Am Mon, 16 Apr 2012 22:35:16 +0300
schrieb Kostas Zorbadelos <[email protected]>:
> if this has been discussed in the past, forgive my asking and please
> point me to the archives. I am interested in building a server VPN
> solution for a sensitive corporate LAN. The use case is travelling,
> roaming users who just want a secure access in the corporate LAN. I am
> not interested in permanent VPN setups (for which I guess IPSEC
> tunnels would be more appropriate).
We are running OpenVPN on OpenBSD-servers for roaming users AND for
site-to-site-connections for approx. 5 years now. Only tcp, no udp.
Roaming users use WinXP, Vista, Win7, Ubuntu and opensuse with
certificates ("managed" by easy-rsa).
Site-site-connections use OpenVPN-static-keys (and non-standard-ports,
of course).
Runs pretty stable, even if a link is temporary overloaded or if the
UMTS-connection gets interrupted by a railway tunnel... ;)
The only thing that doesn't work well, is OSPF over OpenVPN, but maybe
this is only due to the really old release of one of the
OpenBSD-Servers.
Regards,
Tobias.
