[nzlug] VPN/Tunnel software
Michal Ludvig
michal at logix.cz
Mon Oct 2 12:51:46 NZDT 2006
Simon Lyall wrote:
> I was wondering what people are using for VPN/Tunnel software?
OpenVPN
> 1. Debian/Ubuntu at both ends. Servers not desktops (ie not graphical)
Yes. Plus most other unixes and there is a Windows client as well.
> 2. I would prefer to use the most popular software rather than something
> obscure. Eg part of packages, plenty of howtos.
I believe it's popular enough.
> 3. Reasonable encryption.
Uses TLS - no homebrewed protocols involved.
> 4. Built in Traffic shaping would be a bonus.
Not sure about this. However it creates a new network interface on both
sides and tere you can probably set QoS.
> 5. Not too barebones (ie not just iptables).
It's command line but I found it quite user friendly with meaningful
error messages.
Plus:
- It can run over UDP or TCP and even over HTTP proxies.
- Can run in peer-to-peer mode or in a server-client mode where more
clients can connect to a single server.
- In peer-to-peer mode you only need a shared secret (password) to
authenticate eachther side, in server-client mode proper certificates
are used.
- The changing dynamic address of your server can be solved by e.g.
dyndns.org or a similar service. Then just put your machine name into
the config file (use config option "resolv-retry infinite" on the client
in this case).
HTH
Michal
More information about the NZLUG
mailing list