FreeBSD Multimedia Resources List
Links on this page refer to multimedia resources (podcast, vodcast, audio recordings, video recordings, photos) related to FreeBSD or of interest for FreeBSD users.
If you know any resources not listed here, or notice any dead links, please send details to Edwin Groothuis so that it can be included or updated.
John Pertalion - An Open Source Enterprise VPN Solution with OpenVPN and OpenBSD
Source: BSDCan - The Technical BSD Conference
Added: 26 May 2008
Tags: bsdcan, bsdcan2008, slides, openbsd, openvpn, john pertalion
PDF file (127 Kb, 26 pages)
An Open Source Enterprise VPN Solution with OpenVPN and OpenBSDSolving the problem
At Appalachian State University, we utilize an open source VPN to allow faculty, staff and vendors secure access to Appalachian State University's internal network from any location that has an Internet connection. To implement our virtual private network project, we needed a secure VPN that is flexible enough to work with our existing network registration and LDAP authentication systems, has simple client installation, is redundant, allows multiple VPN server instances for special site-to-site tunnels and unique configurations, and can run on multiple platforms. Using OpenVPN running on OpenBSD, we met those requirements and added a distributed administration system that allows select users to allow VPN access to specific computers for external users and vendors without requiring intervention from our network or security personnel. Our presentation will start with a quick overview of OpenVPN and OpenBSD and then detail the specifics of our VPN implementation.
Dissatisfied with IPSec for road warrior VPN usage we went looking for a better solution. We had hopped that we could find a solution that would run on multiple platforms, was flexible and worked well. We found OpenVPN and have been pleased. Initially we ran it on RHEL. We migrated to OpenBSD for pf functionality and general security concerns. ...and because we like OpenBSD.
Our presentation will focus on the specifics of our VPN implementation. We will quickly cover the basics of OpenVPN and the most used features of OpenBSD. Moving along we will cover multiple authentication methods, redundancy, running multiple instances, integration with our netreg system, how pf has extended functionality, embedding in appliances, and client configuration. The system has proven helpful with providing vendor access where needed and we'll cover this aspect as well. Time permitting we will cover current enhancement efforts and future plans.
OpenVPN has been called the "Swiss army knife" of VPN solutions. We hope our presentation leaves participants with that feeling.