John wrote: >> -----Original Message----- >> From: centos-bounces at centos.org >> [mailto:centos-bounces at centos.org] On Behalf Of Les Mikesell >> Sent: Saturday, December 20, 2008 1:20 PM >> To: CentOS mailing list >> Subject: Re: [CentOS] regarding vpn server for 1500 clients >> >> Dhaval Thakar wrote: >> >>>> If you could use a lower CPU intensive crypt like >>>> >> blowfish, it would be easier. >> >>>> Are all these trading partners in different locations or >>>> >> are there semi large >> >>>> groups in the same locations? >>>> >>>> >>> all these are end users. >>> they connect software from home / offices. >>> >> Do they actually need a generic VPN? If they only run a few >> applications you might be able to use https or similar ssl based >> connections and avoid the routing/addressing/MTU issues. You >> can still >> use certificate based authentication in one or both >> directions if you want. >> >> Also if the application(s) can be made to run over normal >> https (i.e. a >> web interface) you get the advantage of working though most existing >> proxies and firewalls, plus on the host end you have the option of >> scaling up with a load balancer that handles the ssl processing and >> reverse-proxies to a pool of backend servers. >> > --------- > Just out of my own curriosity have you gave the thought of using deadicated > or virtual circuits for the VPN implimentation? Like Frame Relay or ATM? Are > you passing off the connections to a secondairy network access server? Or > how do you plan on rolling this out, configuration wise? > have you and FR or ATM rollout experience? Mine is 15 years old and it was NOT for end user applications. Small offices was hard enough.