Summary
In this chapter we have discussed some typical advanced configurations for OpenVPN that showed some of its advantages. We have tunneled OpenVPN through an HTTP proxy and then we configured a squid proxy so that we could control who is allowed to do so. Then we had a closer look at the scripting interfaces OpenVPN offers, including lists of variables that are passed to the scripts by OpenVPN on invocation. One such script can be an authentication plug-in like the provided PAM authentication or better an authentication against LDAP servers. As a next step, we configured OpenVPN to use a per-client configuration based on the client's certificate, which would enable different configurations for different users connecting. This scenario can be made even more complicated when combined with per-user firewall rules being activated on the VPN server after a client connects.
distcc, a network-enabled compiler front end to GCC can be used together with OpenVPN tunnels to have remote machines...
