Switch to the store?

OpenVPN: Building and Integrating Virtual Private Networks

More Information
Learn

Chapter 1 looks at what VPNs are, how they evolved during the last decade, why it is necessary to modern enterprises, how typical VPNs work. The chapter also covers some essential networking concepts.

Chapter 2 explains VPN security issues, including symmetric and asymmetric encryption, the SSL/TLS library, and SSL certificates.

Chapter 3 introduces OpenVPN. In this chapter, we learn about the history of OpenVPN, how OpenVPN works, and how OpenVPN compares to IPSec VPN applications.

Chapter 4 covers installing OpenVPN on both Windows, the Mac, Linux, and FreeBSD. It covers the installation on Linux from the source code and RPM packages. Installation on Suse and Debian is covered in detail.

In Chapter 5, an encryption key for OpenVPN is created and it is then used to setup up our first OpenVPN Tunnel between two windows systems in the same network. The key is then copied on a Linux system and this system is connected through a tunnel to the first windows machine.

Chapter 6 shows how to create x509 server and client certificates for use with OpenVPN. easy-rsa which comes with OpenVPN and is available for both Windows and Linux is used.

Chapter 7 reviews the syntax of the command line tool openvpn, which enables building tunnels quickly. The configuration options of openvpn are covered in detail with examples.

Chapter 8 shows how to make the example tunnels created earlier safer and persistent by choosing a reliable combination of configuration file parameters. It then covers how to configure firewalls on Linux and Windows to work with OpenVPN.

Chapter 9 focuses on using xca, the advanced Windows tool with which x509 certificates can be easily managed. Its Linux equivalent, Tinyca2, which can even manage multiple certificate authorities, is also covered.

Chapter 10 covers advanced OpenVPN configurations, including Tunneling through a proxy server, pushing routing commands to clients, pushing and setting the default route through a tunnel, Distributed compilation through VPN tunnels with distcc, and OpenVPN scripting.

Chapter 11 shows how to debug and monitor VPN tunnels. It covers standard networking tools that can be used for scanning and testing the connectivity of a VPN server.

About

OpenVPN is a powerful, open source SSL VPN application. It can secure site-to-site connections, WiFi and enterprise-scale remote connections. While being a full-featured VPN solution, OpenVPN is easy to use and does not suffer from the complexity that characterizes other IPSec VPN implementations. It uses the secure and stable TLS/SSL mechanisms for authentication and encryption.

This book is an easy introduction to this popular VPN application. After introducing the basics of security and VPN, the book moves on to cover using OpenVPN, from installing it on various platforms, through configuring basic tunnels, to more advanced features, such as using the application with firewalls, routers, proxy servers, and OpenVPN scripting.

While providing only necessary theoretical background, the book takes a practical approach, presenting plenty of examples.

Features
  • Learn how to install, configure, and create tunnels with OpenVPN on Linux, Windows, and MacOSX
  • Use OpenVPN with DHCP, routers, firewall, and HTTP proxy servers
  • Advanced management of security certificates
Page Count 270
Course Length 8 hours 6 minutes
ISBN9781904811855
Date Of Publication 10 May 2006
Branches Connected by Dedicated Lines
How Does a VPN Work?
VPN Concepts—Overview
Summary
VPN Security
Privacy—Encrypting the Traffic
SSL/TLS Security
Summary
Advantages of OpenVPN
History of OpenVPN
Networking with OpenVPN
OpenVPN Compared to IPsec VPN
Sources for Help and Documentation
The Project Community
Summary
Prerequisites
Obtaining the Software
Installing OpenVPN on Windows
Installing OpenVPN on Mac OS X (Tunnelblick)
Installing OpenVPN on SuSE Linux
Installing OpenVPN on Redhat Fedora Using yum
Installing OpenVPN on RPM-Based Systems
Installing OpenVPN on Debian
Installing OpenVPN on FreeBSD
Troubleshooting—Advanced Installation Methods
Internet Links, Installation Guidelines, and Help
Summary
OpenVPN on Microsoft Windows
Connecting Windows and Linux
Troubleshooting Firewall Issues
Summary
Creating Certificates
Certificate Generation on Windows XP with easy-rsa
Distributing the Files to the VPN Partners
Configuring OpenVPN to Use Certificates
Using easy-rsa on Linux
Troubleshooting
Summary
Syntax of openvpn
Using OpenVPN at the Command Line
Configuring OpenVPN with Certificates—Simple TLS Mode
Overview of OpenVPN Parameters
Important Windows-Specific Options
Summary
Securing and Stabilizing OpenVPN
Linux and Firewalls
Configuring the Windows Firewall for OpenVPN
Summary
Certificate Management and Security
Installing xca
Using xca
Using TinyCA2 to Manage Certificates
Summary
Tunneling a Proxy Server and Protecting the Proxy
Scripting OpenVPN—An Overview
Using Authentication Methods
Using a Client Configuration Directory with Per-Client Configurations
Individual Firewall Rules for Connecting Clients
Distributed Compilation through VPN Tunnels with distcc
Ethernet Bridging with OpenVPN
Automatic Installation for Windows Clients
Summary
Testing the Network Connectivity
Checking Interfaces, Routing, and Connectivity on the VPN Servers
Debugging with tcpdump and IPTraf
Using OpenVPN Protocol and Status Files for Debugging
Scanning Servers with Nmap
Monitoring Tools
Hints to Other Tools
Summary

Authors

Markus Feilner

Markus Feilner is a seasoned Linux expert from Regensburg, Germany. He has been working with free and open source software since 1994, as a trainer, consultant, author and journalist. His first contact with UNIX was a SUN cluster and SPARC workstations at Regensburg University (during his studies of geography).

Since 2000, he has published many books and courses used in Linux training sessions all over the world. Among that were three books for Packt (two on OpenVPN and one on Scalix Groupware). In the same year, he founded his own Linux consulting and training company, Feilner IT. He was also working as a trainer, consultant, and systems engineer at Millenux, Munich, where he focused on groupware, collaboration, and virtualization with Linux-based systems and networks.

Until 2015, he had been deputy editor-in-chief at the German Linux-Magazine, where he wrote about open source software for both printed and online magazines, including the Linux Technical Review and the Linux Magazine International (the U.S., UK, and Australia).

Today, the Conch diplomat, Minister of the Universal Life Church, Jedi Knight, and owner of lunar property holds several nationalities and is employed as Team Lead of the SUSE Documentation Team in Nürnberg. He regularly gives keynotes, workshops, lectures, and presentations at tech and political conferences in Germany.

He is interested in anything about geography, traveling, photography, philosophy (especially that of open source software), global politics, modern science, arts and literature, but always has too little time for these hobbies.