Network - Low Level e Etc

Where I stopped

Hardware Network

• BenEater's Network video playlist .

• What is an External Port and Internal Port?

• MTU, PPPoE.

Hardware Random

• BIOS, CMOS, UEFI - What's the difference? - YouTube

• USB Ports, Cables, Types, & Connectors - YouTube

• RAM explained - Random Access Memory - YouTube

Hardware

Provider

Network

• A group of people, things or devices interconnected.

• Network explanation in 100 seconds .

ISP (Internet Service Provider)

• It is the 'Internet Provider', for example: Vivo, Claro, Oi, etc.

Local Hardware

Ethernet

• It is a technology used to connect devices via LAN or WAN, enabling communication between devices using protocols, which are a list of common rules of network language. Ethernet describes how network devices should format and transmit data so other devices inside the LAN (or other type of network) can recognize, receive and process the information. The 'Ethernet Cable' is the physical cable over which the data is transmitted. Compared to wireless connection technologies (WLAN / WiFi), Ethernet is typically less vulnerable to interruptions and provides a higher degree of network security and control. Because Ethernet-type connection requires the user to connect to the network using a physical cable, it makes unauthorized access to the network more difficult and prevents bandwidth hijacking, that is, prevents forced access to internet bandwidth and control.

Modem (Modulator + Demodulator)

• The modem receives analog data and converts it to digital for use by the device (demodulate), while converting the digital signal to analog to be sent back to the ISP (modulate). Because of this, the modem is a fundamental device to establish any local communication with the ISP; the router on the other hand is optional. The modem alone cannot connect via WLAN, but it can connect via LAN, that is, the modem needs a router to send WiFi signal, but does not need a router for wired connections. It is possible that the device is a Modem/Router combo, having both modem and router functionalities. There are 2 types of modem:

  • 'Cable Modem': uses a 'Coaxial Cable' as input and the 'Ethernet Cable' as output.

  • 'DSL Modem': uses a 'Telephone Line Cable' as input and the 'Ethernet Cable' as output.

  • Explanatory video: PowerCert video .

WAN (Wide Area Network)

• It is a network communication system that connects multiple devices across the globe. The 'WAN connection' is also called the 'Internet connection'. WAN communications are the largest and most expensive forms of networks available in the world. These connections are used in companies, schools, governments or by the public. The clients of these connections use them to communicate with any other user in the world, provided both have a WAN connection. The Internet itself can be considered a type of WAN. In other words, the difference between WAN and LAN is purely a matter of geographic scale.

• Explanation and illustration of the differences between 'geographic scales of computer networks': Wikipedia section .

LAN (Local Area Network)

• It is a network communication system related to local and wired connection. The 'LAN connection' is also called the 'Ethernet connection'.

HUB

• It is a device that connects several other network devices via Ethernet cable. When one device sends information to the hub, all other devices connected to the hub receive that information. Any device connected to the hub can be both input and output; there is no filtering of devices or data. It works in a very simple 'non-intelligent' way, just copying the data and sending it to the rest of the devices, which causes slowdowns in the network; this makes them outdated and practically unused today. By definition, a HUB is a device that forwards data packets to all devices on a network.

Switch

• It is a device that works similarly to a hub, but in an 'intelligent' way, storing the MAC address information of each device and only sending data to the device that is the intended destination, avoiding unnecessary traffic on the network that would cause internet speed slowdowns during the process. In short, both the hub and the switch have similar purposes, but the switch avoids unnecessary traffic, making it superior in many situations. A switch is normally used to increase the number of LAN ports of a router, allowing more wired connections to the network. That makes it considered a "cabling bridge" between devices on a network. A switch alone in a network does not have much purpose, since it needs some other device to assign an IP address to devices, such as a router. By definition, a switch is a device that forwards data packets to the appropriate destination on a network.

Types of Internet cables

• Coaxial Cable (TV cable):

  • Can have slowdowns during 'peak hours' in the neighborhood, since the connection is shared across the region. It only needs to connect the cable to a modem to work.

• DSL (Digital Subscriber Line) (phone cable):

  • It is tremendously superior to dial-up, although both use telephone line. Allows you to talk on the phone and access the internet at the same time. Generally offers slower plans than a coaxial cable connection, but it is a cheaper option and offers greater stability, because there is no sharing of cables in the neighborhood; each residence has its own line. It only needs to connect the cable to a modem to work. There are two types of DSL plans:

    • ADSL (Asymmetric Digital Subscriber Line): most common plan used in homes, where upload speed is significantly slower than download speed.

