The FreeBSD Diary

The FreeBSD Diary (TM)

Providing practical examples since 1998

If you buy from Amazon USA, please support us by using this link.
 New Topic  |  Go to Top  |  Go to Topic  |  Search  |  Log In   Newer Topic  |  Older Topic 
Author: Wyness 
Date:   22-04-05 00:06

Recently, I've been playing with OpenVPN [] in a number of environments and I have found it quite light to set up compared to most other IPSec configurations I've bumped into.

The software is available on most of the major platforms (linux, win2000/XP, OpenBSD, FreeBSD, NetBSD, MacOS X, and Solaris) and there are GUIs for MacOS X and Windows.

The reason I bring this is up is because I found that the OpenVPN tunnel is 'secure', the daemon offers and assigns IPs to clients with its own DHCP service. The service can be set up to operate in a bridging or routing mode as well. This may allow you to work with the internal services that require broadcast capabilities such as NetBIOS, etc.

Authentication is handled with SSL Certificates that can be password protected, etc., ensuring that you're really talking to you the server you think you're talking to. While not directly applicable to your wireless security setup, OpenVPN appears to do quite well through NAT where I was having serious connectivity problems with IPSec and people roaming behind various access gateways at hotels, etc, etc.

Finally, the complexity of IPSec and cost of dedicated clients for Windows made managing the infrastructure more work than I wanted. OpenVPN so far has been working well and according to a few papers out there (Check out, OpenVPN is well done and so far I'm inclined to agree.

Anyhow, I thought I'd put another option out there on the table. I've personally deployed OpenVPN on OpenBSD out of familliarity and I'm quite pleased with the software thus far.

Should you decide to try out OpenVPN, I'd like to hear about your experiences with it. :)

-- Wyness

Reply To This Message
 Forum List  |  Threaded View   Newer Topic  |  Older Topic 

 User Login
 User Name:
 Remember my login:
 Forgot Your Password?
Enter your email address or user name below and a new password will be sent to the email address associated with your profile.
How to get the most out of the forum