Overview

A Virtual Private Network (VPN) is used for creating a private scope of computer communications or providing a secure extension of a private network into an insecure network such as the Internet. VPN is a widely used security technology. VPN can be built upon IPSec or Transport Layer Security (TLS/SSL). These are two fundamentally different approaches for building VPNs. In this lab, we focus on the TLS/SSL-based VPNs. This type of VPNs is often referred to as TLS/SSL VPNs.

The learning objective of this lab is for students to master the network and security technologies underlying SSL VPNs. The design and implementation of TLS/SSL VPNs exemplify a number of security principles and technologies, including crypto, integrity, authentication, key management, key exchange, and Public-Key Infrastructure (PKI). To achieve this goal, students will implement miniVPN, a simple TLS/SSL VPN, in the Linux operating system.

Lab Tasks

  • VM version: This lab has been tested on our pre-built SEEDUbuntu16.04 VM.

Recommended Time

  • Supervised situation (e.g. a closely-guided lab session):
  • Unsupervised situation (e.g. take-home project):

Files that are Needed

Suggested Reading

  • SEED Book (2nd Edition) by Wenliang Du (Book website)
  • Slides for the SEED book.
  • Tun/tap interface tutorial
  • OpenSSL Command-Line HOWTO
  • Secure programming with the OpenSSL API, Part 1: Overview of the API

SEED Labs

SEED Books