    • SDSL (Symmetric Digital Subscriber Line): plan used in businesses, where upload speed equals download speed.

    • VDSL (Very High Bit Rate Digital Subscriber Line): the fastest form of DSL, potentially up to 3x faster than ADSL. Because it uses copper wires, it only covers short distances.

• Dial Connection (very old telephone cable):

  • An extremely ancient and slow cable technology. It did not even allow talking on the phone and accessing the internet at the same time.

• Fiber (Optical Fiber): Fiber and Optical Fiber are the same thing. It is superior to all other options listed above. It has the best connection speed and can travel longer distances. It is also less  susceptible to electromagnetic interference compared to coaxial cable and DSL, because fiber uses light inside a glass fiber to transmit information, making it less vulnerable over long distances.

• PowerCert video .

Types of Ethernet cable (e.g., Cat5, Cat5e, Cat6, Cat7)

• ThioJoe video .

• Note about bad cables (Cat5): clip from ThioJoe's video .

QoS (Quality of Service)

• It is sometimes also described as 'Media Prioritization'. It is used to prioritize bandwidth based on IP or MAC address, making some devices have priority. Priority is only considered if a higher-priority device than the first one is being used; otherwise nothing happens.

MAC (Media Access Control, also known as 'Physical Address')

• It is the physical identifier of the device. You can find the MAC address by typing ipconfig /all  in CMD and looking for 'Physical Address' or 'MAC Address'.

WiFi

Router

• It works similarly to a switch, but it is not only able to "read/interpret" MAC addresses, it also does that with devices' IP addresses. This allows the router to be the 'Gateway' of the network, enabling communication between networks. A router does not necessarily need to have a wireless connection (WiFi); it can have only LAN connections. In summary, a router is a device that contains the functionality of: router, switch, modem (optional), WAP (optional for wireless connections). By definition, a router is a device that forwards data packets to the appropriate destination on a network and connects multiple networks via IP address.

• Good explanation: PowerCert video .

WiFi (Wireless Fidelity) or 'WiFi IEEE 802.11'

• Both acronyms mean the same thing since WiFis are standardized using the 802.11 base standard. The IEEE acronym comes from the 'Institute of Electrical and Electronics Engineers' (IEEE), which initially developed the technology in 1997.

  • Table comparing all 'WiFi IEEE 802.11 protocols': Intel site , click on 'Wi-Fi IEEE 802.11 protocol summary'.

• Dangers and vulnerabilities of public WiFi .

  • Solution: VPN only.

Wifi Channel Width

• It is the "range" in which a device can connect with the router (this deduction might be wrong). Channel width is measured in MHz, usually ranging from 20MHz up to 160MHz. The wider the width, the greater the bandwidth, allowing more data traffic and resulting in higher internet speed, up to the maximum allowed by the internet plan. At the same time, the wider the width, the larger the "detection range" of other devices, which can worsen the connection if there are many devices nearby. It is usually useful to leave the channel selection option on 'automatic', since it dynamically assigns the best channel when multiple devices are accessing the router.

  • Tips on when to use a high or low width: clip from ThioJoe's video .

WPA / WPA2 / WPA3 (WiFi Protected Access)

• It is a security protocol used to create an access password for the connection, encrypting and improving the security of the data between the user and the router. Normally this does not fully solve issues because there are easy-to-exploit vulnerabilities if the router password is shared with many people, such as in public routers. People commonly use WPA2 by default because it is more secure than WPA. WPA3 was released in July 2020, providing better protection against dictionary password permutation attacks and better encryption of individual user data; there has not been time for this technology to be fully implemented but it is certainly more secure than WPA2.

  • Brief explanation about WPA3: ThioJoe video .

WLAN (Wireless LAN)

• It is a network communication system related to local connection that uses the air as the transmission medium, i.e., using WiFi technologies.

Hotspot

• Physical location where devices can access the internet via WiFi or WLAN.

WAP (Wireless Access Point)

• It is considered a WiFi signal "extender", its functionality limited to connecting to a router and retransmitting the data it receives from the wired side in a wireless manner. It can be considered a "wireless bridge" between devices on a network. It is normally used only in companies or reasonably large places that need multiple retransmissions of the WiFi signal to cover the entire area, making several WAPs necessary in that case; using multiple WAPs instead of multiple routers is useful because it allows all network access to be managed by a single device (router).

