OpenVPN 2.5+ - open-source VPN 2.5+ =================================== .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **What is OpenVPN?** OpenVPN is an open-source VPN protocol that creates secure point-to-point or site-to-site connections. It uses SSL/TLS for key exchange and supports a wide range of encryption algorithms to protect data in transit. OpenVPN 2.5+ introduced several enhancements, including improved IPv6 support, better performance, and modern cryptographic options. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Why is OpenVPN important?** * **Secure Communication** – Encrypts internet traffic to protect against eavesdropping and tampering. * **Flexible Deployment** – Works across platforms and supports both TCP and UDP transport. * **Authentication Options** – Supports username/password, certificates, and multi-factor authentication. * **Widely Supported** – Compatible with many operating systems, routers, and firewalls. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **How OpenVPN works (in simple steps):** * The client initiates a connection to the OpenVPN server. * A secure TLS handshake is performed to authenticate and exchange keys. * A secure tunnel is established using negotiated encryption. * Encrypted IP packets are exchanged between client and server through the tunnel. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Where is OpenVPN used?** * **Remote Workforce Access** * **Site-to-Site VPNs** * **Cloud Infrastructure Connectivity** * **Secure Wi-Fi Usage** * **Bypass Censorship and Geo-blocking** * **IoT and Embedded Systems** .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Which OSI Layer does this protocol belong to?** OpenVPN operates primarily at: * **Transport Layer (Layer 4)** – Uses TCP or UDP for transport. * **Network Layer (Layer 3)** – Encapsulates IP packets (IPv4/IPv6) for routing through the VPN tunnel. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow Topics in this section, * :ref:`Learnings in this section ` * :ref:`Terminology ` * :ref:`Version Info ` * :ref:`OpenVPN 2.5+ Version&RFC Details ` * :ref:`OpenVPN 2.5+ Basic Setup on Ubuntu using IPv4 ` * :ref:`OpenVPN 2.5+ Basic Setup on Ubuntu using IPv6 ` * :ref:`OpenVPN 2.5+ Protocol Packet Details ` * :ref:`OpenVPN 2.5+ Usecases ` * :ref:`OpenVPN 2.5+ Basic Features ` * :ref:`OpenVPN 2.5+ Feature : Secure Tunneling ` * :ref:`OpenVPN 2.5+ Feature : Protocol Flexibility ` * :ref:`OpenVPN 2.5+ Feature : TLS Cryptography ` * :ref:`OpenVPN 2.5+ Feature : Cipher Negotiation ` * :ref:`OpenVPN 2.5+ Feature : Authentication Options ` * :ref:`OpenVPN 2.5+ Feature : Asynchronous Authentication ` * :ref:`OpenVPN 2.5+ Feature : Client Configuration Push ` * :ref:`OpenVPN 2.5+ Feature : IPv6 Support ` * :ref:`OpenVPN 2.5+ Feature : Compression (Deprecated) ` * :ref:`OpenVPN 2.5+ Feature : High Availability ` * :ref:`Reference links ` .. _OpenVPN 2.5+_step1: .. tab-set:: .. tab-item:: Learnings in this section * In this section, you are going to learn .. _OpenVPN 2.5+_step2: .. tab-set:: .. tab-item:: Terminology * Terminology .. _OpenVPN 2.5+_step3: .. tab-set:: .. tab-item:: Version Info * Version Info .. _OpenVPN 2.5+_step5: .. tab-set:: .. tab-item:: OpenVPN 2.5+ Version&RFC Details .. csv-table:: :file: ./OpenVPN_2.5+/openvpn_2.5+_version_rfc_details.csv :widths: 10,10,10,30 :header-rows: 1 .. _OpenVPN 2.5+_step20: .. tab-set:: .. tab-item:: OpenVPN 2.5+ Basic Setup on Ubuntu using IPv4 **Setup** .. _OpenVPN 2.5+_step21: .. tab-set:: .. tab-item:: OpenVPN 2.5+ Basic Setup on Ubuntu using IPv6 **Setup** .. _OpenVPN 2.5+_step6: .. tab-set:: .. tab-item:: OpenVPN 2.5+ Protocol Packet Details **TLS Handshake