We’ve seen it, heard about it, but what is OpenVPN exactly?
Released 17 years ago after authorship by James Yohan, OpenVPN is an open source VPN encryption protocol that ensures security and privacy in internet usage. It uses the cryptographic protocols: Secure Sockets Layer (SSL) and Transport Layer Security (TLS) for key exchange to secure site-to-site and/or point-to-point connections.
Basically, Virtual Private Networks (VPNs), are connections that ensure the safety of data while it is being transferred from one network to another. If you are wondering how to use OpenVPN, first we should talk about what it is used for. OpenVPN is used by internet users to secure a private connection like in protecting personal data when connected to public Wi-Fi or to hide real identity in order to evade website censorships and restrictions. To set up a VPN connection, encryption, and transmission protocols are needed – one of these is OpenVPN.
This is a popular protocol due to its open source nature and the fact that it supports an array of operating systems including, but not limited to Android, iOS and Windows. It uses User Datagram Protocol (UDP) and Transmission Control Protocol (TCP) for data transmission.
How does OpenVPN work?
It utilizes a ‘client-server communication’ mode of operation. This two-row level of communication involves the client connecting to the server, which, in turn, connects to the internet. So the client uses the server’s physical location and hence masks his/her actual location and identity. When using the OpenSSL library for encryption and authentication of data and control channels, the protocol can employ cryptographic keys, passwords and certificates to provide security. In brief, the client is assigned an internet protocol (IP) address from the application’s address space and encrypted data goes to the server from the client. So website requests come from the VPN server and are transferred to the client.
It uses UDP and TCP as common network protocols to create a transport tunnel. In the tunnel, the internet protocol employed in creating connections by OpenVPN networks is IPv6. It thus allows internet users to get past proxy servers like Hypertext Transfer Protocol (HTTP) and usually works through Network Address Translation (NAT).
These are security barriers that are put in place to limit internet users’ access to web content. OpenVPN uses up to 256-bit encryption thus one of the fastest VPNs available to users. Third-party plug-ins can be used to enable extensions established at defined entry points. This is necessary to enable authentication via usernames/passwords in OpenSSL. It is also important to extend the application with the ever-changing internet firewalls.
How to setup OpenVPN
Depending on your platform, installing OpenVPN is a process of varying complexity. If you’re a Windows user, all you need to do is download the installer executable from the OpenVPN site, run it and follow the instructions.
The OpenVPN GUI for Mac OS is called Tunnelblick. You can download the DMG file on their website – set it up just like any other Mac app. First of all double-click the DMG file, then double-click the Tunnelblick icon. Your Mac will ask for permission to open the app (press “Open”). Then just click “Install” and you’ll be well underway.
How to setup OpenVPN for Android? Easy – go to the Google Play app store and you’ll find it. Installation is just a few clicks. Alternatively, you can find the OpenVPN .apk separately – Google will help. Likewise, if you’re an iPhone/iPad user, you’ll find OpenVPN on the App Store.
Linux users will have more difficulty, but you’re used to that by now. OpenVPN’s How To page has setup instructions for Linux.
How to use OpenVPN
Most people will not use OpenVPN directly. Nowadays, this protocol is an integral part of most top VPN suites, such as ExpressVPN, NordVPN, Private Internet Access, etc. That’s a good thing – many of these VPN providers combine the secure tunneling capabilities of OpenVPN and strong additional features to provide an all-around product.
With that said, there are situations where using the standalone app makes more sense. In those cases, how to use OpenVPN will differ based on your GUI. For more information, we will again refer you back to OpenVPN’s How To page.
Features of OpenVPN
- It is available in two editions: OpenVPN Community Edition (free version) and OpenVPN Access Server (with extra features like Lightweight Directory Access Protocol integration, Web UI management, Server Message Block server, among others).
- Available on and supports operating systems such as Windows XP and later, Linux, Solaris, macOS, and mobile phone operating systems like Windows Mobile, iOS, jailbroken iOS, and Android versions of 4.0+.
- Uses up to 256-bit encryption via OpenSSL. In this type of connection, the quality depends on the encryption type such that the higher the encryption level, the less the quality of the connection.
- The extension provided by third-party plug-ins and scripts allow application of features such as logging, authentication using usernames and passwords, and dynamic firewall updates.
- Relies on TLS and SSL-based protocols thus not compatible with VPN clients using IPSec, L2TP or PPTP protocols.
