Howto for OpenVPN: Configure Windows computers to allow secure surfing when on the road
Set up OpenVPN in four steps
By Markus Feilner and Norbert Graf
This article explains in four simple steps how you can use a home-based Windows PC to secure a notebook and circumvent systems such as the "Great Firewall of China". With OpenVPN, mobile users can surf without fear of the restrictions that might otherwise affect them on the local network to which they are connected, and can access all Internet content without danger of being bugged or censored.
Travelers to China suffer from a censored Internet connection, which blocks access to many web sites and spies on every piece of network traffic generated by their computer. In the western world, too, many employees are faced with restricted Internet access as their companies block attempts to reach social networking sites such as Facebook, for example. Any notebook owner knows the problems all too well - that general feeling of a lack of security that hits your stomach as you have to access the web, but do not have confidence in the security of the network providing your connection, irrespective of whether you are connecting via a web cafe in a strange city, your company's LAN, a spare machine in your customer's offices, or an easily intercepted link via wireless networks such as WLAN, Bluetooth, UMTS or GPRS. Many users view anonymity and unrestricted access as a basic right, but accept the restrictions placed on them as a necessary evil.
OpenVPN makes it better
Restrictions do not have to be the order of the day, however. The open-source VPN software, OpenVPN, is available for Windows, Linux and Mac OS X, and has proven its stability in many years of real-life usage. A great many users swear by it to surf anonymously and without fear of having their data intercepted. Military-grade encryption technologies guarantee confidentiality, and the comprehensive options allow you to establish a secure connection, a so-called tunnel, to your own server in almost any situation. Typically, administrators use Linux servers, firewall appliances or a Linux root server from one of the usual-suspect providers that can be accessed from all over the world.
In contrast, this article describes an amazingly simple configuration that will suit a great many users: A Windows server acts as the access node to the Internet, via a broadband DSL connection. Users out and about with their notebooks simply hook up to their home connection, establishing a secure, encrypted tunnel. They can then surf through their own home DSL connection, as though they were connected to it physically by a massive invisible cable.
Setting up this sample scenario is done in just four steps.
Step 1: Dyndns
First of all the DSL connection needs a flexible entry in the world's Domain Name System. This dynamic DNS address means that your Windows computer at home can always be accessed from outside, even if it is allocated a new IP address every few hours, as is often the case with most DSL providers. There are many providers such as dyndns.org, no-ip.com or others who offer an easy-to-use, free, web-based solution that gives users an entry in the format feilner.dyndns.org. Whenever the local IP address changes, a small client software application running on Windows or on the DSL router itself automatically updates the entry at dyndns.org. Almost all the currently available routers and Linux-based systems incorporate this function out of the box, while dyndns.org has its own original client software, which is recommended for use with Windows.
|
Comments
Nice guide!
Marcus Feb 25, 2009 3:46pm GMT
Thanks for this wonderful guide! Works perfectly on Vista 64!winsows setup?
bartos Feb 20, 2009 11:03pm GMT
Pretty much boring article. To see all these corporate ugly windows windows. Unfortunately was looking for linux openvpn client config