An application to securely tunnel IP networks over a single UDP port, with support for TLS-based session authentication and key exchange, packet encryption, packet authentication, and packet compression.
Another one from Robert Waldner:
OpenVPN is great, especially because it gets everything about right that's wrong with IPSec and FreeS/WAN (read: ease of installation, configuration and usage). Especially nice is the possibility to, easily!, and securely bridge LANs together over a WAN. In our (limited) tests, we also got about twice the performance compared to FreeS/WAN, and that's with AES256. Another feature is that you don't have to patch your kernel to death just to get useful encryption.
Additional information from http://openvpn.sourceforge.net/
With OpenVPN, you can:
- tunnel any IP subnetwork or virtual ethernet adapter over a single UDP or TCP port,
- create cross-platform tunnels between any of the operating systems supported by OpenVPN including Linux, Solaris, OpenBSD, FreeBSD, NetBSD, Mac OS X, and Windows 2000/XP,
- configure a scalable, load-balanced VPN server farm using one or more machines which can handle thousands of dynamic connections from incoming VPN clients (OpenVPN 2.0),
- use all of the encryption, authentication, and certification features of the OpenSSL library to protect your private network traffic as it transits the internet,
- use any cipher, key size, or HMAC digest (for datagram authentication) supported by the OpenSSL library,
- choose between static-key based conventional encryption or certificate-based public key encryption,
- use static, pre-shared keys or TLS-based dynamic key exchange,
- use real-time adaptive link compression and traffic-shaping to manage link bandwidth utilization,
- tunnel networks whose public endpoints are dynamic such as DHCP or dial-in clients,
- tunnel networks through connection-oriented stateful firewalls without having to use explicit firewall rules,
- tunnel networks over NAT, and
- create secure ethernet bridges using virtual tap devices.
More information on this package can be found on the Debian web site.
(If there is a package you would like to see featured here, go to the userinfo page and follow the directions there to submit your entry.)
Now available in RSS and ATOM flavors too.