Our Partners

Home - Our Partners

Using methods to establish secure point-to-point or site-to-site connections in routed or bridged setups and remote access capabilities, OpenVPN is a virtual private network (VPN) technology. Both client and server applications are implemented using it. Using pre-shared secret keys, certificates, or username/password, peers can authenticate one another using OpenVPN. Using signatures and a certificate authority, it enables the server in a multiclient-server arrangement to issue an authentication certificate for each client.



  • Secure Remote Access.
  • Secure IoT Communications.
  • Protect Access to SaaS applications.
  • Site-to-site Networking.
  • Enforcing Zero Trust Access.
  • Cyber Threat Protection & Content Filtering.
  • Restricted Internet Access.

Have a question?
Find the answers in our FAQ:

How can I build a binary RPM package for my specific Linux platform?

Building an OpenVPN binary RPM package requires these RPM prerequisites:

  • openssl
  • openssl-devel
  • lzo
  • lzo-devel

The openssl package is almost always installed by default on Linux distributions. The openssl-devel package is almost always available on Linux distributions, but is sometimes not installed by default. The lzo and lzo-devel packages are usually included in more recent Linux distributions but must be installed manually. See the Dag Wieers site for a comprehensive set of LZO RPMs for Red Hat and Fedora.

Once the prerequisite binary RPMs are in place, building an OpenVPN binary RPM is quite straightforward:

You will see a lot of lines of output as rpmbuild compiles OpenVPN, but check near the end of the output for a line which looks like this:

This tells you where rpmbuild wrote the binary RPM file. Now, use:

to do a fresh install of OpenVPN, or

to upgrade an existing installation

On Slackware, I get the error: Cipher algorithm 'BF-CBC' not found (OpenSSL)

By default, OpenVPN uses the blowfish cipher for tunnel encryption. For some reason, some versions of Slackware have an OpenSSL library built without Blowfish cipher support.

The fix is either:

  • Rebuild the OpenSSL library to include blowfish, or
  • use the –cipher option to choose a different cipher. The command openvpn –show-ciphers will show the available ciphers. For example –cipher DES-EDE3-CBC will select Triple-DES encryption.

Are there any known security vulnerabilities with OpenVPN?

Not to our knowledge (as of 2004.12.08). The current OpenVPN security model matured by version 1.1.0, which was released in 4/2002. Since that time, there have been no confirmed reports on the OpenVPN lists or other security-related forums claiming any security vulnerabilities due to bugs in the software.

Having said that, there is always the potential for security vulnerabilities to be introduced by incorrect configurations. One such vulnerability is discussed here.

While OpenVPN has not as yet been subjected to a comprehensive security review, so far the security model has stood up well to analysis. In 9/2003, cryptography expert Peter Gutmann looked at the field of open source VPNs with a critical eye, and OpenVPN was singled out for some positive remarks.

OpenVPN’s security model can be summarized as such: Use the IPSec ESP protocol for tunnel packet security, but then drop IKE in favor of SSL/TLS for session authentication. This allows for a lightweight, portable VPN implementation that draws on IPSec’s strengths, without introducing the complexity of IKE.

See the article OpenVPN and the SSL VPN Revolution (PDF), by Charlie Hosner, for a more in-depth look at OpenVPN from a security perspective.

While it’s impossible to assure with certainty that no weaknesses exist, OpenVPN has multiple levels of security to protect against a single flaw causing a catastrophic security breach. For example, by using –user nobody –group nobody you can ensure that even if some kind of remote buffer overflow exploit were discovered, the exploit would be unable to elevate its privilege to root. Another example is using SSL/TLS security with –tls-auth. Using –tls-auth ensures that even if a remote buffer overflow is discovered and exploited in the SSL/TLS authentication code in the OpenSSL library, it could not be used to attack an OpenVPN session that is protected with a –tls-authpassword. In addition, if you use SSL/TLS authentication, you have the benefit of “perfect forward secrecy”.

What is the principle behind OpenVPN tunnels?

Okay, here is a brief summary of the principle behind OpenVPN:

Imagine you had a direct physical wire (i.e. a long cable) connecting two computers (A and B) at different locations. On each computer there would be a /dev/longcable which would be a network device. You could route IP traffic over it, and do everything you could normally do with a network device.

Basically a tun device is like having a /dev/longcable except the OpenVPN daemon is the program that connects the /dev/longcable on computer A with the /dev/longcable on computer B so that you can use the internet rather than a real physical cable. But in this case it is called /dev/tun or whatever your OS prefers to call them.

