[CentOS] regarding vpn server for 1500 clients

Sat Dec 20 18:20:25 UTC 2008
Les Mikesell <lesmikesell at gmail.com>

Dhaval Thakar wrote:
>> If you could use a lower CPU intensive crypt like blowfish, it would be easier.
>>
>> Are all these trading partners in different locations or are there semi large
>> groups in the same locations?
>>   
> all these are end users.
> they connect software from home / offices.

Do they actually need a generic VPN?  If they only run a few 
applications you might be able to use https or similar ssl based 
connections and avoid the routing/addressing/MTU issues.  You can still 
use certificate based authentication in one or both directions if you want.

Also if the application(s) can be made to run over normal https (i.e. a 
web interface) you get the advantage of working though most existing 
proxies and firewalls, plus on the host end you have the option of 
scaling up with a load balancer that handles the ssl processing and 
reverse-proxies to a pool of backend servers.


-- 
   Les Mikesell
    lesmikesell at gmail.com