I may be confused here, so clarification is appreciated. From what I understand, OpenVPN is a software VPN as opposed to the Hardware VPN available on my router. I have a Draytek router on which VPN is enabled which allows me to connect to my network, but the speed is excruciatingly slow and it doesn’t work with my iPhone. Would installing OpenVPN on my server be any help?
I’d be happy to provide any further information necessary to better answer my question.
It sounds like your router has an option to run its own PPTP VPN software.
One thing you should be aware of is that most PPTP implementations are as good as unencrypted data to knowledgeable adversaries (unless you’re using EAP-TLS, which requires advanced certificate setup and know-how.) This includes your username/password and any tunneled communications. Some brief technical information on the PPTP vulnerabilities including links to detailed threat assessments can be found here. PPTP may still be “secure enough” to keep your average script kiddie out of your tunneled communications, but it’s very vulnerable to attack.
L2TP is a more secure option readily supported on a large variety of devices, although your embedded router may not support it.
OpenVPN is another option that is very secure, provided it’s configured correctly. You have the option to use client certificates, although that is not required if you opt to use username/password authentication instead. A certificate would still be required for your server to use with multiple clients at once (and transferred via a trusted channel to each client.)
Another potential issue is that your iPhone won’t run OpenVPN without jailbreaking it; thank Apple for that. A jailbroken iPhone can use GuizmOVPN
OPENVPN is a fast and secure VPN protocol (way for two devices to communicate), it is normally used by an OPENVPN client installed on your PC/Laptop/Server etc.
Routers can use a range of different protocols, I’m not sure the exact one your router would be trying to use. All protocols will try to achieve the same thing, a secure data tunnel from you to your VPN server they just do it in different ways.
You can make use of PPTP (the most common and basic protocol) or L2TP (more secure but slower than PPTP) on your iPhone itself by going into Settings>General>Network>VPN and entering the information your VPN provider will have on their webpage. (How my VPN describes it)
Edit: If you could explain your setup I’d be able to offer more information, where does your server fit in? Do you want your router to be connected to the VPN so that all devices connected to the router make use of the secure connection or would you prefer to connect each device separately?
Thanks for the prompt response. Here is my basic setup. I have a Win2008 server running in my office with multiple workstations connected to it. It is acting as my DHCP server as well. My Draytek router is connected to it and I’m currently using the built in VPN functionality (PPTP) which works fine for being able to access files while I’m away. However, as I mentioned, it is slow and I cannot get my iPhone to connect. I have checked and double checked the settings on my phone and they are correct. But it fails to authenticate for some reason. I should not that on my laptop, I am using SmartVPN client to connect.
The setup is going to be used to connect to the office network when traveling. Additionally, we should be able to access the internet from the network.
Of course, as I said, I currently have a semi-functioning VPN, but I’d like something faster and more reliable.
Right, so you’ve got it set up like a work VPN, you want to be able to access the work network when away from the office. I’m not sure if I can advise you as well as you probably need on this topic.
My knowledge base is mostly on VPN’s provided by VPN companies that have servers in various places that allow people to mask their IP address. I’m sure someone else here will have a better idea I how to help you. 4eak seems to have vast technical knowledge on VPN usage in specific setups
Edit: With regards to using OpenVPN, I’m pretty sure that because it is open source setting up a software based system for accessing work from the home server would be easy to achieve