Differences

This shows you the differences between two versions of the page.

doc:howto:vpn.overview [2013/01/14 20:09]
birnenschnitzel
doc:howto:vpn.overview [2014/01/05 12:23] (current)
zinoviev Add a link to the page for IPsec+iPhone/iPad
Line 1: Line 1:
====== VPN overview ====== ====== VPN overview ======
  - The term VPN stands for [[wp>Virtual private network]].   - The term VPN stands for [[wp>Virtual private network]].
-  - Like a DMZ a VPN is a //security concept//, it is //not// a protocol (like SSH) or a certain software package+  - Like a [[doc:howto:DMZ]] a VPN is a //security concept//, it is //not// a protocol (like SSH) nor a certain software package
  - There are multiple software packages available to set up a VPN between two or more hosts   - There are multiple software packages available to set up a VPN between two or more hosts
-  - they all use the [[wp>Client–server model|Server <-> Client concept]] and usually are //**incompatible** with one another//!+  - they all use the [[wp>Client–server model|Server Client concept]] and usually are //**incompatible** with one another//! 
 +  - have look at the [[wp>OSI model]] and make yourself aware that the encryption can be applied at different layers of the communications stack
| {{:meta:icons:tango:dialog-information.png?nolink}} | If your hardware has some sort of **[[doc:hardware:cryptographic.hardware.accelerators|Cryptographic Hardware Acceleration]]** you should make sure it is supported by your OS (OpenWrt) and enabled.  | | {{:meta:icons:tango:dialog-information.png?nolink}} | If your hardware has some sort of **[[doc:hardware:cryptographic.hardware.accelerators|Cryptographic Hardware Acceleration]]** you should make sure it is supported by your OS (OpenWrt) and enabled.  |
Line 10: Line 11:
===== IPsec-based VPN Solutions ===== ===== IPsec-based VPN Solutions =====
-->[[wp>IPsec|Internet Protocol Security]], [[wp>Openswan]], [[wp>strongSwan]], [[http://wiki.strongswan.org/projects/strongswan/wiki/IpsecUci|configure strongSwan with UCI]] +  * Protocol: [[wp>IPsec]] 
- +  * Free software: →[[wp>Openswan]], [[wp>strongSwan]], [[wp>Racoon (KAME)|Racoon]], [[http://wiki.strongswan.org/projects/strongswan/wiki/IpsecUci|configure strongSwan with UCI]]
-StrongSwan (current project)+
 +==== strongSwan ====
 + →[[wp>strongSwan]]
  * [[doc:howto:vpn.ipsec.basics]] Some basics, considerations and prerequisites for IPsec VPN   * [[doc:howto:vpn.ipsec.basics]] Some basics, considerations and prerequisites for IPsec VPN
  * [[doc:howto:vpn.ipsec.firewall]] Firewall and zones in IPsec VPN   * [[doc:howto:vpn.ipsec.firewall]] Firewall and zones in IPsec VPN
Line 21: Line 23:
  * [[doc:howto:vpn.ipsec.roadwarrior]] OpenWrt as IPsec gateway for road warriors   * [[doc:howto:vpn.ipsec.roadwarrior]] OpenWrt as IPsec gateway for road warriors
  * [[doc:howto:vpn.ipsec.roadwarriorcertificates]] Road warrior setup with certificates   * [[doc:howto:vpn.ipsec.roadwarriorcertificates]] Road warrior setup with certificates
 +  * [[inbox:strongswan.howto]] Install/configure strongswan for IPhone/IPad
-Racoon (previous project) +==== Racoon ==== 
 +→[[wp>Racoon (KAME)|Racoon]]
  * [[doc:howto:vpn.ipsec.basics.racoon]] Some basics, considerations and prerequisites for IPsec VPN   * [[doc:howto:vpn.ipsec.basics.racoon]] Some basics, considerations and prerequisites for IPsec VPN
  * [[doc:howto:vpn.ipsec.firewall.racoon]] Firewall and zones in IPsec VPN   * [[doc:howto:vpn.ipsec.firewall.racoon]] Firewall and zones in IPsec VPN
Line 32: Line 35:
  * [[doc:howto:vpn.ipsec.roadwarriorcertificates.racoon]] Road warrior setup with certificates   * [[doc:howto:vpn.ipsec.roadwarriorcertificates.racoon]] Road warrior setup with certificates
-Other +==== OpenSwan ==== 
 +→[[wp>Openswan]]
  * [[doc:howto:vpn.ipsec.site2site.openswan]] Setup a site to site IPsec VPN Using Openswan   * [[doc:howto:vpn.ipsec.site2site.openswan]] Setup a site to site IPsec VPN Using Openswan
  * [[oldwiki:ipsec.openswantocisco851|Openswan (oldwiki)]]   * [[oldwiki:ipsec.openswantocisco851|Openswan (oldwiki)]]
Line 39: Line 42:
===== OpenVPN-based VPN Solutions ===== ===== OpenVPN-based VPN Solutions =====
-->[[wp>OpenVPN]], [[http://openvpn.net/index.php/open-source/documentation/howto.html#vpntype|bridged vs. routed]]+  * Free software: →[[wp>OpenVPN]], [[http://openvpn.net/index.php/open-source/documentation/howto.html#vpntype|bridged vs. routed]]
Articles we have: Articles we have:
Line 55: Line 58:
===== PPTP-based VPN Solutions ===== ===== PPTP-based VPN Solutions =====
-  * [[doc:howto:vpn.server.pptpd]] describes a [[wp>Point-to-Point Tunneling Protocol]] (PPTP) solution with ''pptpd''+  * Protocol: [[wp>Point-to-Point Tunneling Protocol|PPTP (Point-to-Point Tunneling Protocol)]] 
 +  * [[doc:howto:vpn.server.pptpd]] describes a PPTP solution with ''pptpd''
  * [[doc:howto:vpn.client.pptp]] Howto install and setup a VPN client compatible with PPTP servers   * [[doc:howto:vpn.client.pptp]] Howto install and setup a VPN client compatible with PPTP servers
    * [[doc:howto:vpn.nat.pptp]] VPN [[wp>NAT traversal]] (VPN Pass Through) for single/multiple LAN client(s) connecting to PPTP Servers on the WAN     * [[doc:howto:vpn.nat.pptp]] VPN [[wp>NAT traversal]] (VPN Pass Through) for single/multiple LAN client(s) connecting to PPTP Servers on the WAN
Line 79: Line 83:
    * http://www.openvpn.net/index.php/component/content/article/65-general/89-2xhowto.html     * http://www.openvpn.net/index.php/component/content/article/65-general/89-2xhowto.html
    * http://www.openvpn.net/index.php/open-source/documentation/miscellaneous/1xhowto.html     * http://www.openvpn.net/index.php/open-source/documentation/miscellaneous/1xhowto.html
-    * You can alway RTFM: http://www.openvpn.net/index.php/open-source/documentation/manuals.html or STFW: http://www.google.com/search?q=vpn&hl=en+    * You can always read: http://www.openvpn.net/index.php/open-source/documentation/manuals.html or search: http://www.google.com/search?q=vpn&hl=en
  * You do not need to read all of them, to get a VPN solution going. But for security reasons sooner or later you should make sure that all participant comprehend how your VPN works.   * You do not need to read all of them, to get a VPN solution going. But for security reasons sooner or later you should make sure that all participant comprehend how your VPN works.

Back to top

doc/howto/vpn.overview.1358190588.txt.bz2 · Last modified: 2013/01/14 20:09 by birnenschnitzel