[CentOS] OpenVPN problem

Tue Feb 11 02:48:13 UTC 2014
Les Mikesell <lesmikesell at gmail.com>

On Mon, Feb 10, 2014 at 7:15 PM, Timothy Murphy <gayleard at eircom.net> wrote:
> I'm interested to know how you - or anyone else implementing OpenVPN -
> actually uses it in practice.
> I use it to login to a remote computer over OpenVPN using ssh.
> (This is largely a safety measure, since a straightforward ssh connection
> sometimes fails because the remote machine has a dynamic address.
> But it is also simpler because it avoids firewall issues, as you say.)

There are several different reasons to use it.   One is to allow
individual remote connections to a LAN, another is to connect two or
more private LANS over the internet - which can work through NAT
routers, another (with bridging) is to allow protocols that don't
route well to work remotely, and yet another is to make your source
address to appear to be somewhere else to bypass some restrictions.
And in all cases the connection would be encrypted.

> Someone suggested that using ssh with openvpn was foolish since
> "encapsulating an SSH link with a VPN tunnel makes not much sense".
> So I'm interested to know how people in general use OpenVPN.
> Am I in fact unusual in using ssh with OpenVPN?

For the individual connection to one server case that is always done
over ssh there is not that much value added by openvpn, although the
connections might be more robust with openvpn if you need to go
through NAT or make the connection in the reverse direction.   But it
does open up other protocols to work remotely.

   Les Mikesell
     lesmikesell at gmail.com