Now the mechanism by which OpenVPN connects /dev/tun on computer A with /dev/tun on computer B is this: It simply creates an encrypted UDP connection over the internet between A and B and forwards traffic between /dev/tun on A with /dev/tun on B. Because of the clever way in which the tun and tap drivers were designed, it is possible for a program running entirely in user-space to effect this link, allowing OpenVPN to be a portable cross-platform daemon (like SSH), rather than an OS-specific kernel module (like IPSec).

The difference between a tun and tap device is this: a tun device is a virtual IP point-to-point device and a tap device is a virtual ethernet device. So getting back to the “long cable” analogy, using a tun device would be like having a T1 cable connecting the computers and using a tap device would be like having an ethernet network connecting the two computers. People who are running applications that need the special features of ethernet (which won’t work on an IP-only network) will often bridge their physical local ethernet with a tap device (using a utility such as brctl on Linux), then VPN the tap device to another similar setup at the other end. This allows OpenVPN to route ethernet broadcasts and non-IP protocols such as Windows NetBios over the VPN. If you don’t need the special features of ethernet (such as bridging capability), it’s better to use a tun device.

Tun and tap devices can be interconnected to create a complex routing topology. Some people have created multi-node WAN networks over tap devices and actually run DHCP over the VPN so that clients can log into the virtual ethernet and request an IP address. I’ve even heard of people using Linux advanced routing to run OSPF (a kind of dynamic routing protocol) over the VPN WAN to allow for dynamic, fault-tolerant routing. They sky is the limit as far as the complexity of network you can build, but the basic building block is a VPN daemon such as OpenVPN connecting tun or tap devices on two different machines.

Does OpenVPN support Certificate Revocation Lists (CRLs)?

Yes. See the –crl-verify option in OpenVPN 1.5 and higher.

How stable is the OpenVPN Protocol, i.e. can old versions of OpenVPN talk to new versions?

While the OpenVPN protocol has been fairly stable since version 1.1.0, minor changes have occurred. See the Compatibility Notes for more information.

What is the difference between a TUN device and a TAP device?

A TAP device is a virtual ethernet adapter, while a TUN device is a virtual point-to-point IP link.

You cannot mix –dev tun and –dev tap on different ends of the connection. Use one or the other consistently.

What are the fundamental differences between bridging and routing in terms of configuration?

When a client connects via bridging to a remote network, it is assigned an IP address that is part of the remote physical ethernet subnet and is then able to interact with other machines on the remote subnet as if it were connected locally. Bridging setups require a special OS-specific tool to bridge a physical ethernet adapter with a virtual TAP style device. On Linux, for example, brctl is this tool. On Windows XP or higher, select your TAP-Win32 adapter and your ethernet adapter in Control Panel -> Network Connections, then right click and select Bridge Connections.

When a client connects via routing, it uses its own separate subnet, and routes are set up on both the client machine and remote gateway so that data packets will seamlessly traverse the VPN. The “client” is not necessarily a single machine. It could be a subnet of several machines.

Bridging and routing are functionally very similar, with the major difference being that a routed VPN will not pass IP broadcasts while a bridged VPN will.

When you are bridging, you must always use –dev tap on both ends of the connection. If you are routing you can use either –dev tap or –dev tun, but you must use the same on both ends of the connection. –dev tun tends to be slightly more efficient for the routing case.

Problems with TLS

Q: I’m using TLS mode with no –remote option on the server. When I start the server then the client it works ok. I can restart the client with no problem, but if I restart the server and the client is connected I get the following problem: “TLS Error: Unknown data channel key ID or IP address received from 111.222.333.444:10203”. In this case I need to restart the client again to make it work. Do you know what the problem is?
This problem occurs because when you restart the server, there is nothing to trigger a new TLS key exchange. The server can’t trigger it because it doesn’t have a –remote option giving it the address of its peer, so it wants to sit and wait for a client to connect. The client doesn’t trigger it because it doesn’t know the server was restarted (remember that UDP is connectionless).
There are several ways to fix this problem, listed in the order of preference:
Add a –remote option to the server which points to the client, making the connection peer-to-peer rather than client/server. When one peer restarts, it will force a new key exchange with the other peer.
Use the –ping and –ping-restart options to force a key negotiation any time that packets are not getting through the tunnel. Restarts always trigger a new key exchange.
Use static keys which allow OpenVPN to run in an essentially stateless manner.
Use TCP rather than UDP as your tunnel transport (available currently in the 1.5.x and higher with the –proto option). TCP is a connection-oriented protocol, and as such, either side of the connection knows immediately when the other side has disconnected.

