Index
A
- advanced configuration
- configuration files, including in config files / Including configuration files in config files, Getting ready, How to do it...
- remote-random directive, using / Multiple remotes and remote-random, How to do it...
- AES128 cipher / How to do it...
- AES256 cipher / How to do it...
- Aladdin eToken Pro USB hardware token
- URL / Introduction
- allow-pull-fqdn directive / Routing features: redirect-private, allow-pull-fqdn
- allow-pull-fqdn parameter / Geallow-pull-fqdn parametertting ready
- auth-user-pass-verify script
- implementing / Using an 'auth-user-pass-verify' script, How to do it...
- setting up / Using an 'auth-user-pass-verify' script
- working / How it works...
- username and password, specifying / Specifying the username and password in a file on the client
- password, passing via environment variables / Passing the password via environment variables
- auto-nct authentication / New features in OpenVPN 2.2
- automatic revert, OpenVPN
- about / Automatically reverting to the first OpenVPN server
B
- basic-udp-client.conf / Getting ready, Getting ready
- BlowFish cipher / How to do it...
- bridge-start script / How it works...
- bridged OpenVPN server
- setting up, on Linux / Bridging—Linux, How Linuxbridged OpenVPN server, setting upbridged OpenVPN serversetting up, on Linuxto do it...
- working, on Linux / How it works...
- default gateway / Fixed addresses
- fixed addresses / Fixed addresses
- name resolution system / Name resolution
- setting up, on Windows / Bridging—Windows, How to do it...
- bridged OpenVPN server,
- working, on Windows / How it works...
- broadcast domain
- checking / Checking broadcast and non-IP traffic, How to do it...
- build-dh script / How it works...
C
- --capath directive
- using / Using the --capath directive
- --config command-line option / How it works...
- ca+subca.pem file / How to do it...
- ca.crt file / How to do it...
- ca.key file / How to do it...
- caveats, HTTP proxy
- http-proxy options / htHTTP proxycaveatstp-proxy options
- ducking firewalls / Ducking firewalls
- performance / Performance
- certificate request
- signing / Certificate generation, How it works...
- creating / Certificate generation, How it works...
- certificate revocation
- requisites / What is needed to revoke a certificate
- Certificate Revocation List see CRLS / GettingCRLsabout Certificate Revocation List see CRLSready
- certificates
- revoking / Revoking certificates
- cipher mismatches
- about / Cipher mismatches, How to do it...
- client-config-dir directive / Troubleshooting 'client-config-dir' issues, Understanding the 'MULTI: bad source' warnings
- client-config-dir files
- using / Using 'client-config-dir' files, How to do it...
- working / How to do it...
- default configuration file / Default configuration file
- configuration options / Allowed options in a 'client-config-dir' file
- client-config-dir issues
- troubleshooting / Troubleshooting 'client-config-dir' issues, How it works...
- logging verbosity, increasing / There's more...
- about / Other frequent client-config-dir mistakes
- client-connect/client-disconnect scripts
- implementing / Using client-connect/client-disconnect scripts, How to do it..., How it works...
- setting up / Using client-connect/client-disconnect scripts
- client-disconnect script / 'client-disconnect' scripts
- environment variables / Environment variables
- absolute paths / Absolute paths
- client-connect script / Using client-connect/client-disconnect scripts, How it works...
- client-disconnect script
- about / 'client-disconnect' scripts
- client-only CA / Multiple CAs: stacking, using --capath
- client-side routing
- setting up, in client/server mode / Routing: subnets on both sides, How to do it..., How it works...
- client-side up/down script
- implementing / Using a client-side up/down script, How to do it...
- environment variables / Environment variables
- down script, calling before connection termination / Calling the 'down' script before the connection terminates
- remote hostname, verifying / Advanced: verify the remote hostname
- client-to-client directive / How it works...
- client-to-client subnet routing
- about / Client-to-client subnet routing
- client-to-client traffic
- enabling / Enabling client-to-client traffic, Getting ready, How to do it...
