[CentOS] regarding vpn server for 1500 clients
Les Mikesell
lesmikesell at gmail.com
Sat Dec 20 18:20:25 UTC 2008
Dhaval Thakar wrote:
>> If you could use a lower CPU intensive crypt like blowfish, it would be easier.
>>
>> Are all these trading partners in different locations or are there semi large
>> groups in the same locations?
>>
> all these are end users.
> they connect software from home / offices.
Do they actually need a generic VPN? If they only run a few
applications you might be able to use https or similar ssl based
connections and avoid the routing/addressing/MTU issues. You can still
use certificate based authentication in one or both directions if you want.
Also if the application(s) can be made to run over normal https (i.e. a
web interface) you get the advantage of working though most existing
proxies and firewalls, plus on the host end you have the option of
scaling up with a load balancer that handles the ssl processing and
reverse-proxies to a pool of backend servers.
--
Les Mikesell
lesmikesell at gmail.com
More information about the CentOS
mailing list