What is Openvpn – OpenVPN constitutea convenient, full-featured, open source solution (SSL) which accommodates various configurations. In this tutorial, we want to prepare the server on the VPS and after that configure access from the client. Here vpnbase.net will discuss a little about Openvpn.
What is OpenVPN
Virtual Private Network (VPN) something that connects 2 different networks via a public network (public network) so that users seem to be located in the same network (virtual).
Because information sent or received from 2 connected networks must be sent via the public network, VPN has a mechanism for securing information.
Currently, thanks to these security features, VPNs often used to avoid eavesdropping and censorship from third parties (man in the middle attacks).
Isn’t it that by using HTTPS, third parties also don’t recognize the information that being sent? True, but keep in mind that HTTPS works on the application layer.
Although the third party does not recognize the content of the information that being spread, it can clearly identify when the communication was attempted and for who it was.
As a comparison, the VPN creates a tunnel and all network activity will pass through this tunnel. Because this tunnel secured by a VPN, the third party doesn’t want to recognize what’s being spread.
There several types of VPN implementations, such as PPTP, IPSec, OpenVPN, and so on. In this post, I want to review about OpenVPN (the program code can be found at https://github.Com/OpenVPN/ ).
OpenVPN a VPN implementation that uses SSL / TLS to secure its way of communication. Not only that, OpenVPN uses a virtual network adapter that can be in the form of a tun device (layer-3) or a tap device (layer-2).
Tap device can be used if the user wants to work on a protocol not only IP. By default, OpenVPN uses the UDP protocol on port 1194. can also work on TCP ports even if it not taught because the performance of TCP packets sent over TCP can cause double the most important performance penalty on poor network quality.
Uses 2 virtual communication paths: control channel and channel information. These two paths encrypted differently.
Because these two communication paths virtual paths that pass multiplexing, with the naked eye it appears that communication constitute always in one socket (the default UDP port 1194).
The encryption procedure that constitute thought to be the maximum for to use a PKI and a digital certificate
I don’t need to get a formal root certificate; can use the Easy-RSA project to create the required certificates. I can download Easy-RSA from Openvpn Release.
After extracting the file. I copied the vars file. example becomes vars and performs changes to values like EASYRSA_REQ_COUNTRY. EASYRSA_REQ_PROVICE, EASYRSA_REQ_CITY. EASYRSA_REQ_ORG. EASYRSA_REQ_EMAIL, and EASYRSA_REQ_OU.
It needs to be remembered that the encryption tools offered by limited to the tunnel that connects the client to the server.
If the client constitute connected to the server via an ISP. So, that protects it so that the ISP cannot view or change the communication.
Does not want to protect the information that leaves the server to the destination Internet address. Thus, the ISP used by the server can view all communications from the client.
Creating and using your own server connected to a trusted ISP. Will be much more convenient than using a third party service.