VPN and OpenVPN
VPN is an acronym for Virtual Private Network. It is a secure tunnel between two or more devices. It enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. VPNs typically allow only authenticated remote access using tunneling protocols and encryption techniques.
OpenVPN is an open-source software VPN daemon. It supports SSL/TLS security, ethernet bridging, TCP or UDP tunnel transport through proxies or NAT, support for dynamic IP addresses and DHCP, scalability to hundreds or thousands of users, and portability to most major OS platforms.
It is tightly bound to the OpenSSL library. It is designed to work with the TUN/TAP virtual networking interface that exists on most platforms.
For details see OpenVPN.
OpenVPN cdist type
Here at ungleich we have developed cdist type that allows you to create and maintain OpenVPN servers, named __ungleich_openvpn_server.
Type assumes the existence of the directory files/openvpn/ and various subdirectories.
It has only one required parameter:
Name of the configuration file below files/openvpn/server-config. This is the main OpenVPN configuration file.
It also supports one optional parameter:
Directory with additional files for the server configuration, relative to files/openvpn/. It usually contains files like ca.crt, server.crt and server.key or dh4096.pem file containing DH parameters. If "ccd" sub-directory is present it contains client specific configuration files.
You use this type as in the following examples.
Use the config file ipv6-server.conf:
__ungleich_openvpn_server --config ipv6-server
Use a customer directory for server files, custom-server-dir. Files from files/openvpn/custom-server-dir are copied to /etc/openvpn:
__ungleich_openvpn_server --config custom-server \ --srcdir custom-server-dir