On Mon, 1 Sep 2003, Rafael 'Dido' Sevilla wrote: > On Mon, Sep 01, 2003 at 02:28:29PM +0800, cedie boyet alben benavente alteza EL > wrote: > > > > Good day to all!! > > > > What do you recommend as a VPN server? I only know FreeS/WAN but I heared > > there still problems with kernel 2.4.18-14 which is the current Redhat linux > > installed in my gateway. I only seen kernel pacth for 2.4.18-3. > > > > My clients would be, mobile clients and network clients. > > > > Any suggestion? > > That's it. Roll a custom kernel then, don't feel confined to 2.4.18-3 > unless there is a REAL need (e.g. naghahabol ka ng certification sa > Oracle). CIPE, well it's not exactly easier to set up than FreeS/WAN in > my experience, and you WILL need to compile a custom kernel to do it. > I simply cannot recommend the use of PPP over SSH, because of latency > issues (but it is acceptable in my mind to do so for a quick and dirty > setup). Don't even get started on PPTP... If you want to stick to the > binary kernels your distribution provides your choices are sorely > limited. > > If security is your prime concern, then I think FreeS/WAN is really the > only way to go. >
Rather than rolling with a custom kernel (and all the complications associated with it), i chose to stick with a totally userland VPN implementation, and it can be found at http://tinc.nl.linux.org It's udp based, openssl-based, uses the ethertap device, and totally agnostic to kernels as long as it support the tap/tun interface. I've been using it in production for almost two years now. The maintainer is also very patient, given the types of problems these kinds of software entail. -- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
