Each VPN provider will provide you with a config file. If you open
this config using Notepad, then it will read something like this.
- Protocol = UDP (UDP is faster than TCP, so this is the fastest form of VPN).
- Remote = VPNBook server – the port we connect on is Port 53
-Resolve & retry = infinite = keep trying
-MTU = maximum transmission unit. Consider packets stacked like
suitcases in an airplane. Each suitcase has a maximum weight and
size. This MTU confirms the maximum weight of each suitcase allowed –
to fly with
-Persist = keep trying
-CA = Certificate authority. The .CRT file is their certificate.
-auth-user-pass = look for a password file (called password.txt)
-verb = verbose level. How “chatty” the error messages are.
- cipher = AES 256
So when you download the UDP Port 53 config file from VPNBook, that’s what the file is saying to your computer.
*****
Hopefully, when you get error messages now, you’ll understand what has gone wrong.
Eg if the error says TLS keys – that means the SSL key exchange has not happened in the time allowed – this would close the session. The keys are needed to encrypt your message. If it fails, OpenVPN won’t allow you to connect, as it’s unsafe.
VPNBook- UDP Port 53 Client config file
- Client (You’re the client, not the server, so we’re off to a good start).- Protocol = UDP (UDP is faster than TCP, so this is the fastest form of VPN).
- Remote = VPNBook server – the port we connect on is Port 53
-Resolve & retry = infinite = keep trying
-MTU = maximum transmission unit. Consider packets stacked like
suitcases in an airplane. Each suitcase has a maximum weight and
size. This MTU confirms the maximum weight of each suitcase allowed –
to fly with British Airways OpenVPN. 
-Persist = keep trying-CA = Certificate authority. The .CRT file is their certificate.
-auth-user-pass = look for a password file (called password.txt)
-verb = verbose level. How “chatty” the error messages are.
- cipher = AES 256
So when you download the UDP Port 53 config file from VPNBook, that’s what the file is saying to your computer.
*****
Line 1 – We are the “client”.
-
Client
-
device = tun. Each VPN tunnel has 4 Devices. 2 are real IP, and the other 2 are virtual IP numbers. If it’s not tun, it will read dev tap.
Step 2 – Remote means the OpenVPN server
-
Protocol = is UDP.
- If not UDP, the protocol would be TCP.
-
remote (the server) and the IP/Port that we need to connect on
-
A setting to retry the connection (very handy if the connection fails, or we’re on a busy network)
Line 3 – Persist and HTTP proxy settings (if they’re being used)
-
Persist
-
Http Proxy
Line 4 - SSL
-
SSL is the security for your Browser (Firefox or IE).
-
It checks the certificate (that’s a .crt file)
-
And uses a key for each client (that’s the .key file)
Line 5 – Verify the certificate and SSL security
-
TLS is the newer version of SSL.
-
So this TLS-auth is about the browser security or SSL secret keys.
-
It’s also handy for stopping DOS attacks
Line 6 – 007 James Bond Spy keys go here
-
Cipher – server/client must agree on an encryption system – to encrypt your data.
-
AES 256 is very strong, unbreakable in fact.
-
comp-lzo = Allow compression.
Hopefully, when you get error messages now, you’ll understand what has gone wrong.
Eg if the error says TLS keys – that means the SSL key exchange has not happened in the time allowed – this would close the session. The keys are needed to encrypt your message. If it fails, OpenVPN won’t allow you to connect, as it’s unsafe.
No comments:
Post a Comment