Thanks for all.
On Thu, Oct 22, 2009 at 3:16 PM, Paul Heinlein heinlein@madboa.com wrote:
On Thu, 22 Oct 2009, Joseph L. Casale wrote:
the best way is to use ssl-vpn rather than ipsec, via OpenVPN. Its a breeze to install and configure compared to most any other VPN, quite easy for the server to push routing rules to the clients, etc.
I'll second the OpenVPN reco, I just migrated off a Cisco PIX to this and it is the most configurable, and stable thing I have seen in ages. I have connections from both Linux and Windows machines that sustain for several days without a single hiccup whereas the PIX would often suffer from non recoverable transient errors that tanked the connection.
Macs work well too in an OpenVPN environment. You can compile it up yourself (or via MacPorts) or use Tunnelblick:
http://code.google.com/p/tunnelblick/
Note that OpenVPN and Vista aren't necessarily quick to work and play well together. They can do it, but some coaxing is often necessary. XP, otoh, works great.
On Linux, I like running OpenVPN as a standard daemon, but there's also a NetworkManager plugin that mostly works as advertised.
-- Paul Heinlein <> heinlein@madboa.com <> http://www.madboa.com/ _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos