[Standards-JIG] vpn on-demand

Scott Ludwig scottlu at google.com
Fri Apr 7 21:04:23 UTC 2006

I suggest doing this over Jingle so it works through firewalls and
NATs without requiring additional configuration.

On 4/7/06, Oleg Motienko <motienko at gmail.com> wrote:
> Hello.
> As you know, there is beautiful and simple VPN implementation called
> OpenVPN. It can work over tcp or udp connection and can do tunneling
> of routed ip (tun interfaces) and even ethernet traffic (tap
> interfaces). It works via NAT and HTTPS proxy too.
> I have an idea to make JEP for dynamic VPN configuration, such as
> OpenVPN or another one (like pppd+ssl etc). So, jabber users can setup
> peer-to-peer VPN on demand.
> For example, two clients want to setup temporary OpenVPN channel with
> static key (see OpenVPN manual):
> I suppose such algorithm:
> 1) Initial requests (selecting OpenVPN parameters such as client or
> server, NAT or proxy mode, tun or tap mode etc).
> 2) Server generates temporary "static ssl key" for this session and
> sends it to client via xmpp.
> 3) Server starts to listen for incoming connection.
> 4) Client starts OpenVPN connection to server.
> Your opinions?
> --
> Regards,
> Oleg

More information about the Standards mailing list