[CentOS] Optimal VPN

Wed Nov 24 18:05:46 UTC 2010
Bill Campbell <centos at celestial.com>

On Wed, Nov 24, 2010, John Hodrien wrote:
>On Wed, 24 Nov 2010, Bill Campbell wrote:
>
>> We use OpenVPN for most things, and pptp (poptop) for connections
>> where the OpenVPN client's aren't available (e.g. iPad, iPhone,
>> iPod Touch).
>
>Is there anything to make you choose pptp over IPSec?  There are a number of
>issues with PPTP that'd make me push it down my list of ideal VPNs.

Yup.  I've never been able to get IPSec and OpenVPN working
together on a Linux box.  Perhaps it's brain-fade on my part, but
I have spent quite a bit of time trying.

I have read that the original arguments about kindergarten
cryptography from Microsoft in PPTP are not as valid as they once
were, and we're not running it from Windows clients in any case,
they're all using OpenVPN clients.

The only place I'm currently running PPTP is from my iPad with
iSSH to connect to our network.  Any other connections I might
need to make from the iPad are done with another ssh connections
that originates from our LAN, not direct from the iPad.  Other
connections via the PPTP VPN are encrypted IMAP/SMTP connections
to servers on the private side of our network.

Bill
-- 
INTERNET:   bill at celestial.com  Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/  PO Box 820; 6641 E. Mercer Way
Voice:          (206) 236-1676  Mercer Island, WA 98040-0820
Fax:            (206) 232-9186  Skype: jwccsllc (206) 855-5792

Microsoft IIS has more holes than a wheel of Swiss Cheese after a shotgun
blast -- John Dvorak