- working / How it works...
- filtering / Filtering traffic
- TUN-style networks / TUN-style networks
- client-to-client traffic routing
- troubleshooting / Troubleshooting client-to-client traffic routing, Getting ready, How to do it..., How it works...
- client iperf process
- differentiating, with server iperf process / Client versus server 'iperf' results
- client side management interface
- about / Client side management interface
- compression
- testing / Compression tests, Getting ready, How to do it...
- working / How it works..., OpenVPNcompression, workingThere's more...
- options, pushing / Pushing compression options
- adaptive compression / Adaptive compression
- compression mismatches
- about / Compression mismatches, How it works...
- configuration errors
- about / Troubleshooting
- configuration files
- versus, command line / Configuration files versus the command-line, How it works...
- including, in config files / Including configuration files in config files, Getting ready, How to do it...
- working / How it works...
- configuration options, client-config-dir files
- about / Allowed options in a 'client-config-dir' file
- connection, in client or server mode
- setting up / Simple configuration, How to do it..., How it works...
- connection blocks
- about / Connection blocks
- advantages / Connection blocks
- implementing / Connection blocks, How to do it...
- working / How it works...
- features / There's more...
- allowed directives / Allowed directives inside connection blocks
- TCP and UDP-based setups, mixing / Pitfalls when mixing TCP and UDP-based setups
- considerations, IP-less setups
- TUN-style networks / Point-to-point and TUN-style networks
- point-to-point style environment / Point-to-point and TUN-style networks
- firewalling / Routing and firewalling
- routing / Routing and firewalling
- CRLs
- about / GettingCRLsabout Certificate Revocation List see CRLSready, How it works...
- working / How it works..., How it works...
- implementing / The use of CRLs, How to do it...
- stacking / Stacking CRLs
- cryptoapicert directive / OpenVPN User name
D
- ddclient tool / How it works...
- failover / FailovNetworkManager toolabouter
- default gateway
- redirecting / Redirecting the default gateway, How to do it...
- working / How it works...
- default gateway, redirecting
- troubleshooting / Failure when redirecting the default gateway, Getting ready, How to do it..., How it works..., There's more...
- dhclient script
- about / Tweaking the /etc/sysconfig/network-scripts
- DHCP relay
- about / DHCP relay
- DHCP server configuration
- about / DHCP server configuration
- Distributed Denial of Service (DDoS) attack / How it works...
- down-root plugin
- about / Using the 'down-root' plugin
- implementing / Getting ready, How to do it...
- working / How it works...
- duplicate-cn option
- about / Caveat: the duplicate-cn option
- dyndns service
- using / Using dyndns, How to do it...
- working / How it works...
E
- easy-rsa certificate environment
- setting up / Getting ready
- easy-rsa scripts
- about / How it works...
- using, on Windows / Using the easy-rsa scripts on Windows
- engine_pkcs11 library / Getting ready
- expired/revoked certificates
- checking / Checking expired/revoked certificates, How to do it...
- external DHCP server
- using / External DHCP server, How to do it...
- working / How it works...
- configuration / DHCP server configuration
- /etc/sysconfig/network-scripts, tweaking / Tweaking the /etc/sysconfig/network-scripts
F
- file basic-udp-server.conf / Getting ready
- flags, redirect-gateway directive
- local / Redirect-gateway parameters
- bypass-dhcp / Redirect-gateway parameters
- bypass-dns / Redirect-gateway parameters
G
- gigabit networks
- about / Gigabit networks
H
- hardware token
- initializing / Initializing a hardware token, How to do it...
- working / How it works...
- public and private objects / Public and private objects
- using / Using a hardware token, Getting ready, How to do it...
- key, generating / Generating a key on the hardware token, How to do it...
- hardware token ID
- determining / Getting a hardware token ID, How to do it..., There's more...
- working / How it works...
- automatic selection / What about automatic selection?
