OpenVPN – The VPN for everyone

For various reasons I decided to finally sort out a secure VPN connection back to my home network. I am lucky to own a Sonicwall Pro 200 firewall with an unlimited VPN licence. Trouble is that Sonicwall made the client software End of Life and I need to buy their newer one. Don’t fancy that.

So let’s go visit the bast treasure trove that is Open Source. Hey presto – OpenVPN. An SSL-based VPN solution which is more flexible, easier to configure and free.

There is a great getting started guide here.  I basically downloaded the “Windows GUI” version, created some certificates and wrote my own server.ovpn config file. After ensuring my Sonicwall let the relevant port through and that my DNS names were all correct (I wanted a specific name for the VPN server) I went into work and tried it out.

The client needs a slightly different .ovpn file and a copy of the relevant certificates (ca.crt and the one generated for that particular client). I kept the same file structure as for the server to make my life easier:

C:\Program Files\OpenVPN\easy-rsa\keys
C:\Program Files\OpenVPN\config

Everything went fine except I cannot see the LAN, only the server. A bit more reading and it looks like it may be the Windows firewall running on the server. Soon fixed that. Will go into work tomorrow and try again.

The GUI works well and whilst it isn’t as polished as say, the Cisco VPN client, it works and it works well. I certainly recommend it for home users and admins. Possibly not quite ready for mainstream deployment for novice users. I’ll try it out on my wife though and see how she gets on. She is used to me by now.