Book Image

OpenVPN: Building and Integrating Virtual Private Networks

Book Image

OpenVPN: Building and Integrating Virtual Private Networks

Overview of this book

OpenVPN is a powerful, open source SSL VPN application. It can secure site-to-site connections, WiFi and enterprise-scale remote connections. While being a full-featured VPN solution, OpenVPN is easy to use and does not suffer from the complexity that characterizes other IPSec VPN implementations. It uses the secure and stable TLS/SSL mechanisms for authentication and encryption. This book is an easy introduction to this popular VPN application. After introducing the basics of security and VPN, the book moves on to cover using OpenVPN, from installing it on various platforms, through configuring basic tunnels, to more advanced features, such as using the application with firewalls, routers, proxy servers, and OpenVPN scripting. While providing only necessary theoretical background, the book takes a practical approach, presenting plenty of examples.
Table of Contents (17 chapters)
OpenVPN
Credits
About the Author
About the Reviewers
Preface
Index

Using OpenVPN Protocol and Status Files for Debugging


A very convenient method to watch tunnel traffic is setting the verbosity of OpenVPN to the fifth level. This is simply done with the entry verb 5 in its configuration file. The following output shows an excerpt of OpenVPN's protocol file (as specified in the OpenVPN configuration file):

Fri Dec  9 21:05:15 2005 us=51912 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized
 with 256 bit key
Fri Dec  9 21:05:15 2005 us=51944 Data Channel Encrypt: Using 160 bit message hash 'SHA1'
 for HMAC authentication
Fri Dec  9 21:05:15 2005 us=51962 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized
 with 256 bit key
Fri Dec  9 21:05:15 2005 us=52033 Data Channel Decrypt: Using 160 bit message hash 'SHA1'
 for HMAC authentication
Fri Dec  9 21:05:15 2005 us=131924 Control Channel: TLSv1, cipher TLSv1/SSLv3
 DHE-RSA-AES256-SHA, 2048 bit RSA
WRwrWRwrWRwrWRwrWRwrWRwrWRwrWRwrWRwrWRwrWRwrWRwrWRwrWRwrWRwrWRwrWRwrWRwrWRwrWRwrWRwrWRwrWR
wrWRwrWRwrW...