- http-proxy authentication / New features in OpenVPN 2.2
- http-proxy options
- http-proxy-timeout [n] / htHTTP proxycaveatstp-proxy options
- http-proxy-option AGENT [string] / htHTTP proxycaveatstp-proxy options
- http-proxy-option VERSION 1.1 / htHTTP proxycaveatstp-proxy options
- HTTP digest authentication / New features in OpenVPN 2.2
- HTTP proxy
- about / Connecting via an HTTP proxy
- using / Connecting via an HTTP proxy, OpenVPN serverconnecting, HTTP proxy usedHow to do it...
- working / How it works...
- caveats / htHTTP proxycaveatstp-proxy options
- HTTP proxy, with authentication
- working / How it works...
- NTLM proxy authorization / NTLM proxy authorization
I
- ICMP protocol / How it works...
- ifconfig-pool-persist directive
- about / Details of ifconfig-pool-persist
- implementing / ifconfig-pool-persist directiveimplementingGetting ready, How to do it...
- working / How it works...
- pitfalls / Spifconfig-pool-persist directivepitfallsecifying the update interval
- ifconfig-pool block
- using / Using an 'ifconfig-pool' block, Howifconfig-pool blockusing to do it...
- working / How it works..., ifconfig-pool blockworkingThere's more...
- configuration files, on Windows / Configuration files on Windows
- topology subnet / Topology subnet
- client-to-client access / Client-to-client access
- TCP protocol, using / Using the TCP protocol
- inline certificates
- implementing / Inline certificates, How to do it...
- about / Inline certificates
- working / How it works...
- intermediary CA
- setting up / Intermediary CAs, How to do it...
- working / How it works...
- intermediary CA certificate
- creating / How to do it...
- IP-less setups
- about / IP-less setups (ifconfig-noexec)
- considerations / There's more...
- iperf
- about / Optimizing performance using 'iperf', How it works...
- network layout / Getting ready
- working / Getting ready, iperfworkingThere's more...
- IP fowarding
- setting up permanently / Making IP fowarding permanent
- iptables command / Masquerading, How it works...
K
- key
- generating, on hardware token / Generating a key on the hardware token, How to do it...
- key mismatches
- about / Key mismatches, Getting ready, How it works...
L
- LARTC ( Linux Advanced Routing and Traffic Control) / There's more...
- learn-address script
- implementing / Using a 'learn-address' script, How to do it..., How it works...
- setting up / Using a 'learn-address' script
- user nobody directive / User 'nobody'
- update action / The 'update' action
- Linux
- bridged OpenVPN server, setting up / Bridging—Linux, How Linuxbridged OpenVPN server, setting upbridged OpenVPN serversetting up, on Linuxto do it..., How it works...
- OpenVPN, setting up / Introduction, Getting ready, How to do it...
- OpenVPN configuration, NetworkManager used / Getting ready, How to do it...
- OpenVPN, setting up using pull-resolv-conf / Linux: using 'pull-resolv-conf', Getting ready, How to do it...
- Linux dhrelay command
- about / DHCP relay
- Linux iproute2 tools / Source routing
- logging verbosity
- increasing / There's more..., More verbose logging
- LZO compression
- performance, measuring / Compression tests
M
- Mac OS X
- OpenVPN, setting up using Tunnelblick / MacOS: using Tunnelblick, How to do it..., How it works...
- management interface
- using / Management interface, How to do it..., Management interface, How to do OpenVPNmanaging, with management interfacemanagement interfaceusingit...
- about / Management interface
- working / How it works..., How it works...
- server-side management interface / Server-side management interface
- client side management interface / Client side management interface
- using, for listing PKCS#11 certificates / Using the management interface to list PKCS#11 certificates, How to do it...
- using, for selecting PKCS#11 certificates / Selecting a PKCS#11 certificate using the management interface, How to do it...
