On Thu, 22 Oct 2009, Joseph L. Casale wrote: >> the best way is to use ssl-vpn rather than ipsec, via OpenVPN. >> Its a breeze to install and configure compared to most any other >> VPN, quite easy for the server to push routing rules to the >> clients, etc. > > I'll second the OpenVPN reco, I just migrated off a Cisco PIX to > this and it is the most configurable, and stable thing I have seen > in ages. I have connections from both Linux and Windows machines > that sustain for several days without a single hiccup whereas the > PIX would often suffer from non recoverable transient errors that > tanked the connection. Macs work well too in an OpenVPN environment. You can compile it up yourself (or via MacPorts) or use Tunnelblick: http://code.google.com/p/tunnelblick/ Note that OpenVPN and Vista aren't necessarily quick to work and play well together. They can do it, but some coaxing is often necessary. XP, otoh, works great. On Linux, I like running OpenVPN as a standard daemon, but there's also a NetworkManager plugin that mostly works as advertised. -- Paul Heinlein <> heinlein at madboa.com <> http://www.madboa.com/