[CentOS] CentOS VPN server for iPhone

Thu Mar 26 19:44:27 UTC 2009
Les Mikesell <lesmikesell at gmail.com>

Florin Andrei wrote:

>>> The options are: L2TP, PPTP and IPSec. If you were to install a VPN 
>>> endpoint on CentOS, which protocol would you prefer?  
>> I know this doesn't answer your question as put, but it may be worth 
>> taking a different tack and supplying whatever services wrapped with 
>> SSL/TLS instead - I guess it depends exactly what you want the VPN for.
> What's driving it at this point is IMAP access. Sure, I could expose the 
> IMAP-over-SSL port to the Internet, but somehow that sounds even more 
> scary than using a second-rate VPN server. I am using Cyrus IMAPd, but 
> regardless, I just have a bad feeling about allowing everyone and their 
> dog to poke directly at the software holding all my emails.

If you have a decent password (on all accounts) I wouldn't worry about 
about it too much.  Move it to an odd port or even require a client 
certificate if your client software supports it.

The usual problem with IPSec is trying to make it work through a NAT 
router.   Does your server have a public address of its own?   SSL and 
OpenVPN can work through port-forwarding routers.

  Les Mikesell
    lesmikesell at gmail.com