- masquerading
- about / Masquerading
- max-routes directive
- about / The 'max-routes' directive
- max-routes n directive / Routing features: redirect-private, allow-pull-fqdn
- mod_proxy module
- about / Connecting via an HTTP proxy
- MTU (Maximum Transfer Unit) mismatch / Troubleshooting MTU and tun-mtu issues
- MTU and tun-mtu issues
- troubleshooting / Troubleshooting MTU and tun-mtu issues, Getting ready, How it works...
- MTU size, OpenVPN setup
- determining / Optimizing performance using 'ping'
- MULTI* bad source warnings
- triggering / Understanding the 'MULTI: bad source' warnings, See also
- occurrences / Other occurrences of the 'MULTI: bad source' message
- multiple CA certificates
- using / Multiple CAs: stacking, using --capath, Getting ready
- working / How it works...
- CRLs, stacking / Stacking CRLs
- multiple secret keys
- using / Multiple secret keys, How to do it...
N
- NAT'ing rule / There's more...
- net30 addresses / 'net30' addresses
- net30 topology mode / When 'topology net30' is used
- network connectivity
- troubleshooting / Troubleshooting network connectivity, Getting ready, There's more...
- network latency
- about / Network latency
- NetworkManager
- VPN-specific routes, setting up / Setting up routes using NetworkManager
- DNS settings / DNS settings
- NetworkManager-openvpn plugin / How OpenVPNconfiguring, NetworkManager usedit works...
- NetworkManager tool
- about / FailovNetworkManager toolabouter
- and ddclient / NetworkManager and 'ddclient'
- network performance
- optimizing, ping command used / Optimizing performance using 'ping', Getting ready, How it works...
- optimizing, iperf used / Optimizing performance using 'iperf', How to do it...
- clientversus server iperf processes / Client versus server 'iperf' results
- network latency / Network latency
- analyzing, tcpdump used / Analyzing performance using tcpdump, Getting ready, How to do it..., Snetwork performanceanalyzing, tcpdump usedee also
- network routing error
- troubleshooting / The missing return route, How to do it..., How it works..., Missing return routes when 'iroute' is used, How to do it..., There's more...
- network type
- changing / Windows: public versus private network adapters, How to do it..., How it works...
- new certificate
- creating, xCA GUI used / Getnew certificatecreating, xCA GUI usedting ready, How to do it...
- non-IP based traffic
- checking / Checking broadcast and non-IP traffic, How to do it...
- nslookup command / How to do it...
O
- OCSP support
- about / OCSP support
- setting up / Getting ready, How to do it...
- working / How it works...
- OpenCA
- about / xCAOpenCAaboutPKI solutions, xCAOpenCAOpenCAURL: a GUI for managing a PKI (Part 2)
- URL / xCAOpenCAaboutPKI solutions, xCAOpenCAOpenCAURL: a GUI for managing a PKI (Part 2)
- OpenSC
- versus Aladdin PKI Client driver / OpenSC versus Aladdin PKI Client driver
- OpenSC driver
- using / Using the OpenSC driver
- openssl ca commands / How it works...
- OpenSSL cipher speed
- measuring / OpenSSL cipher speed, How it works...
- working / How it works...
- OpenSSL commands
- about / OpenSSL tricks: x509, pkcs12, verify output
- using / Getting X.509 certificatesmanagingready
- openssl dh command / Topenssl dh commandhere's more...
- openssl req command / How it works...
- OpenSSL toolkit
- about / How it works...
- OpenVPN
- shortest setup possible / Shortest setup possible, How to do it...
- multiple secret keys / Multiple secret keys, How to do it...
- plaintext tunnel / Plaintext tunnel
- routing / Routing, How it works...
- status file / Using the status file, Using the status file
- management interface / Management interface
- proxy-arp / Proxy-arp
- managing, with management interface / Management interface, How to do OpenVPNmanaging, with management interfacemanagement interfaceusingit...
- plugins / Introduction
- scripting / Introduction
- client-side up/down script, using / Using a client-side up/down script, How to do it...
- Windows login greeter / Windows login greeter, How to do it..., How it works...
