OpenVPN is an open source, free VPN program used to link private networks using encrypted tunnels over the Internet. This highly configurable, robust, and full-featured SSL VPN solution can accommodate configurations, such as site-to-site VPNs, remote access, and WiFi security.

It can also accommodate enterprise-scale remote access solutions with failover, load balancing, and fine-grained access-controls. James Yonan authored the OpenVPN, which is published under the GNU GPL.

Features

The software displays an icon in the notification area from which the program is controlled. OpenVPN can also handle multiple simultaneous connections, hide the console window, and log file viewer. It has dialog for entering the username or password authentication credentials, and dialog for private key password.

With OpenVPN, you can configure proxy settings from the GUI., edit config (using a texteditor), change password used in protecting the private key, and start/stop/restart the OpenVPN Service. You can also perform a batch file before or after connecting and before disconnecting. It also has Internet Explorer proxy settings.

Networking

OpenVPN runs over UDP or TCP. It multiplexes communications over one TCP/UDP port and can work through virtually all proxy servers. It can also work through NAT and get out through firewalls.  It offers two kinds of interfaces for networking: layer-2 based Ethernet TAP or a layer-3 based IP tunnel (TUN).

Encryption

OpenVPN provides encryption of data and control channels using the OpenSSL library, which does all the authentication and encryption work. This allows OpenVPN to utilize all the ciphers that are available in OpenSSL. It also uses HMAC packet authentication to add an extra layer of security to the network.

Authentication

OpenVPN authenticates peers in several ways: certificate-based authentication, username/password-based authentication, and pre-shared secret key. The certificate-based authentication is the most feature-rich and robust, whereas the pre-shared secret key is the easiest. The username/password authentication is one of OpenVPN's newest features. It can be used even without a client certificate.

Security

OpenVPN has a number of internal security features. It does not require IP operation and it runs in userspace. OpenVPN can also enter a chroot jail following initialization, use mlockall to avoid swapping crucial data to disk, and drop root privileges.