I have been wanting to setup a secure VPN solution on my home network for a while now. Also, one of my "company goals" this year was to evaluate a secure corporate VPN solution for my company. I figured, why not kill two birds with one stone!
So I started looking around at all sorts of options. The first one I tried was called Adito, which is a web-based SSL VPN server based on the old Open Source version of SSL-Explorer that is now no longer free. Adito wasn't really what I was looking for though, as it was more like a Citrix Webapps server. You login to a web page that has plugins that allow you to access your network resources through it. I wanted something a little more transparent, that gave you the feeling that you were literally jacked in at your home or office.
Enter OpenVPN. OpenVPN allowed me to connect into my home network using a secure SSL tunnel, and access network resources from outside the network. I could RDP, or SSH into my other computers. I could browse network file shares. You name it!
Here is a description of OpenVPN from their website:
If you want to set it up for yourself, there are many tutorials out there. I for one, have it running on Windows 2000 server, and I used this tutorial to set it up: (Win2k OpenVPN). I chose that method because it was the easiest way to do it.
You can also run it on Linux as well. I found this tutorial for running it on Ubuntu, but I found the routing part a little difficult to get working. (Ubuntu OpenVPN Tutorial)
Installation is really easy too. For Windows (Client and Server) you can install the OpenVPN Gui. For Ubuntu, you just run:
If you are looking for a way to tie OpenVPN into your Active Directory, I found this tutorial on authenticating OpenVPN with AD.
What VPN solution do you use? Do you have a favorite that is easier, or more secure that OpenVPN? Let me know in the comments.
So I started looking around at all sorts of options. The first one I tried was called Adito, which is a web-based SSL VPN server based on the old Open Source version of SSL-Explorer that is now no longer free. Adito wasn't really what I was looking for though, as it was more like a Citrix Webapps server. You login to a web page that has plugins that allow you to access your network resources through it. I wanted something a little more transparent, that gave you the feeling that you were literally jacked in at your home or office.
Enter OpenVPN. OpenVPN allowed me to connect into my home network using a secure SSL tunnel, and access network resources from outside the network. I could RDP, or SSH into my other computers. I could browse network file shares. You name it!
Here is a description of OpenVPN from their website:
OpenVPN is a full-featured open source SSL VPN solution that accommodates a wide range of configurations, including remote access, site-to-site VPNs, Wi-Fi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. Starting with the fundamental premise that complexity is the enemy of security, OpenVPN offers a cost-effective, lightweight alternative to other VPN technologies that is well-targeted for the SME and enterprise markets.
If you want to set it up for yourself, there are many tutorials out there. I for one, have it running on Windows 2000 server, and I used this tutorial to set it up: (Win2k OpenVPN). I chose that method because it was the easiest way to do it.
You can also run it on Linux as well. I found this tutorial for running it on Ubuntu, but I found the routing part a little difficult to get working. (Ubuntu OpenVPN Tutorial)
(If you know of a more comprehensive how-to for Ubuntu, hit me up in the comments)
Installation is really easy too. For Windows (Client and Server) you can install the OpenVPN Gui. For Ubuntu, you just run:
sudo apt-get install openvpn
If you are looking for a way to tie OpenVPN into your Active Directory, I found this tutorial on authenticating OpenVPN with AD.
What VPN solution do you use? Do you have a favorite that is easier, or more secure that OpenVPN? Let me know in the comments.