- security considerations / Security considerations
- script order, determining / Script order, How to do it..., How it works...
- script-security configuration directive / Script security and logging
- script output, logging / Script security and logging
- down-root plugin / Using the 'down-root' plugin, How to do it...
- down-root plugin, working / How it works...
- PAM authentication plugin / Using the PAM authentication plugin, How to do it...
- troubleshooting / Introduction
- cipher mismatches / Cipher mismatches, How to do it...
- compression mismatches / Compression mismatches, How it works...
- key mismatches / Key mismatches, Getting ready, How it works...
- MTU and tun-mtu issues, troubleshooting / Troubleshooting MTU and tun-mtu issues, Getting ready, How it works...
- network connectivity, troubleshooting / Troubleshooting network connectivity, Getting ready, There's more...
- client-config-dir issues, troubleshooting / Troubleshooting 'client-config-dir' issues, How it works..., More verbose logging
- performance tuning / Introduction
- performance, optimizing using ping command / Optimizing performance using 'ping', Getting ready, How it works...
- performance, optimizing using iperf / Optimizing performance using 'iperf', How to do it...
- AES128 cipher / How to do it...
- AES256 cipher / How to do it...
- compression, testing / Compression tests, Getting ready, How to do it...
- compression, working / How it works..., OpenVPNcompression, workingThere's more...
- compression options, pushing / Pushing compression options
- adaptive compression / Adaptive compression
- traffic shaping / Traffic shaping
- UDP-based connections, optimizing / Tuning UDP-based connections, How to do it...
- TCP-based connections, optimizing / Tuning TCP-based connections, How to do it...
- setting up, on Linux / Linux: using NetworkManager
- configuring, NetworkManager used / Getting ready, How to do it..., How OpenVPNconfiguring, NetworkManager usedit works...
- setting up, pull-resolv-conf used / Linux: using 'pull-resolv-conf', Getting ready, How to do it...
- setting up, on Mac OS X / MacOS: using Tunnelblick, How to do it...
- setting up, on Windows Vista/7 with elevated privileges / Windows Vista/7: elevated privileges, How to do it...
- Windows CryptoAPI store, using / Windows: using the CryptoAPI store, How to do it...
- Windows DNS cache, updating / Windows: updating the DNS cache, How to do it..., There's more...
- network type, changing / Windows: public versus private network adapters, How to do it..., How it works...
- advanced configuration / Introduction
- automatic revert / Automatically reverting to the first OpenVPN server
- openvpn.exe process / How it works...
- OpenVPN 2.0 net30 compatibility
- about / OpenVPN 2.0 'net30' compatibility
- OpenVPN 2.1
- inline certificates / Inline certificates
- connection blocks / Connection blocks
- port, sharing with HTTPS server / Port sharing with an HTTPS server, Getting ready
- routing features / Routing features: redirect-private, allow-pull-fqdn
- out public IP addresses, handling / Handing out the public IPs, How to do it..., How it works...
- OCSP support / OCSP support, How to do it...
- behaviour / OpenVPN 2.1 behaviour
- OpenVPN 2.1.1
- features / OpenVPN 2.1 specifics
- about / OpenVPN 2.1 specifics
- OpenVPN 2.2
- features / New features in OpenVPN 2.2, Introduction
- x509_user_name parameter / New for 2.2: the 'x509_user_name' parameter, How to do it...
- OpenVPN log files
- reading / How to read the OpenVPN log files, How it works...
- OpenVPN route directive, parameters
- net_gateway / Split tunneling
- vpn_gateway / Split tunneling
- route 10.198.0.0 255.255.0.0 vpn_gateway / Split tunneling
- OpenVPN secret keys
- using / OpenVPN secret keys, How it works..., There's more...
- OpenVPN server
- connecting, SOCKS proxy used / Connecting using a SOCKS proxy, How to do it...
- connecting, HTTP proxy used / Connecting via an HTTP proxy, OpenVPN serverconnecting, HTTP proxy usedHow to do it...
