Home#
Welcome to the VPN server documentation page. This site is intended for VPN server operators. It contains information on how to deploy the VPN software on a server, but also (technical) details on how to (better) integrate the software in existing infrastructure, and how configure the software for one’s own organization.
End-User Support#
If you are using eduVPN and need support, find the contact information of your organization here.
If you can’t find any contact details, contact us at eduvpn-support@lists.geant.org.
Features#
This is an (incomplete) list of features of the VPN software:
- OpenVPN server accepting connections on both UDP and TCP ports;
- Uses multiple OpenVPN processes for load sharing purposes;
- High Available deployments with multiple portals and nodes;
- Scales from a Raspberry Pi to many core systems with 10GBit networking;
- Full IPv6 support, using IPv6 inside the tunnel and connecting over IPv6;
- Support both NAT and Public IPs;
- Embedded CA for managing OpenVPN client certificates;
- Full support for WireGuard;
- Secure server and client configuration out of the box;
- User Portal to allow users to manage their VPN configurations on their devices and Admin Portal to manage users and connections;
- Internationalization / Localization support;
- Authentication to portals using Local User DB (default), LDAP, RADIUS, OIDC, SAML and Client Certificates;
- OAuth 2.0 API for integration with native eduVPN/Let’s Connect! applications;
- Deployment scenarios:
- Full Tunnel to route all traffic over the VPN (for safer Internet usage on untrusted networks);
- Split Tunnel to route only some traffic over the VPN (for access to the organization network);
- Client-to-client (only) networking;
- Group Permissions support with SAML, LDAP authentication backends as well as “Static”;
- Ability to configure Logging;
- Support multiple deployment scenarios simultaneously;
- SELinux fully enabled (on Fedora, EL);
- Usage Statistics and Monitoring;
- Some Preview Features;
Make sure to also check our Roadmap to see what we are planning to do in future releases.
Installation#
We support the following operating systems for deploying the VPN server:
- Debian 12 (
x86_64
) - Ubuntu 22.04 LTS, 24.04 LTS (
x86_64
) - Fedora 39, 40, 41 (
x86_64
) - Enterprise Linux
- Red Hat Enterprise Linux 9 (
x86_64
) - AlmaLinux 9 (
x86_64
) - Rocky Linux 9 (
x86_64
)
- Red Hat Enterprise Linux 9 (
We recommend you install your VPN server on Debian 12, or Enterprise Linux 9.
NOTE: we expect ALL software updates to be installed and the server rebooted before you install the VPN software!
NOTE: if you want to deploy on multiple machines for load balancing / high availability, please follow these instructions instead!
If you installed a VPN server and want to keep using it, please subscribe to the mailing list here. This list will be used for announcements of updates and discussion about running the VPN software.
Supported Versions#
We support a server release until such time the EOL date has been reached. We ONLY support the particular release on operating systems that are still supported by their vendor! We maintain a separate Server OS Support page that has information on the exact server OS support, including when we drop support for that particular OS (version).
Version | Release Date | OS Support | EOL |
---|---|---|---|
3 | 2022-05-25 | Debian (>= 12), Ubuntu LTS (>= 22.04), Fedora (>= 39), EL 9 | No (TBD) |
2 | 2019-04-02 | N/A | Yes (2024-06-30) |
1 | 2017-07-13 | N/A | Yes |
If you are currently running the 2.x server, and want to upgrade to 3.x, you can look here. You can also view the 3.x Release Notes.