[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] Re: advice

Assuming your WAN is mostly a star layout, then the centre of that star will have the public IP and run the OpenVPN server, with all of the other sattelite sites connecting to it. As it's UDP or TCP traffic, NAT isn't an issue where it might be with other commercial products.

> 0) s/w is 'free' (although a donation would seem appropriate)
> 4) the software is open, so we are not tied to any single manufacturer, which ensures our future choices

I have to admit it was those two that sent me in the direction of OpenVPN in the first place. I'd looked at FreeS/WAN for some time, but (probably due to my lack of familiarity with IPSEC) decided against it. I've not looked back.

I don't think developer momentum is an issue, here. Note this thriving community of lovely people :D

As for expertise. If I'm being honest, I'm no expert. I'm far more frightened by commercial products with their bespoke protocols (or bespoke IPSEC implementations) and 4-figure price tags. I had to learn a bit about SSL/TLS to get 2.0 up and running but, other than that I've had no major problems.

Max Waterman wrote:

By 'non-routable' I mean addresses in ranges such as 192.168.x.x and 10.x.x.x; our ISPs have given us addresses in the latter range, and (some of) our lans use the former range.

Just out of curiosity, is it common practice for Chinese ISPs to allocate addresses in private ranges? Here in the UK just about any basic business DSL connections (and many of the home ones) come with a static public IP address at no extra charge. Does the premium you mentioned make them expensive luxuries?




SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/
Openvpn-users mailing list

Openvpn-users mailing list