Introduction
The recipes in this chapter will provide an introduction to configuring OpenVPN. They are based on a point-to-point type of network, meaning that only a single client can connect at a given time.
A point-to-point network is very useful when connecting to a small number of sites or clients. It is easier to set up, as no certificates or public key infrastructure (PKI) is required. Also, routing is slightly easier to configure as no client-specific configuration files containing --iroute
statements are required.
The drawbacks of a point-to-point network are as follows:
- The lack of having perfect forward secrecy-a key compromise may result in a total disclosure of previous sessions
- The secret key must exist in plaintext form on each VPN peer