Advantages and disadvantages of OpenVPN
As with all kinds of software, OpenVPN has various limitations and delimitations. Testing using a VPN provider is highly recommended to ascertain user suitability.
The main advantages of OpenVPN are:
- From the name, it is an open source. This means it possesses a source code open to the public and inspection, vetting and modification. This flexible customization from active users, in turn, improves its quality.
- This protocol supports a dazzling array of encryption techniques and cryptographic algorithms. This provides variety to the providers and users and one is able to choose the most suitable at any particular time.
- OpenVPN allows a user to go through firewalls, HTTP and NAT.
- It is widely considered the most intuitive and easy to use protocol. All users new to VPNs consider it the most user-friendly.
- It has military-grade encryption, which is also known as 256-bit encryption, which makes it very secure compared to other VPN providers which still use 128-bit encryption. This also means that this program provides a much longer long-term data security.
- It allows for many options of configuration.
The main limitations of OpenVPN include:
- One requires a deep understanding of the software’s technology to reap from its supplementary benefits such as third-party plug-ins or scripts for username and password peer authentication.
- OpenVPN cannot (usually) stand on its own as a program. It is highly dependent on third-party software and thus full functioning is reliant on availability and technical know-how of such software.
- Since the protocol was just introduced to mobile users, only few OpenVPN tutorials and have been availed and thus many users end up with the question: What can I do with OpenVPN on my phone?
Why is OpenVPN popular among users?
When looking for a VPN provider or trying to install your own VPN, you will definitely need to pick a protocol. Most users prefer OpenVPN.
First, OpenVPN is easy to use. Only a single command is needed without configuration files when it employs UDP or TCP protocols to create and configure a transport tunnel.
Its high level of security and privacy in comparison to other VPN protocols such as Point-to-Point Tunneling Protocol (PPTP), which has been shown to have huge vulnerability to decryption of its connections by intelligence agencies and dictatorial governments, and Layer 2 Tunnel Protocol (L2TP/IPsec) which uses UDP port 500 hence can’t be disguised on another port makes it a widely preferred VPN option.
Another reason for the popularity of this protocol is its ability to support almost all the major platforms like Windows, Linux, macOS and other mobile phone platforms Windows Mobile, iOS, and Android. It also supports less frequently used platforms such as Solaris, Maemo, QNX, and FreeBSD.
It is considered to have the strongest ability to circumvent firewalls safeguarding private offices or even foreign countries and so what OpenVPN does is it makes it easy to transfer or access content from such points as well as restricted websites.
Moreover, OpenVPN is open source and is freely available for inspection and modification which provides it with development avenues. Apart from additions, users are also able to report technical issues.
Peer authentication in this protocol involves OpenSSL library encryption usage of pre-shared security keys, usernames/passwords and certificates and these and more security features give it an edge over the other VPN protocols.
Is OpenVPN safe?
By virtue of being the most secure VPN encryption protocol known, it is safe to use OpenVPN. Even in countries where VPN usage is illegal, its traffic can be hidden and presented as normal HTTPS by cloaking. It has been rigorously tested and reviewed worldwide by experts. Moreover, due to the fact that it has an open source code, it is highly flexible, unlike SSTP or PPTP which are essentially Microsoft protocols, or L2TP which is developed by Cisco. Via the OpenSSL library, it has up to 256-bit encryption (military-grade encryption) using pre-shared keys and certificates which provides a high level of security.
Which platforms possess compatibility with OpenVPN?
OpenVPN is compatible with all commonly used operating systems for pc and mobile phones. It is usable on macOS, Windows XP, Vista, 7 & 8, Linux, Solaris, FreeBSD, and NetBSD. Mobile phone operating systems compatible include Windows Mobile, Android versions of 4.0 and later, iOS on iPhone devices and Maemo.
OpenVPN Android installation usually involves downloading the OpenVPN client on Google play store and logging in with previously submitted credentials. OpenVPN for iPhone is slightly difficult to use since Apple inputs inbuilt preference to other encryption protocols like L2TP but it can be installed via the OpenVPN Connect app from iTunes store. For Windows, all that is needed is subscription and downloading the client and subsequently connecting via the strings option. For OpenVPN mac, just like with iOS, a third party client is needed for connection.
Although OpenVPN server relies on third-party software, it is considered by many internet users, as by far, the most secure, fast and reliable encryption protocol. Its unique flexibility, open source nature, ability to work through firewalls and proxy servers among other outstanding qualities makes it the most preferable VPN for protecting sensitive online data.