Show pagesourceOld revisionsBacklinksBack to top × Table of Contents VPN 概览 IPsec strongSwan Racoon Openswan OpenVPN OpenConnect PPTP Other VPN solutions VPN and mesh External Documentation This page is not fully translated, yet. Please help completing the translation. (remove this paragraph once the translation is finished) VPN 概览 就像 DMZ一样, VPN是一个security相关的概念, 它并不是一个协议(比如ssh),也不是一个特定的软件包, 在两个或者多个主机间设置VPN,可以使用的软件包有很多种。它们都使用Client-Server concept,并且互相之间通常不兼容. 查看下 OSI model,你可以意识到加解密可以在通信协议栈的不同layer上进行. 如果你的硬件支持 Cryptographic Hardware Acceleration,你需要确保它被你的OpenWrt版本支持,并且被使能了. IPsec Protocol: IPsec Free software: strongSwan, Openswan, Racoon strongSwan is a recommended IPsec implementation, though some of this documentation may be relevant for other configurations. strongSwan basics Some basics, considerations and prerequisites for IPsec VPN roadwarrior OpenWrt as IPsec gateway for road warriors firewall Firewall and zones in IPsec VPN site2site Setup a site to site IPsec VPN overlappingsubnets IPsec VPN with overlapping subnets performance Get the most out of your IPsec connections howto Install/configure strongSwan for IPhone/IPad configure strongSwan with UCI Racoon basics Some basics, considerations and prerequisites for IPsec VPN firewall Firewall and zones in IPsec VPN site2site Setup a site to site IPsec VPN certificates IPsec VPN with certificates overlappingsubnets IPsec VPN with overlapping subnets roadwarrior OpenWrt as IPsec VPN gateway for road warriors roadwarriorcertificates Road warrior setup with certificates Openswan site2site Setup a site to site IPsec VPN Using Openswan openswanxl2tpvpn OpenWrt as IPsec VPN server using xl2tpd OpenVPN Free software: OpenVPN OpenVPN client OpenVPN client using LuCI OpenVPN extras OpenVPN PC script automated OpenVPN performance OpenVPN server OpenVPN server with dynamic IPv6 GUA prefix OpenConnect You may setup OpenWrt as an OpenConnect VPN client or server. This is a protocol based on SSL/TLS and datagram TLS and is compatible with CISCO's AnyConnect SSL VPN. Client side requirements: openconnect: Follow for instructions to configure without luci interface luci-proto-openconnect Server side requirements: ocserv luci-app-ocserv A How-To for the server setup. Note: the instructions include comments on the Github advice which might not work for some. In addition, the instructions are for a FULL tunnel setup. There are various openconnect clients, including in GNOME NetworkManager, Windows, and Android. PPTP Not secure! PPTP is broken since 1997. See poptop security message. Protocol: PPTP (Point-to-Point Tunneling Protocol) server describes a PPTP solution with pptpd client Howto install and setup a VPN client compatible with PPTP servers nat_traversal VPN NAT traversal (VPN Pass Through) for single/multiple LAN client(s) connecting to PPTP Servers on the WAN Other VPN solutions vpnc-client - VPN client vpnc compatible with Cisco's EasyVPN equipment connect_by_l2tp, see Layer 2 Tunneling Protocol and Template:VPN pseudowire wireguard, see also How to configure WireGuard on OpenWrt/LEDE using LuCi VPN and mesh http://www.tinc-vpn.org/ http://www.ntop.org/n2n/ OLSR B.A.T.M.A.N. External Documentation See our forum: Howto: IPsec and OpenVPN A whole load of OpenVPN-related articles can be found on the Project Homepage of OpenVPN: http://openvpn.net/index.php/open-source/faq.html#bridge2 http://www.openvpn.net/index.php/component/content/article/60-faq/84-faq.html http://www.openvpn.net/index.php/component/content/article/65-general/89-2xhowto.html http://www.openvpn.net/index.php/open-source/documentation/miscellaneous/1xhowto.html You can always read: http://www.openvpn.net/index.php/open-source/documentation/manuals.html or search: http://www.google.com/search?q=vpn&hl=en You do not need to read all of them, to get a VPN solution going. But for security reasons sooner or later you should make sure that all participant comprehend how your VPN works. This website uses cookies. By using the website, you agree with storing cookies on your computer. Also you acknowledge that you have read and understand our Privacy Policy. If you do not agree leave the website.OKMore information about cookies Last modified: 2020/10/08 11:18by tmomas