summaryrefslogtreecommitdiff
path: root/doc/openvpn.8.rst
blob: db81274fa564b09a5bbd046ee6bb7f33819e899a (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
=========
 openvpn
=========
-------------------------
 Secure IP tunnel daemon
-------------------------

:Manual section: 8
:Manual group: System Manager's Manual



SYNOPSIS
========
| ``openvpn`` [ options ... ]
| ``openvpn``  ``--help``



INTRODUCTION
============

OpenVPN is an open source VPN daemon by James Yonan. Because OpenVPN
tries to be a universal VPN tool offering a great deal of flexibility,
there are a lot of options on this manual page. If you're new to
OpenVPN, you might want to skip ahead to the examples section where you
will see how to construct simple VPNs on the command line without even
needing a configuration file.

Also note that there's more documentation and examples on the OpenVPN
web site: https://openvpn.net/

And if you would like to see a shorter version of this manual, see the
openvpn usage message which can be obtained by running **openvpn**
without any parameters.



DESCRIPTION
===========

OpenVPN is a robust and highly flexible VPN daemon. OpenVPN supports
SSL/TLS security, ethernet bridging, TCP or UDP tunnel transport through
proxies or NAT, support for dynamic IP addresses and DHCP, scalability
to hundreds or thousands of users, and portability to most major OS
platforms.

OpenVPN is tightly bound to the OpenSSL library, and derives much of its
crypto capabilities from it.

OpenVPN supports conventional encryption using a pre-shared secret key
**(Static Key mode)** or public key security **(SSL/TLS mode)** using
client & server certificates. OpenVPN also supports non-encrypted
TCP/UDP tunnels.

OpenVPN is designed to work with the **TUN/TAP** virtual networking
interface that exists on most platforms.

Overall, OpenVPN aims to offer many of the key features of IPSec but
with a relatively lightweight footprint.



OPTIONS
=======

OpenVPN allows any option to be placed either on the command line or in
a configuration file. Though all command line options are preceded by a
double-leading-dash ("--"), this prefix can be removed when an option is
placed in a configuration file.

.. include:: man-sections/generic-options.rst
.. include:: man-sections/log-options.rst
.. include:: man-sections/protocol-options.rst
.. include:: man-sections/client-options.rst
.. include:: man-sections/server-options.rst
.. include:: man-sections/encryption-options.rst
.. include:: man-sections/cipher-negotiation.rst
.. include:: man-sections/network-config.rst
.. include:: man-sections/script-options.rst
.. include:: man-sections/management-options.rst
.. include:: man-sections/plugin-options.rst
.. include:: man-sections/windows-options.rst
.. include:: man-sections/advanced-options.rst
.. include:: man-sections/unsupported-options.rst
.. include:: man-sections/connection-profiles.rst
.. include:: man-sections/inline-files.rst
.. include:: man-sections/signals.rst
.. include:: man-sections/examples.rst


FAQ
===

https://community.openvpn.net/openvpn/wiki/FAQ



HOWTO
=====

For a more comprehensive guide to setting up OpenVPN in a production
setting, see the OpenVPN HOWTO at
https://openvpn.net/community-resources/how-to/



PROTOCOL
========

For a description of OpenVPN's underlying protocol, see
https://openvpn.net/community-resources/openvpn-protocol/



WEB
===

OpenVPN's web site is at https://openvpn.net/

Go here to download the latest version of OpenVPN, subscribe to the
mailing lists, read the mailing list archives, or browse the SVN
repository.



BUGS
====

Report all bugs to the OpenVPN team info@openvpn.net



SEE ALSO
========

``dhcpcd``\(8),
``ifconfig``\(8),
``openssl``\(1),
``route``\(8),
``scp``\(1)
``ssh``\(1)



NOTES
=====

This product includes software developed by the OpenSSL Project
(https://www.openssl.org/)

For more information on the TLS protocol, see
http://www.ietf.org/rfc/rfc2246.txt

For more information on the LZO real-time compression library see
https://www.oberhumer.com/opensource/lzo/



COPYRIGHT
=========

Copyright (C) 2002-2020 OpenVPN Inc This program is free software; you
can redistribute it and/or modify it under the terms of the GNU General
Public License version 2 as published by the Free Software Foundation.

AUTHORS
=======

James Yonan james@openvpn.net