OpenVPN free download
By admin | April 23, 2009
Building and Integrating Virtual Private Networks 
Copyright © 2006 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, Packt Publishing, nor its dealers or distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
Table of Contents
Preface 1
Chapter 1: VPN-Virtual Private Network 5
Branches Connected by Dedicated Lines 5
Broadband Internet Access and VPNs 6
How Does a VPN Work? 7
What are VPNs Used For? 9
Networking Concepts-Protocols and Layers 10
Tunneling and Overhead 11
VPN Concepts-Overview 13
A Proposed Standard for Tunneling 13
Protocols Implemented on OSI Layer 2 13
Protocols Implemented on OSI Layer 3 14
Protocols Implemented on OSI Layer 4 15
OpenVPN-An SSL/TLS-Based Solution 15
Summary 15
Chapter 2: VPN Security 17
VPN Security 17
Privacy-Encrypting the Traffic 18
Symmetric Encryption and Pre-Shared Keys 18
Reliability and Authentication 19
The Problem of Complexity in Classic VPNs 19
Asymmetric Encryption with SSL/TLS 20
SSL/TLS Security 20
Understanding SSL/TLS Certificates 21
Trusted Certificates 21
Self-Signed Certificates 23
SSL/TLS Certificates and VPNs 25
Summary 25
Chapter 3: OpenVPN 27
Advantages of OpenVPN 27
History of OpenVPN 28
OpenVPN Version 1 29
OpenVPN Version 2 31
Networking with OpenVPN 32
OpenVPN and Firewalls 33
Configuring OpenVPN 34
Problems with OpenVPN 35
OpenVPN Compared to IPsec VPN 35
Sources for Help and Documentation 36
The Project Community 36
Documentation in the Software Packages 37
Summary 37
Chapter 4: Installing OpenVPN 39
Prerequisites 39
Obtaining the Software 40
Installing OpenVPN on Windows 41
Downloading and Starting Installation 41
Selecting Components and Location 42
Finishing Installation 44
Testing the Installation-A First Look at the Panel Applet 45
Installing OpenVPN on Mac OS X (Tunnelblick) 46
Testing the Installation-The Tunnelblick Panel Applet 47
Installing OpenVPN on SuSE Linux 48
Using YaST to Install Software 49
Installing OpenVPN on Redhat Fedora Using yum 52
Installing OpenVPN on RPM-Based Systems 55
Using wget to Download OpenVPN RPMs 55
Testing Installation and Installing with rpm 56
Installing OpenVPN and the LZO Library with wget and RPM 56
Using rpm to Obtain Information on the Installed OpenVPN Version 57
Installing OpenVPN on Debian 58
Installing Debian Packages 60
Using Aptitude to Search and Install Packages 62
OpenVPN-The Files Installed on Debian 64
Installing OpenVPN on FreeBSD 64
Installing a Newer Version of OpenVPN on FreeBSD-The Port System 66
Installing the Port System with sysinstall 66
Downloading and Installing a BSD Port 68
Troubleshooting-Advanced Installation Methods 69
Installing OpenVPN from Source Code 69
Building Your Own RPM File from the OpenVPN Source Code 71
Building and Distributing Your Own DEB Packages 72
Enabling Linux Kernel Support for TUN/TAP Devices 72
Using Menuconfig to Enable TUN/TAP Support 73
Internet Links, Installation Guidelines, and Help 75
Summary 76
Chapter 5: Configuring an OpenVPN Server-The First Tunnel 77
OpenVPN on Microsoft Windows 77
Generating a Static OpenVPN Key 78
Creating a Sample Connection 80
Adapting the Sample Configuration File Provided by OpenVPN 81
Starting and Testing the Tunnel 83
A Brief Look at Windows OpenVPN Network Interfaces 84
Connecting Windows and Linux 86
File Exchange between Windows and Linux 86
Installing WinSCP 87
Transferring the Key File from Windows to Linux with WinSCP 89
The Second Pitfall-Carriage Return/End of Line 90
Configuring the Linux System 91
Testing the Tunnel 93
A Look at the Linux Network Interfaces 93
Running OpenVPN Automatically 94
OpenVPN as Server on Windows 94
OpenVPN as Server on Linux 95
Runlevels and init Scripts on Linux 96
Using runlevel and init to Change and Check Runlevels 97
The System Control for Runlevels 97
Managing init Scripts 98
Using Webmin to Manage init Scripts 99
Using SuSE’s YaST Module System Services (Runlevel) 101
