User Tools

Site Tools


docs:guide-user:services:vpn:overview

VPN Overview

  1. The term VPN stands for Virtual private network.
  2. Like a DMZ a VPN is a security concept, it is not a protocol (like SSH) nor a certain software package
  3. There are multiple software packages available to set up a VPN between two or more hosts
  4. they all use the Server ↔ Client concept and usually are incompatible with one another!
  5. have look at the OSI model and make yourself aware that the encryption can be applied at different layers of the communications stack
If your hardware has some sort of Cryptographic Hardware Acceleration you should make sure it is supported by your OS (OpenWrt) and enabled.

IPsec-based VPN Solutions

strongSwan

strongSwan

Racoon

:!: StrongSwan is recommended, though some of this documentation may be relevant for other configurations

Racoon

OpenSwan

Openswan

  • site2site Setup a site to site IPsec VPN Using Openswan

OpenVPN-based VPN Solutions

Articles:

Once you set up a VPN server on your OpenWrt router, you (and the other participants) will need to each install and configure a VPN client (compatible with the VPN server) on each of your host machines. For HowTos regarding that, you should read the documentation of OpenVPN!

OpenConnect-based VPN Solutions

You may setup openwrt as an OpenConnect VPN client or server. This is a protocol based on SSL/TLS and datagram TLS and is compatible with CISCO's AnyConnect SSL VPN.

There are various openconnect clients, including in GNOME NetworkManager, Windows, and Android.

PPTP-based VPN Solutions

Not secure! PPTP is broken since 1997.
see poptop security message

Other VPN solutions

VPN and mesh

External Documentation

docs/guide-user/services/vpn/overview.txt · Last modified: 2018/09/23 23:22 by vgaetera