Giter Site home page Giter Site logo

openvpn's Introduction

OpenVPN™ - Open Source VPN solution

OpenVPN™ is a full-featured open source SSL VPN solution that accommodates a wide range of configurations, including remote access, site-to-site VPNs, Wi-Fi security, and more. OpenVPN™ offers a cost-effective, lightweight alternative to other VPN technologies that is well-targeted for the SME and enterprise markets.

This appliance includes all the standard features in TurnKey Core, and on top of that:

  • OpenVPN™ configurations:

    • Initialization hooks to configure common OpenVPN™ deployments such as server, gateway and client profiles.
    • All profiles support SSL/TLS certificates for authentication and key exchange.
    • Server and gateway deployments include a convenience script to add clients, generating all required keys and certificates, as well as a unified ovpn profile for clients to easily connect to the VPN.
    • Expiring obfuscated HTTPS urls can be created for clients to download their profiles (especially useful with mobile devices using a QR code scanner).
    • The server profile supports a private subnet configuration, enabling clients to reach servers behind the OpenVPN™ server.
    • The gateway profile configures connecting clients to tunnel all their traffic through the VPN.
    • When adding clients in a server or gateway deployment, an optional parameter can be given to enable computers on a subnet behind the client to connect to the VPN.
    • For added security, OpenVPN™ is configured to drops privilages, run in a chroot jail dedicated to CRL, and uses tls-auth for HMAC signature verification protecting againsts DoS attacks, port flooding, port scanning and buffer overflow vulnerabilities in the SSL/TLS implementation.

See the Usage documentation for further details, including Amazon VPC notes and cloudformation template.

Note: OpenVPN™ is a registered trademark of OpenVPN™ Technologies, Inc. This software appliance is not supported by OpenVPN™ Technologies, Inc.

Potential issues caused by timezone mismatch

Some VPN client applications expect certificate timestamps to be in local time. However, by default, TurnKey servers use UTC time.

That can lead to the creation of certificates, which according to local time, are not yet valid. Under these circumstance, connection will fail.

To avoid that, please set the timezone for your TurnKey OpenVPN server prior to further configuration. To do that via the commandline:

dpkg-reconfigure tzdata

For further info re setting timezone, please see this TurnKey Blog post.

Credentials (passwords set at first boot)

  • Webmin, SSH: username root

openvpn's People

Contributors

jedmeister avatar alonswartz avatar ongle avatar lirazsiri avatar a3s7p avatar qq7 avatar plieven avatar theodorerambert avatar alejandrobofh avatar jeltef avatar tnyeanderson avatar

Watchers

James Cloos avatar avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.