Book Image

OpenVPN: Building and Integrating Virtual Private Networks

Book Image

OpenVPN: Building and Integrating Virtual Private Networks

Overview of this book

OpenVPN is a powerful, open source SSL VPN application. It can secure site-to-site connections, WiFi and enterprise-scale remote connections. While being a full-featured VPN solution, OpenVPN is easy to use and does not suffer from the complexity that characterizes other IPSec VPN implementations. It uses the secure and stable TLS/SSL mechanisms for authentication and encryption. This book is an easy introduction to this popular VPN application. After introducing the basics of security and VPN, the book moves on to cover using OpenVPN, from installing it on various platforms, through configuring basic tunnels, to more advanced features, such as using the application with firewalls, routers, proxy servers, and OpenVPN scripting. While providing only necessary theoretical background, the book takes a practical approach, presenting plenty of examples.
Table of Contents (17 chapters)
About the Author
About the Reviewers

Configuring OpenVPN with Certificates—Simple TLS Mode

In Chapter 6, we worked with a configuration file like the following:

dev tap
dh keys/dh2048.pem
ca keys/ca.crt
cert keys/VPN-Client.crt
key keys/VPN-Client.key

In line 3 of our little configuration file, we find the parameter tls-client; on our Windows system we entered tls-server here. These entries cause openvpn to start TLS to protect the data transferred. All machines involved in the VPN need the same CA certificate and a local certificate and key pair issued by this CA. On connection, the two partners exchange their local certificates and validate the partner's certificate by checking if it was signed by the common CA. OpenVPN must know which files contain the CA and local certificate and key.

The following table shows the main parameters that we need to adapt for the use with certificates:








Defines the...