Thryv offers local companies a variety of marketing tools to attract people to client sites as a result of the growing shift to digital, mobile, and online search. It has developed relationships with many of the major companies in the marketing sector, fusing local expertise with advertising to offer a range of technologies, goods, and solutions. Being a member of this vast network of partnerships now entails being a Google Premier Partner, Yahoo Preferred Partner, an MSN Elite Bing Ads Partner, as well as a number of others, such as Facebook.



  • Account-Based Marketing.
  • Content Marketing.
  • Conversion Rate Optimization.
  • Customer Data Platform (CDP)
  • Demand Generation.
  • Digital Analytics.
  • Email Marketing.
  • Event Management

Have a question?
Find the answers in our FAQ:

When can I start using Thryv? Do I need to download the software?

Thryv is a cloud-based solution and works best in the Chrome browser, however you can also use Firefox and Safari. Thryv is not supported in Internet Explorer. Once you purchase Thryv, your account will be set up. Thryv login is based on your email you used to sign up and you can create your unique password at point of sale. You can reset your password directly on the login screen if needed at any time.

How much does Thryv cost?

Thryv pricing varies by type of business. To get your custom quote, schedule a demo so we can learn more about which Thryv plan will work best for you.

What is Thryv software?

Thryv is an all-in-one client experience platform. It includes everything you need to get the job, manage your work, and get credit. Thryv comes with customer relationship management, text and email communications, online payment processing, online presence, reputation management, social media management, document sharing and storage, and more.

Do I have to use every feature and tool the software comes with?

No, you can choose which features of Thryv you want to use based on your purchase intent and the features you need to help you manage your business.

Can I take advantage of other features (known as Entitlements) within my Thryv package if I don’t set them up right away?

Absolutely. You can decide to take advantage of any of your features within your Thryv package at any time. For example, if you don’t have time to take advantage of building a new website or shoot your video right away, no worries. We can do this when you are ready any time during your Thryv subscription.

Why is there an onboarding fee?

The onboarding fee is charged so that we can make sure you are getting the most out of your Thryv. We will help you get set up and activate the features you need the most to get you started.

How long can I expect it will take to get set-up with Thryv?

Depending upon the reasons and features that you purchased Thryv, some may take a longer investment of time to set up vs. others. Our onboarding journey will help you get started and each call can take approx. an hour, depending upon your time and commitment.

What Services Level supports the Thryv product?

All Thryv levels will receive a dedicated Thryv Service Specialist

If I need post-sales support who do I contact?

Contact U.S. support at 844.99.THRYV (844.998.4798) and Australia support at 1800-468-4798. You can also connect with us right inside Thryv by clicking the orange circle at the right-hand bottom of the screen. It will open our Support where you can Email or Chat with us directly.

What if I need support for setting up my payment gateway with Braintree/PayPal or Stripe?

You can contact Thryv Support at 844.99.THRYV (844.998.4798) and we are happy to assist or transfer you if needed. You can also contact Braintree/PayPal directly at 877.434.2894. For Braintree account creation/general questions, please call 800.514.4920. For Braintree Business Support (If you already have an account), please call 888.221.1161 . You can contact Stripe directly by emailing from your Stripe account login or going to their website https://support.stripe.com/.

Should I give login access to my Business Advisor so they can help me set up my Thryv?

No. In fact this is against our company policy to give your login credentials or direct access to your Business Advisor. Our Thryv Service Specialists are happy to help you with on-boarding and activation of your Thryv features. Also, the best way to learn is when you are in the driver’s seat and our Business Advisors or Thryv Service Specialists are helping you learn by doing.

How do I download the Thryv Mobile App?

Go to Google Play or Apple Store and search for Thryv. Download for free and login with the same credentials you use on your desktop. Make sure you turn on your notifications so you can get instantly notified when anyone books an appointment, pays you, leaves you a review, and more. We also have an article for your reference, located here.

Microsoft 365 product line, which includes cloud-based services and productivity tools. It includes online tools like Outlook.com, OneDrive, and Microsoft Teams, as well as software packages that were formerly sold under the Microsoft Office brand. These include Word, Excel, PowerPoint, and Outlook for Microsoft Windows, macOS, mobile devices, and the web, as well as enterprise products and services like Exchange Server, SharePoint, and Yammer. This includes subscription-based licencing for desktop and mobile applications, hosted email and intranet services, as well as subscription plans that cover all of these items.



