OpenVPN
Encyclopedia
OpenVPN is a free and open source software
application that implements virtual private network
(VPN) techniques for creating secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It uses a custom security protocol that utilizes SSL/TLS
for key exchange. It is capable of traversing network address translators (NATs) and firewall
s. It was written by James Yonan and is published under the GNU General Public License
(GPL).
OpenVPN allows peers
to authenticate
each other using a pre-shared secret key
, certificates
, or username
/password
. When used in a multiclient-server configuration, it allows the server to release an authentication certificate
for every client, using signature
and Certificate authority
. It uses the OpenSSL
encryption library extensively, as well as the SSLv3/TLSv1
protocol, and contains many security and control features.
library to provide encryption
of both the data and control channels. It lets OpenSSL do all the encryption and authentication work, allowing OpenVPN to use all the ciphers available in the OpenSSL package. It can also use the HMAC
packet authentication feature to add an additional layer of security to the connection (referred to as an "HMAC Firewall" by the creator). It can also use hardware acceleration to get better encryption performance. Support for PolarSSL
is planned in version 2.3
peers to each another. OpenVPN offers pre-shared keys
, certificate-based, and username/password-based authentication. Preshared secret key is the easiest, with certificate based being the most robust and feature-rich. In version 2.0 username/password authentications can be enabled, both with or without certificates. However to make use of username/password authentications, OpenVPN depends on third-party modules. See the Extensibility paragraph for more info.
(UDP) or Transmission Control Protocol
(TCP) transports, multiplexing created IPsec ESP tunnels on a single TCP/UDP port (RFC 3948 for UDP).
It has the ability to work through most proxy servers (including HTTP) and is good at working through Network address translation
(NAT) and getting out through firewalls. The server configuration has the ability to "push" certain network configuration options to the clients. These include IP addresses, routing commands, and a few connection options. OpenVPN offers two types of interfaces for networking via the Universal TUN/TAP driver
. It can create either a layer-3 based IP tunnel (TUN), or a layer-2 based Ethernet TAP that can carry any type of Ethernet traffic. OpenVPN can optionally use the LZO
compression library to compress the data stream. Port 1194 is the official IANA
assigned port number for OpenVPN. Newer versions of the program now default to that port. A feature in the 2.0 version allows for one process to manage several simultaneous tunnels, as opposed to the original "one tunnel per process" restriction on the 1.x series.
OpenVPN's use of common network protocols (TCP and UDP) makes it a desirable alternative to IPsec
in situations where an ISP
may block specific VPN
protocols in order to force users to subscribe to a higher-priced, "business grade," service tier.
after initialization and apply a SELinux context after initialization.
OpenVPN runs a custom security protocol based on SSL and TLS. OpenVPN offers support of smart card
s via PKCS#11
based cryptographic tokens.
integration and so on. The plug-ins are dynamically loadable modules, usually written in C
, while the scripts interface can execute any scripts or binaries available to OpenVPN. In the OpenVPN source code there are some examples of such plug-ins, including a PAM authentication plug-in.
, OpenBSD
, FreeBSD
, NetBSD
, QNX
, Mac OS X
, and Windows 2000
/XP
/Vista
/7. While most mobile phone OSes (iOS, Palm OS
, etc) do not support OpenVPN, it is available for Maemo
, Windows Mobile
6.5 and below, and Android devices which have had the Cyanogenmod
aftermarket firmware flashed or have the correct kernel module installed. It is not a "web-based" VPN, meaning that it is not shown as a web page such as Citrix or TS Web access - the program is installed independently and configured by editing text files manually, rather than through a GUI-based wizard. OpenVPN is not compatible with IPsec
or any other VPN package. The entire package consists of one binary
for both client
and server
connections, an optional configuration file
, and one or more key files depending on the authentication method used.
, pfSense
, DD-WRT
, OpenWrt
and Tomato (firmware), allowing users to run OpenVPN in client or server mode from their network routers. A router running OpenVPN in client mode, for example, facilitates users within that network to access their VPN without having to install OpenVPN on each computer on that network.
There's a more thorough list of projects related to OpenVPN in the OpenVPN wiki.
Free and open source software
Free and open-source software or free/libre/open-source software is software that is liberally licensed to grant users the right to use, study, change, and improve its design through the availability of its source code...
application that implements virtual private network
Virtual private network
A virtual private network is a network that uses primarily public telecommunication infrastructure, such as the Internet, to provide remote offices or traveling users access to a central organizational network....
