On 11/8/05, Benjamin Smith <lists at benjamindsmith.com> wrote: > I tried several times to get a VPN working - I tried > > 1) Tunneling IP over SSH fw. > 2) IPSec > 3) PPTP > > All were painful, and often unreliable. (I'd do a kernel update, and suddenly > VPN would die a horrible death, and I'd have to recompile a bunch of stuff to > get it back up - ugh) > > The best way, bar none, no exceptions, is using OpenVPN. Cross platform, > fairly quick setup, good security, highly reliable. > > After a few hours of tinkering during setup, "it just works" and has done so > very reliably under rather demanding circumstances for over a year. Probably > the worst part was setting up the routing tables on either end, and that > seems to be a PITA regardless of your VPN solution... > > The only downside I can find to OpenVPN is that it requires a process on the > GW for each connection, so this could get cumbersome if you have hundreds of > simultaneous connections. But, with my half-dozen connections, it works > fanastically! > Just upgrade to 2.X and you will be able to use one process for all connections for the server. -- Leonard Isham, CISSP Ostendo non ostento.