  • Good explanation: PowerCert video .

WPS (WiFi Protected Setup)

• It is used to connect to the router's WiFi by pressing a physical button on the router, without needing to type the WiFi password. It is known to be insecure and useless. To disable the option, one way is to 'disable the router PIN' or 'disable WPS'.

SSID (Service Set Identifier)

• Refers to the network name, commonly used to refer to the name of the router's WiFi access point.

Connections and Settings

IP

• IP (Internet Protocol).

• It is used to identify a device on a network.

• Since IPv4 IPs are commonly used, there is a limit to how many IPs can be assigned, so IPs were separated into Public IPs and Private IPs, separating internal (home) network IPs from external (Internet) networks.

• The router translates between a Private IP and a Public IP, and vice versa, using NAT.

Private IP

• Used in home networks. The private IP enables communication within the home network (internal connection) but does not allow communication with other networks outside the domain of its modem/router, that is, it does not allow WAN connection, since the WAN blocks any communication that tries to use a private IP to access the Internet. The private IP is defined within the router and can be Static IP or Dynamic IP. By default, all routers assign IPs dynamically to avoid device conflicts and to prevent network access issues. To make this dynamic assignment, a 'DHCP Server' is used to distribute IPs intelligently and avoid conflicts.

Public IP

• Used to access large networks like the Internet, where each one is unique. The public IP is defined by the ISP.

• Risk considerations :

  • Your home IP is publicly linked to the domain

    • Anyone connecting to your server can see your real IP (unless you use a proxy/VPN).

  • Geolocation risks

    • Tools like ip2location  can approximate your city/ISP, making you a potential target for:

    • Doxing/swatting  (if someone malicious wants to harass you).

    • Network scanning attacks  (probing for other devices on your home network).

  • Home Network Vulnerabilities

    • Port forwarding exposes your router  – If you forwarded ports (e.g., UDP/TCP for games), attackers might:

      • Try to exploit router firmware vulnerabilities.

      • Scan for other open ports (e.g., RDP, SSH, IoT devices).

    • Malware & Intrusions  – A compromised game server could be used to pivot into your local network.

• Protecting yourself :

  • Hide Your Real IP

    • Use a VPN or Proxy  (e.g., WireGuard, Tailscale) to mask your home IP.

    • Host on a VPS  (e.g., $5/month Linode/DigitalOcean) instead of your home PC.

  • Secure Your Network

    • Disable UPnP  (prevents automatic port forwarding exploits).

    • Use a firewall  (only allow game traffic, block suspicious IPs).

    • Isolate the server  – Run it in a VM or separate device (not your main PC).

  • Limit Exposure

    • Use a whitelist  (only allow known players).

    • Add password/auth  (even if the game doesn’t natively support it).

    • Disable unused ports/services  (e.g., close RDP, SMB).

  • Monitor & Log Traffic :

    • Check router logs for unusual activity.

    • Tools like Wireshark  or fail2ban  can block brute-force attempts.

• Should You Keep Hosting from Home?

  • For private use (friends only)  → Whitelist IPs or use a VPN (ZeroTier/Tailscale).

  • For public use  → Migrate to a cheap VPS to avoid home risks.

  • For testing  → Use Cloudflare Tunnels (masks your IP) + strict firewall rules.

Domain: DDNS

• Provider :

  • No-IP  (Free, 3 hostnames)

  • DuckDNS  (Free, simple setup)

  • DynDNS  (Paid, more reliable)

• .

IPv4 (Internet Protocol version 4)

• More used today, but will be replaced by IPv6. It is an address written in 32-bit binary, containing 4 groups of octets.

IPv6 (Internet Protocol version 6)

• Less used, but is the future of IPs. It is an address written in 128-bit hexadecimal, containing 8 groups of 16 bits. IPv6 can store orders of magnitude more addresses than IPv4, which makes it far superior to IPv4 and more time-proof. Another difference is that IPv6 does not have a 'private IPv6' and 'public IPv6' version, because it has many  more IPs available, making 'private IPv6' also  the 'public IPv6', i.e., there is no distinction between them, unlike IPv4.

Special IP Addresses

• Loopback Address (RFC 3330):

  • Range 127.x.x.x  / localhost

  • "Send something from you to yourself, like a boomerang".

  • Used to reference the local machine (host).

  • Normally used as 127.0.0.1 , but can also be 127.0.0.2  up to 127.255.255.255 .

