> Scenarios are: > - ipsec-tools with Cisco vpn client Hmmm... I only run non-graphical servers and ipsec-tools without RH gui gives me a major headache... > - pptpd with Windows XP native client We ran this and it works fine, but throughout it's life had to do lot's of patching and kernel recompiling. Not sure if that is the case now as we've moved on. Two other MAJOR issue with this: 1: is that it's password based and if you allow users to pick passwords then be prepared for compromise. 2: you cannot have more than one connection to the same server from behind NAT. We'd always run into this with tradeshows ;) all the reps would stay at the same hotel and only one could use the vpn at a time. Get ready for a lot of upset reps (of course you may not have this issue) > - OpenVPN with OpenVPN Windows client Very slick, add rpmforge repo, yum install openvpn and go to town. I have no major complaints with this system and it's very NAT friendly compared to the other two options. My 2 cents, alex