(VPN) techniques for creating secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It uses a custom security protocol that utilizes SSL/TLS
Transport Layer Security
Transport Layer Security and its predecessor, Secure Sockets Layer , are cryptographic protocols that provide communication security over the Internet...
for key exchange. It is capable of traversing network address translators (NATs) and firewall
Firewall (computing)
A firewall is a device or set of devices designed to permit or deny network transmissions based upon a set of rules and is frequently used to protect networks from unauthorized access while permitting legitimate communications to pass....
s. It was written by James Yonan and is published under the GNU General Public License
GNU General Public License
The GNU General Public License is the most widely used free software license, originally written by Richard Stallman for the GNU Project....
(GPL).
OpenVPN allows peers
Peer-to-peer
Peer-to-peer computing or networking is a distributed application architecture that partitions tasks or workloads among peers. Peers are equally privileged, equipotent participants in the application...
to authenticate
Authentication
Authentication is the act of confirming the truth of an attribute of a datum or entity...
each other using a pre-shared secret key
Pre-shared key
In cryptography, a pre-shared key or PSK is a shared secret which was previously shared between the two parties using some secure channel before it needs to be used. To build a key from shared secret, the key derivation function should be used. Such systems almost always use symmetric key...
, certificates
Public key certificate
In cryptography, a public key certificate is an electronic document which uses a digital signature to bind a public key with an identity — information such as the name of a person or an organization, their address, and so forth...
, or username
User (computing)
A user is an agent, either a human agent or software agent, who uses a computer or network service. A user often has a user account and is identified by a username , screen name , nickname , or handle, which is derived from the identical Citizen's Band radio term.Users are...
/password
Password
A password is a secret word or string of characters that is used for authentication, to prove identity or gain access to a resource . The password should be kept secret from those not allowed access....
. When used in a multiclient-server configuration, it allows the server to release an authentication certificate
Public key certificate
In cryptography, a public key certificate is an electronic document which uses a digital signature to bind a public key with an identity — information such as the name of a person or an organization, their address, and so forth...
for every client, using signature
Digital signature
A digital signature or digital signature scheme is a mathematical scheme for demonstrating the authenticity of a digital message or document. A valid digital signature gives a recipient reason to believe that the message was created by a known sender, and that it was not altered in transit...
and Certificate authority
Certificate authority
In cryptography, a certificate authority, or certification authority, is an entity that issues digital certificates. The digital certificate certifies the ownership of a public key by the named subject of the certificate...
. It uses the OpenSSL
OpenSSL
OpenSSL is an open source implementation of the SSL and TLS protocols. The core library implements the basic cryptographic functions and provides various utility functions...
encryption library extensively, as well as the SSLv3/TLSv1
Transport Layer Security
Transport Layer Security and its predecessor, Secure Sockets Layer , are cryptographic protocols that provide communication security over the Internet...
protocol, and contains many security and control features.
Encryption
OpenVPN uses the OpenSSLOpenSSL
OpenSSL is an open source implementation of the SSL and TLS protocols. The core library implements the basic cryptographic functions and provides various utility functions...
library to provide encryption
Encryption
In cryptography, encryption is the process of transforming information using an algorithm to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information...
of both the data and control channels. It lets OpenSSL do all the encryption and authentication work, allowing OpenVPN to use all the ciphers available in the OpenSSL package. It can also use the HMAC
HMAC
In cryptography, HMAC is a specific construction for calculating a message authentication code involving a cryptographic hash function in combination with a secret key. As with any MAC, it may be used to simultaneously verify both the data integrity and the authenticity of a message...
packet authentication feature to add an additional layer of security to the connection (referred to as an "HMAC Firewall" by the creator). It can also use hardware acceleration to get better encryption performance. Support for PolarSSL
PolarSSL
PolarSSL is a dual licensed implementation of the SSL and TLS protocols. PolarSSL is almost entirely based on XySSL, which was written and copyrighted by French "white hat hacker" Christophe Devine. XySSL was first released on November 1, 2006 under GPL and BSD licenses...
is planned in version 2.3
Authentication
OpenVPN has several ways to authenticateAuthentication
Authentication is the act of confirming the truth of an attribute of a datum or entity...
peers to each another. OpenVPN offers pre-shared keys
Pre-shared key
In cryptography, a pre-shared key or PSK is a shared secret which was previously shared between the two parties using some secure channel before it needs to be used. To build a key from shared secret, the key derivation function should be used. Such systems almost always use symmetric key...
