𝔖 Scriptorium
✦   LIBER   ✦
πŸ“

OpenVPN 2 Cookbook

✍ Scribed by Jan Just Keijser

Publisher
Packt Publishing
Year
2011
Tongue
English
Leaves
356
Category
Library
⬇  Acquire This Volume

No coin nor oath required. For personal study only.

✦ Synopsis

This is a cookbook, with practical recipes providing tips and tricks to the most common problems and scenarios faced with OpenVPN. This book is ideal for system administrators and networking professionals who are interested in building secure VPNs using OpenVPN. It is preferable that the reader has a basic knowledge of OpenVPN, as well as general network administration skills.

✦ Table of Contents

Cover......Page 1
Copyright......Page 3
Credits......Page 4
About the Author......Page 5
About the Reviewers......Page 6
www.PacktPub.com......Page 8
Table of Contents......Page 12
Preface......Page 16
Introduction......Page 22
Shortest setup possible......Page 23
OpenVPN secret keys......Page 25
Multiple secret keys......Page 27
Plaintext tunnel......Page 30
Routing......Page 31
Configuration files versus the command-line......Page 35
Complete site-to-site setup......Page 37
3-way routing......Page 40
Introduction......Page 46
Setting up the public and private keys......Page 47
Simple configuration......Page 53
Server-side routing......Page 55
Using client-config-dir files......Page 61
Routing: subnets on both sides......Page 64
Redirecting the default gateway......Page 67
Using an 'ifconfig-pool' block......Page 69
Using the status file......Page 74
Management interface......Page 78
Proxy-arp......Page 80
Introduction......Page 84
Simple configurationβ€”non-bridged......Page 85
Enabling client-to-client traffic......Page 89
Bridgingβ€”Linux......Page 93
Bridgingβ€”Windows......Page 98
Checking broadcast and non-IP traffic......Page 101
External DHCP server......Page 105
Using the status file......Page 110
Management interface......Page 113
Introduction......Page 118
Certificate generation......Page 119
xCA: a GUI for managing a PKI (Part 1)......Page 121
xCA: a GUI for managing a PKI (Part 2)......Page 123
OpenSSL tricks: x509, pkcs12, verify output......Page 127
Revoking certificates......Page 129
The use of CRLs......Page 131
Checking expired/revoked certificates......Page 133
Intermediary CAs......Page 135
Multiple CAs: stacking, using --capath......Page 137
Introduction......Page 142
Initializing a hardware token......Page 143
Getting a hardware token ID......Page 146
Using a hardware token......Page 148
Using the management interface to list PKCS#11 certificates......Page 151
Selecting a PKCS#11 certificate using the management interface......Page 154
Generating a key on the hardware token......Page 157
Private method for getting a PKCS#11 certificate......Page 161
Pin caching example......Page 163
Introduction......Page 168
Using a client-side up/down script......Page 169
Windows login greeter......Page 173
Using client-connect/client-disconnect scripts......Page 176
Using a 'learn-address' script......Page 180
Using a 'tls-verify' script......Page 183
Using an 'auth-user-pass-verify' script......Page 186
Script order......Page 189
Script security and logging......Page 192
Using the 'down-root' plugin......Page 195
Using the PAM authentication plugin......Page 198
Introduction......Page 202
Cipher mismatches......Page 203
TUN versus TAP mismatches......Page 204
Compression mismatches......Page 206
Key mismatches......Page 208
Troubleshooting MTU and tun-mtu issues......Page 210
Troubleshooting network connectivity......Page 212
Troubleshooting client-config-dir issues......Page 213
How to read the OpenVPN log files......Page 216
Introduction......Page 222
The missing return route......Page 223
Missing return routes when 'iroute' is used......Page 226
All clients function except the OpenVPN endpoints......Page 229
Source routing......Page 232
Routing and permissions on Windows......Page 235
Troubleshooting client-to-client traffic routing......Page 237
Understanding the 'MULTI: bad source' warnings......Page 240
Failure when redirecting the default gateway......Page 242
Introduction......Page 248
Optimizing performance using 'ping'......Page 249
Optimizing performance using iperf......Page 251
OpenSSL cipher speed......Page 254
Compression tests......Page 256
Traffic shaping......Page 259
Tuning UDP-based connections......Page 261
Tuning TCP-based connections......Page 264
Analyzing performance using tcpdump......Page 268
Introduction......Page 270
Linux: using NetworkManager......Page 271
Linux: using pull-resolv-conf......Page 275
MacOS: using Tunnelblick......Page 277
Windows Vista/7: elevated privileges......Page 281
Windows: using the CryptoAPI store......Page 284
Windows: updating the DNS cache......Page 288
Windows: running OpenVPN as a service......Page 290
Windows: public versus private network adapters......Page 295
Windows: routing methods......Page 297
Introduction......Page 300
Including configuration files in config files......Page 301
Multiple remotes & remote-random......Page 303
Details of ifconfig-pool-persist......Page 306
Connecting using a SOCKS proxy......Page 309
Connecting via an HTTP proxy......Page 312
Connecting via an HTTP proxy with authentication......Page 315
Using dyndns......Page 318
IP-less setups (ifconfig-noexec)......Page 321
Introduction......Page 326
Inline certificates......Page 327
Connection blocks......Page 329
Port sharing with an HTTPS server......Page 332
Routing features: redirect-private, allow-pull-fqdn......Page 334
Handing out public IPs......Page 337
OCSP support......Page 340
New for 2.2: the 'x509_user_name' parameter......Page 343
Index......Page 346

