Professional Documents
Culture Documents
Ngan Tengyuen
A virtual private network (VPN) is a private data network that makes use of the public telecommunication
infrastructure(Internet), maintaining privacy through the use of a tunneling protocol and security procedures. The
idea of the VPN is to give a company or a person the same capabilities at much lower cost by using the shared public
infrastructure rather than a private one. In our case, we use a VPN to connect you to our servers in Europe and Asia.
If a free VPN is not your cup of tea or you find them unreliable, do give this paid VPN a try. Based on my own
experience, VyprVPN is really reliable and good. They are from Germany and they have their own unique
‘Chameleon’ technology that sets them apart from other VPNs that uses the same open source technology.
NordVPN | Comes with P2P Servers, 100% no log. Pay 1 year and get 2 years free! 70% off!
VyprVPN | Unique proprietary Chameleon VPN technology defeats VPN-blocking
Together with a VPN service, they create a connection called VPN. This is a secure connection that encrypts all your
information and is not readable by anyone else so wherever you are your privacy is always maintained! The best part
is, there is no software to install because most VPN works on all Platforms including Windows, Mac, Linux, IPhone
etc using the built- in VPN software in your operating system. Without further ado, here are 9 Open Source VPN that
can be used with VPN Gate.
↓ 02 – OpenConnect | Linux
OpenConnect is an SSL VPN client initially created to support Cisco’s AnyConnect SSL VPN. It has since been ported
to support the Juniper SSL VPN which is now known as Pulse Connect Secure. OpenConnect is released under the
GNU Lesser Public License, version 2.1. Like vpnc, OpenConnect is not officially supported by, or associated in any
way with, Cisco Systems, Juniper Networks or Pulse Secure. It just happens to interoperate with their equipment.
Development of OpenConnect was started after a trial of the Cisco client under Linux found it to have many
deficiencies:
Inability to use SSL certificates from a TPM or PKCS#11 smartcard, or even use a passphrase.
Lack of support for Linux platforms other than i386.
Lack of integration with NetworkManager on the Linux desktop.
Lack of proper (RPM/DEB) packaging for Linux distributions.
“Stealth” use of libraries with dlopen(), even using the development-only symlinks such as libz.so — making it
hard to properly discover the dependencies which proper packaging would have expressed
Tempfile races allowing unprivileged users to trick it into overwriting arbitrary files, as root.
Unable to run as an unprivileged user, which would have reduced the severity of the above bug.
Inability to audit the source code for further such “Security 101” bugs.
Connection through HTTP proxy, including libproxy support for automatic proxy configuration.
Connection through SOCKS5 proxy.
Automatic detection of IPv4 and IPv6 address, routes.
1 von 7
8 Free Open Source VPN - Compatible OpenVPN Client Alternatives https://www.geckoandfly.com/5710/free-vpn-for-windows-mac-os-x-li...
↓ 03 – Openswan | Linux
Openswan is an IPsec implementation for Linux. It has support for most of the extensions (RFC + IETF drafts)
related to IPsec, including IKEv2, X.509 Digital Certificates, NAT Traversal, and many others. Openswan has been
the de-facto Virtual Private Network software for the Linux community since 2005. If you are running Fedora, Red
Hat, Ubuntu, Debian (Wheezy), Gentoo, or many others, it is already included in your distribution! Just start using it
right away. If you wish to download the source code directly, you can click the button below.
Tunnel any IP subnetwork or virtual ethernet adapter over a single UDP or TCP port,
Configure a scalable, load-balanced VPN server farm using one or more machines which can handle thousands
of dynamic connections from incoming VPN clients,
Use all of the encryption, authentication, and certification features of the OpenSSL library to protect your
private network traffic as it transits the internet,
Use any cipher, key size, or HMAC digest (for datagram integrity checking) supported by the OpenSSL library,
Choose between static-key based conventional encryption or certificate-based public key encryption,
Use static, pre-shared keys or TLS-based dynamic key exchange,
Use real-time adaptive link compression and traffic-shaping to manage link bandwidth utilization,
Tunnel networks whose public endpoints are dynamic such as DHCP or dial-in clients,
Tunnel networks through connection-oriented stateful firewalls without having to use explicit firewall rules,
Tunnel networks over NAT.
Create secure ethernet bridges using virtual tap devices, and
Control OpenVPN using a GUI on Windows or macOS.
In the SocialVPN, each user is in control of who their VPN connects to. To scale to large online social networks,
SocialVPN employs a unique dynamic IPv4 address allocation/translation approach that avoids conflicts with local
networks and devices outside a user’s social network. These are some of the ways you can use SocialVPN:
Private data sharing – SocialVPN allows you to create private, end-to-end virtual IP networks connecting you to
your friends. You can use these links to privately share data with your friends, using existing applications for
file transfer and sharing.
Mobile cloud computing – SocialVPN runs on Android devices and allows users to create VPNs connecting
mobile devices as well as desktops, laptops and servers. It provides a basis for research and development on
“social area networks” for data sharing and computational offloading.
Decentralized OSNs – SocialVPN creates a communication overlay that can be used as a basis to design
decentralized Online Social Networks (OSNs).
2 von 7
8 Free Open Source VPN - Compatible OpenVPN Client Alternatives https://www.geckoandfly.com/5710/free-vpn-for-windows-mac-os-x-li...
SoftEther VPN (“SoftEther” means “Software Ethernet”) is one of the world’s most powerful and easy-to-use multi-
protocol VPN software. It runs on Windows, Linux, Mac, FreeBSD and Solaris. SoftEther VPN is open source. You
can use SoftEther for any personal or commercial use for free charge.
