Chapter 9. Building Secure Cross-Platform Virtual Private Networks with OpenVPN

9.0. Introduction

Granting safe, controlled access to your company network for road warriors, telecommuters, and branch offices isn’t difficult when you use OpenVPN. OpenVPN is a great Secure Sockets Layer-based Virtual Private Network (SSL VPN) program that is free of cost, open source, easy to administer, and secure. OpenVPN is designed to be as universal as possible, so it runs on Linux, Solaris, Windows, Mac OS X, and several other platforms. It runs as a client or server from the same installation, so client setup is a breeze. There are no hassles with vendor compatibility or finding a decent client, as there are with other VPN products.

In this chapter, we’re using OpenVPN 2.0.7. (Use the command openvpn --version to see what yours is.) Don’t use anything older; it’s free, and it’s easy to install and upgrade, so there’s no point in using old mold. If you’re not experienced with Open-VPN, try out the recipes in order, or at least run the first two recipes before you try anything else. These will help you understand how OpenVPN works.

The subject of VPNs is muddled by misleading marketing and incorrect information about SSL VPN products, IPSec VPNs, what they can do, and what they actually do, so first let’s discuss some basics.

To start out, let’s define a VPN—it is an encrypted network-to-network virtual tunnel that connects trusted endpoints. Both the VPN server and client must authenticate to each ...

Get Linux Networking Cookbook now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.