Virtual Private Networking with OpenVPN Wim Kerkhoff Fraser Valley Linux Users Group April 15, 2004.

Slides:



Advertisements
Similar presentations
RASPro is a secure high performance remote application delivery platform through a perfect combination of application hosting and application streaming.
Advertisements

© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 High-performance Gigabit Ethernet ports rapidly transfer large files supporting.
Enabling IPv6 in Corporate Intranet Networks
Guide to Network Defense and Countermeasures Second Edition
Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)
1.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.
Module 5: Configuring Access for Remote Clients and Networks.
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
1 Configuring Virtual Private Networks for Remote Clients and Networks.
October 22, 2002Serguei A. Mokhov, 1 Intro to Internet-services from Security Standpoint, Part II SOEN321-Information-Systems Security.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
VIRTUAL PRIVATE NETWORKS (VPN). GROUP MEMBERS ERVAND AKOPYAN ORLANDO CANTON JR. JUAN DAVID OROZCO.
COS 420 Day 18. Agenda Assignment 4 Posted Chap Due April 6 Group project program requirements Submitted but Needs lots of work Individual Project.
Topics 1.Security options and settings 2.Layer 2 vs. Layer 3 connection types 3.Advanced network and routing options 4.Local connections 5.Offline mode.
Internet Protocol Security (IPSec)
M2M Gateway Features Jari Lahti, CTO
Renjie Weng presentation 4/22/2013.
Network Address Translation, Remote Access and Virtual Private Networks BSAD 146 Dave Novak Sources: Network+ Guide to Networks, Dean 2013.
Virtual Private Network (VPN) © N. Ganesan, Ph.D..
1 The VPN Menu. 2 The VPN Menu VPN The GD eSeries can be set up either as an OpenVPN server or as a client, and even play both roles at the same time,
Copyright Microsoft Corp Ramnish Singh IT Advisor Microsoft Corporation Secure Remote Access Challenges, Choices, Best Practices.
Networking Components Chad Benedict – LTEC
NetComm Wireless VPN Functionality Feature Spotlight.
Building a massively scalable serverless VPN using Any Source Multicast Athanasios Douitsis Dimitrios Kalogeras National Technical University of Athens.
DrayTek VPN Solution. Outline What is VPN What does VPN Do Supported VPN Protocol How Many Tunnels does Vigor Support VPN Application Special VPN Application.
1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft.
Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.
Course 201 – Administration, Content Inspection and SSL VPN
Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 23 Virtual Private Networks (VPNs)
Network+ Guide to Networks 6 th Edition Chapter 10 Virtual Networks and Remote Access.
1 The SpaceWire Internet Tunnel and the Advantages It Provides For Spacecraft Integration Stuart Mills, Steve Parkes Space Technology Centre University.
MikroTik Experience Overview - Wireless ISP Solutions
SYSTEM ADMINISTRATION Chapter 13 Security Protocols.
PSeries Technical Conference L19 Brian Dolan-Goecke Atlanta, GeorgiaOctober 8-12, 2001 Linux VPN.
VPN: An Easy Software / Appliance Solution for Remote Access Robert Gulick, EdD DBA/Technology Trainer Parma City School District
Module 8: Configuring Virtual Private Network Access for Remote Clients and Networks.
1. Collision domains are unsecure 2. The employees often need to remote access to corporate network resources  The Internet traffic is much more vulnerable.
OpenVPN OpenVPN: an open source, cross platform client/server, PKI based VPN.
Linux Networking and Security Chapter 11 Network Security Fundamentals.
Page 1 NAT & VPN Lecture 8 Hassan Shuja 05/02/2006.
Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.
Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.
Module 8 Configuring Mobile Computing and Remote Access in Windows® 7.
VIRTUAL PRIVATE NETWORK By: Tammy Be Khoa Kieu Stephen Tran Michael Tse.
Abdullah Alshalan Garrett Drown Team 3 CSE591: Virtualization and Cloud Computing.
Hands-On Microsoft Windows Server Introduction to Remote Access Routing and Remote Access Services (RRAS) –Enable routing and remote access through.
Module 11: Implementing ISA Server 2004 Enterprise Edition.
C3 confidentiality classificationIntegrated M2M Terminals Introduction Vodafone MachineLink 3G v1.0 1 Vodafone MachineLink 3G VPN functionality Feature.
1 實驗九:建置網路安全閘道器 教師: 助教:. 2 Outline  Background  Proxy – Squid  Firewall – IPTables  VPN – OpenVPN  Experiment  Internet gateway  Firewall  VPN.
The University of Oklahoma Virtual Private Network How it works.
OpenVPN Vs IPSec measure performance
FreeS/WAN & VPN Cory Petkovsek VPN: Virtual Private Network – a secure tunnel through untrusted networks. IP Security (IPSec): a standardized set of authentication.
TCP/IP (Transmission Control Protocol / Internet Protocol)
BASIC NETWORK PROTOCOLS AND THEIR FUNCTIONS Created by: Ghadeer H. Abosaeed June 23,2012.
Virtual Private Networks Ed Wagner CS Overview Introduction Types of VPNs Encrypting and Tunneling Pro/Cons the VPNs Conclusion.
Lect 8 Tahani al jehain. Types of attack Remote code execution: occurs when an attacker exploits a software and runs a program that the user does not.
VPN Alex Carr. Overview  Introduction  3 Main Purposes of a VPN  Equipment  Remote-Access VPN  Site-to-Site VPN  Extranet Based  Intranet Based.
IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.
Networks and Security Great Demo
Ad Hoc – Wireless connection between two devices Backbone – The hardware used in networking Bandwidth – The speed at which the network is capable of sending.
Last updated: 28 April, 2006 Tomas B. Krag ItrainOnline MMTK: 1 Linux based Infrastructure Developed by: Tomas B. Krag, wire.less.dk.
VPN’s Andrew Stormer COSC 356 Fall What is a VPN? Acronym – Virtual Private Network Acronym – Virtual Private Network Connects two or more private.
Virtual Private Network Access for Remote Networks
Chapter 1 Introduction to Networking
Virtual Private Networking with OpenVPN
Building Distributed Networks using VPNs David R Newman.
Topic 5: Communication and the Internet
Goals Introduce the Windows Server 2003 family of operating systems
Cengage Learning: Computer Networking from LANs to WANs
Virtual Private Network
Presentation transcript:

Virtual Private Networking with OpenVPN Wim Kerkhoff Fraser Valley Linux Users Group April 15, 2004

FVLUG/OpenVPN presentation, April 2004 Wim Kerkhoff 2 The Basics: What is VPN? Short for Virtual Private Network Creates a private network over a public medium Typically uses for encrypting/securing traffic sent across the Internet between two locations Can also be used for single hosts on a LAN (even a wireless one) Nobody with access to the public network can see the traffic moving through the VPN – looks like garbage

FVLUG/OpenVPN presentation, April 2004 Wim Kerkhoff 3 What does OpenVPN offer? It’s Open Source (GPL), flexible, easy to setup Can tunnel any IP (layer 3) or Ethernet (layer 2) over a single UDP or TCP port Cross platform (Linux, *BSD/OSX, Windows 2000/XP, Solaris) Encryption provided via OpenSSL – tons of options/ciphers/etc Can use a 2048 bit shared key or digital certificates (PKI) Compression, traffic-shaping Works nicely with restrictive firewalls

FVLUG/OpenVPN presentation, April 2004 Wim Kerkhoff 4 How is OpenVPN different from other VPN packages? Only open source package that uses SSL Doesn’t need a special kernel module, unlike FreeS/WAN. Only the generic TAP/TUN driver is needed Very portable Easy – lots of configuration examples Traffic shaping per tunnel Can support hundreds of tunnels User-space: can co-exist with other networking packages eg IP/SEC. Can connect through an HTTP proxy Easier to set up on non-Win32 systems then PPTP

FVLUG/OpenVPN presentation, April 2004 Wim Kerkhoff 5 Modes Routed IP tunnels (layer 3)  More efficient then bridged ethernet tunnels  Easier to configure Bridged Ethernet tunnels (layer 2)  Can tunnel IP and non-IP traffic  IPX, NetBEUI, etc  Both sides of VPN see network broadcasts  Required for some LAN games

FVLUG/OpenVPN presentation, April 2004 Wim Kerkhoff 6 Routed IP Tunnels Possible Topologies:  Network Network  Network Host  Host Network  Host Host When doing VPNs with networks, an iptables script will have to created to set up IP Masquerading and some firewalling rules Uses “TUN” mode

FVLUG/OpenVPN presentation, April 2004 Wim Kerkhoff 7 Bridged Ethernet tunnel Really just operates like a transparent ethernet bridge. Hence, special IP tables, NAT magic, or routing is required Uses “TAP” mode Bridge tools (bcrtl) are required Need to create a script to bind eth1 and tap0 together into a bridged device called br0 Then assign an IP to br0

FVLUG/OpenVPN presentation, April 2004 Wim Kerkhoff 8 OpenVPN on Windows XP/2000 Double click installer Can be configured as a Windows Service that starts on boot Some simple configuration changes in the.ovpn config file Just need to put the shared key or certificates in

FVLUG/OpenVPN presentation, April 2004 Wim Kerkhoff 9 OpenVPN 2.0 Beta Series Can handle multiple UDP clients using a single UDP port Can support thousands of clients depending on hardware and network connection Has DHCP-like mechanism to push/pull specific settings to clients Better multithreading/SMP support Can run with least-privileges

FVLUG/OpenVPN presentation, April 2004 Wim Kerkhoff 10 Beyond OpenVPN 2.0 True point-to-multipoint Use a dynamic routing protocol to route through a larger and more complicated VPN cloud Reduce need to get route through a central server/office to access a system in another branch office

FVLUG/OpenVPN presentation, April 2004 Wim Kerkhoff 11 Conclusions… Definitely the way to go for anything VPN using Windows clients Way easier to setup then IPSec on either Windows or Linux Stable/Reliable OpenVPN website:

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.