, certificate-based, and username/password-based authentication. Preshared secret key is the easiest, with certificate based being the most robust and feature-rich. In version 2.0 username/password authentications can be enabled, both with or without certificates. However to make use of username/password authentications, OpenVPN depends on third-party modules. See the Extensibility paragraph for more info.
Networking
OpenVPN can run over User Datagram ProtocolUser Datagram Protocol
The User Datagram Protocol is one of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer applications can send messages, in this case referred to as datagrams, to other hosts on an Internet Protocol network without requiring...
(UDP) or Transmission Control Protocol
Transmission Control Protocol
The Transmission Control Protocol is one of the core protocols of the Internet Protocol Suite. TCP is one of the two original components of the suite, complementing the Internet Protocol , and therefore the entire suite is commonly referred to as TCP/IP...
(TCP) transports, multiplexing created IPsec ESP tunnels on a single TCP/UDP port (RFC 3948 for UDP).
It has the ability to work through most proxy servers (including HTTP) and is good at working through Network address translation
Network address translation
In computer networking, network address translation is the process of modifying IP address information in IP packet headers while in transit across a traffic routing device....
(NAT) and getting out through firewalls. The server configuration has the ability to "push" certain network configuration options to the clients. These include IP addresses, routing commands, and a few connection options. OpenVPN offers two types of interfaces for networking via the Universal TUN/TAP driver
TUN/TAP
In computer networking, TUN and TAP are virtual network kernel devices. They are network devices that are supported entirely in software, which is different from ordinary network devices that are backed up by hardware network adapters....
. It can create either a layer-3 based IP tunnel (TUN), or a layer-2 based Ethernet TAP that can carry any type of Ethernet traffic. OpenVPN can optionally use the LZO
LZO
Lempel-Ziv-Oberhumer is a lossless data compression algorithm that is focused on decompression speed.- Design :The LZO library implements a number of algorithms with the following characteristics:...
compression library to compress the data stream. Port 1194 is the official IANA
Internet Assigned Numbers Authority
The Internet Assigned Numbers Authority is the entity that oversees global IP address allocation, autonomous system number allocation, root zone management in the Domain Name System , media types, and other Internet Protocol-related symbols and numbers...
assigned port number for OpenVPN. Newer versions of the program now default to that port. A feature in the 2.0 version allows for one process to manage several simultaneous tunnels, as opposed to the original "one tunnel per process" restriction on the 1.x series.
OpenVPN's use of common network protocols (TCP and UDP) makes it a desirable alternative to IPsec
IPsec
Internet Protocol Security is a protocol suite for securing Internet Protocol communications by authenticating and encrypting each IP packet of a communication session...
in situations where an ISP
Internet service provider
An Internet service provider is a company that provides access to the Internet. Access ISPs directly connect customers to the Internet using copper wires, wireless or fiber-optic connections. Hosting ISPs lease server space for smaller businesses and host other people servers...
may block specific VPN
Virtual private network
A virtual private network is a network that uses primarily public telecommunication infrastructure, such as the Internet, to provide remote offices or traveling users access to a central organizational network....
protocols in order to force users to subscribe to a higher-priced, "business grade," service tier.
Security
OpenVPN offers several internal security features. It runs in userspace, instead of requiring IP stack (and therefore kernel) operation. OpenVPN has the ability to drop root privileges, use mlockall to prevent swapping sensitive data to disk, enter a chroot jailChroot
A chroot on Unix operating systems is an operation that changes the apparent root directory for the current running process and its children. A program that is run in such a modified environment cannot name files outside the designated directory tree. The term "chroot" may refer to the chroot...
after initialization and apply a SELinux context after initialization.
OpenVPN runs a custom security protocol based on SSL and TLS. OpenVPN offers support of smart card
Smart card
A smart card, chip card, or integrated circuit card , is any pocket-sized card with embedded integrated circuits. A smart card or microprocessor cards contain volatile memory and microprocessor components. The card is made of plastic, generally polyvinyl chloride, but sometimes acrylonitrile...
s via PKCS#11
PKCS11
In cryptography, PKCS #11 is one of the family of standards called Public-Key Cryptography Standards , published by RSA Laboratories, that defines a platform-independent API to cryptographic tokens, such as Hardware Security Modules and smart cards...
based cryptographic tokens.
