Introduction
The recipes in this chapter will provide an introduction into configuring OpenVPN. The recipes are based on a point-to-point style network, meaning that only a single client can connect at a time.
A point-to-point style network is very useful when connecting to a small number of sites or clients. It is easier to set up, as no certificates or Public Key Infrastructure (PKI) is required. Also, routing is slightly easier to configure, as no client-specific configuration files containing --iroute statements are required.
The drawbacks of a point-to-point style network are:
The lack of perfect forward secrecy— a key compromise may result in a total disclosure of previous sessions
The secret key must exist in plaintext form on each VPN peer
