- The term VPN stands for Virtual private network.
- Like a DMZ a VPN is a security concept, it is not a protocol (like SSH) nor a certain software package
- There are multiple software packages available to set up a VPN between two or more hosts
- they all use the Server ↔ Client concept and usually are incompatible with one another!
- have look at the OSI model and make yourself aware that the encryption can be applied at different layers of the communications stack
|If your hardware has some sort of Cryptographic Hardware Acceleration you should make sure it is supported by your OS (OpenWrt) and enabled.|
|Migration and merger wanted: We already have a couple of articles about VPN on OpenWrt: http://wiki.openwrt.org/?do=search&id=vpn you can start from scratch or migrate them|
- vpn.ipsec.basics Some basics, considerations and prerequisites for IPsec VPN
- vpn.ipsec.firewall Firewall and zones in IPsec VPN
- vpn.ipsec.site2site Setup a site to site IPsec VPN
- vpn.ipsec.certificates IPsec VPN with certificates
- vpn.ipsec.overlappingsubnets IPsec VPN with overlapping subnets
- vpn.ipsec.roadwarrior OpenWrt as IPsec gateway for road warriors
- vpn.ipsec.roadwarriorcertificates Road warrior setup with certificates
- strongswan.howto Install/configure strongswan for IPhone/IPad
- vpn.ipsec.basics.racoon Some basics, considerations and prerequisites for IPsec VPN
- vpn.ipsec.firewall.racoon Firewall and zones in IPsec VPN
- vpn.ipsec.site2site.racoon Setup a site to site IPsec VPN
- vpn.ipsec.certificates.racoon IPsec VPN with certificates
- vpn.ipsec.overlappingsubnets.racoon IPsec VPN with overlapping subnets
- vpn.ipsec.roadwarrior.racoon OpenWrt as IPsec gateway for road warriors
- vpn.ipsec.roadwarriorcertificates.racoon Road warrior setup with certificates
- vpn.ipsec.site2site.openswan Setup a site to site IPsec VPN Using Openswan
Articles we have:
Articles we want instead:
- vpn.client.openvpn.tun Howto install and setup an OpenVPN Client on OpenWrt with Luci
- vpn.client.openvpn.tap Howto install and setup an OpenVPN Client on OpenWrt and share the VPN connection transparently with the router clients
Once you set up a VPN server on your OpenWrt router, you (and the other participants) will need to each install and configure a VPN client (compatible with the VPN server) on each of your host machines. For HowTos regarding that, you should visit the Wiki/Forum of your OS!
You may setup openwrt as an OpenConnect VPN client or server. This is a protocol based on SSL/TLS and datagram TLS and is compatible with CISCO's AnyConnect SSL VPN.
- Client side requirements:
- openconnect: Follow for instructions to configure without luci interface
- Server side requirements:
- ocserv: Follow for instructions to configure without luci interface
vpnc= A VPN client compatible with Cisco's EasyVPN equipment
- See our forum: Howto: IPSec and OpenVPN
- A whole load of OpenVPN-related articles can be found on the Project Homepage of OpenVPN:
- You can always read: http://www.openvpn.net/index.php/open-source/documentation/manuals.html or search: http://www.google.com/search?q=vpn&hl=en
- You do not need to read all of them, to get a VPN solution going. But for security reasons sooner or later you should make sure that all participant comprehend how your VPN works.
doc/howto/vpn.overview.txt · Last modified: 2014/09/28 09:28 by nmav