Linux Today: Linux News On Internet Time.

More on LinuxToday

LinuxSecurity: OpenVPN: An Introduction and Interview with Founder, James Yonan

Nov 11, 2003, 03:00 (0 Talkback[s])
(Other stories by Duane Dunston)

WEBINAR: On-Demand

No-Size-Fits-All! An Application-Down Approach for Your Cloud Transformation REGISTER >

"OpenVPN is a newer generation VPN in that it is based on SSL as the underlying security mechanism. IPSEC is the current and most popular standard for VPN technology. SSL is already a standard for secure communication over the Internet for financial transactions, checking email, and ensuring sensitive information is not leaked to 'people-in-the-middle.' Many articles I've read speak of SSL VPN's as requiring a browser. I'm not sure why that gets under my skin. It just isn't true. The only time I use a browser over OpenVPN is to access an intranet web server on the remote side. Once an OpenVPN tunnel is established you can then use any application to access services on the remote end, provided the right access controls are in place. A browser is not needed to create an OpenVPN tunnel, it can be done from the commandline. Another nicety is that it runs on Windows 20000/XP, Linux, Solaris, FreeBSD, OpenBSD, NetBSD, and MacOS X.

"Oh yes, and it is under the GNU Licenese. OpenVPN uses the protocols that are available with SSL and TLS 1.0 for authentication, encryption, and intergrity checking. I have personally tested and use OpenVPN on Windows and Linux systems. I've never had problems using any applications over OpenVPN. The only issue I've run into is a common or well-known issue with VPN's and that is the problem with packet fragmentation, which is easily remedied by a simple OpenVPN configuration option..."

Complete Story

Related Story:
Debian Weekly News - September 10th, 2002(Sep 11, 2002)