Does an OpenVPN server require special OpenVPN-compatible clients?

By moeburn
in Smart Home, Network & Security

 Share

Recommended Posts

Veteran

moeburn

Posted
Posted

So I found out that my new Galaxy S3 has a nifty little 'VPN' option in the settings menu.  Well my Gargoyle/OpenWRT router has OpenVPN preinstalled, so I figured I'd set it up and configure my first VPN network, because there have been too many times when there was a file on one of my home computers that I needed on my smartphone while I was away.  I set it up, and it is on and running just fine, and it spit out a zip file full of configuration files and credential files, including the master .ovpn file.

 

However, the VPN option in my S3's settings menu does not ask for a zip file, or an ovpn file.  It asks for PPTP, or L2TP, or IPSec, or Xauth, and a username/password, and all that noise.

 

Now I managed to get the whole thing working by downloading a special OpenVPN Client app on my S3, and after importing the ovpn file into it, I was able to successfully browse my home network's Windows/Samba/CIFS shares in ES File Explorer, while the wifi on my phone was turned off, hooray!  

 

So does this mean that just because my phone has built-in VPN support, it doesn't mean it has built in OpenVPN support?  Is this the same across most devices/OSes?  Would I have to install a special OpenVPN program on every computer I wanted to use it with, even if the computer's OS has some built-in VPN support?

Link to comment
Share on other sites
Grand Master

The_Decryptor Veteran

Posted
  • Veteran
Posted

There's all different types of VPN protocol, OpenVPN is just one (And for some reason, not a popular one when it comes to support, which is strange since it's nice and open)

My iPhone supports PPTP, L2TP, IPSec, etc. but not OpenVPN, my Windows/Mac boxes don't do OpenVPN, etc.

Link to comment
Share on other sites
Grand Master

riahc3

Posted
Posted

Hello,

Well my Gargoyle/OpenWRT router has OpenVPN preinstalled, so I figured I'd set it up and configure my first VPN network, because there have been too many times when there was a file on one of my home computers that I needed on my smartphone while I was away.  I set it up, and it is on and running just fine, and it spit out a zip file full of configuration files and credential files, including the master .ovpn file.

Man, what a shame that DD-WRT doesnt autogenerate a OpenVPN client configuration file. I feel jealous now :(

VPN supports different methods of creating a connection between the client and the server from (security wise): PPTP (worst) to IPSec (best). The difference is mostly ports, additional security, and some support auth using cert, user/pass, or both.

Link to comment
Share on other sites
Grand Master

SuperKid

Posted
Posted

There's all different types of VPN protocol, OpenVPN is just one (And for some reason, not a popular one when it comes to support, which is strange since it's nice and open)

My iPhone supports PPTP, L2TP, IPSec, etc. but not OpenVPN, my Windows/Mac boxes don't do OpenVPN, etc.

 

iPhone does support OpenVPN, search on the App store for "OpenVPN" there is a client which lets you use OpenVPN on the iPhone!

Link to comment
Share on other sites
Grand Master

+BudMan MVC

Posted
  • MVC
Posted

The app is from openvpn -- so who cares if its from apple?  I would rather have the app from the vpn maker then apple - wtf does apple know about openvpn? ;)

 

You can install it on the iphone just fine, I have it on my ipad.

 

As to "IPSec (best)." -- how so?  Where did you come across such info?  What is your ranking criteria?  Yes there are multiple vpn protocols, ranking them would require aspects to look at.  Are you looking at ease of use or deployment, management or security, etc etc..

Link to comment
Share on other sites
Veteran

nabz0r Veteran

Posted
  • Veteran
Posted

If you are using open source then OpenVPN is the best choice, but if you're using Cisco Firewalls you'll have to stick with Anyconnect but that you can't use in iPhone as you need a special license for that.

 

I am using both OpenVPN and Cisco Anyconnect on my iPhone and on my wife's iPad and both works fine.

 

To answer your question now:

 "Would I have to install a special OpenVPN program on every computer I wanted to use it with, even if the computer's OS has some built-in VPN support?"

Yes, you'll need the OpenVPN client in every machine that you're using IF you want to use VPN to connect to your home network.

 

Link to comment
Share on other sites
Veteran

moeburn

Posted
  • Author
Posted

Thanks for the informative replies, everyone!  I am a total noob when it comes to VPN; I've never worked at a company that required me to use one, so until recently I didn't even know what they were.  Any time I tried to read about VPNs, I got a bunch of corporate technical jargon like this wiki article:

 

"VPNs allow users to benefit from the functionality, security and management policies of the private network.[1] This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two.

VPNs allow employees to securely access their company's intranet while traveling outside the office. Similarly, VPNs securely and cost-effectively connect geographically disparate offices of an organization, creating one cohesive virtual network."

