Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
OpenVPN for a dummy.
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
1clue
Advocate
Advocate


Joined: 05 Feb 2006
Posts: 2562

PostPosted: Tue Dec 09, 2014 3:40 am    Post subject: OpenVPN for a dummy. Reply with quote

Hi.

I have never successfully set up a VPN, so I'm a n00b.

Looking at OpenVPN. I have some questions.


  1. Does the version in the Gentoo repository require the paid license key? The docs don't show any mention of it here: http://wiki.gentoo.org/wiki/OpenVPN
  2. If it doesn't require the paid license then what's the difference between the Gentoo version and the paid version?
  3. What sort of processor do I need for a pure VPN device carrying around 1gbps of data in the most secure way?
  4. What do I need to make this version do multifactor authentication with something that can be on a cell phone? (text, call, etc)


Background info if you're interested:

The Sony Pictures hacks scared me and several of my friends. We collaborate for our work and need to tighten up our home and office networks. I think OpenVPN sounds like the best option.

I want to set up my network equipment as discrete physical hardware:

  1. Outside firewall:

    1. 1gbps Internet. and internal.
    2. Real hardware, real software. Linux or something commercial. Not DD-WRT or off-the-shelf.
    3. DMZ with routable addresses.
    4. Public and semi-public (hook up to an off-the-shelf SOHO wifi router) has no access you can't get from outside.
    5. Near wire speed with NAT, firewall rules and routing.
    6. 6to4 and fully functional IPV6 stack.
    7. Deep packet inspection.
    8. VLAN trunk support.
    9. SFP port.

  2. Inside firewall:

    1. One or two SFP+ ports. Maybe an SFP also.
    2. VPN hook, or the firewall is the vpn? I don't know what best practices are.
    3. Near wire speed on all ports simultaneously.
    4. Deep packet inspection.
    5. VLAN trunk support.
    6. Full proxy



I don't know best practices here. Looking for any advice.

Thanks.
Back to top
View user's profile Send private message
1clue
Advocate
Advocate


Joined: 05 Feb 2006
Posts: 2562

PostPosted: Tue Dec 09, 2014 5:06 pm    Post subject: Reply with quote

I found out about the paid license, it's OK from my standpoint because I don't want a gui anyway for the server.

I'd still like to know about performance. I would like to offload as much of this as I can to a dedicated device. Or does it make more sense to use a VM?

Thanks.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum