User Tools

Site Tools


VPN Overview

Like a DMZ a VPN is a security concept, it is not a protocol (like SSH) nor a certain software package, There are multiple software packages available to set up a VPN between two or more hosts. They all use the Client-Server concept and usually are incompatible with one another. Have look at the OSI model and make yourself aware that the encryption can be applied at different layers of the communications stack.

If your hardware has some sort of Cryptographic Hardware Acceleration you should make sure it is supported by your OpenWrt and enabled.


strongSwan is a recommended IPsec implementation, though some of this documentation may be relevant for other configurations.






You may setup OpenWrt as an OpenConnect VPN client or server. This is a protocol based on SSL/TLS and datagram TLS and is compatible with CISCO's AnyConnect SSL VPN.

There are various openconnect clients, including in GNOME NetworkManager, Windows, and Android.


:!: Not secure! PPTP is broken since 1997. See poptop security message.

  • basic describes a PPTP solution with pptpd
  • client Howto install and setup a VPN client compatible with PPTP servers
  • nat_traversal VPN NAT traversal (VPN Pass Through) for single/multiple LAN client(s) connecting to PPTP Servers on the WAN


Other VPN solutions

VPN and mesh

External Documentation

This website uses cookies. By using the website, you agree with storing cookies on your computer. Also you acknowledge that you have read and understand our Privacy Policy. If you do not agree leave the website.More information about cookies
docs/guide-user/services/vpn/overview.txt · Last modified: 2019/08/26 15:21 by vgaetera