Leonard Isham wrote:
if you have a spare 4 or 5 year old machine laying around, consider throwing linux or some BSD on it and running openvpn. it's a very secure ssl based vpn product and you only need one port opened up in your firewall, no gre so no custom kernel needed.
I bought some Pentium IIs for $2.50 a while back. At that price I'd not use anything less.
P II, 64 Mb. 2x Gb or so....
thumbs up
I second the nomination for OpenVPN. I have had 1.6 running for a site for over a year with one person connecting in from another state everyday without a hitch. I don't think any of the firewall distros have upgraded to the new 2.0 version, but IIRC Devil Linux has OpenVPN integrated in.
the OP should not use that- maintaining 50 or so individual VPNs is not something I'd countenance. OTOH, 2.0 should be fine.
OpenVPN is multiplatform and supports Windows, Linux and other *nix as well.
Additionally the web site has a large amount of documentation and the community dose a great job of supporting it.
The one thing to be wary of is if your routing experience is light then you may have some difficulties getting the routing, and hence VPN and firewall working smoothly.
I believe that DAG has OpenVPN 2.0 as a RPM as well.
Bear in mind that 2.0 has ony just gone gold. Use it by all means, but keep an eye out for updates and look for a way to automate updates to clients. After you've tested them of course:-)
--
Cheers John
-- spambait 1aaaaaaa@xxxxxxxxxxxxxxxxxxxxxxx Z1aaaaaaa@xxxxxxxxxxxxxxxxxxxxxxx Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/
