Skip to content
eduVPN documentation
Branch: master
Clone or download
Latest commit 4a333c6 May 21, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
app fix windows screenshot link Jun 5, 2018
img remove Windows OTP screenshot May 3, 2019
release update ROADMAP, release doc Apr 11, 2019
resources remove mod_auth_mellon support from templates Jan 16, 2019
rpm-dev build in lc-dev May 7, 2019
rpm update vpn-user-portal May 1, 2019
2FA.md add headers to docs May 3, 2019
ACL.md add headers to docs May 3, 2019
ADD_NODE.md
API.md add headers to docs May 3, 2019
ARCH.md add headers to docs May 3, 2019
BRANDING.md add headers to docs May 3, 2019
CLIENT_COMPAT.md add headers to docs May 3, 2019
CONTRIBUTE_TRANSLATIONS.md add headers to docs May 3, 2019
CUSTOM_BRANDING.md add headers to docs May 3, 2019
DEPLOY_CENTOS.md add headers to docs May 3, 2019
DEPLOY_DEBIAN.md
DEPLOY_FEDORA.md mention Fedora 29, 30 support May 14, 2019
DEVELOPMENT_PRACTICES.md
DEVELOPMENT_SETUP.md update dev setup doc May 21, 2019
DNS_FILTERING.md add headers to docs May 3, 2019
FIREWALLD.md fix typo, clarification May 19, 2019
GUEST_USAGE.md add headers to docs May 3, 2019
INSTANCE_DISCOVERY.md add headers to docs May 3, 2019
LDAP.md add headers to docs May 3, 2019
LOCAL_DNS.md add headers to docs May 3, 2019
MULTI_PROFILE.md add Debian instructions May 21, 2019
OVERVIEW.md
PORT_SHARING.md add headers to docs May 3, 2019
PROFILE_CONFIG.md add headers to docs May 3, 2019
RADIUS.md add headers to docs May 3, 2019
README.md mention Fedora 29, 30 support May 14, 2019
ROADMAP.md update ROADMAP May 20, 2019
SAML.md add headers to docs May 3, 2019
SCALING.md add headers to docs May 3, 2019
SECURITY.md add headers to docs May 3, 2019
SELINUX.md add headers to docs May 3, 2019
STATS.md add headers to docs May 3, 2019
UPGRADE_1_TO_2.md add desc May 3, 2019
USER_DELETE.md add headers to docs May 3, 2019
backup.sh remove references to instances and admin Jan 15, 2019
deploy_centos.sh
deploy_debian.sh fix adding user script May 8, 2019
deploy_fedora.sh fix adding user script May 8, 2019
development_setup.sh
lets_encrypt_centos.sh fix some ShellCheck warnings in the shell scripts Apr 5, 2019
lets_encrypt_debian.sh
openvpn_disable_stop_remove.sh remove references to instances and admin Jan 15, 2019
openvpn_generate_enable_start.sh
remove_1.0_centos.sh add UPGRADE documentation Apr 29, 2019
remove_1.0_debian.sh fix package name on Debian May 14, 2019
reset_instance_centos.sh update specs, revert SAML.md Apr 1, 2019
reset_instance_debian.sh update specs, revert SAML.md Apr 1, 2019
update_system_centos.sh update documentation to remove references to multi instance Jan 15, 2019
update_system_debian.sh update documentation to remove references to multi instance Jan 15, 2019
update_system_fedora.sh

README.md

Introduction

NOTE: this is documentation for Let's Connect!/eduVPN 2.0. Click here for the 1.0 documentation.

This is the eduVPN/Let's Connect! documentation repository. This repository targets administrators and developers. It contains information on how to deploy the VPN software, but also (technical) details about the implementation needed to (better) integrate it in existing infrastructure, and how to modify the software for one's own needs.

NOTE: if you are an end-user of eduVPN and want to contact someone, please contact eduvpn@surfnet.nl.

Features

This is an (incomplete) list of features of the VPN software:

  • OpenVPN server accepting connections on both UDP and TCP ports;
  • Uses multiple OpenVPN processes for load sharing purposes;
  • Scales from a Raspberry Pi to many core systems with 10GBit networking;
  • Full IPv6 support, using IPv6 inside the tunnel and connecting over IPv6;
  • Support both NAT and publically routable IP addresses;
  • CA for managing client certificates;
  • Secure server and client configuration out of the box;
  • User Portal to allow users to manage their configurations for their devices;
  • Admin Portal to manage users, configurations and connections;
  • Multi Language support in User Portal and Admin Portal;
  • Authentication to portals using "static" username and password, LDAP, RADIUS and SAML;
  • OAuth 2.0 API for integration with applications;
  • Two-factor authentication TOTP support with user self-enrollment;
  • Deployment scenarios:
    • Route all traffic over the VPN (for safer Internet usage on untrusted networks);
    • Route only some traffic over the VPN (for access to the organization network);
    • Client-to-client (only) networking;
  • Group ACL support with SAML and LDAP;
  • Ability to disable all OpenVPN logging (default);
  • Support multiple deployment scenarios simultaneously;
  • SELinux fully enabled;
  • Guest Usage scenario;
  • Native applications available for most common platforms.

Client Support

See Client Compatibility for more information about the supported OpenVPN clients.

Deployment

NOTE: if you plan to run eduVPN/Let's Connect! please consider subscribing to the mailing list here. It will be used for announcements of updates and discussion about running eduVPN/Let's Connect!.

You can also use IRC for support & feedback: freenode, channel #eduvpn.

Supported Operating Systems

NOTE: we expect ALL software updates to be installed and the server rebooted before you install the software!

Experimental

Development

See DEVELOPMENT_SETUP.

Security Contact

If you find a security problem in the code, the deployed service(s) and want to report it responsibly, contact fkooman@tuxed.net. You can use PGP. My key is 0x9C5EDD645A571EB2. The full fingerprint is 6237 BAF1 418A 907D AA98 EAA7 9C5E DD64 5A57 1EB2.

You can’t perform that action at this time.