πŸ“œ SIMILAR VOLUMES

OpenVPN 2 Cookbook
πŸ“ OpenVPN 2 Cookbook
✍ Jan Just Keijser πŸ“‚ Library πŸ“… 2011 πŸ› Packt 🌐 English

This is a cookbook, with practical recipes providing tips and tricks to the most common problems and scenarios faced with OpenVPN. This book is ideal for system administrators and networking professionals who are interested in building secure VPNs using OpenVPN. It is preferable that the reader has

OpenVPN 2 Cookbook
πŸ“ OpenVPN 2 Cookbook
✍ Jan Just Keijser πŸ“‚ Library πŸ“… 2011 πŸ› Packt Publishing 🌐 English

This is a cookbook, with practical recipes providing tips and tricks to the most common problems and scenarios faced with OpenVPN. This book is ideal for system administrators and networking professionals who are interested in building secure VPNs using OpenVPN. It is preferable that the reader has

OpenVPN 2 Cookbook
πŸ“ OpenVPN 2 Cookbook
✍ Jan Just Keijser πŸ“‚ Library πŸ“… 2011 πŸ› Packt Publishing 🌐 English

This is a cookbook, with practical recipes providing tips and tricks to the most common problems and scenarios faced with OpenVPN. This book is ideal for system administrators and networking professionals who are interested in building secure VPNs using OpenVPN. It is preferable that the reader has

OpenVPN 2 Cookbook
πŸ“ OpenVPN 2 Cookbook
✍ Jan Just Keijser πŸ“‚ Library πŸ“… 2011 πŸ› Packt Publishing 🌐 English

It is capable of establishing direct links between computers across networks and firewalls. It is powerful software, but getting the most from it can be a daunting task. OpenVPN 2 Cookbook provides solutions to common OpenVPN problems. The book covers everything a system administrator needs to mana

OpenVPN 2 cookbook
πŸ“ OpenVPN 2 cookbook
✍ Jan Just Keijser πŸ“‚ Library πŸ“… 2011 πŸ› Packt Pub 🌐 English

Annotation<span class='showMoreLessContentElement' style='display: none;'><p>OpenVPN http://www.openvpn.net is a free and open source virtual private network (VPN) program for creating point-to-point or server-to-multiclient encrypted tunnels between host computers. It is capable of establishing dir

Openvpn Cookbook
πŸ“ Openvpn Cookbook
✍ Jan Just Keijser πŸ“‚ Library πŸ“… 2017 πŸ› Packt Publishing 🌐 English

Key Features β€’ Master the skills of configuring, managing, and securing your VPN using the latest OpenVPN β€’ Gain expertise in establishing IPv6 connections and understand PolarSSL using the latest version of OpenVPN β€’ This book contains enticing recipes about OpenVPN functionalities that cater to