14 lines
1.5 KiB
Org Mode
14 lines
1.5 KiB
Org Mode
:PROPERTIES:
|
|
:ID: 94daf0fc-da84-4b90-a200-7b147f721e2a
|
|
:END:
|
|
#+title: open-vpn
|
|
|
|
OpenVPN is a virtual private network ([[id:1af47b07-4205-46ac-837a-ee078067328a][vpn]]) system that implements techniques to create secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It implements both [[id:70899526-8b7d-4976-94fc-cc07c41e550a][client]] and [[id:f2b1d5af-1a7d-47a5-95c8-4a85d558419e][server]] applications.
|
|
|
|
OpenVPN allows peers to authenticate each other using pre-shared secret keys, [[id:e28dfeaa-876b-4255-a25e-dcc0c909d08a][certificates]] or username/password. When used in a multiclient-server configuration, it allows the server to release an authentication certificate for every client, using signatures and certificate authority.
|
|
|
|
It uses the OpenSSL encryption library extensively, as well as the [[id:872ee33b-8361-40c7-9d88-69b3afe5ade2][TLS]] [[id:bd5b34ba-aa98-4808-b97b-2376aa7b8866][protocol]], and contains many security and control features. It uses a custom security protocol that utilizes [[id:95c8982d-e104-43a2-9bb2-fd7e1c3204f2][SSL]]/TLS for key exchange. It is capable of traversing network address translators ([[id:d5ba6251-d7b1-4954-864d-c2f817aabf15][NAT]]s) and [[id:b9047be5-edca-4eca-8bac-c45e03373942][firewall]].
|
|
|
|
OpenVPN has been ported and embedded to several systems. For example, DD-WRT has the OpenVPN server function. SoftEther VPN, a multi-protocol VPN server, also has an implementation of OpenVPN protocol
|
|
|