Deploying secure and scalable VPN connections with eduVPN

Since early 2020, working from home has become the new social norm. Employees need to be able to work from home at ideally the same level of productivity as when working from the office – and for that, will need access to resources which are often accessible only from the office network. The access is typically facilitated with a Virtual Private Network (VPN), providing a secure connection from the user’s computer to the office network.

Most organisations have VPN solutions in place, but often, these were not designed for the situation where most or almost all staff are working from home, and did not cope well with the sudden increase in demand.

This is partly because hardware VPN appliances have longer replacement cycles, and often lag behind the refreshes (and throughput increases) of other network equipment.

The eduVPN software package (also known as Let’s Connect) is an open-source VPN solution, covering both the server side and the client side, designed by the R&E community for the R&E community. An eduVPN server can be easily deployed on a Linux server.

During the lockdown in early 2020, we have been approached by a member institution as their VPN solution was not coping with the demand, especially for large data sets transfers.

We have deployed a managed eduVPN server for this institution – and even though it was deployed on an ordinary VM within REANNZ infrastructure, it significantly outperformed the existing VPN solution and allowed the staff of this organisation to work from home, including research data set transfers that were not possible with the existing VPN solution.

This talk will present both the client and server side of eduVPN, demonstrate their ease of use and deployment, describe the key use cases that can be addressed by eduVPN, and outline what deployment options are available.

Dr. Vladimir Mencl has been part of the New Zealand R&E community since 2006 and has been involved in identity and access management projects since the early days of the BeSTGRID project. When the Tuakiri project moved to REANNZ, Vlad joined REANNZ where he is part of the Systems team as a Senior Software Engineer.