OpenVPN v2.5.4 for Windows XP and Windows Server 2003 x86

This forum is for general conversation and user-user networking.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
schtrom
OpenVpn Newbie
Posts: 2
Joined: Wed Feb 02, 2022 9:25 am

OpenVPN v2.5.4 for Windows XP and Windows Server 2003 x86

Post by schtrom » Wed Feb 02, 2022 9:26 am

Download Link https://sourceforge.net/projects/openvpn-for-windows-xp

Hi to all forum members and XP/2003 lovers!

OpenVPN v2.3.18 was the last version that officially supports Windows XP and Windows Server 2003. We lately had the need to use the newer version 2.5.4 of OpenVPN to support stronger data ciphers like AES-256-CBC. Therefore we decided to rebuild the whole package from the ground up to make it compatible with Windows XP and Windows Server 2003. The following article describes in detail how you can rebuild OpenVPN v2.5.4 for use on these older operating systems.

The benefits of this new version include:

- support of stronger data ciphers like AES-256-CBC
- new TAP-Driver with a network speed of 1 GBit/s instead of 10 MBit/s
- severe bug on Windows XP SP3 solved where we can't connect to the VPN server

For more details visit: https://openvpn-for-windows-xp.sourceforge.io
There is also an article available on CodeProject, which is identical to the first link: https://www.codeproject.com/Articles/53 ... Windows-XP

Attention: The source code package is 460 MB in size and contains all files you will need to do the OpenVPN v2.5.4 changes on your own in complete offline mode! There is also a separate binary package available on sourceforge.

Have fun with secure VPN on XP/2003!

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: OpenVPN v2.5.4 for Windows XP and Windows Server 2003 x86

Post by TinCanTech » Wed Feb 02, 2022 3:15 pm

Take note:
  • Openvpn does not endorse or support this rogue binary.
  • Windows XP has not been maintained by Microsoft for Eight Years.
    So, what-ever security holes, bugs and back-doors that were present, still are.
  • Anybody still using Windows XP should move to a Linux Desktop distribution.
  • There is absolutely no excuse or genuine reason to use Windows XP.
@schtrom The OpenVPN developers are also a little disappointed that you never made contact .. until now.

schtrom
OpenVpn Newbie
Posts: 2
Joined: Wed Feb 02, 2022 9:25 am

Re: OpenVPN v2.5.4 for Windows XP and Windows Server 2003 x86

Post by schtrom » Wed Feb 02, 2022 6:39 pm

Hello TinCanTech,

thanks for your thoughts. In my opinion it is better to use a potentially unsecure Windows XP/2003 Server system with a new version of OpenVPN than using the old version 2.3.18 with weak encryption and a TAP driver bandwidth limit of 10 MBit/s. I also find it very strange that the official build documentation seems to be wrong at many points and the retail binary of the official Windows executables are clearly produced with some Microsoft Compiler, although the documentation says it is build by a cross compile. I may be wrong, but during my build journey I got the impression that it is not in the interest of the OpenVPN dev team to make the build steps transparent. Too many different build docs out there, which took me at least a month to sort out the useless stuff. And for the rogue binary, I do not say "trust every binary that is uploaded to the internet", but everybody can build this one on his own with the outlined and clear build steps. In this case the risk should be minimal and the version should be based on your v2.5.4 code base.

And for the disappointed developers, what should I have asked? Can you implement Windows XP support back to version 2.5.4? What would have the answer been? Maybe the exact points that you stated in your post above. XP is outdated, no support, do not use it and so on.

To make this really clear at the end: I thank you and the developers very much for sharing the source code of OpenVPN. I would only wish for the future that the build instructions are clear and transparent.

Have a nice day and long live Windows XP!
Kai Schtrom

gabori
OpenVpn Newbie
Posts: 3
Joined: Sat May 29, 2021 6:34 pm

Re: OpenVPN v2.5.4 for Windows XP and Windows Server 2003 x86

Post by gabori » Thu Feb 03, 2022 12:51 am

thanks
that is what I was looking for

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: OpenVPN v2.5.4 for Windows XP and Windows Server 2003 x86

Post by TinCanTech » Thu Feb 03, 2022 1:16 am

I am just going to throw this out to the world:
  • Windows XP is a sitting duck
    If you use Windows XP on the modern internet then you are asking to be pwnd.
  • If a Windows XP Client connects to your Server then who knows what comes with it.
    • Hey Dad, I got a VPN! (Dad: Yeah, I know ..lol )
    That is an attack surface that I would prefer to avoid.
  • The relatively small and diminishing number of Windows XP Users
    renders this endeavor somewhat pointless.
    Good Luck .. none-the-less.
8-)

Gushi
OpenVpn Newbie
Posts: 2
Joined: Wed Jul 19, 2017 12:38 am

Re: OpenVPN v2.5.4 for Windows XP and Windows Server 2003 x86

Post by Gushi » Mon Nov 14, 2022 8:01 pm

Hi all,

Your mileage may vary, but I still need to break into DOS occasionally, too. There are some tools for talking to things like ham radios that don't run under modern windowses. I have a few older printers (like, badge printers) that don't have modern drivers. Most of this stuff doesn't need a network connection at all.

But sometimes, as a sysadmin, in our day to day work, we need to connect to broken, old ILOMs and console servers that do not work with modern Java implementations. Some of them even require Flash to reach that management card (Cisco UCS servers). Often, these are walled off and *only* available behind a VPN.

I refer to these uses of needing an old computer/OS as "Can Opener Work". And when you need it, you *really* need it.

Those are my sole (and diminishing) use cases for keeping a windows XP VM around these days. Well, that and FreeCell. :)

Typically, I let my main machine do the VPN'ing and NAT the windows VM behind it, but having a VPN client for the windows machine is another option. With the advent of m1 macs, running that VM locally on my own machine becomes harder. The answer becomes something like "spin up an XP VM in a datacenter somewhere, with a restricted network stack, and handle the VPN connection upstream of it (and maybe even make it so it cannot reach anything *but* that restricted subnet).

Post Reply