OpenVPN 2.3 released
Hurrah! After over a year of development, OpenVPN version 2.3 was released.
List of changes since version 2.2:
- Full IPv6 Support
- SSL is now modular, which allows you to use not only OpenSSL, but also other libraries
- Ability to use PolarSSL instead of OpenSSL
- New API for direct access to certificates, improved logging API and redesigned for easier support in the future
- Added environment variable 'dev_type', which takes the values 'TUN' or 'TAP' and can be used by scripts or plugins
- Added --management-external-key option for loading RSA through the management interface
- Added option --management-up-down - tunnel up / down notifications in the management interface
- Added option --x509-track option for more complete access to X.509 fields from scripts and plugins through the new plugin API (v3)
- Added option --client-nat support - NAT one-to-one to prevent conflict of IP addresses between networks
- Added --mark option, which can mark encrypted packets traveling through the tunnel for easier configuration of routing and filewall
- Added option --management-query-proxy - proxy settings through the management interface
- Added option --stale-routes-check, which periodically cleans the internal routing table
- Added option --x509-username-field, with which you can use X.509v3 fields other than Common Name to identify the user
- Added option --memstats - write user stats to memory-mapped binary files
- The auth-token command has been added to the client-side management interface, which allows not to store the login and password in memory in case of authorization by login / password, but instead use a temporary token.
- The remote command has been added in the client-side management interface, which can override the --remote option in the config.
- Improved client-kill command in the management interface
- UTF-8 support has been improved and the --compat-names option has been added to return the old behavior if scripts or plugins break from this.
- Improved authentication through PAM
- Connection block can now use more options than before
- New build system, easier cross-compilation and build under Windows.
- A lot of code got better commented
- Lots of documentation updates
- A large number of bug fixes and code cleanups
- New OpenVPN-GUI
- ... and a bunch of other changes you can read about here
Perhaps this is the best VPN solution for today.