- connecting, HTTP proxy with authentication used / Connecting via an HTTP proxy with authentication, Getting ready, How to do it...
- OpenVPN service
- about / Windows: running OpenVPN as a service
- controlling, OpenVPN GUI application used / Windows: running OpenVPN as a service, How to do it...
- working / How it works...
- automatic service startup / Automatic service startup
- OpenVPN user name / OpenVPN User name
- OpenVPN tunnel
- creating, without assigning IP addresses to tunnel endpoints / IP-less setups (ifconfig-noexec), How to do it..., How it works...
- out public IPs
- handing / Handing out the public IPs, How to do it...
P
- --pkcs11 command-line options
- parameters / How it works...
- PAM authentication plugin
- about / Using the PAM authentication plugin
- implementing / Using the PAM authentication plugin, How to do it...
- working / How it works...
- pin caching example
- about / Pin caching example, How to do it...
- ping commands / How it works...
- pitfalls, connection blocks
- when mixing TCP and UDP-based setups / Pitfalls when mixing TCP and UDP-based setups
- pitfalls, ifconfig-pool-persist directive
- update interval, specifying / Spifconfig-pool-persist directivepitfallsecifying the update interval
- duplicate-cn option / Caveat: the duplicate-cn option
- topology net30 option / When 'topology net30' is used
- PKCS#11
- about / Introduction
- PKCS#11 certificates
- listing, management interface used / Using the management interface to list PKCS#11 certificates, How to do it..., How it works...
- selecting, management interface used / Selecting a PKCS#11 certificate using the management interface, How to do it...
- retrieving by private method / Private method for getting a PKCS#11 certificate, How to do it...
- PKCS#11 libraries
- about / PKCS#11 libraries
- pkcs11-tool command / OpenSC versus Aladdin PKI Client driver
- pkcs11-tool utility / How it works...
- PKI
- setting up / Setting up the public and private keys, How to do it...
- about / Setting up the public and private keys
- Certificate Authority / Setting up the public and private keys
- private keys / Setting up the public and private keys
- public keys / Setting up the public and private keys
- PKI solutions, xCA
- tinyCA / There's more...
- OpenCA / xCAOpenCAaboutPKI solutions, xCAOpenCAOpenCAURL: a GUI for managing a PKI (Part 2)
- plaintext tunnel
- about / Plaintext tunnel
- working / How it works...
- point-to-point style network
- about / Introduction
- drawbacks / Introduction
- port
- sharing, with HTTPS server / Port sharing with an HTTPS server, Getting ready, How to do it...
- port-share directive
- working / How it works...
- proxy-arp
- using / Proxy-arp, How to do it...
- about / Proxy-arp, How it works...
- working / How it works...
- using, in TAP-style networks / TAP-style networks
- proxy-arp script
- about / DHCP relay
R
- redirect-gateway directive / Failure when redirecting the default gateway
- redirect-gateway parameters
- about / Redirect-gateway parameters
- redirect-private directive / Routing features: redirect-private, allow-pull-fqdn
- implementing / Routing features: redirect-private, allow-pull-fqdn, Geallow-pull-fqdn parametertting ready, How to do it...
- register-dns directive / How it works...
- remote-random directive
- using / Multiple remotes and remote-random, How to do it...
- about / Multiple remotes and remote-random
- working / How it works...
- root CA / Intermediary CAs
- route-method directive
- about / How it works...
- route-nopull directive / Routing features: redirect-private, allow-pull-fqdn
- about / The route-nopull directive
- route.exe method / How it works...
- route.exe program / There's more...
- routing
- about / Routing, How it works...
- issues / Routing issues
- setup, automating / Automating the setup
- routing, troubleshooting
- return route, missing / The missing return route, Getting ready, How to do it..., How it works...
- return route, missing using iroute / Missing return routes when 'iroute' is used, Getting ready, How to do it..., How it works...
- omission, in routing / All clients function except the OpenVPN endpoints, How to do it..., How it works...