Extensibility
OpenVPN can be extended with third-party plug-ins or scripts which can be called at defined entry points. The purpose of this is often to extend OpenVPN with more advanced logging, enhanced authentication with username and passwords, dynamic firewall updates, RADIUSRADIUS
Remote Authentication Dial In User Service is a networking protocol that provides centralized Authentication, Authorization, and Accounting management for computers to connect and use a network service...
integration and so on. The plug-ins are dynamically loadable modules, usually written in C
C (programming language)
C is a general-purpose computer programming language developed between 1969 and 1973 by Dennis Ritchie at the Bell Telephone Laboratories for use with the Unix operating system....
, while the scripts interface can execute any scripts or binaries available to OpenVPN. In the OpenVPN source code there are some examples of such plug-ins, including a PAM authentication plug-in.
Platforms
It is available on Solaris, LinuxLinux
Linux is a Unix-like computer operating system assembled under the model of free and open source software development and distribution. The defining component of any Linux system is the Linux kernel, an operating system kernel first released October 5, 1991 by Linus Torvalds...
, OpenBSD
OpenBSD
OpenBSD is a Unix-like computer operating system descended from Berkeley Software Distribution , a Unix derivative developed at the University of California, Berkeley. It was forked from NetBSD by project leader Theo de Raadt in late 1995...
, FreeBSD
FreeBSD
FreeBSD is a free Unix-like operating system descended from AT&T UNIX via BSD UNIX. Although for legal reasons FreeBSD cannot be called “UNIX”, as the direct descendant of BSD UNIX , FreeBSD’s internals and system APIs are UNIX-compliant...
, NetBSD
NetBSD
NetBSD is a freely available open source version of the Berkeley Software Distribution Unix operating system. It was the second open source BSD descendant to be formally released, after 386BSD, and continues to be actively developed. The NetBSD project is primarily focused on high quality design,...
, QNX
QNX
QNX is a commercial Unix-like real-time operating system, aimed primarily at the embedded systems market. The product was originally developed by Canadian company, QNX Software Systems, which was later acquired by Canadian BlackBerry-producer Research In Motion.-Description:As a microkernel-based...
, Mac OS X
Mac OS X
Mac OS X is a series of Unix-based operating systems and graphical user interfaces developed, marketed, and sold by Apple Inc. Since 2002, has been included with all new Macintosh computer systems...
, and Windows 2000
Windows 2000
Windows 2000 is a line of operating systems produced by Microsoft for use on personal computers, business desktops, laptops, and servers. Windows 2000 was released to manufacturing on 15 December 1999 and launched to retail on 17 February 2000. It is the successor to Windows NT 4.0, and is the...
/XP
Windows XP
Windows XP is an operating system produced by Microsoft for use on personal computers, including home and business desktops, laptops and media centers. First released to computer manufacturers on August 24, 2001, it is the second most popular version of Windows, based on installed user base...
/Vista
Windows Vista
Windows Vista is an operating system released in several variations developed by Microsoft for use on personal computers, including home and business desktops, laptops, tablet PCs, and media center PCs...
/7. While most mobile phone OSes (iOS, Palm OS
Palm OS
Palm OS is a mobile operating system initially developed by Palm, Inc., for personal digital assistants in 1996. Palm OS is designed for ease of use with a touchscreen-based graphical user interface. It is provided with a suite of basic applications for personal information management...
, etc) do not support OpenVPN, it is available for Maemo
Maemo
Maemo is a software platform developed by the Maemo community for smartphones and Internet tablets. It is based on the Debian Linux distribution, but has no relation to it...
, Windows Mobile
Windows Mobile
Windows Mobile is a mobile operating system developed by Microsoft that was used in smartphones and Pocket PCs, but by 2011 was rarely supplied on new phones. The last version is "Windows Mobile 6.5.5"; it is superseded by Windows Phone, which does not run Windows Mobile software.Windows Mobile is...
6.5 and below, and Android devices which have had the Cyanogenmod
CyanogenMod
CyanogenMod is an after-market replacement for the firmware of over sixty cell phones and Internet tablets. Based on the Android mobile computer operating system, it offers features and options not found in the official firmware distributed by vendors of these devices.Features supported by...
aftermarket firmware flashed or have the correct kernel module installed. It is not a "web-based" VPN, meaning that it is not shown as a web page such as Citrix or TS Web access - the program is installed independently and configured by editing text files manually, rather than through a GUI-based wizard. OpenVPN is not compatible with IPsec
IPsec
Internet Protocol Security is a protocol suite for securing Internet Protocol communications by authenticating and encrypting each IP packet of a communication session...
or any other VPN package. The entire package consists of one binary
Binary file
A binary file is a computer file which may contain any type of data, encoded in binary form for computer storage and processing purposes; for example, computer document files containing formatted text...
for both client
Client (computing)
A client is an application or system that accesses a service made available by a server. The server is often on another computer system, in which case the client accesses the service by way of a network....
and server
Server (computing)
In the context of client-server architecture, a server is a computer program running to serve the requests of other programs, the "clients". Thus, the "server" performs some computational task on behalf of "clients"...
connections, an optional configuration file
Configuration file
In computing, configuration files, or config files configure the initial settings for some computer programs. They are used for user applications, server processes and operating system settings. The files are often written in ASCII and line-oriented, with lines terminated by a newline or carriage...
