Assuming your WAN is mostly a star layout, then the centre of that star will
have the public IP and run the OpenVPN server, with all of the other sattelite
sites connecting to it. As it's UDP or TCP traffic, NAT isn't an issue where
it might be with other commercial products.
> 0) s/w is 'free' (although a donation would seem appropriate)
> 4) the software is open, so we are not tied to any single manufacturer, which ensures our future choices
I have to admit it was those two that sent me in the direction of OpenVPN in the first place. I'd looked at FreeS/WAN for some time, but (probably due to my lack of familiarity with IPSEC) decided against it. I've not looked back.
I don't think developer momentum is an issue, here. Note this thriving community of lovely people :D
As for expertise. If I'm being honest, I'm no expert. I'm far more frightened by commercial products with their bespoke protocols (or bespoke IPSEC implementations) and 4-figure price tags. I had to learn a bit about SSL/TLS to get 2.0 up and running but, other than that I've had no major problems.
Max Waterman wrote:
Just out of curiosity, is it common practice for Chinese ISPs to allocate addresses in private ranges? Here in the UK just about any basic business DSL connections (and many of the home ones) come with a static public IP address at no extra charge. Does the premium you mentioned make them expensive luxuries?
____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users