Any help with VPN termination?

[John Summerfied]

Leonard Isham wrote:

>>>if you have a spare 4 or 5 year old machine laying around, consider
>>>throwing linux or some BSD on it and running openvpn.  it's a very
>>>secure ssl based vpn product and you only need one port opened up in
>>>your firewall, no gre so no custom kernel needed.

I bought some Pentium IIs for $2.50 a while back. At that price I'd not 
use anything less.

P II, 64 Mb. 2x Gb or so....

>>
>>thumbs up
>>
> 
> 
> I second the nomination for OpenVPN.  I have had 1.6 running for a
> site for over a year with one person connecting in from another state
> everyday without a hitch.  I don't think any of the firewall distros
> have upgraded to the new 2.0 version, but IIRC Devil Linux has OpenVPN
> integrated in.

the OP should not use that- maintaining 50 or so individual VPNs is not 
something I'd countenance. OTOH, 2.0 should be fine.

> 
> OpenVPN is multiplatform and supports Windows, Linux and other *nix as well.
> 
> Additionally the web site has a large amount of documentation and the
> community dose a great job of supporting it.
> 
> The one thing to be wary of is if your routing experience is light
> then you may have some difficulties getting the routing, and hence VPN
> and firewall working smoothly.
> 
> I believe that DAG has OpenVPN 2.0 as a RPM as well.

Bear in mind that 2.0 has ony just gone gold. Use it by all means, but 
keep an eye out for updates and look for a way to automate updates to 
clients. After you've tested them of course:-)





-- 

Cheers
John

-- spambait
1aaaaaaa at computerdatasafe.com.au  Z1aaaaaaa at computerdatasafe.com.au
Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/