, and one or more key files depending on the authentication method used.
Firmware implementations
OpenVPN has been integrated into routing firmware packages such as VyattaVyatta
Vyatta manufactures an open source router/firewall/VPN product for Internet Protocol networks . A free download of Vyatta has been available since March 2006. The system is a specialized Debian-based Linux distribution with networking applications such as Quagga, OpenVPN, and many others...
, pfSense
PfSense
pfSense is an open source firewall/router distribution based on FreeBSD. pfSense is meant to be installed on a personal computer and is noted for its reliability and offering features often only found in expensive commercial firewalls. It can be configured and upgraded through a web-based...
, DD-WRT
DD-WRT
DD-WRT is a Linux-based firmware for several wireless routers, most notably the Linksys WRT54G . Like other similar projects, DD-WRT is third-party firmware designed to replace the firmware that ships pre-installed on many commercial routers...
, OpenWrt
OpenWrt
OpenWrt is a Linux distribution primarily targeted at routing on embedded devices. It comprises a set of about 2000 software packages, installed and uninstalled via the opkg package management system. OpenWrt can be configured using the command-line interface of BusyBox ash, or the web interface...
and Tomato (firmware), allowing users to run OpenVPN in client or server mode from their network routers. A router running OpenVPN in client mode, for example, facilitates users within that network to access their VPN without having to install OpenVPN on each computer on that network.
Third-party client software
| Client | Operating System | Cost | Developer | Latest release | Link | Notes |
|---|---|---|---|---|---|---|
| OpenVPN Client | Cross-platform Cross-platform In computing, cross-platform, or multi-platform, is an attribute conferred to computer software or computing methods and concepts that are implemented and inter-operate on multiple computer platforms... |
Free | OpenVPN Technologies, Inc. | 1.7.2 / | openvpn.net, Commercial version download | Commercial version, Requires .NET Framework 3.5 SP1 for Desktop Client. Installs TAP-Win32 Adapter OAS. |
| OpenVPN Portable | Microsoft Windows Microsoft Windows Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal... |
Free | Lukas Landis | 1.6.6 / | sourceforge.net/projects/ovpnp | Installs TAP-Win32 Adapter V9 at startup and uninstalls adapter after shutdown. |
| OpenVPN Manager | Microsoft Windows Microsoft Windows Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal... |
Free | Jochen Wierum | 0.0.3.1 / | openvpn.jowisoftware.de/, sourceforge.net/projects/openvpnmngr | |
| SecurepointSSLVPN | Microsoft Windows Microsoft Windows Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal... |
Free | Securepoint GmbH | RC3 / | sourceforge.net/projects/securepoint | Uses TAP-Win32 Adapter V9. |
| OpenVPN MI GUI | Microsoft Windows Microsoft Windows Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal... |
Free | Boris Wesslowski | 20110902 / | openvpn-mi-gui.inside-security.de | Alternative to the shipped Windows GUI that overcomes some of its problems |
| Viscosity | Mac OS X Mac OS X Mac OS X is a series of Unix-based operating systems and graphical user interfaces developed, marketed, and sold by Apple Inc. Since 2002, has been included with all new Macintosh computer systems... & Microsoft Windows Microsoft Windows Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal... |
Paid | SparkLabs | 1.3.4 / | thesparklabs.com/viscosity | Available for both Mac OS X & Windows |
| Tunnelblick | Mac OS X Mac OS X Mac OS X is a series of Unix-based operating systems and graphical user interfaces developed, marketed, and sold by Apple Inc. Since 2002, has been included with all new Macintosh computer systems... |
Free | Tunnelblick | 3.1.7 / | code.google.com/p/tunnelblick | Can act as client or server. Beta versions with advanced features also available. |
| Shimo | Mac OS X Mac OS X Mac OS X is a series of Unix-based operating systems and graphical user interfaces developed, marketed, and sold by Apple Inc. Since 2002, has been included with all new Macintosh computer systems... |
Paid | ChungwaSoft | 2.2.3 / | shimoapp.com | |
