Running OpenVPN

I’ve been playing with OpenVPN for the past couple of weeks and I’m pretty impressed. OpenVPN allows you to create a private network between 2 computers. These could be 2 servers or a client and a server. A few of the reasons for wanting to do this are –

  • bypassing your ISPs traffic shaping
  • making your traffic appear to originate from a different country
  • encrypting your laptop traffic over an insecure link – such as a coffee shop wifi connection
  • anonymous web surfing
  • bypassing a countries web access controls

Setup and configuration of the server component can be fairly complicated depending how you want to manage the certificates and networking on there. It’s possible to install it on Linux or Windows although I’ve only tested it on Linux. Running the server on Linux you also need to configure iptables to translate your private ‘vpn’ ip address to an external ip address on the vpn server.

You can either set up OpenVPN to assign static IP addresses to users or, if you don’t need to monitor/restrict on a per user basis, then you can just assign IP addresses from a pool.

You need to install  some client software to connect to OpenVPN – you cannot use the Windows built in vpn client software as this works with PPTP only. There are clients available for Windows, Mac, Windows Mobile and, of course, Linux.

The server could be a dedicated server or, possibly, a VPS. I have tested OpenVPN on an OpenVZ VPS but this does require some configuration on the OpenVZ host so, if you’re thinking about doing this, then talk to your VPS provider first.

If you’re looking for an open source VPN solution then OpenVPN is both mature and stable and definitely worth considering.

2 thoughts on “Running OpenVPN

  1. Michael

    about this vpn thing, would that help bypass the download limits such as some isp’s as starband? just curious.
    mike

  2. matt Post author

    Well, if you mean a bandwidth cap then I’m afraid no, this isn’t going to help. You are still downloading the data so it counts towards your limits. What a VPN does is encrypt the data you are uploading/downloading so your ISP cannot ‘see’ what the data is, or even what ‘sort’ of data it is (smtp, http, nntp …)

Comments are closed.