Securing Remote Connections

Virtual Private Networks (VPN) are used to provide ‘virtual’ private networks over a PUBLIC NETWORK infrastructure. In networking, this means that your traffic routing will work within the rules of this ‘virtual’ private network.

To maximise, ensure the ‘privacy’ of the ‘virtual’ network, we need to add a layer of encryption of the data as well as the network. OpenBSD continues to innovate the deployment capabilities of IPSEC (i.e. they make it easier and easier to deploy) and these notes cover the OpenVPN strategy for encrypting VPN traffic.

OpenVPN Open Source Project Home

OpenVPN is a full-featured open source SSL VPN solution that accommodates a wide range of configurations, including remote access, site-to-site VPNs, Wi-Fi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. Starting with the fundamental premise that complexity is the enemy of security, OpenVPN offers a cost-effective, lightweight alternative to other VPN technologies that is well-targeted for the SME and enterprise markets.

VPN Diagram

Management Interface

The OpenVPN Management interface allows OpenVPN to be administratively controlled from an external program via a TCP socket.

The interface has been specifically designed for GUI developers and those who would like to programmatically or remotely control an OpenVPN daemon.

The management interface is implemented using a client/server TCP connection, where OpenVPN will listen on a provided IP address and port for incoming management client connections.

Client Administrator

The OpenVPN User Manager is designed to make viewing and managing your OpenVPN server painless. This is the successor to the OpenVPN Status Viewer. This new version uses the management console of OpenVPN as opposed to reading the status file.