  • The main purpose of loopback is to allow a computer to send network packets to itself. It simulates communication over the network without leaving the device.

• Unspecified Network Address (RFC 6890)

  • 0.0.0.0

  • Used to refer to an unspecified network or when the device has not yet received an IP address.

  • Also used to indicate a default route.

  • Why 0.0.0.0  is Critical for Servers :

    • If you bind to 192.168.1.100 , only local devices can connect.

    • If you bind to 127.0.0.1 , only your own PC can access it.

    • 0.0.0.0  means: "Listen on every available interface" / "Listen everywhere".

      • Localhost ( 127.0.0.1 )

      • LAN ( 192.168.1.100 )

      • Public traffic (if port-forwarded via NAT)

    • With 0.0.0.0  you can access it via:

      • http://localhost:8000  (same machine)

      • http://192.168.1.100:8000  (local network)

      • http://<public_ip>:8000  (internet, if NAT is set up)

• Private network addresses (RFC 1918):

  • Range 10.x.x.x

    • Used in large private networks.

  • Range 172.16.x.x  -> 172.31.x.x

    • That is, from 172.16.0.0  to 172.31.255.255 .

    • Used in medium-sized private networks.

  • Range 192.168.x.x

    • Commonly used in small home networks.

• Link-Local Address (RFC 3927)

  • Range 169.254.x.x

  • Link-local addresses are used for communication between devices on a local network without the need for a DHCP server.

  • These addresses are assigned automatically when a device cannot obtain an IP from a router or DHCP server.

• Broadcast Addresses (RFC 919)

  • 255.255.255.255

    • The global broadcast address that sends packets to all devices on a local network.

  • Subnet broadcast address:

    • Depending on the subnet, the last IP address of a subnet is the broadcast address. For example, in the network 192.168.1.0 , the address 192.168.1.255  is the broadcast for that subnet.

• Multicast Addresses (RFC 5771)

  • 224.x.x.x  -> 239.x.x.x

    • That is, from 224.0.0.0  to 239.255.255.255 .

  • Multicast is a communication technique where a single packet is sent to a group of devices.

  • Multicast is commonly used for broadcasts like video or audio streaming.

• Documentation Test Addresses (RFC 5737)

  • 192.0.2.x

  • These addresses are reserved for examples and documentation. They should not be used in real networks.

Interfaces

• An interface is a network connection point, such as:

  • Loopback ( 127.0.0.1  or localhost ) – Only accepts local connections (from the same machine).

  • Ethernet/Wi-Fi (e.g., 192.168.1.100 ) – Accepts connections from your local network.

  • Public IP (assigned by ISP, e.g., 179.94.136.166 ) – Accepts connections from the internet (but usually belongs to your router, not your server directly).

Local Connection

Default Gateway

• Address to access router settings. It can be changed inside router settings and can be seen as the 'Router's Private IP'.

• Explanatory video: PowerCert video .

NAT (Network Address Translation)

• Translates one IP address to another. Used for communication between a home network (internal) and the Internet by converting Private IPs to Public IPs, or vice versa.

• Forwards specific ports from your router’s public IP to a private IP (e.g., PublicIP:80  → 192.168.1.100:80 ).

• Only exposes the ports you manually configure.

• "when creating a gaming server and doing port forwarding is asked of my external and internal IP. What should I put in the external IP, considering that I'll use DDNS?"

  • Leave it blank or select "Any" (depends on your router).

  • This allows connections from all external IPs (DDNS will resolve to your current public IP automatically).

  • Or enter 0.0.0.0  (symbolizes "any IP").

DMZ (Demilitarized Zone)

• "It's where the firewall protection is forbidden".

• Used to improve the security of some network devices. It is used to divide the network into 2 parts, between devices 'Outside the Firewall' and 'Inside the Firewall', which prevents granting unrestricted access to the network that would cause major security failures. The DMZ ensures there is separation between devices that should receive public access and those that should remain private on the network. Doing this not only improves security against hackers but also helps detect when connections are potential threats to the network.

• "Your router's DMZ is not a 'true DMZ', it just sets up a device as a DMZ host. Will forward all the ports to that device".

• Commonly used for gaming consoles, as an Xbox for example shouldn't worry about port forwarding, etc.

  • This makes the gaming console be out of the firewall, while the other devices connected to the router are protected behind the firewall.

  • This makes the gaming console fully exposed to the internet.

• The device in the DMZ should be configured with a static IP, rather than a dynamic IP.