Packet** .. csv-table:: :file: ./OpenVPN_2.5+/openvpn_2.5+_packetdetails1.csv :widths: 10,20,30,10 :header-rows: 1 **Control Channel Packet** .. csv-table:: :file: ./OpenVPN_2.5+/openvpn_2.5+_packetdetails2.csv :widths: 10,20,30,10 :header-rows: 1 **Data Channel Packet** .. csv-table:: :file: ./OpenVPN_2.5+/openvpn_2.5+_packetdetails3.csv :widths: 10,20,30,10 :header-rows: 1 **Keepalive Packet** .. csv-table:: :file: ./OpenVPN_2.5+/openvpn_2.5+_packetdetails4.csv :widths: 10,20,30,10 :header-rows: 1 **TLS Authentication Packet** .. csv-table:: :file: ./OpenVPN_2.5+/openvpn_2.5+_packetdetails5.csv :widths: 10,20,30,10 :header-rows: 1 .. _OpenVPN 2.5+_step7: .. tab-set:: .. tab-item:: OpenVPN 2.5+ Usecases .. csv-table:: :file: ./OpenVPN_2.5+/openvpn_2.5+_use_cases.csv :widths: 10,20,30 :header-rows: 1 .. _OpenVPN 2.5+_step8: .. tab-set:: .. tab-item:: OpenVPN 2.5+ Basic Features .. csv-table:: :file: ./OpenVPN_2.5+/openvpn_2.5+_basic_features.csv :widths: 10,10,30 :header-rows: 1 .. _OpenVPN 2.5+_step9: .. tab-set:: .. tab-item:: OpenVPN 2.5+ Feature : Secure Tunneling **Secure Tunneling - Testcases** .. csv-table:: :file: ./OpenVPN_2.5+/openvpn_2.5+_feature1_secure_tunneling_testcases.csv :widths: 10,10,30,20 :header-rows: 1 .. _OpenVPN 2.5+_step10: .. tab-set:: .. tab-item:: OpenVPN 2.5+ Feature : Protocol Flexibility **Protocol Flexibility - Testcases** .. csv-table:: :file: ./OpenVPN_2.5+/openvpn_2.5+_feature2_protocol_flexibility_testcases.csv :widths: 10,10,30,20 :header-rows: 1 .. _OpenVPN 2.5+_step11: .. tab-set:: .. tab-item:: OpenVPN 2.5+ Feature : TLS Cryptography **TLS Cryptography - Testcases** .. csv-table:: :file: ./OpenVPN_2.5+/openvpn_2.5+_feature3_tls_cryptography_testcases.csv :widths: 10,10,30,20 :header-rows: 1 .. _OpenVPN 2.5+_step12: .. tab-set:: .. tab-item:: OpenVPN 2.5+ Feature : Cipher Negotiation **Cipher Negotiation - Testcases** .. csv-table:: :file: ./OpenVPN_2.5+/openvpn_2.5+_feature4_cipher_negotiation_testcases.csv :widths: 10,10,30,20 :header-rows: 1 .. _OpenVPN 2.5+_step13: .. tab-set:: .. tab-item:: OpenVPN 2.5+ Feature : Authentication Options **Authentication Options - Testcases** .. csv-table:: :file: ./OpenVPN_2.5+/openvpn_2.5+_feature5_authentication_options_testcases.csv :widths: 10,10,30,20 :header-rows: 1 .. _OpenVPN 2.5+_step14: .. tab-set:: .. tab-item:: OpenVPN 2.5+ Feature : Asynchronous Authentication **Asynchronous Authentication - Testcases** .. csv-table:: :file: ./OpenVPN_2.5+/openvpn_2.5+_feature6_asynchronous_authentication_testcases.csv :widths: 10,10,30,20 :header-rows: 1 .. _OpenVPN 2.5+_step15: .. tab-set:: .. tab-item:: OpenVPN 2.5+ Feature : Client Configuration Push **Client Configuration Push - Testcases** .. csv-table:: :file: ./OpenVPN_2.5+/openvpn_2.5+_feature7_client_configuration_push_testcases.csv :widths: 10,10,30,20 :header-rows: 1 .. _OpenVPN 2.5+_step16: .. tab-set:: .. tab-item:: OpenVPN 2.5+ Feature : IPv6 Support **IPv6 Support - Testcases** .. csv-table:: :file: ./OpenVPN_2.5+/openvpn_2.5+_feature8_ipv6_support_testcases.csv :widths: 10,10,30,20 :header-rows: 1 .. _OpenVPN 2.5+_step17: .. tab-set:: .. tab-item:: OpenVPN 2.5+ Feature : Compression (Deprecated) **Compression (Deprecated) - Testcases** .. csv-table:: :file: ./OpenVPN_2.5+/openvpn_2.5+_feature9_compression_deprecated_testcases.csv :widths: 10,10,30,20 :header-rows: 1 .. _OpenVPN 2.5+_step18: .. tab-set:: .. tab-item:: OpenVPN 2.5+ Feature : High Availability **High Availability - Testcases** .. csv-table:: :file: ./OpenVPN_2.5+/openvpn_2.5+_feature10_high_availability_testcases.csv :widths: 10,10,30,20 :header-rows: 1 .. _OpenVPN 2.5+_step19: .. tab-set:: .. tab-item:: Reference links * Reference links