Book Image

Troubleshooting OpenVPN

By : Eric F Crist
Book Image

Troubleshooting OpenVPN

By: Eric F Crist

Overview of this book

OpenVPN, the most widely used open source VPN package, allows you to create a secure network across systems, keeping your private data secure. Connectivity and other issues are a pain to deal with, especially if they are impacting your business. This book will help you resolve the issues faced by OpenVPN users and teach the techniques on how to troubleshoot it like a true expert. This book is a one stop solution for troubleshooting any issue related to OpenVPN. We will start by introducing you to troubleshooting techniques such as Packet Sniffing, Log Parsing, and OpenSSL. You will see how to overcome operating system specific errors. Later on, you will get to know about network and routing errors by exploring the concepts of IPv4 and IPv6 networking issues. You will discover how to overcome these issues to improve the performance of your OpenVPN deployment. By the end of the book, you will know the best practices, tips, and tricks to ensure the smooth running of your OpenVPN.
Table of Contents (16 chapters)

Firewalls


Incorrectly configured firewalls are one of the most prevalent problem areas, particularly for new users. Experienced users are also apt for misunderstanding how firewall rules apply to OpenVPN routed packets. In the past, firewalls were relatively monolithic devices at or near a network edge. Today, however, firewalls exist on client devices, network devices, all along the path of a network packet. Any switch in the path can have ACLs preventing or permitting traffic. This can include both the client- and server-side LANs. The OpenVPN likely has a firewall element for translation or routing traffic, and also for preventing or permitting said traffic.

The monolithic firewall also still exists and can be a pain point when troubleshooting traffic flow. The current high-end firewalls also permit deep packet inspection, SSL decryption, and what some vendors term zero-day patching. The latter generally requires SSL decryption be configured and permits the firewall vendor to detect vulnerable...