Debian Package a Day (debaday) wrote,

openvpn - Virtual Private Network daemon

An application to securely tunnel IP networks over a single UDP port, with support for TLS-based session authentication and key exchange, packet encryption, packet authentication, and packet compression.

Another one from Robert Waldner:
OpenVPN is great, especially because it gets everything about right that's wrong with IPSec and FreeS/WAN (read: ease of installation, configuration and usage). Especially nice is the possibility to, easily!, and securely bridge LANs together over a WAN. In our (limited) tests, we also got about twice the performance compared to FreeS/WAN, and that's with AES256. Another feature is that you don't have to patch your kernel to death just to get useful encryption.

Additional information from http://openvpn.sourceforge.net/

With OpenVPN, you can:

  • tunnel any IP subnetwork or virtual ethernet adapter over a single UDP or TCP port,

  • create cross-platform tunnels between any of the operating systems supported by OpenVPN including Linux, Solaris, OpenBSD, FreeBSD, NetBSD, Mac OS X, and Windows 2000/XP,

  • configure a scalable, load-balanced VPN server farm using one or more machines which can handle thousands of dynamic connections from incoming VPN clients (OpenVPN 2.0),

  • use all of the encryption, authentication, and certification features of the OpenSSL library to protect your private network traffic as it transits the internet,

  • use any cipher, key size, or HMAC digest (for datagram authentication) supported by the OpenSSL library,

  • choose between static-key based conventional encryption or certificate-based public key encryption,

  • use static, pre-shared keys or TLS-based dynamic key exchange,

  • use real-time adaptive link compression and traffic-shaping to manage link bandwidth utilization,

  • tunnel networks whose public endpoints are dynamic such as DHCP or dial-in clients,

  • tunnel networks through connection-oriented stateful firewalls without having to use explicit firewall rules,

  • tunnel networks over NAT, and

  • create secure ethernet bridges using virtual tap devices.


More information on this package can be found on the Debian web site.
(If there is a package you would like to see featured here, go to the userinfo page and follow the directions there to submit your entry.)

Now available in RSS and ATOM flavors too.
  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 16 comments