OpenVPN
What is OpenVPN?
OpenVPNAn open-source VPN that runs in userspace and uses TLS/OpenSSL to authenticate peers and tunnel arbitrary IP or Ethernet traffic.
OpenVPN is an SSL/TLS-based VPN released under GPLv2 that wraps a virtual tun/tap interface so any IP (or, with TAP, Layer 2) traffic can be encrypted and tunneled over a single UDP or TCP port. Authentication can use X.509 certificates, pre-shared static keys, username/password, or external auth modules, with MFA commonly layered on top. Because it relies on OpenSSL/mbedTLS cipher suites, OpenVPN can be tuned for strong cryptography (AES-GCM, ChaCha20-Poly1305) and perfect forward secrecy. It is widely used for both site-to-site and remote-access scenarios, especially where firewall traversal over standard ports is required, although newer protocols like WireGuard often outperform it.
● Examples
- 01
A self-hosted OpenVPN server on UDP/1194 used by remote employees to access corporate intranet.
- 02
OpenVPN running over TCP/443 to traverse restrictive corporate firewalls.
● Frequently asked questions
What is OpenVPN?
An open-source VPN that runs in userspace and uses TLS/OpenSSL to authenticate peers and tunnel arbitrary IP or Ethernet traffic. It belongs to the Network Security category of cybersecurity.
What does OpenVPN mean?
An open-source VPN that runs in userspace and uses TLS/OpenSSL to authenticate peers and tunnel arbitrary IP or Ethernet traffic.
How do you defend against OpenVPN?
Defences for OpenVPN typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for OpenVPN?
Common alternative names include: OpenVPN Community, OpenVPN protocol.