Hi,
I have been looking into this for some time, but there is so many
different setup possible that unless you have one and are force to
continue using it, one wouldn't know witch way to go.
I try to keep it as simple and clean as possible, so if you start with a
clean sheet and no restrictions on use, what would you suggest to go with.
Requirements are to sadly connect Windows users back to a network and I
want that box to be OpenBSD, or multiples OpenBSD boxes to get full
network access from these connections. Multiple at once and I try to
keep the management of the users as simple as possible.
I guess using the pptp client from Windows, or their remote office
built-in XP. I have to say, last time I use any Microsoft PPTP client
was about 12 years ago in the NT 4 service pack 6. That's how old it
was. I only use ssh, putty if needed at time from Windows and that's all
I need.
I think you could say, it's time to come to sync with todays needs for
Windows I guess.
What would you suggest to use if any choice is possible? I know OpenBSD
redesign the ipsec, but is that the best way now? Looks like many users
still use OpenVPN, and a bunch of others. I am a bit at a lost as if
that's best, why so many variation in use still today in the archive and
why one would go that path. I would love the "KISS VPN" I guess. (;>
Even connecting office together, I see many different choices in the
archive.
Three needs, providing access to remote Window users, browser, etc.
And if possible in some cases providing specific network access via VPN
(tunnel, or what not) to remote office.
Last, would be to provide streaming access via a secure gateway like
proxy or the like to traveling users.
The solutions for each one could be different, but using the same setup,
or part of it anyway would obviously be better.
The goal is the minimize the impact and most importantly support and
problem on the remote Windows users, witch I admit, may not be that
easy. (;>
There is so many different choices and ways to do this now, witch one
would you recommend if today you could start with a clean sheet and not
have to be stuck with legacy setup?
Many thanks for the suggestions.
Daniel