[CentOS] regarding vpn server for 1500 clients
rgm at htt-consult.com
Tue Dec 23 18:42:36 UTC 2008
Bernard 'Tux' Lheureux wrote:
> Matt wrote:
>>> I have to build vpn server for 1500 clients. No encryption necessary.
>>> can anyone please recommend me vpn server.
>>> Have you looked at Mikrotik.com router OS? It has PPTP server. Very
>>> fast and easy to setup
> But PPTP is very weak in terms of security...
> IPsec or SSL VPNs should be used to ensure security on the VPN connections
The OP did not want per packet encryption. Did not even want per packet
authentication. Just tunneling. ERGO something like PPTP.
Of course if the Linux implementation of the PPTP server is so
ineffcient (written in PERL), that you have to buy a PPTP server, now
you have to compare it to an IPsec or SSLVPN server.
I have never liked the SSLvpn architecture. Never really liked the SSL
handshake; just too chatty. I wear my biases quite plainly on my arm
sleeve (I chaired the IPsec workgroup during the time the RFCs came
out). You want security, go with IPsec. Even ESP NULL gives you per
packet authentication and thus proof of server and client. Just pay the
price for IKE, which I never liked. Part of the reason I invented HIP....
Of course if the OP goes with an SSL application, and moves away from
tunneling, then YES just go with SSL on the server and add an SSL
More information about the CentOS