SoftEther VPN is an optimum alternative to OpenVPN and Microsoft’s VPN servers. SoftEther VPN has a clone-
function of OpenVPN Server. You can integrate from OpenVPN to SoftEther VPN smoothly. SoftEther VPN is faster
than OpenVPN. SoftEther VPN also supports Microsoft SSTP VPN for Windows Vista / 7 / 8. No more need to pay
expensive charges for Windows Server license for Remote-Access VPN function. Features of SoftEther VPN
Runs on Linux 2.6, 3.x and 4.x kernels, Android, FreeBSD, OS X and Windows
Implements both the IKEv1 and IKEv2 (RFC 7296) key exchange protocols
Fully tested support of IPv6 IPsec tunnel and transport connections
Dynamical IP address and interface update with IKEv2 MOBIKE (RFC 4555)
Automatic insertion and deletion of IPsec-policy-based firewall rules
NAT-Traversal via UDP encapsulation and port floating (RFC 3947)
Support of IKEv2 message fragmentation (RFC 7383) to avoid issues with IP fragmentation
Dead Peer Detection (DPD, RFC 3706) takes care of dangling tunnels
Static virtual IPs and IKEv1 ModeConfig pull and push modes
XAUTH server and client functionality on top of IKEv1 Main Mode authentication
Virtual IP address pool managed by IKE daemon or SQL database
Secure IKEv2 EAP user authentication (EAP-SIM, EAP-AKA, EAP-TLS, EAP-MSCHAPv2, etc.)
Optional relaying of EAP messages to AAA server via EAP-RADIUS plugin
Support of IKEv2 Multiple Authentication Exchanges (RFC 4739)
Authentication based on X.509 certificates or preshared keys
Use of strong signature algorithms with Signature Authentication in IKEv2 (RFC 7427)
Retrieval and local caching of Certificate Revocation Lists via HTTP or LDAP
Full support of the Online Certificate Status Protocol (OCSP, RFC 2560).
CA management (OCSP and CRL URIs, default LDAP server)
Powerful IPsec policies based on wildcards or intermediate CAs
Storage of RSA private keys and certificates on a smartcard (PKCS #11 interface)
3 von 7
8 Free Open Source VPN - Compatible OpenVPN Client Alternatives https://www.geckoandfly.com/5710/free-vpn-for-windows-mac-os-x-li...
Tcpcrypt is a protocol that attempts to encrypt (almost) all of your network traffic. Unlike other security
mechanisms, Tcpcrypt works out of the box: it requires no configuration, no changes to applications, and your
network connections will continue to work even if the remote end does not support Tcpcrypt, in which case
connections will gracefully fall back to standard clear-text TCP.
Install Tcpcrypt and you’ll feel no difference in your everyday user experience, but yet your traffic will be more secure
and you’ll have made life much harder for hackers.
So why is now the right time to turn on encryption? Here are some reasons:
Intercepting communications today is simpler than ever because of wireless networks. Ask a hacker how many
email passwords can be intercepted at an airport by just using a wifi-enabled laptop. This unsophisticated
attack is in reach of many. The times when only a few elite had the necessary skill to eavesdrop are gone.
Computers have now become fast enough to encrypt all Internet traffic. New computers come with special
hardware crypto instructions that allow encrypted networking speeds of 10Gbit/s. How many of us even
achieve those speeds on the Internet or would want to download (and watch) one movie per second? Clearly,
we can encrypt fast enough.
Research advances and the lessons learnt from over 10 years of experience with the web finally enabled us to
design a protocol that can be used in today’s Internet, by today’s users. Our protocol is pragmatic: it requires no
changes to applications, it works with NATs (i.e., compatible with your DSL router), and will work even if the
other end has not yet upgraded to tcpcrypt—in which case it will gracefully fall back to using the old plain-text
TCP. No user configuration is required, making it accessible to lay users—no more obscure requests like “Please
generate a 2048-bit RSA-3 key and a certificate request for signing by a CA”. Tcpcrypt can be incrementally
deployed today, and with time the whole Internet will become encrypted.
Encryption, authentication and compression – All traffic is optionally compressed using zlib or LZO, and
LibreSSL or OpenSSL is used to encrypt the traffic and protect it from alteration with message authentication
codes and sequence numbers.
Automatic full mesh routing – Regardless of how you set up the tinc daemons to connect to each other, VPN
traffic is always (if possible) sent directly to the destination, without going through intermediate hops.
Easily expand your VPN – When you want to add nodes to your VPN, all you have to do is add an extra
configuration file, there is no need to start new daemons or create and configure new devices or network
interfaces.
Ability to bridge ethernet segments – You can link multiple ethernet segments together to work like a single
segment, allowing you to run applications and games that normally only work on a LAN over the Internet.
Runs on many operating systems and supports IPv6 – Currently Linux, FreeBSD, OpenBSD, NetBSD, OS X,
Solaris, Windows 2000, XP, Vista and Windows 7 and 8 platforms are supported. See our section about
supported platforms for more information about the state of the ports. tinc has also full support for IPv6,
providing both the possibility of tunneling IPv6 traffic over its tunnels and of creating tunnels over existing
IPv6 networks.
4 von 7
8 Free Open Source VPN - Compatible OpenVPN Client Alternatives https://www.geckoandfly.com/5710/free-vpn-for-windows-mac-os-x-li...
5 von 7
8 Free Open Source VPN - Compatible OpenVPN Client Alternatives https://www.geckoandfly.com/5710/free-vpn-for-windows-mac-os-x-li...
6 von 7
8 Free Open Source VPN - Compatible OpenVPN Client Alternatives https://www.geckoandfly.com/5710/free-vpn-for-windows-mac-os-x-li...
7 von 7