 

I had no idea that what that meant for me was: "Be able to connect to your LAN's samba shares, using their 192.168 IP addresses, from anywhere in the world!".

 

Not sure why you guys keep bringing up iPhone, I'm talking about Android here.  Ultimately, what I was wondering was if VPN support is built into a device's OS, if that includes OpenVPN.  Which it apparently almost never does.  I wanted to know if I could just hand my friends and family the credential key, and they could plug that into their VPN-enabled devices, or if I would also have to point them to a special app that they have to download.  Which kind of sucks, because my father, for example, has built-in VPN support on both his work-supplied smartphone and laptop, and he would love to be able to access his home network using these devices too.  But apparently neither of them support OpenVPN, and because they are work devices, and not personally owned, he does not have the administrator permissions required to install the special OpenVPN clients.  There isn't even a portable no-install-permissions-required version of OpenVPN.  I found one that was explicitly called "OpenVPN Portable", and even it required installing drivers.  OH well.

Link to comment
Share on other sites
Veteran

nabz0r Veteran

Posted
  • Veteran
Posted

Not sure why you guys keep bringing up iPhone, I'm talking about Android here.  Ultimately, what I was wondering was if VPN support is built into a device's OS, if that includes OpenVPN.  Which it apparently almost never does.  I wanted to know if I could just hand my friends and family the credential key, and they could plug that into their VPN-enabled devices, or if I would also have to point them to a special app that they have to download.  Which kind of sucks, because my father, for example, has built-in VPN support on both his work-supplied smartphone and laptop, and he would love to be able to access his home network using these devices too.  But apparently neither of them support OpenVPN, and because they are work devices, and not personally owned, he does not have the administrator permissions required to install the special OpenVPN clients.  There isn't even a portable no-install-permissions-required version of OpenVPN.  I found one that was explicitly called "OpenVPN Portable", and even it required installing drivers.  OH well.

Not sure if there is any App for andriod, if there is an App then you can definitely use it on Andriod phones as well. Almost all the phones have built-in VPN nowadays and yes you can have VPN without any OpenVPN client, but then you'll have to configure it in your OS, Router or Firewall if you use one.

Link to comment
Share on other sites
Grand Master

Anibal P

Posted
Posted

Thanks for the informative replies, everyone!  I am a total noob when it comes to VPN; I've never worked at a company that required me to use one, so until recently I didn't even know what they were.  Any time I tried to read about VPNs, I got a bunch of corporate technical jargon like this wiki article:

 

"VPNs allow users to benefit from the functionality, security and management policies of the private network.[1] This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two.

VPNs allow employees to securely access their company's intranet while traveling outside the office. Similarly, VPNs securely and cost-effectively connect geographically disparate offices of an organization, creating one cohesive virtual network."

 

I had no idea that what that meant for me was: "Be able to connect to your LAN's samba shares, using their 192.168 IP addresses, from anywhere in the world!".

 

Not sure why you guys keep bringing up iPhone, I'm talking about Android here.  Ultimately, what I was wondering was if VPN support is built into a device's OS, if that includes OpenVPN.  Which it apparently almost never does.  I wanted to know if I could just hand my friends and family the credential key, and they could plug that into their VPN-enabled devices, or if I would also have to point them to a special app that they have to download.  Which kind of sucks, because my father, for example, has built-in VPN support on both his work-supplied smartphone and laptop, and he would love to be able to access his home network using these devices too.  But apparently neither of them support OpenVPN, and because they are work devices, and not personally owned, he does not have the administrator permissions required to install the special OpenVPN clients.  There isn't even a portable no-install-permissions-required version of OpenVPN.  I found one that was explicitly called "OpenVPN Portable", and even it required installing drivers.  OH well.

 

Yes there's an Android app, no you don't want to be installing things like that on a work provided laptop/phone

If his is anything like the laptops issued at work then all the security settings are custom to our environment and having a competing VPN client could wreak havoc on those settings or any other requirements they need to have 

Link to comment
Share on other sites
Grand Master

riahc3

Posted
Posted

Hello,

As to "IPSec (best)." -- how so?  Where did you come across such info?  What is your ranking criteria?  Yes there are multiple vpn protocols, ranking them would require aspects to look at.  Are you looking at ease of use or deployment, management or security, etc etc..

My ranking criteria was very basic and did not take in place deployment or management. I simply thought of security although OpenVPN can be just as much or more secure with a proper configuration.
Link to comment
Share on other sites
Grand Master

riahc3

Posted
Posted

Hello,

Anyone needing to support multiple platforms might be interested in softether - http://www.softether.org/

 

It works with OpenVPN clients, L2TP/IPSEC, SSTP and their own SSL vpn protocol.

This looks intresting. Might try it out one day.

Thank you for posting.

Link to comment
Share on other sites
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.