Continued from Page 1.
Things can tend to get a bit confusing what with all of the command-line acrobatics in order to make OpenVPN do what you want it to do. What better way to ease your workload by enabling the management interface. You'll want to load the following line into your server, or client, configuration file:
management localhost ****
Where the asterisks are the port number you'd like the interface to run on. Once you have it loaded, you can freely telnet into the OpenVPN interface and run all manner of commands with the handy client kill command being a fan favorite should users get rowdy.
The one drawback is that by design (yeah, really) the management interface has no security layer covering it. It's highly advisable that you not attempt to make it remotely accessible to the Internet at large as some unscrupulous individual is sure to attempt to log in and cause all sorts of havoc over telnet.
As command-line centric as OpenVPN is there have been attempts to get some user friendliness injected into the works. Open-source projects such as OpenVPN Control, which you'll need to enable the management interface for, and OpenVPN Admin try, with varying degrees of success, to make the whole process a little less painful.
OpenVPN Admin does a commendable job attempting to wrangle the dizzying array of settings, keys, and ports so you don't have to. It provides the same visual aids OpenVPN GUI offers although it has its fair share of hitching and other unsightly delays which might just have you running back to the good old command-line and OpenVPN GUI mix.
That about covers our series on OpenVPN and how it can improve security for any application requiring remote access to your network. Managing it all may be a bit tedious, and the tool set to compliment the program isn't exactly there on the Windows OS front, but it's too powerful of an open-source option to pass up.
This article was first published on EnterpriseITPlanet.com.