eduVPN documentation
Switch branches/tags
Clone or download
Latest commit c044cff Dec 15, 2018
Type Name Latest commit message Commit time
Failed to load latest commit information.
app fix windows screenshot link Jun 5, 2018
attic doc updates Feb 26, 2018
auto-update update auto update files Nov 20, 2018
discovery mention DEB package Dec 15, 2018
img Changed filenames and improved md to conventions Nov 15, 2018
release update release scripts Nov 23, 2018
resources more Debian Apache SAML path fixes Nov 14, 2018
rpm-dev update dev specs Dec 15, 2018
rpm update specs Dec 5, 2018 mention how to configure 2FA Nov 28, 2018 smallA ACL document update Nov 26, 2018 improve API text Nov 27, 2018 update ARCH Oct 31, 2017 update BRANDING Sep 30, 2018 talk about split tunnel on Linux Nov 9, 2018 small fixes Sep 11, 2018 document artwork Aug 20, 2018 we no longer have the "switch php" script Oct 31, 2018 Grammar Nov 23, 2018 be more clear you need to have a DNS entry and can not use IP address Oct 17, 2018 update links to repos Jun 5, 2018 mention tagging Oct 30, 2018 Ignore error on first run Nov 16, 2018 update template text Sep 30, 2018 update LDAP documentation to mention authorization Aug 15, 2018 update local dns doc Oct 17, 2018 update Sep 14, 2018 Changed filenames and improved md to conventions Nov 15, 2018 fix port sharing for Debian Aug 28, 2018 add blockLan description Nov 11, 2018 update RADIUS documentation Mar 29, 2018 update README Nov 23, 2018 update SAML documentation for SURFconext Nov 14, 2018 fix line length Oct 25, 2018 fix date Nov 1, 2018 be more explicit when SELinux is used Nov 1, 2018 add STATS documentation Aug 2, 2017 update documentation Sep 10, 2018 update documentation Sep 10, 2018 typo fix Oct 18, 2018 remove link to old repo Nov 23, 2018 typo fix Oct 18, 2018 update development documentation Nov 25, 2017 rename Let's Encrypt script Apr 19, 2018 also use system hostname for lets_encrypt as initial value Feb 26, 2018 update reset scripts Sep 5, 2018 update documentation Sep 10, 2018 update reset scripts Sep 5, 2018 update reset scripts Sep 5, 2018 no longer require running update scripts with sudo, sudo is inside now Sep 25, 2018 no longer require running update scripts with sudo, sudo is inside now Sep 25, 2018 no longer require running update scripts with sudo, sudo is inside now Sep 25, 2018


This is the eduVPN/Let's Connect! documentation repository. This repository targets administrators and developers. It contains information on how to deploy the VPN software, but also (technical) details about the implementation needed to (better) integrate it in existing infrastructure, and how to modify the software for one's own needs.

NOTE: if you are an end-user of eduVPN and want to contact someone, please contact


This is an (incomplete) list of features of the VPN software:

  • OpenVPN server accepting connections on both UDP and TCP ports;
  • Uses multiple OpenVPN processes for load sharing purposes;
  • Scales from a Raspberry Pi to many core systems with 10GBit networking;
  • Full IPv6 support, using IPv6 inside the tunnel and connecting over IPv6;
  • Support both NAT and publically routable IP addresses;
  • CA for managing client certificates;
  • Secure server and client configuration out of the box;
  • User Portal to allow users to manage their configurations for their devices;
  • Admin Portal to manage users, configurations and connections;
  • Multi Language support in User Portal and Admin Portal;
  • Authentication to portals using "static" username and password, LDAP, RADIUS and SAML;
  • OAuth 2.0 API for integration with applications;
  • Two-factor authentication TOTP and YubiKey support with user self-enrollment for both access to the portal(s) and the VPN;
  • Deployment scenarios:
    • Route all traffic over the VPN (for safer Internet usage on untrusted networks);
    • Route only some traffic over the VPN (for access to the organization network);
    • Client-to-client (only) networking;
  • Group ACL support with SAML and LDAP;
  • Ability to disable all OpenVPN logging (default);
  • Support multiple deployment scenarios simultaneously;
  • SELinux fully enabled;
  • Guest Usage scenario;
  • Native applications available for most common platforms.

Client Support

See Client Compatibility for more information about the supported OpenVPN clients.


NOTE: if you plan to run eduVPN/Let's Connect! please consider subscribing to the mailing list here. It will be used for announcements of updates and discussion about running eduVPN/Let's Connect!.

You can also use IRC for support & feedback: freenode, channel #eduvpn.

Supported Operating Systems

NOTE: we expect ALL software updates to be installed and the server rebooted before you install the software!




Security Contact

If you find a security problem in the code, the deployed service(s) and want to report it responsibly, contact You can use PGP. My key is 0x9C5EDD645A571EB2. The full fingerprint is 6237 BAF1 418A 907D AA98 EAA7 9C5E DD64 5A57 1EB2.