Gargoyle Wiki

User Tools

Site Tools

Trace:
openvpn

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
openvpn [2012/08/03 04:25]
ispyisail 		openvpn [2016/05/07 21:39] (current)
ispyisail
Line 2: Line 2:
  
 ====== OpenVPN ====== ====== OpenVPN ======
-{{INLINETOC 2 4 }} + 
 ===== Introduction ===== ===== Introduction =====
 ==== VPN ==== ==== VPN ====
-A virtual private network (VPN) is a private network that interconnects remote (and often geographically separate) networks through primarily public communication infrastructures such as the Internet. VPNs provide security through tunnelling protocols and security procedures such as encryption. For example, a VPN could be used to securely connect the branch offices of an organisation to a head office network through the public Internet. +A virtual private network (VPN) is a private network that connects remote (and often geographically separate) networks through primarily public communication infrastructures such as the Internet. VPNs provide security through tunnelling protocols and security procedures such as encryption. For example, a VPN could be used to securely connect the branch offices of an organisation to a head office network through the public Internet. 
  
 There are two main types of VPN: remote-access VPNs and Site-to-site VPNs. Remote-access VPNs allow individual users to connect to a remote network such as roaming salespeople connecting to their company's Intranet. Site-to-site VPNs allow inter-connection of networks of multiple users for example, branch offices to the main company network. There are two main types of VPN: remote-access VPNs and Site-to-site VPNs. Remote-access VPNs allow individual users to connect to a remote network such as roaming salespeople connecting to their company's Intranet. Site-to-site VPNs allow inter-connection of networks of multiple users for example, branch offices to the main company network.
Line 13: Line 14:
 OpenVPN is a full-featured open source SSL VPN solution that accommodates a wide range of configurations, including remote access, site-to-site VPNs, Wi-Fi security, and enterprise-scale remote access solutions with load balancing, fail-over, and fine-grained access-controls. Starting with the fundamental premise that complexity is the enemy of security. OpenVPN is a full-featured open source SSL VPN solution that accommodates a wide range of configurations, including remote access, site-to-site VPNs, Wi-Fi security, and enterprise-scale remote access solutions with load balancing, fail-over, and fine-grained access-controls. Starting with the fundamental premise that complexity is the enemy of security.
  
-===== Requirements =====+====== Requirements ======
  
  
-==== Router Requirements ====+===== Router Requirements =====
 You will need an atheros ar71xx based router with at least 8MB of flash and 32MB of memory (e.g. TP-Link 1043ND, Netgear WNDR3700v1-2/3800, Buffalo WZR-HP-G300NH etc.), for this feature to work. You will need an atheros ar71xx based router with at least 8MB of flash and 32MB of memory (e.g. TP-Link 1043ND, Netgear WNDR3700v1-2/3800, Buffalo WZR-HP-G300NH etc.), for this feature to work.
  
-===== Connection Types=====+====== Connection Types ======
  
  
  
 ==== Remote-Access ==== ==== Remote-Access ====
 +
 +----
  
 {{:gargoyle_-_openvpn_pc_to_router.png ?550}} {{:gargoyle_-_openvpn_pc_to_router.png ?550}}
  
-==== Site-to-Site ====+=== Site-to-Site === 
 + 
 + 
 {{:gargoyle_-_openvpn_router_to_router.png?550}} {{:gargoyle_-_openvpn_router_to_router.png?550}}
  
-===== Set-up =====+ 
 +=== Setup === 
 + 
 + 
 + 
 In your router configuration select **OpenVPN** Configuration In your router configuration select **OpenVPN** Configuration
  
Line 46: Line 57:
  
 **select option 3.** - Setup router as a open VPN server **select option 3.** - Setup router as a open VPN server
 +
 +One very important caveat: If your router is configured as an OpenVPN client, per-IP bandwidth monitoring and per-IP quotas **will not work**. Quotas that apply to the whole network, and total bandwidth usage statistics will still be accurate.
 +
 +
  
  
Line 58: Line 73:
 |OpenVPN Cipher:|default = Blowfish-CBC 128bit| |OpenVPN Cipher:|default = Blowfish-CBC 128bit|
  
-===== Client-To-Client Traffic: =====+---- 
 + 
 +**Client-To-Client Traffic:** 
 + 
 +----
  
  
Line 72: Line 91:
 When this option set to "Allow Clients", each client will "see" the other clients which are currently connected. Otherwise, each client will only see the server. Don't use this option if you want to firewall tunnel traffic using custom, per-client rules. When this option set to "Allow Clients", each client will "see" the other clients which are currently connected. Otherwise, each client will only see the server. Don't use this option if you want to firewall tunnel traffic using custom, per-client rules.
  
-===== LAN Subnet Access: =====+---- 
 + 
 +**LAN Subnet Access:** 
 + 
 +----
  
  
Line 81: Line 104:
  
 **Select option 2.** - Allow remotely connected clients full access to the LAN. **Select option 2.** - Allow remotely connected clients full access to the LAN.
 +
 +----
    
-===== Credential Re-Use: =====+**Credential Re-Use:** 
 + 
 +----
  
  
Line 92: Line 119:
 **Select option 2.** - Client configuration file can be used on more than one OpenVPN remote client **Select option 2.** - Client configuration file can be used on more than one OpenVPN remote client
  
-===== Clients Use VPN For: =====+---- 
 + 
 +**Clients Use VPN For:** 
 + 
 +---- 
  
   - All Client Traffic   - All Client Traffic
Line 101: Line 133:
 **Select option 2.** - All traffic execpt Traffic Destined for Hosts Behind VPN to be routed through local connection **Select option 2.** - All traffic execpt Traffic Destined for Hosts Behind VPN to be routed through local connection
  
-<alertbox> 
-Note: If option 1. is selected Gargoyle controls all internet traffic for the connected client which could cause undesired and unexpected results. 
-</alertbox> 
  
 +//Note: If option 1. is selected Gargoyle controls all internet traffic for the connected client which could cause undesired and unexpected results.//
  
  
Line 111: Line 141:
  
  
- 
- 
-  
  
  
  
  
 + 
  
  
openvpn.1343967946.txt.gz · Last modified: 2012/08/03 04:25 by ispyisail

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki