[Standards-JIG] vpn on-demand

Scott Ludwig scottlu at google.com
Fri Apr 7 21:04:23 UTC 2006


I suggest doing this over Jingle so it works through firewalls and
NATs without requiring additional configuration.

On 4/7/06, Oleg Motienko <motienko at gmail.com> wrote:
> Hello.
>
> As you know, there is beautiful and simple VPN implementation called
> OpenVPN. It can work over tcp or udp connection and can do tunneling
> of routed ip (tun interfaces) and even ethernet traffic (tap
> interfaces). It works via NAT and HTTPS proxy too.
>
> I have an idea to make JEP for dynamic VPN configuration, such as
> OpenVPN or another one (like pppd+ssl etc). So, jabber users can setup
> peer-to-peer VPN on demand.
>
> For example, two clients want to setup temporary OpenVPN channel with
> static key (see OpenVPN manual):
>
> I suppose such algorithm:
> 1) Initial requests (selecting OpenVPN parameters such as client or
> server, NAT or proxy mode, tun or tap mode etc).
> 2) Server generates temporary "static ssl key" for this session and
> sends it to client via xmpp.
> 3) Server starts to listen for incoming connection.
> 4) Client starts OpenVPN connection to server.
>
>
>
> Your opinions?
>
> --
> Regards,
> Oleg
>



More information about the Standards mailing list