  • Access Files Anywhere. Office 365 allows your organisation to store all the files in the cloud. …
  • Secure Cloud Storage. …
  • Improved Communication. …
  • Predictable spend. …
  • Business Continuity. …
  • Automatic upgrades. …
  • Centralised Collaboration

Have a question?
Find the answers in our FAQ:

What is the difference between Office 2021 (one-time purchase) and Microsoft 365 (subscription)?

Office 2021 is sold as a one-time purchase, which means you pay a single, up-front cost to get Office apps for one computer. One-time purchases are available for both PCs and Macs. However, there are no upgrade options, which means if you plan to upgrade to the next major release, you’ll have to buy it at full price.

Microsoft 365 is a subscription that includes the most collaborative, up-to-date features in one seamless, integrated experience. Microsoft 365 includes the robust Office desktop apps that you’re familiar with, like Word, PowerPoint, and Excel. You also get extra online storage and cloud-connected features that let you collaborate on files in real time. With a subscription, you’ll always have the latest features, fixes, and security updates along with ongoing tech support at no extra cost. You can choose to pay for your subscription on a monthly or yearly basis, and the Microsoft 365 Family plan lets you share your subscription with your family for up to 6 people, and use your apps on multiple PCs, Macs, tablets, and phones.

How do I know if my PC or Mac can run Microsoft 365?

Microsoft 365 is compatible with PC, Mac, Android, and iOS2. See system requirements for compatible versions of your devices, and for other feature requirements.

Will Microsoft 365 be identical on a PC and a Mac?

No. Apps are tailored to work best on each operating system. The apps available for Mac users and the specific features included may be different from those available for PC users. With Microsoft 365, you can be flexible. With your account, you are not limited to exclusively Mac or exclusively PC, so you can transition across device.

Do I keep control of my documents with a Microsoft 365 subscription?

Yes. Documents that you have created belong fully to you. You can choose to store them online on OneDrive or locally on your PC or Mac.

Is Internet access required for Microsoft 365?

Internet access is required to install and activate all the latest releases of apps and services included in all Microsoft 365 subscription plans. Note that if you are an existing subscriber, you do not need to reinstall or purchase another subscription.

For Microsoft 365 plans, Internet access is also needed to manage your subscription account, for example to install apps on other PCs or to change billing options. Internet access is also required to access documents stored on OneDrive, unless you install the OneDrive desktop app.

You should also connect to the Internet regularly to keep your version of Microsoft 365 up to date and to benefit from automatic upgrades. If you do not connect to the internet at least every 31 days, your apps will go into reduced functionality mode, which means that you can view or print your documents but cannot edit the documents or create new ones. To reactivate your apps, simply reconnect to the Internet.

You do not need to be connected to the Internet to use Office apps such as Word, Excel, and PowerPoint, because the apps are fully installed on your computer.

What is a Microsoft account, and why do I need it for Microsoft 365?

Your Microsoft account is the combination of an email address and password that you use to sign in to services like OneDrive, Xbox LIVE, and Outlook.com. If you use any of these services, you already have a Microsoft account that you can use, or you can create a new account. Learn more about a Microsoft account.

As part of signing up for a trial or purchasing Microsoft 365, you will be prompted to sign in with a Microsoft account. You must be signed in with this account to install and manage your Microsoft 365 subscription, or to use some subscription benefits, including OneDrive storage.

How many people can use a Microsoft 365 subscription?

You can share Microsoft 365 Family with 5 other people in your household, for a total of 6 users. Microsoft 365 Personal can be used by one person.

How do I share my subscription benefits with members of my family?

If you have an active Microsoft 365 Family subscription, you can share it with up to 5 members of your household. Each household member you share your subscription with can install Microsoft 365 on all their devices and sign in to 5 devices at the same time.

To add someone to your subscription, visit account.microsoft.com and follow the on-screen instructions to add a user. Each person you add will receive an email with the steps they need to follow. Once they have accepted and completed the steps, their information, including the installs they are using, will appear on their My Account page. You can stop sharing your subscription with someone or remove a device they are using at account.microsoft.com.

If I’m not paying for a subscription, what do I get for free?

Visit this page to learn more about free apps.