• Explanation: PowerCert video .

• Pros :

  • "Set and forget" – No need to manually forward ports.

  • Useful if you’re testing multiple services and don’t want to configure NAT repeatedly.

• Cons :

  • Extremely risky – The DMZ device is fully exposed to hackers, scans, and exploits.

  • No firewall protection – Malware/attacks can directly target the device.

  • Only safe if the device has its own firewall (e.g., a properly secured Linux server).

• When to Use DMZ :

  • If you’re testing a device temporarily and need all ports open.

  • If the device has strong security (firewall, no vulnerable services).

  • Never use DMZ for everyday devices (e.g., Windows PC, smart TV).

DHCP Server (Dynamic Host Configuration Protocol)

• The 'DHCP' or 'DHCP Server' is a service/feature that runs inside a server, whether Windows, Linux, or inside the router itself. This service's role is to assign dynamic IPs to each device on the network. It is not necessary to change the 'IP Pool' or the 'Lease' (lease time), since they are just configuration options and do not affect connection quality. It is worth noting, however, that most of the time it is advisable to keep this option enabled, since disabling it makes the router lose the ability to assign dynamic IPs, which can cause a device to become unable to access the network due to multiple devices possibly having the same IP.

• Explanatory video: PowerCert video .

DNS (Domain Name System)

• It is the "path" by which the router connects to the server you are trying to access. It translates the 'domain name' to the 'domain IP', i.e., translates 'google.com' to '142.251.135.142'. When translating from 'name' to 'IP', the translation information is stored in a cache to speed up user lookups and navigation. It can be useful to clear the cache with ipconfig /flushdns  in case of communication errors where the domain cannot be found due to an IP change, and it is also useful to prevent 'DNS spoofing', which is when there is a wrong redirect because of a change in the DNS cache. It can be useful not to use the dynamic DNS provided by the ISP, as there are other DNS options that may be faster.

  • Explanation: PowerCert video .

  • Explanation and alternative DNS options: clip from ThioJoe's video .

  • DNS security and vulnerabilities: ThioJoe video .

Subnet Mask

• It is just a collection of digits that will act as a "mask" (e.g., Photoshop or Godot layer/mask) to differentiate which part of the IPv4 address number belongs to the 'Network' and which part belongs to the 'Host'. In other words, the usual value of the Subnet Mask {255.255.255.0}, used for IPv4 addresses like {192.168.1.0}, is not an address but an instruction for reading the IPv4 address. The values {255} and {0} are used to differentiate between Network and Host, where {255} symbolizes the Network and {0} symbolizes the Host. "Why is separation between 'Network' and 'Host' necessary in the IP digits?" The video below answers this question very well starting at {7:27}; in short, it is used to balance the number of subnets and the number of hosts in a network, commonly used in large companies or places with many devices that need to communicate with each other.

• Very explanatory video: PowerCert video .

MTU (Maximum Transmission Unit)

• Somewhat confusing explanation about MTU: Kevin Wallace video .

Port

• List of ports .

• It is a logical (non-physical) connection used by programs and services to exchange information. A port is always identified by a unique number (between 0-65535), just like the public IP that accompanies it during the request: "Public_IP:Port".

  • Very good analogy between 'Phone Number + Extension' and 'Public IP + Port': clip from PowerCert's video .

  • More in-depth explanation about 'Types of Ports', examples of 'Well Known Ports' and the Windows netstat  command: PowerCert video .

Port Forwarding

• It is a process done inside the router to ensure connectivity between devices on different networks. When such a connection is to be established, the "Host" sends its 'PublicIP:Port' information to the "Client", and the client's router receives this information but does not know what to do with the port, so an assignment must be made inside the router so it knows where to forward  that connection.

Packet

• It is sent by the user during a ping test, expecting to receive it back from the test domain to verify the connection between localhost and the domain. If there is 'Packet Loss', it means there are connection problems somewhere between localhost and the domain, which could be on the user side, the domain, the DNS, or anywhere in between.

• Bufferbloat:

  • Excess packet buffering causing internet slowness and increased ping.

• What is 'speed', 'bandwidth' and 'latency' .

UPnP

• It is a system that allows programs to open ports on the router without many obstacles. This improves peer-to-peer traffic but can create security problems if malware exploits this potential vulnerability. This option is enabled by default on many routers.

  • Explanation: clip from ThioJoe's video .

