Next Generation VPN for Embedded Devices

Community Software Overview

EmbeddedVPN is a full-featured open source VPN solution designed for embedded devices with microprocessors that have not a large memory footprint and/or strong MIPS power.  EmbeddedVPN offers 8/16 bits processors opportunity to have Internet access with high reliable tunnel session to their OMC. It offers a cost-effective, lightweight alternative to other VPN technologies that is well-targeted for the SME and enterprise markets.

Embedded combines security with simplicity

Embeddedvpn design is based on modified GSM authentication solution which uses CHAP MD5 algorithm  instead of A1 and A3 algorithms. Embedded VPN offers clients to choose authentication and encryption for their tunnel session according their capability. Every client can use different authentication and encryption type. For the network firewall Embeddedvpn acts as any web browser.

Looking Ahead

EmbeddedVPN is going to evolve itself on VPN over LIN/CAN/MOST and other layer 2 busses.

EmbeddedVPN server runs on:

Windows 2000/XP and higher

EmbeddedVPN client runs on:

PSOS, VxWorks, TI NDK&Bios , Windows, Unix  ....

With EmbeddedVPN, you can:

  • tunnel any IP subnetwork or virtual Ethernet adapter over a single UDP or TCP port,
  • unencrypted UDP and TCP tunnels with authentication,
  • encrypted UDP and TCP tunnels with authentication,
  • configure a scalable, load-balanced VPN server farm using one or more machines which can handle thousands of dynamic connections from incoming VPN clients,
  • use Blowfish and AES encryption to protect your private network traffic as it transits the internet or just only no encrypted tunnel,
  • predefined static IP address for every client regardless of real network IP
  • every client has unique username with different or same password
  • a new encryption key generated at start of new session
  • tunnel networks whose public endpoints are dynamic such as DHCP or dial-in clients,
  • tunnel networks through connection-oriented stateful firewalls without having to use explicit firewall rules,
  • tunnel networks over NAT,
  • create secure Ethernet bridges using virtual tap devices, and
  • on a client side implemented firewall which accept traffic only from VPN server


What distinguishes EmbeddedVPN from other VPN packages?

  • From 16kb to 100 kb client memory requirement
  • 450 kb server static memory requirement plus 8 kb per client dynamic memory
  • Every client can use different authentication and encryption
  • Open for adding other authentication and encryption solution
  • Simultaneous writing debugging information on console and in log txt file
  • Client can run on any TCP/IP stack without Operating System.
  • EmbeddedVPN is easy to use. In general, a tunnel can be created and configured with a single command (and without any required configuration files).
  • EmbeddedVPN has been rigorously designed and tested to operate robustly on unreliable networks around world.  Clients monitor reliability of link and re-establish tunnel session in 5 minutes since server has restarted
  • EmbeddedVPN does not require presence of TUN/TAP driver and offers own solution which replace them on target embedded OS or .
  • EmbeddedVPN is fast solution 

Is EmbeddedVPN standards-compliant?

As a user-space VPN daemon is compliant with NAT, DHCP, and TUN/TAP virtual devices.

EmbeddedVPN is not compatible with OpenVPN, IPSec, IKE, PPTP, or L2TP. It uses on windows OS plenty openvpn and tun driver source files while on embedded devices it use own solution without openvpn and tap/tun source files.


Building EmbeddedVPN

EmbeddedVPN can easily be built  for Windows . Installation with project  files can be found on this site.

On embedded devices vpn client source run as file compiled with other project files. It usually requires one thread/task with mailbox capability.  Even it can run without OS and TAP/TUN functionality. It requires only simple socket functionality.

EmbeddedVPN runs entirely in user space and does not require any special kernel components even not  the TAP/TUN on embedded devices.


The EmbeddedVPN project

EmbeddedVPN is entirely a community-supported effort under the GPL, and your support can go a long way towards ensuring EmbeddedVPN's continuing development, including staying on top of security issues, maintaining a rigorous testing program, adding new features, improving documentation, and providing technical support.

EmbeddedVPN on Windows uses plenty open sources files from , specially OpenVPN and TUN/TAP files.

 On embedded devices run only clients which size starts from 16 kb (non encrypted tunnel with available MD5) to 100 kb with included Blowfish and Rijandel (AES) algorithms. This client implementation on embedded devices differ  from windows client  solution and it is not possible to port windows source files on the embedded devices.


[Home] [About] [Software] [Configuration] [Contact]