August 25, 2006

297 words 2 mins read

The Virtues of OpenVPN – Part 1

Ah, I have discovered the wonderful warm and fuzzy feeling that is OpenVPN. Now its not that I’ve never heard of OpenVPN before, I just never really got around to using it. The oddest piece of OVPN is that there is no “server” or “client” software. They have a single piece of software that simply acts different depending on the configuration file (and seeing is how you can have multiple config files, you can actually have a server and a client operating on the same machine, using the same binaries).

Rewind a little bit. The boss made mention to me the idea of going to an open source office. Now, I of course told him how wonderful Microsoft was and what a bad idea using linux is…. Kidding. So I began doing research on how to replace MS AD with something else. I still wanted a centralized login system if at all possible. As it turns out LDAP is probably the answer (More on that in another post). Regardless, on key requirement for me was a VPN solution that worked well on Linux (some of you may know that PPTP VPN to a windows box from Linux SUCKS). Thats where OpenVPN comes in, that and the fact that it has an LDAP Authentication plugin.

I hate to say this, but its actually VERY simple to setup OpenVPN for client/server. For once RTFM is not a waste of time, and will get you where you need to go right quick. You’ll also see at the bottom example configurations for both servers and clients. Note, these work on just about any platform. In fact in my experimental network the server is running Debian, and I have one client on both Windows and Linux. Work perfectly, and very quickly too.