing the basics of security and VPN, the book moves on to cover using OpenVPN, from installing it on various platforms, through configuring basic tunnels, to more advanced features, such as using the application with firewalls, routers, proxy servers, and OpenVPN scripting. While providing only necessary theoretical background, the book takes a practical approach, presenting plenty of examples.

Related Content you might be interested in

Current Title:

Small book image
OpenVPN: Building and Integrating Virtual Private Networks
May, 2006 | 270 pages
No titles found
Table of Contents (17 chapters)
OpenVPN
OpenVPN
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
Preface
Preface
Free Chapter
1
VPN—Virtual Private Network
VPN—Virtual Private Network
Branches Connected by Dedicated Lines
How Does a VPN Work?
VPN Concepts—Overview
Summary
2
VPN Security
VPN Security
VPN Security
Privacy—Encrypting the Traffic
SSL/TLS Security
Summary
3
OpenVPN
OpenVPN
Advantages of OpenVPN
History of OpenVPN
Networking with OpenVPN
OpenVPN Compared to IPsec VPN
Sources for Help and Documentation
The Project Community
Summary
4
Installing OpenVPN
Installing OpenVPN
Prerequisites
Obtaining the Software
Installing OpenVPN on Windows
Installing OpenVPN on Mac OS X (Tunnelblick)
Installing OpenVPN on SuSE Linux
Installing OpenVPN on Redhat Fedora Using yum
Installing OpenVPN on RPM-Based Systems
Installing OpenVPN on Debian
Installing OpenVPN on FreeBSD
Troubleshooting—Advanced Installation Methods
Internet Links, Installation Guidelines, and Help
Summary
5
Configuring an OpenVPN Server—The First Tunnel
Configuring an OpenVPN Server—The First Tunnel
OpenVPN on Microsoft Windows
Connecting Windows and Linux
Troubleshooting Firewall Issues
Summary
6
Setting Up OpenVPN with X509 Certificates
Setting Up OpenVPN with X509 Certificates
Creating Certificates
Certificate Generation on Windows XP with easy-rsa
Distributing the Files to the VPN Partners
Configuring OpenVPN to Use Certificates
Using easy-rsa on Linux
Troubleshooting
Summary
7
The Command openvpn and its Configuration File
The Command openvpn and its Configuration File
Syntax of openvpn
Using OpenVPN at the Command Line
Configuring OpenVPN with Certificates—Simple TLS Mode
Overview of OpenVPN Parameters
Important Windows-Specific Options
Summary
8
Securing OpenVPN Tunnels and Servers
Securing OpenVPN Tunnels and Servers
Securing and Stabilizing OpenVPN
Linux and Firewalls
Configuring the Windows Firewall for OpenVPN
Summary
9
Advanced Certificate Management
Advanced Certificate Management
Certificate Management and Security
Installing xca
Using xca
Using TinyCA2 to Manage Certificates
Summary
10
Advanced OpenVPN Configuration
Advanced OpenVPN Configuration
Tunneling a Proxy Server and Protecting the Proxy
Scripting OpenVPN—An Overview
Using Authentication Methods
Using a Client Configuration Directory with Per-Client Configurations
Individual Firewall Rules for Connecting Clients
Distributed Compilation through VPN Tunnels with distcc
Ethernet Bridging with OpenVPN
Automatic Installation for Windows Clients
Summary
11
Troubleshooting and Monitoring
Troubleshooting and Monitoring
Testing the Network Connectivity
Checking Interfaces, Routing, and Connectivity on the VPN Servers
Debugging with tcpdump and IPTraf
Using OpenVPN Protocol and Status Files for Debugging
Scanning Servers with Nmap
Monitoring Tools
Hints to Other Tools
Summary
Index
Index

Important Windows-Specific Options

A fast-growing number of options can only be used on Windows clients, because other systems can't deal with the methods used. The following table gives an overview of these:

Parameter

Options

Function

Usage

dhcp-option

WINS <IP> DNS <IP> DOMAIN <name> NBDD <IP> NTP <IP> NBT <type> NBS <scope-id> DISABLE-NBT

Sets specific DHCP data over the VPN for Windows clients:

Sets a specific DNS or WINS server via DHCP, set domain name, NetBIOS server address, network time server, and more.

--push "dhcp-option DNS 10.94.46.11"

route-method

ipapi exe

Sets the method Windows uses to set routes, either by executing the route command (exe) or by using the IPAPI interface.

--route-method ipapi

ip-win32

<method>

Sets the Windows Network adapter's IP and netmask using <method>

--ip-win32 ipapi

Are you ready for an example? Read the following command line and write down what it does: 

openvpn --port 5001...
Previous Section
End of Section 6
Next Section