On Thursday 20 September 2007, Ken Price wrote: > OpenVPN doesn't support IPSec at all. It's an SSL implementation. > You'll want to look at Openswan (http://www.openswan.org/) for IPSec. > PS. The "www" is very important when going to the openswan site. > Their webserver is configured funky. > > For Microsoft compatibility, Poptop and Openswan are your best bets. > Neither are a piece of cake to setup, but I personally find Openswan > easier ... but then I've been using it in a production environment for > 5 or 6 years (was Freeswan). You'll want an L2TP setup, though, for best security, performance, and best compatibility. There are commercial Linux firewall boxes that do this easily; SmoothWall is one. Barring that, install l2tpd (for CentOS 4 it's on Karanbir's CentOS repo; for CentOS 5 I'm not sure, as I don't have extra repos enabled on any of my CentOS 5 boxes). Windows L2TP VPN's are the most secure, being PPP over L2TP over IPsec, without the holes that have plagued PPTP (PPP over L2TP does essentiall the same thing PPTP does, but in a more secure and standard manner). -- Lamar Owen Chief Information Officer Pisgah Astronomical Research Institute 1 PARI Drive Rosman, NC 28772 (828)862-5554 www.pari.edu