2
0
mirror of https://github.com/opnsense/docs synced 2024-11-18 21:28:29 +00:00
opensense-docs/source/manual/vpnet.rst
Ad Schellevis 82f0ad9c47 minor fixes and changes
- arrange service menu like the product
- compile error in radvd.rst
- add ipsec howt's to the index
- fix some screenshot sizes in ipsec howto's

@mimugmail I think it's safe to add your howto's, so I've added them now
2019-08-23 09:19:41 +02:00

118 lines
3.1 KiB
ReStructuredText

==========================
Virtual Private Networking
==========================
A virtual private network secures public network connections and in doing so it
extends the private network into the public network such as internet. With a VPN
you can create large secure networks that can act as one private network.
.. image:: images/Virtual_Private_Network_overview.png
:width: 100%
(picture from `wikipedia <https://en.wikipedia.org/wiki/File:Virtual_Private_Network_overview.svg>`__)
Companies use this technology for connecting branch offices and remote users
(road warriors).
OPNsense supports VPN connections for branch offices as well as remote users.
Creating a single secured private network with multiple branch offices connecting
to a single site can easily be setup from within the graphical user interface.
For remote users, certificates can be created and revoked and a simple to use export
utility makes the client configuration a breeze.
--------------------------
Supported VPN technologies
--------------------------
OPNsense offers a wide range of VPN technologies ranging from modern SSL VPNs to
well known IPsec as well as older (now considered insecure) legacy options such as
L2TP and PPTP.
.. image:: images/vpn.png
.. Note::
VPN technologies displayed with an open lock are considered to be insecure.
.................................
Integrated VPN options
.................................
Integrated solutions are those that are available within the GUI without installing
any additional package or plugin. These include:
* **IPsec**
* **OpenVPN (SSL VPN)**
.................................
Plugin VPN options
.................................
Via plugins additional VPN technologies are offered, including:
* **Legacy L2TP & PPTP**
* **OpenConnect** - SSL VPN client, initially build to connect to commercial vendor appliances like Cisco ASA or Juniper.
* **Tinc** - Automatic Full Mesh Routing
* **WireGuard** - Very simple and fast VPN working with public and private keys.
* **Zerotier** - seamlessly connect everything, requires account from zerotier.com, free for up to 100 devices.
-------------
Configuration
-------------
Please read our how-tos for configuration examples and more detailed information.
..............
IPsec
..............
.. toctree::
:maxdepth: 2
:titlesonly:
how-tos/ipsec-road
how-tos/ipsec-s2s
how-tos/ipsec-s2s-route
how-tos/ipsec-s2s-binat
how-tos/ipsec-rw
how-tos/ipsec-rw-android
how-tos/ipsec-rw-linux
how-tos/ipsec-rw-srv-eapradius
how-tos/ipsec-rw-srv-eaptls
how-tos/ipsec-rw-srv-ikev1xauth
how-tos/ipsec-rw-srv-mschapv2
how-tos/ipsec-rw-srv-rsamschapv2
how-tos/ipsec-rw-w7
how-tos/ipsec-s2s-route-azure
..............
OpenVPN
..............
.. toctree::
:maxdepth: 2
:titlesonly:
how-tos/sslvpn_client
how-tos/sslvpn_s2s
..............
Other
..............
.. toctree::
:maxdepth: 2
:titlesonly:
how-tos/openconnect
how-tos/wireguard-s2s
how-tos/wireguard-client
how-tos/wireguard-client-azire
how-tos/wireguard-client-mullvad
how-tos/zerotier