Edward Ned Harvey wrote: > Installing the openvpn client on the pc is ... slightly more complex than > the average installer, but not horrible. You run an installer, and then > you'll need some config files and keys specific to your client. It's pretty > easy to distribute the config files etc in a self extracting zip file, but > the config file must specify the name of the VPN adapter, and there's no way > (that I know of) to predict whether the installer created the new adapter > "Local Area Connection" or "Local Area Connection 2" or 3, or 4, or what. > So the only complicated part of the install is... I find it's easiest to > unconditionally rename the new adapter to something like "openvpn adapter." > Easy for me, but a little much for a widespread company deployment. I don't > know any way to automate that particular step.
I just had "dev tun" and did not define "dev-node". Worked great. It found an available tun device. > Cisco VPN client is more secure than openvpn, for the following reasons: > Openvpn uses preshared keys. If the keys were exposed, then anybody could > connect. I normally configure my cisco vpn server to first require a > preshared key (silently automatically in the background) and then prompt for > username / password of an active directory user. I used certificates for my users, no pre-shared keys except for the "tls-auth" which is pretty much equivalent to the Cisco group password. -- END OF LINE --MCP _______________________________________________ Tech mailing list Tech@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/