wvpn (basic wireless virtual private network)

wvpn is a small free software solution for setting up a vpn between a gateway and various client by using OpenPGP/GnuPG as an authentication method and OpenVPN as an encrypted network tunnel method. The main purpose is to create wireless vpn tunnel in a simple and secure way.

Don't hesitate to contact me (adulau@foo.be), if you want to share ideas, enhance the software...

How it works

Keyring setup

The security of the wvpn system depends on this process, so this is really important that you make a correct handling of the process described.

The Gateway (GW) must generate a new GnuPG key pair and stores his private key in a well secured part of the gateway or on another specific device. (This is done when you start wvpn-server if they are no existing keys)

The private key of the GW will sign the public key of the client in order to create a trust between the client that can be connected and the client that cannot be connected to the GW. The process is very similar of a keysigning because the owner of the GW will make a physical verification in order to guarantee the client. (The owner of the gateway will use wvpn-server-signkey in order to accept new client.)

Notes : The process could be extended to the client or other GW are signing the public of the GW but this is not the case for this testing version)

wvpn connection setup

The wvpn-client is handling the connection to the Gateway by using XML-RPC request to the wvpn-server.

The wvpn-server is a small XML-RPC server running various methods to make the connection setup. Here is the various methods provided by the server :


(string authmessage)

wvpnRequestVPN is a method to create a VPN connection with the server. The message is an armored OpenPGP message encrypted with the public key of the server (gateway). The message encrypted is a simple xml format message :

contains the OpenVPN symmetric key used for the VPN encryption.
contains an armored OpenPGP signature of the key content (without the tags).

Return the port number for setting up the OpenVPN connection.


(string port)

wvpnCloseVPN is a method to close the current VPN connection. The method closed the connection with the TCP/UDP port listening on the wvpn-server.

(string port) port is the string port returned by the wvpnRequestVPN.



(no arg)

wvpnRequestPublicKey is a simple method to request the Public Key of a server. This method should be used with great care as the client must verify the fingerprint of the wvpn-server giving the public key.

Return the public key in an armored openpgp message.


(string message)

wvpnTestEcho is a simple method to test the connectivity to the wvpn-server.

(string message) is used to echo the same message.

Return the message string.


Software required

On the server side, you need Perl, GnuPG and OpenVPN.

On the client side, you need Perl, GnuPG and OpenVPN. (The usage of various software can be reduced on the client by a custom XML-RPC client)



Copyright (C) 2003 Alexandre Dulaunoy <adulau@foo.be>

This program is  free software; you can redistribute  it and/or modify
it under the  terms of the GNU General Public  License as published by
the Free Software Foundation; either  version 2 of the License, or (at
your option) any later version. 

This program  is distributed in the  hope that it will  be useful, but
WITHOUT   ANY  WARRANTY;   without  even   the  implied   warranty  of
General Public License for more details. 

You  should have received  a copy  of the  GNU General  Public License
along  with  this  program;  if   not,  write  to  the  Free  Software
Foundation, Inc., 59 Temple Place  - Suite 330, Boston, MA 02111-1307,

$Id: wvpn-index.wiki,v 1.1 2003/08/29 11:12:04 adulau Exp adulau $

Copyrights (C) 2002,2003 Alexandre Dulaunoy - released under the GNU Free Documentation license without any options