Skip to main content

OpenVPN - Secure IP tunnel daemon

OpenVPN is an open source VPN daemon that provides a secure tunneling solution for creating encrypted network connections. Built on OpenSSL, OpenVPN offers enterprise-grade security with the flexibility to work across diverse network environments.

SSL/TLS security

Industry-standard encryption using OpenSSL with support for client and server certificates

Flexible transport

TCP or UDP tunnel transport through proxies or NAT with dynamic IP and DHCP support

Highly scalable

Scale from a single connection to hundreds or thousands of users with multi-client server support

Cross-platform

Native support for Linux, Windows, macOS, FreeBSD, OpenBSD, Solaris, and more

Key features

OpenVPN is designed to work with the TUN/TAP virtual networking interface that exists on most platforms, providing:
  • SSL/TLS mode: Public key security using client and server certificates for production environments
  • Static Key mode: Conventional encryption using a pre-shared secret key for simple setups
  • Ethernet bridging: Bridge virtual network interfaces with physical ethernet adapters
  • Lightweight footprint: Many key features of IPSec without the heavyweight implementation
  • Flexible configuration: Options can be specified via command line or configuration files
OpenVPN is tightly bound to the OpenSSL library and derives much of its crypto capabilities from it.

Security modes

OpenVPN supports multiple security configurations to match your deployment needs:

SSL/TLS mode (Recommended)

Uses public key infrastructure with separate certificates for each client and server. Ideal for production environments with multiple users.

Static Key mode

Uses a pre-shared secret key for encryption. Suitable for simple point-to-point connections and testing.

Network topology options

Creates a routed IP tunnel using the TUN device. This is the most common configuration for site-to-site and remote access VPNs.
dev tun
topology subnet
server 10.8.0.0 255.255.255.0

Get started

Installation

Install OpenVPN from package managers or build from source

Quick start

Get a VPN connection up and running in minutes

Documentation

Read the complete manual at openvpn.net/man.html

Use cases

OpenVPN is suitable for a wide range of VPN scenarios:
  • Remote access VPN: Allow remote users to securely connect to corporate networks
  • Site-to-site VPN: Connect multiple office locations over the internet
  • Secure browsing: Route all internet traffic through an encrypted tunnel
  • Bypass restrictions: Access geo-restricted content or bypass network filters
  • IoT connectivity: Securely connect IoT devices to cloud infrastructure
OpenVPN aims to offer many of the key features of IPSec but with a relatively lightweight footprint and easier configuration.

System requirements

OpenVPN requires the following components:
  1. TUN/TAP driver: Virtual network device driver (included in most modern operating systems)
  2. Crypto library: OpenSSL 1.1.0+ or mbed TLS 2.0+ for encryption
  3. Linux-specific (optional):
    • libnl-gen for kernel netlink support
    • libcap-ng for Linux capability handling
Optional compression libraries LZO and LZ4 can reduce bandwidth usage on slower connections.

Community and support

OpenVPN is developed and maintained by a global community:

License

OpenVPN is free software licensed under the GNU General Public License version 2 (GPLv2). You can redistribute and modify it under the terms of this license.
Copyright (C) 2002-2025 OpenVPN Inc. Original author: James Yonan

Build docs developers (and LLMs) love

Get started for freeTalk to us