VPN Recommendations

[scap1784]

I need to set up a VPN solution for my home. I will have both linux and windows clients. I have looked at some of the IPSec vpn solutions but found them to be very combersome to set up. I was wondering what other people were using and if there are any really good how to's that have helped along the way.

I would like to not have to install a client on the windows clients but rather use the one that comes with windows.

[tgh]

I'm in a similar boat (moving from a Win2000 PPTP server at our office to something more modern).

Right now, we're probably going to go with OpenSWAN using x509 certificates. NAT-T traversal was a key requirement for us. Doesn't require a client on Win2K or WinXP, but offers a client for older machines (Win9x, WinME). Plus it works with OS X (later versions).

We also looked at OpenVPN (SSL-based VPN) but the pre-2.0 client was a bit rough around the edges for Windows. There's possibly a way to do it with SSH, but most solutions only map a single port across the firewall (and we need a general purpose tcp/ip tunnel). PPTP is no longer an option because of security issues.

I'll be (hopefully) configuring this on the test system at home this week. Depends on when I have time (the install at the main office isn't until October). Some links that might serve you well are:

http://www.jacco2.dds.nl/networking/freeswan-panther.html
http://www.jacco2.dds.nl/networking/win2000xp-freeswan.html
http://www.jacco2.dds.nl/networking/msl2tp.html

Those have been updated in the last few months, so should be pretty current. I have them printed out my desk for later review.

[kashani]

Set the same thing up recently with OpenVPN 2.0.7 on Linux server with the same version for the Linux and WIndows clients. Works like a charm. The NAT traversal stuff with OpenSWAN never seemed to work though I wasted close to two days on it.

kashani
_________________
Will personally fix your server in exchange for motorcycle related shop tools in good shape.