Learn how to connect to a VPN with OpenVPN

 OpenVPN is a cross-platform VPN (virtual private system) client/server. It is compatible with Microsoft Windows, GNU / Linux, macOS operating systems and even has free Android and iOS applications. Another strong point of OpenVPN is that some router producers integrate it into their hardware, so we can configure an OpenVPN server on our router. 

Another noteworthy aspect is that, for example, firewall-oriented operating systems also include it, PFsense and OPNSense are two highly recommended distributions to use OpenVPN and the rest of its configuration options.

What is?

OpenVPN is free software-based software that allows us to create a virtual private network (VPN) to connect to a server remotely. This software allows us to arrange two types of VPN constructions:

Remote Admittance VPN: We have a central VPN server and several VPN customers with software installed on your computer, smartphone, capsule or another device, all of which are centrally connected to the VPN server.

Site-to-site VPN: This architecture allows us to communicate between different sites to share resources over a secure network protected by end-to-end encryption. This type of VPN allows us to connect offices, company HQs, etc.

Some very important geographies of OpenVPN are that it supports extensive configuration, both for performance and security reasons. It is based on SSL / TLS, so we can create digital certificates to authenticate VPN clients, in addition, we can also authenticate with certificates plus username/password that we add to the arrangement. OpenVPN is much cooler to configure than IPsec, and with a lot of community support, we will be able to find OpenVPN on completely desktop operating systems, servers, and even smartphones and tablets.


What's it for?

If we create an OpenVPN server at home, it will help us to connect securely to the Internet from any network, be it wired or Wi-Fi, with or without WEP / WPA encryption. All road traffic will be encrypted through a tunnel from our computer through which we join to our home and from there it will go to the Cyberspace, it is like connecting to the Internet at home. We have to income into account several factors, such as having a good download speed (30 Mbps or higher) and have a public IP address in our house, because if we have CG-NAT, we will not be able to attach because we will not be able to forward ports on the router.

 

By installing an OpenVPN server at home, we can also access all the shared resources that we have without exception, such as Samba servers, FTP and even access to a printer, IP cameras that we have connected, etc. the access rights will be as if we were physically in our house. OpenVPN is a VPN solution that implements Layer 2 or Layer 3 connections, depending on the selected connection mode, it will work in one way or another, in addition, an imperative feature is that the vast majority of operating systems today support OpenVPN, although not. generally enabled by router or firewall hardware manufacturers.

 

OpenVPN uses a set of SSL / TLS etiquettes that operate at the transport layer and we have two types of operations:


Summary of the cryptography used

Digital Certificates: We will use EC (Oblique Curves) to create a public key infrastructure. We will create both the CA (Certification Authority) certificates as well as the certificates of the VPN server and the clients that want to link. The EC algorithm used is secp521r1, even though we have many others available. We will use the SHA512 hash algorithm. An imperative detail is that not all OpenVPN clients/servers support it, we have to update our OpenVPN and crypto libraries, but nowadays it is rare to find an incompatible scenario.

OpenVPN control channel: We will use at slightest TLS 1.2 and we will always use PFS (Perfect Forward Secrecy) based on Diffie-Hellman with elliptical curves (ECDHE). That is, we will use a set of secure cryptographic packets such as TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384. If you hunger to check if your server or client supports this type of encryption, you must enter “OpenVPN –show-tls” in the console.

OpenVPN data channel: We will use the symmetric encryption algorithm AES-256-GCM, the most secure currently and included in OpenVPN 2.4 and later. If you want to square if your server or client supports this type of encryption, you must enter “OpenVPN –show-ciphers” in the console. If we use AES-256-GCM as data channel encryption, we will not use any HASH algorithm as it is AEAD, however, if we use AES-256-CBC, we will use SHA512.

bloggerelle   entertainmentweeklyupdates  countrylivingblog  theallureblog  technoratiblog

Popular posts from this blog

How to troubleshoot eTenet login issues

Image
 It is no secret that equal and indivisible access to quality healthcare is one of the greatest challenges in modern society. Fortunately, organizations like Tenet Health are committed to ending most of the problems and deficiencies currently plaguing the medical world. Its main tools include physical associations and online resources. In terms of online resources, Tenet has created a comprehensive health data portal. To access the information offered by the service, you must first obtain your eTenet login credentials. Fortunately, this is a straightforward process. Here's what you need to know about the system and how to troubleshoot any issues you may encounter in the process. INTERNET PORTAL ETENET Tenet is a healthcare organization whose main partners are 68 hospitals, 21 USPI hospitals, and 470 outpatient centers located in 47 states in the US It currently employs 115,000 people, of whom 32,000 are registered physicians and 33,000 are registered nurses. All these...
Read more

TC Bolts Counting A325, A490, And Galvanized Tension Control Bolts

  TC Bolts Counting A325, A490, And Galvanized Tension Control Bolts Baco Initiatives’ anxiety control bolts are usually accessible for instant shipment in every to be had size and end, from all manufacturers and origins, and at a couple of fee factors. As with all of our merchandise, anxiety control bolts are low-priced and shipment will accommodate your time table. Tension manipulate bolts, additionally referred to as TC Bolts   or twist-off-bolts, are construction fasteners that join metallic joints in structural applications. They are taken into consideration excessive-energy bolts, which make a contribution to lengthy-lasting steelwork connections. These bolts are provided as a fastener meeting, entire with a nut and washing machine, which means that point and exertions are stored at some point of set up. A non-obstructive, low-profile makes thee bolts suitable to be used on visual elements of a structure. In addition to ease and velocity of installation, their la...
Read more

Step-through-step configuration of ZFS in QNAP QuTS hero

 If you are looking for a NAS server with a file organization that provides the best data integrity, QNAP with the QuTS hero operating system is one of the best options. This heroic new QuTS operating system is exactly the same as the popular QTS, which the manufacturer uses in the vast majority of NAS, but it has a distinctive feature: it uses the ZFS file organization, one of the most advanced that we can find. today. ... Would you like to learn how to configure ZFS on a QNAP NAS server step by step using QuTS protagonist? What is the QNAP QuTS Protagonist operating system? QNAP's effective systems for its NAS servers are QTS and QuTS hero, both based on the Linux operating the system, but there is a big difference between the two. In QTS, we will have an EXT4 file system to store all the information, in addition, we can create various types of RAID, configure SSD cache acceleration, and even Qtier for tiered storage. In QuTS hero, we will have a ZFS file system to store all the ...
Read more