On Mon, 28 Jan 2008, Jeffrey Tadlock wrote:
2008/1/28 <arunbkn@xxxxxx>:
Can any body suggest me the best VPN solution available on fedora
(preferably 8). I would like to setup a VPN server at my end, such that
users (windows ) at remote places can access our server securly. And can
protact from web attacks.
As already suggested, I would certainly take a look at OpenVPN [1] to
see if it meets your needs. From my experience it worked well with
Windows boxes and will also work for cases where you want site to site
VPNs. The flexibility and reliability you get outweighed the factor
of needing to install software on the Windows client.
--Jeffrey
I have to agree, I used openVPN with 10 developers working 20% from home.
sure there are issues, so here is my $0.02:
1) deployment of VPN server is easy
2) deployment of RSA keys is a little tricky, but easy
revocation of RSA keys is a little hard, but you can do that at your
pace
3) deployment of openVPN on clients is easy
4) deployment of RSA keys to clients was done via zip file with
'startVPN.bat' script for starting
5) having users keep the VPN Client running (they closed the cmd window)
took some training
Now some users' home routers did not like the UDP connectivity of openVPN.
So, I setup another VPN daemon to use TCP - with all the same permissions.
and those users that have problems with UDP just use TCP.
I setup the openVPN in bridge mode - it simplifies much of the routing.
Some users complain of a delay in resolving network resources inside the
office, so it takes some time for some computers to see where the wins
server is located and to do broadcasts... But don't ask me, its been 15
years since anyone called me a windows guy.
ed
p.s. Another note, I have a wireless access point in the office - not
connected to the internal network. Users who want access to office
resources from the wireless need to run their VPN client.