- source routing / Source routing, Getting ready, How to do it...
- routing and permissions on Windows / Routing and permissions on Windows, How to do it..., How it works...
- client-to-client traffic routing / Troubleshooting client-to-client traffic routing, Getting ready, How to do it..., How it works...
- MULTI* bad source warnings / Understanding the 'MULTI: bad source' warnings, See also
- default gateway redirecting / Failure when redirecting the default gateway, Getting ready, How to do it..., How it works..., There's more...
- routing and permissions on Windows
- troubleshooting / Routing and permissions on Windows, How to do it..., How it works...
- routing directives
- redirect-private / Routing features: redirect-private, allow-pull-fqdn
- allow-pull-fqdn / Routing features: redirect-private, allow-pull-fqdn
- route-nopull / Routing features: redirect-private, allow-pull-fqdn
- max-routes n / Routing features: redirect-private, allow-pull-fqdn
- routing issues
- troubleshooting, when connecting client-side LAN / All clients function except the OpenVPN endpoints, How to do it..., How it works...
- routing methods
- using / Windows: routing methods, How to do it...
- about / Windows: routing methods
- IPAPI helper functions / Windows: routing methods
- route.exe program / Windows: routing methods
S
- script-security configuration directive
- about / Script security and logging, Getting ready, How to do it...
- script order
- determining / Script order, How to do it..., How it works...
- script output
- logging / Script security and logging, Getting ready, How to do it...
- security considerations / Security considerations
- serialized ID / How it works...
- server-only CA / Multiple CAs: stacking, using --capath
- server-side management interface
- about / Server-side management interface
- server-side routing
- setting up / Server-side routing, How to do it..., How it works...
- linear addresses / Linear addresses
- TCP protocol, using / Using the TCP protocol
- setting up, in client/server mode / Routing: subnets on both sides, How to do it..., How it works...
- setenv-safe directive / Windows login greeter, setenv or setenv-safe
- setenv directive / setenv or setenv-safe
- shortest setup possible
- about / Shortest setup possible, How to do it...
- working / How it works...
- TCP protocol, using / Using the TCP protocol
- non-IP traffic, running over tunnel / Forwarding non-IP traffic over the tunnel
- site-to-site setup
- completing / Complete site-to-site setup, How to do it..., How it works..., There's more...
- SOCKS proxy
- about / Connecting using a SOCKS proxy
- using / GeSOCKS proxyusingtting ready, How to do it...
- working / How it works...
- performance / Performance
- setting up, SSH used / Note #1 on SOCKS proxies via SSH
- plain-text authentication, using / SOCKS proxies using plain-text authentication
- source routing
- troubleshooting / Source routing, Getting ready, How to do it...
- about / Source routing
- working / How it works...
- split tunneling / Split tunneling
- status file
- about / Using the status file
- using / Getting ready, How to do it..., Using the status file, Getting ready, How to do it...
- working / How it works..., How it works...
- status parameters / Status parameters
- clients, disconnecting / Disconnecting clients
- explicit-exit-notify / Explicit-exit-notify
- using, with TUN-style networks / Difference with TUN-style networks
- sub CA / Intermediary CAs
T
- ta.key file / How it works...
- TAP-based connection
- setting, in client or server mode / Simple configuration—non-bridged, How to do it...
- working / How it works..., TTAP-based connectionworkinghere's more...
- TCP-based connections
- optimizing / Tuning TCP-based connections, How to do it...
- working / How it works...
- advantages / Advantage of using TCP-based connections
- TCP and UDP-based setups
- mixing / Mixing TCP and UDP-based setups
- tcpdump utility / Analyzing performance using tcpdump
- TCP protocol
- using / Using the TCP protocol, Using the TCP protocol
- Thumb property / Certificate fingerprint
- tinyCA
- about / There's more...
- URL / There's more...
- tls-auth directive / Key mismatches
- tls-auth key / Key mismatches
- tls-verify script
- implementing / Using a 'tls-verify' script, How to do it...