Troubleshooting Firewall Issues 104
Deactivating Windows XP Service Pack 2 Firewall 105
Stopping the SuSE Firewall 106
Summary 108 iii
Table of Contents
Chapter 6: Setting Up OpenVPN with X509 Certificates 109
Creating Certificates 109
Certificate Generation on Windows XP with easy-rsa 110
Setting Variables-Editing vars.bat 111
Creating the Diffie-Hellman Key 112
Building the Certificate Authority 113
Generating Server and Client Keys 114
Distributing the Files to the VPN Partners 117
Configuring OpenVPN to Use Certificates 119
Using easy-rsa on Linux 121
Preparing Variables in vars 122
Creating the Diffie-Hellman Key and the Certificate Authority 122
Creating the First Server Certificate/Key Pair 123
Creating Further Certificates and Keys 124
Troubleshooting 124
Summary 125
Chapter 7: The Command openvpn and its Configuration File 127
Syntax of openvpn 127
OpenVPN Command-Line Parameters 128
Using OpenVPN at the Command Line 129
Parameters Used in the Standard Configuration File for a Static Key Client 130
Compressing the Data 130
Controlling and Restarting the Tunnel 132
Debugging Output-Troubleshooting 133
Configuring OpenVPN with Certificates-Simple TLS Mode 134
Overview of OpenVPN Parameters 135
General Tunnel Options 135
Routing 137
Controlling the Tunnel 138
Scripting 139
Logging 140
Specifying a User and Group 141
The Management Interface 141
Proxies 143
Encryption Parameters 143
Testing the Crypto System with –test-crypto 144 iv
Table of Contents
SSL Information-Command Line 145
Server Mode 147
Server Mode Parameters 148
–client-config Options 150
Client Mode Parameters 151
Push Options 152
Important Windows-Specific Options 153
Summary 154
Chapter 8: Securing OpenVPN Tunnels and Servers 155
Securing and Stabilizing OpenVPN 155
Linux and Firewalls 157
Debian Linux and Webmin with Shorewall 158
Installing Webmin and Shorewall 158
Preparing Webmin and Shorewall for the First Start 160
Starting Webmin 161
Configuring the Shorewall with Webmin 165
Creating Zones 167
Editing Interfaces 168
Default Policies 169
Adding Firewall Rules 171
Troubleshooting Shorewall-Editing the Configuration Files 173
OpenVPN and SuSEfirewall 175
Troubleshooting OpenVPN Routing and Firewalls 179
Configuring a Router without a Firewall 179
iptables-The Standard Linux Firewall Tool 179
Configuring the Windows Firewall for OpenVPN 182
Summary 186
Chapter 9: Advanced Certificate Management 187
Certificate Management and Security 187
Installing xca 187
Using xca 189
Creating a Database 190
Importing a CA Certificate 191
Creating and Signing a New Server/Client Certificate 195
Revoking Certificates with xca 200
Using TinyCA2 to Manage Certificates 202
Importing Our CA 202
Using TinyCA2 for CA Administration 203 v
Table of Contents
Creating New Certificates and Keys 204
Exporting Keys and Certificates with TinyCA2 206
Revoking Certificates with TinyCA2 207
Summary 208
Chapter 10: Advanced OpenVPN Configuration 209
Tunneling a Proxy Server and Protecting the Proxy 209
Scripting OpenVPN-An Overview 211
Using Authentication Methods 212
Using a Client Configuration Directory with Per-Client Configurations 214
Individual Firewall Rules for Connecting Clients 216
Distributed Compilation through VPN Tunnels with distcc 218
Ethernet Bridging with OpenVPN 219
Automatic Installation for Windows Clients 222
Summary 226
Chapter 11: Troubleshooting and Monitoring 227
Testing the Network Connectivity 227
Checking Interfaces, Routing, and Connectivity on the VPN Servers 229
Debugging with tcpdump and IPTraf 232
Using OpenVPN Protocol and Status Files for Debugging 234
Scanning Servers with Nmap 236
Monitoring Tools 237
ntop 237
Munin 238
Hints to Other Tools 239
Summary 239
Appendix A: Internet Resources 241
VPN Basics 241
OpenVPN Resources 242
Configuration 245
Scripts and More 247
Network Tools 247
Howtos 248
Openvpn GUIs 249
Index 251
Click here to free download this file : OpenVPN
Topics: Resource sharing |