In this chapter we have discussed some typical advanced configurations for OpenVPN that showed some of its advantages. We have tunneled OpenVPN through an HTTP proxy and then we configured a squid proxy so that we could control who is allowed to do so. Then we had a closer look at the scripting interfaces OpenVPN offers, including lists of variables that are passed to the scripts by OpenVPN on invocation. One such script can be an authentication plug-in like the provided PAM authentication or better an authentication against LDAP servers. As a next step, we configured OpenVPN to use a per-client configuration based on the client's certificate, which would enable different configurations for different users connecting. This scenario can be made even more complicated when combined with per-user firewall rules being activated on the VPN server after a client connects.
distcc
, a network-enabled compiler front end to GCC can be used together with OpenVPN tunnels to have remote machines...