In this post, I will help you through configuring an OpenVPN connection. I have found out that could not find a good configuration guide that configures everything I wanted in one post. I had to use 4-6 different websites to configure my OpenVPN on the EdgeRouter.. so i’ve decided to create a guide myself.
So about VPN.. In short, what is a VPN? You can think of a VPN connection like encrypted tunnels used to connect computers on different networks over the internet. VPNs can be used to provide yourself with a secure connection when using the internet on a public network, like a public wifi hotspot. They are also being used a lot to create a secure, remote connection to your (work or home) local network.
I have chosen to use the OpenVPN protocol instead of other well known protocols like PPTP (older, more insecure, easily detacable and blockable) or L2TP/IPSec (easily detacable and blockable but available on most operating systems).
I like the OpenVPN protocol because it is easy to setup, open source, more secure than PPTP and can be used with port 443 (https) which makes it almost undetectable and shown as normal HTTPS traffic. The downside of OpenVPN is that it uses a third-party app instead of the built-in software from Windows or your phone.
Different types of VPN tunneling
When configuring the VPN, you will need to chose how you want to use it. You can chose to use a split-tunnel or a full-tunnel.
- Split-tunnel allows you to access your local network resources but normal internet traffic is not going through the tunnel and is not encrypted
- full-tunnel allows you to access your local network resources and your normal internet traffic is going through the tunnel and is encrypted. But you can probably cannot access local resources, unless you are already connected to them.
I have chosen to use the full tunnel, because I want secure internet access and access to my local resources. You can also add a route to your work network to access its resources through vpn. I haven’t tested that.
Click the READ MORE button to start going though the actual configuration