- working / How it works...
- top-level CA / Intermediary CAs
- topology subnet feature / There's more...
- traffic shaping
- implementing / Traffic shaping, Getting ready, How to do it...
- about / Traffic shaping
- working / How it works...
- troubleshooting
- about / Troubleshooting
- troubleshooting, network routing error
- masquerading / Masquerading
- routes, adding to LAN hosts / Adding routes on the LAN hosts
- troubleshooting, OpenVPN
- cipher mismatches / Cipher mismatches, How it works...
- TAP mismatches / TUN versus TAP mismatches
- compression mismatches / Compression mismatches, How to do it...
- key mismatches / Key mismatches, How it works...
- MTU and tun-mtu issues / Troubleshooting MTU and tun-mtu issues, How it works...
- network connectivity / Troubleshooting network connectivity, Getting ready, There's more...
- client-config-dir issues / Troubleshooting 'client-config-dir' issues, How it works...
- troubleshooting, OpenVPN routing
- network routes, misconfiguring / The missing return route, How to do it..., How it works...
- TUN
- versus, TAP mismatches / TUN versus TAP mismatches
- tun-mtu directive / There's more...
- TUN-style interface / How it works...
- TUN and TAP
- differences / Differences between TUN and TAP
- Tunnelblick / How to do it...
- Tunnelblick GUI / How it works...
U
- UDP-based connections
- optimizing / Tuning UDP-based connections, How to do it...
- working / How it works...
- user nobody directive / There's more...
V
- variables, vars file
- KEY_SIZE=2048 / Some notes on the different variables
- CA_EXPIRE=3650 / Some notes on the different variables
- KEY_EXPIRE=1000 / Some notes on the different variables
- KEY_COUNTRY / Some notes on the different variables
- VPN-specific routes
- setting up, NetworkManager used / Setting up routes using NetworkManager
- VPN client
- reaching, server-side LAN / The missing return route, How to do it..., How it works...
- reaching, server-side LAN hosts / Missing return routes when 'iroute' is used, Getting ready, How to do it..., How it works...
W
- 3-way routing
- about / 3-way routing, Getting ready, How to do it..., How it works...
- windir variable / There's more...
- Windows
- bridged OpenVPN server, setting up / Bridging—Windows, How to do it...
- routing methods / Windows: routing methods
- Windows CryptoAPI store
- using / Windows: using the CryptoAPI store, How to do it...
- working / How it works...
- CA certificate file / The CA certificate file
- certificate fingerprint / Certificate fingerprint
- Windows DNS cache
- about / Windows: updating the DNS cache, How to do it..., There's more...
- updating / Windows: updating the DNS cache, How to do it..., There's more...
- working / How it works...
- Windows login greeter
- about / Windows login greeter, How to do it..., How it works...
- Windows Vista/7
- OpenVPN, setting up with elevated privileges / Windows Vista/7: elevated privileges, How to do it...
- Wireshark / How it works...
X
- X.509 certificates
- managing / Getting X.509 certificatesmanagingready
- viewing / Getting X.509 certificatesmanagingready, How it works...
- x509_user_name parameter
- about / New for 2.2: the 'x509_user_name' parameter
- using / x509_user_name parameterusingGetting ready, How to do it...
- working / How it works...
- xCA
- downloading / xCA: a GUI for managing a PKI (Part 1)
- about / xCA: a GUI for managing a PKI (Part 1)
- database, creating / How to do it...
- private key, importing / How to do it...
- CA certificate, importing / How to do it...
- working / How it works...
- new certificate, creating using xCA GUI / xCAOpenCAaboutPKI solutions, xCAOpenCAOpenCAURL: a GUI for managing a PKI (Part 2), How to do it...
- xCA GUI
- about / xCAOpenCAaboutPKI solutions, xCAOpenCAOpenCAURL: a GUI for managing a PKI (Part 2)
- working / How it works...
- features / There's more...
