Chapter 9. Building Secure Cross-Platform Virtual Private Networks with OpenVPN
Granting safe, controlled access to your company network for road warriors, telecommuters, and branch offices isn’t difficult when you use OpenVPN. OpenVPN is a great Secure Sockets Layer-based Virtual Private Network (SSL VPN) program that is free of cost, open source, easy to administer, and secure. OpenVPN is designed to be as universal as possible, so it runs on Linux, Solaris, Windows, Mac OS X, and several other platforms. It runs as a client or server from the same installation, so client setup is a breeze. There are no hassles with vendor compatibility or finding a decent client, as there are with other VPN products.
In this chapter, we’re using OpenVPN 2.0.7. (Use the command
--version to see what yours
is.) Don’t use anything older; it’s free, and it’s easy to install and
upgrade, so there’s no point in using old mold. If you’re not
experienced with Open-VPN, try out the recipes in order, or at least run
the first two recipes before you try anything else. These will help you
understand how OpenVPN works.
The subject of VPNs is muddled by misleading marketing and incorrect information about SSL VPN products, IPSec VPNs, what they can do, and what they actually do, so first let’s discuss some basics.
To start out, let’s define a VPN—it is an encrypted network-to-network virtual tunnel that connects trusted endpoints. Both the VPN server and client must authenticate to each ...