kids encyclopedia robot

OpenVPN facts for kids

Kids Encyclopedia Facts
Quick facts for kids
OpenVPN
OpenVPN logo.svg
Original author(s) James Yonan
Developer(s) OpenVPN project / OpenVPN Inc.
Initial release 13 May 2001; 24 years ago (2001-05-13)
Stable release 2.6.8  (17 November 2023; 21 months ago (2023-11-17))
Written in C
Platform
Type VPN
License GNU GPLv2

OpenVPN is a special computer program that helps create secure connections over the internet. Think of it like building a secret, protected tunnel for your data. It lets you connect your computer safely to another computer or network, even if they are far away. OpenVPN works as both a "client" (your computer connecting) and a "server" (the computer you connect to).

This program lets computers check each other's identity using secret codes, special digital IDs (certificates), or a username and password. If many computers connect to one server, the server can give each client its own special ID.

OpenVPN uses strong encryption tools to keep your data safe. It can also work around network address translators (NATs) and firewalls, which are like digital security guards.

Many systems use OpenVPN. For example, some router software like DD-WRT includes it. SoftEther VPN, another VPN program, also uses the OpenVPN way of connecting.

James Yonan created OpenVPN. It is free software, meaning you can use and change it freely under the GNU General Public License version 2 (GPLv2). You can also get special paid versions.

How OpenVPN Works

Keeping Your Data Secret

OpenVPN uses a powerful tool called OpenSSL to scramble your data. This makes sure that only you and the computer you are connecting to can understand what is being sent. It uses all the different ways OpenSSL can encrypt information. OpenVPN can also add an extra layer of security to your connection. It can even use special computer parts to make encryption faster.

Checking Who You Are

OpenVPN has different ways to make sure the computers connecting are who they say they are. It can use secret keys that both sides know. It can also use digital certificates, which are like digital passports. Or, you can use a username and password. The certificate method is the strongest and offers the most features.

How It Connects

OpenVPN can send data using two main internet methods: User Datagram Protocol (UDP) or Transmission Control Protocol (TCP). It can send many secure connections through a single internet port.

Since 2013, OpenVPN fully supports IPv6, which is the newest way computers get addresses on the internet. It can also work through most proxy servers and NAT systems. This means it's good at getting past firewalls.

The server can even tell the connecting computers how to set up their network. This includes giving them IP addresses and telling them how to send data. OpenVPN can create two types of virtual connections: a "TUN" connection for internet traffic or a "TAP" connection for any type of network traffic.

OpenVPN can also squeeze your data to make it smaller before sending it. This helps it travel faster. Port 1194 is the official internet port number for OpenVPN. Newer versions of the program use this port by default.

OpenVPN uses common internet methods (TCP and UDP). This makes it a good choice when some internet providers block other types of VPNs. For example, some providers used to block VPNs to make people pay more for "business" internet.

Staying Safe Online

OpenVPN has many built-in security features. It can use very strong encryption, up to 256-bit, which is like having a super-strong lock on your data. It also supports something called Perfect Forward Secrecy (PFS). This means it regularly changes the encryption keys. So, even if someone somehow figures out one key, your past and future data stays safe.

OpenVPN uses its own special security rules based on SSL and TLS. It does not use other common VPN rules like IPsec or PPTP.

You can also use special smart cards with OpenVPN for extra security.

Adding More Features

You can add extra tools or scripts to OpenVPN to make it do more things. These additions can help with logging, better ways to check usernames and passwords, or connecting to other systems. These extra tools are often written in the C programming language.

Where OpenVPN Runs

OpenVPN works on many different computer systems. This includes Solaris, Linux, OpenBSD, FreeBSD, NetBSD, QNX, macOS, and Windows XP and newer.

It also works on many mobile devices. This includes Maemo, older Windows Mobile phones, iOS devices (like iPhones and iPads) from 2009 onwards, and Android phones from 2012 onwards. It does not work on some older mobile systems like Palm OS.

OpenVPN is not a website-based VPN. You install the program on your device and set it up by changing text files. It does not work with VPNs that use IPsec over L2TP or PPTP. The whole program is usually just one main file for both connecting and serving, plus a setup file and some key files.

Router Software That Uses OpenVPN

Many router software packages include OpenVPN. This lets you run OpenVPN directly from your home or office router. If your router runs OpenVPN, any device connected to that router can use the VPN without needing to install OpenVPN itself.

Here are some well-known router software packages that include OpenVPN:

Router Software with OpenVPN
Firmware package Cost Developer
DD-WRT Free NewMedia-NET GmbH
Gargoyle Free Eric Bishop
OpenWrt Free Community driven development
OPNsense Free Deciso BV
pfSense Free Rubicon Communications, LLC (Netgate)
Tomato Free Keith Moyer

Some router companies also build OpenVPN directly into their own router software.

Other Software That Uses OpenVPN

OpenVPN is also part of SoftEther VPN, which is another open-source VPN server. This allows people using OpenVPN to connect to SoftEther VPN servers.

It is also included in Vyos, which is an open-source operating system for network routers.

Different Versions of OpenVPN

OpenVPN comes in two main versions:

  • OpenVPN Community Edition: This is the free and open-source version. Anyone can use it and change it.
  • OpenVPN Access Server (OpenVPN-AS): This version is based on the Community Edition but has extra features that you pay for. These features include easier management through a web page and tools to set it up quickly. This version can also create special installer files for connecting clients. However, you can still use the free OpenVPN Community Edition client to connect to an Access Server.

How It Connects Your Devices

OpenVPN helps connect individual computers or entire computer networks. For example, it can connect a remote employee to their company's network. It can also link different office branches or connect data centers that are far apart.

In these connections, one side starts the connection (the client), and the other side waits for connections (the server). The server needs a fixed internet address or name so the client can find it.

If there's a firewall or proxy server, you need to set it up to allow OpenVPN traffic. An OpenVPN server usually listens on one specific port and uses either TCP or UDP. Since 2005, OpenVPN uses port 1194, but you can change this in the settings.

So, OpenVPN's main job is to create an encrypted tunnel between your device and another server. This keeps your data safe from being stolen or changed as it travels. It works by checking identities, building the secure tunnel, and then sending your data through it.

Can OpenVPN Be Detected?

Even though OpenVPN encrypts your data, it is possible to detect that an OpenVPN connection is being used. This is because the start of the data packets has a known pattern. While this detection cannot see what's inside the encrypted tunnel, it can be used to block the connection. This is important in places where using VPNs is not allowed, like in some countries or company networks.

See also

Kids robot.svg In Spanish: OpenVPN para niños

  • OpenConnect
  • OpenSSH
  • Secure Socket Tunneling Protocol (SSTP)
  • stunnel
  • Tunnelblick
  • WireGuard
kids search engine
OpenVPN Facts for Kids. Kiddle Encyclopedia.