| OpenVPN | DD-WRT DD-WRT DD-WRT is a Linux-based firmware for several wireless routers, most notably the Linksys WRT54G . Like other similar projects, DD-WRT is third-party firmware designed to replace the firmware that ships pre-installed on many commercial routers... |
Free | NewMedia-NET GmbH | v24 SP1 (Build10020) / | dd-wrt.com | |
| TomatoVPN | Tomato (firmware) | Free | Keith Moyer | 1.27vpn3.6 / | tomatovpn.keithmoyer.com | |
| TunnelDroid | Android | Free | TunnelDroid | sourceforge.net/projects/tunneldroid, Market Download | Merged with OpenVPN Settings. | |
| OpenVPN Settings | Android | Free | android-openvpn-settings | 0.4.7 / | code.google.com/p/android-openvpn-settings | |
| LiliVPN | Cross-platform Cross-platform In computing, cross-platform, or multi-platform, is an attribute conferred to computer software or computing methods and concepts that are implemented and inter-operate on multiple computer platforms... |
Free | Rens Sparrius | 0.4 Alpha | lilivpn.com | |
| OAST | Cross-platform Cross-platform In computing, cross-platform, or multi-platform, is an attribute conferred to computer software or computing methods and concepts that are implemented and inter-operate on multiple computer platforms... |
Free | Chlen Nigera, Karthik Upadhyayula | 2.4.2.0 / | sourceforge.net/projects/oast/ | Requires: Java, portable version is bundled with Java. |
| Guizmovpn | iPhone IPhone The iPhone is a line of Internet and multimedia-enabled smartphones marketed by Apple Inc. The first iPhone was unveiled by Steve Jobs, then CEO of Apple, on January 9, 2007, and released on June 29, 2007... /iPad IPad The iPad is a line of tablet computers designed, developed and marketed by Apple Inc., primarily as a platform for audio-visual media including books, periodicals, movies, music, games, and web content. The iPad was introduced on January 27, 2010 by Apple's then-CEO Steve Jobs. Its size and... /iOS |
Paid | Guizmo | 1.1.0 / | GuizmOVPN.com | Only on JailBroken IOS devices on the cydia Cydia Cydia is a large genus of tortrix moths, belonging to the tribe Grapholitini of subfamily Olethreutinae. Its distinctness from and delimitation versus the tribe's type genus Grapholita requires further study.... store due to interference with DNS and routing. |
There's a more thorough list of projects related to OpenVPN in the OpenVPN wiki.
Community
There are many support options for OpenVPN. The primary method for community support is through the OpenVPN mailing lists. Other sources of support, not directly affiliated with OpenVPN include:| Support Source | Description |
|---|---|
| OpenVPN Documentation | 2.0 Manual 2.1 Manual 2.2 Manual |
| IRC | [irc://irc.freenode.net/openvpn #openvpn] on irc.freenode.net |
| Forum | Official OpenVPN forums |
| Community | Official OpenVPN wiki/bug tracker OpenVPN e.V. community Secure Computing Networks OpenVPN Wiki |
See also
- OpenSSHOpenSSHOpenSSH is a set of computer programs providing encrypted communication sessions over a computer network using the SSH protocol...
, which also implements a level-2/3 "tun"-based VPN - stunnelStunnelStunnel is an open-source multi-platform computer program, used to provide universal TLS/SSL tunneling service.Stunnel can be used to provide secure encrypted connections for clients or servers that do not speak TLS or SSL natively. It runs on a variety of operating systems , including most...
encrypt any TCP connection (single port service) over SSL - UDP hole punchingUDP hole punchingUDP hole punching is a commonly used technique employed in network address translator applications for maintaining User Datagram Protocol packet streams that traverse the NAT...
, a technique for establishing UDP "connections" between firewalled/NATed network nodes - Virtual private network (VPN)Virtual private networkA virtual private network is a network that uses primarily public telecommunication infrastructure, such as the Internet, to provide remote offices or traveling users access to a central organizational network....
- Point-to-Point Tunneling ProtocolPoint-to-point tunneling protocolThe Point-to-Point Tunneling Protocol is a method for implementing virtual private networks. PPTP uses a control channel over TCP and a GRE tunnel operating to encapsulate PPP packets....
(PPTP) Microsoft method for implementing VPN
External links
- OpenVPN project homepage
- OpenVPN presentation and demonstration video Hampshire Linux User Group. Archive.org. details.