Firewall

• It is a system intended to prevent unauthorized access to the private network; it allows desired data and blocks unwanted data, acting like a filter. A firewall is also known as the 'first line of defense against hackers'. A firewall can be a 'host firewall', running on each device via software, such as Windows Firewall or third-party apps, or it can be a 'network firewall', which operates on the router and applies to the entire network and its devices; the 'network firewall' comes first and has priority over the 'host firewall'.

  • Explanation: PowerCert video .

Useful Windows network commands

• ping google.com -t

  • Tests connectivity between localhost and Google to check for packet loss; the -t  switch makes the ping run indefinitely until 'Ctrl + C' is pressed or the terminal is closed.

• ping localhost  or ping 127.0.0.1

  • Pings yourself to test if the network card has any failure.

• tracert google.com

  • Performs a trace route between localhost and Google, identifying each router along the path. Every time the packet passes through a router on the route, a response is sent back with timing information.

  • Traceroute (tracert) Explained - Network Troubleshooting .

• ipconfig /all

  • Shows all IP, TCP and MAC configurations.

• ipconfig /displaydns

  • Shows the DNS redirect cache content if you want to evaluate it and see if /flushdns  is needed.

• ipconfig /flushdns

  • Clears the DNS cache.

Server

Proxy Server

• A proxy server acts as an "intermediary agent", accessing content on behalf of the user and sending it back to them afterwards.

• When using a proxy server, you obtain the following benefits:

  • Due to this "outsourcing" of content access, a proxy server allows IP anonymity while accessing content, since the only IP the source will see is the proxy server's IP.

  • A proxy server caches relevant information, avoiding unnecessary access to the original source, saving bandwidth and making access faster.

  • It is possible to create an "access log" that keeps a record of all websites accessed through the proxy server, enabling better documentation of user access. Besides documentation, it is also possible to control access to certain websites, blocking user access.

Security Protocols

SSH (Secure Shell)

• SSH .

IPsec (Internet Protocol Security)

• Security protocol that encrypts and authenticates IP packets on the network.

• Widely used in virtual private networks (VPNs) to ensure communications are secure.

API (Application Program Interface)

• An API is a set of rules and protocols that allows different applications to communicate with each other. This can include function calls, data exchange and interaction between systems.

Types / Uses of APIs

• Server APIs (Web APIs)

• Local APIs (Libraries and Frameworks)

• Mobile Device APIs

• Local Application APIs (Desktop)

• IoT Device APIs (Internet of Things)

• APIs between Microservices

• APIs for Software Extensions

VPN / Proxy

VPN vs Proxy

• .

OpenVPN

• Open-source.

• A VPN  is a service that protects your internet connection, while OpenVPN  is one of the tunneling protocols helping VPN services do that.

• OpenVPN is one of the safest VPN protocols. It uses SSL/TLS to ensure data security and has access to the OpenSSL library for further customization, including additional security features.

• .

• Flexibility :

  • Works on multiple platforms (Windows, macOS, Linux, Android, iOS).

• Compatibility :

  • Can traverse firewalls and NAT (Network Address Translation).

• Performance :

  • Can be tuned to prioritize speed (UDP) or reliability (TCP).

• Security :

  • Implements SSL/TLS certificates for authentication and encryption.

• Customizable :

  • Allows configuring specific rules for different network needs.

Encryption

• Supports strong encryption algorithms like AES-256 to protect information.

Main Components

• OpenVPN Server :

  • Usually located centrally, such as in the office or in the cloud.

  • Manages client connections and authentication.

  • Is the entry point to the private network.

• OpenVPN Client :

  • Software installed on devices that want to access the private network.

  • Establishes the connection with the server.

Common Uses

• Remote Access :

  • Employees can access corporate resources from anywhere in the world.

• Online Privacy :

  • Users can hide their IP address and protect their connection on public networks.

• Bypass Geographic Restrictions :

  • Allows access to content blocked in certain regions.

• Interconnection of Networks :

  • Connects different physical networks, like company branches.

How to set up

• Install the Server :

  • Install OpenVPN software on the server that will be the central point of the VPN.

  • Configure the required files (e.g., server.conf).

• Generate Certificates :

  • Use tools like EasyRSA  to create a CA (Certificate Authority) and issue certificates for the server and clients.

• Configure the Client :

  • Install OpenVPN on the client device.

  • Import the configuration file generated by the server (usually with .ovpn  extension).

• Start the Connection :

  • Connect to the server using the OpenVPN client.