Florin Andrei wrote:
>>> The options are: L2TP, PPTP and IPSec. If you were to install a VPN
>>> endpoint on CentOS, which protocol would you prefer?
>> I know this doesn't answer your question as put, but it may be worth
>> taking a different tack and supplying whatever services wrapped with
>> SSL/TLS instead - I guess it depends exactly what you want the VPN for.
>
> What's driving it at this point is IMAP access. Sure, I could expose the
> IMAP-over-SSL port to the Internet, but somehow that sounds even more
> scary than using a second-rate VPN server. I am using Cyrus IMAPd, but
> regardless, I just have a bad feeling about allowing everyone and their
> dog to poke directly at the software holding all my emails.
If you have a decent password (on all accounts) I wouldn't worry about
about it too much. Move it to an odd port or even require a client
certificate if your client software supports it.
The usual problem with IPSec is trying to make it work through a NAT
router. Does your server have a public address of its own? SSL and
OpenVPN can work through port-forwarding routers.
--
Les Mikesell
lesmikesell at gmail.com