Any help with VPN termination?
John Summerfied
debian at herakles.homelinux.org
Tue May 10 01:51:57 UTC 2005
Leonard Isham wrote:
>>>if you have a spare 4 or 5 year old machine laying around, consider
>>>throwing linux or some BSD on it and running openvpn. it's a very
>>>secure ssl based vpn product and you only need one port opened up in
>>>your firewall, no gre so no custom kernel needed.
I bought some Pentium IIs for $2.50 a while back. At that price I'd not
use anything less.
P II, 64 Mb. 2x Gb or so....
>>
>>thumbs up
>>
>
>
> I second the nomination for OpenVPN. I have had 1.6 running for a
> site for over a year with one person connecting in from another state
> everyday without a hitch. I don't think any of the firewall distros
> have upgraded to the new 2.0 version, but IIRC Devil Linux has OpenVPN
> integrated in.
the OP should not use that- maintaining 50 or so individual VPNs is not
something I'd countenance. OTOH, 2.0 should be fine.
>
> OpenVPN is multiplatform and supports Windows, Linux and other *nix as well.
>
> Additionally the web site has a large amount of documentation and the
> community dose a great job of supporting it.
>
> The one thing to be wary of is if your routing experience is light
> then you may have some difficulties getting the routing, and hence VPN
> and firewall working smoothly.
>
> I believe that DAG has OpenVPN 2.0 as a RPM as well.
Bear in mind that 2.0 has ony just gone gold. Use it by all means, but
keep an eye out for updates and look for a way to automate updates to
clients. After you've tested them of course:-)
--
Cheers
John
-- spambait
1aaaaaaa at computerdatasafe.com.au Z1aaaaaaa at computerdatasafe.com.au
Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/
More information about the fedora-list
mailing list