openvpn in the palm of your hand

August 4, 2006

openvpn logoA couple of years ago I discovered OpenVPN (www.openvpn.net). What an amazing piece of software! I digged into it very deeply, and concluded that’s imho the perfect vpn solution in most cases (or all cases, maybe). It’s an userspace application (no more kernel fiddling), it’s multiplatform, it’s udp OR tcp based, it uses openssl as crypto library (openssl is damn good!), it can pass through proxies, it can use certificates (or not!), it can authenticate users via pam or whatever… the feature list is endless, and I found everything to work even more than expected. It’s way way robust and stable and secure… And client deployment is hassle-free!

Having it tested (on the client side) on linux, win, and osx boxes, I thought at that stage that one could never ask of something more from a vpn solution. Then, it came to me that I own one platform that could bring openvpn coolness even further: the pocketpc. After a few post on openvpn’s official mailing list, I found that many other desired a openvpn pocketpc port, but a few people around seem to be able to develop on that platform (me… not for sure!).

As always, I kept my interest alive for this great project… till one day I saw on openvpn.net homepage a note about an ongoing project for porting openvpn to the pocketpc. After the initial surprise, I found that the project was already at a good stage, even after few days of work about the almighty Ziggurat29 (project mantainer).

Well… believe it or not, even the first alpha made my imate jasjar fly over my openvpn server @ my company. It was already stable and implemented nearly all of openvpn’s main source features. The openvpn for pocketpc community started to grow (with respect of pocketpc relative market share), and Ziggurat29 made an incredible job, providing us in a few weeks with an excellent openvpn client. Zigg is very conservative and considers openvpn for pocketpc at alpha or beta (at most) stage, but I can guarantee that I’ve been using it flawlessy for a couple of months now, and it allowed me to widespread the “always connected” philosophy inside my company (even one of the big big bosses is using an imate jamin for corporate email access via openpn).

Note that I banged my head for a while with windows mobile’s incarnation of a vpn… via l2tp/ipsec. Needless to say, it was a nearly complete failure. It helped me raise my hate versus ipsec, which I consider an old and absolutely obsolete protocol/approach to vpns in general.

So, all my respect to Jim Yonan for openvpn itself, and to Ziggurat29 for this great great porting project.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: