7

I'm wondering what would be the best vpn solution for a linux server with windows, linux, and osx clients. I'm currently using openvpn but I find it difficult to set up and the windows client has given me more headaches than manually setting up a mailserver for the first time.

I have specific requirements for the clients. Some clients need to send their traffic through the vpn (laptops). Others only need to be able to be seen on the vpn but shouldn't be sending their traffic through the vpn (like the web server).

I would like to be able to use the Windows and OSX built in vpn clients if possible.

Are there other options available other than openvpn or am I doing something horribly wrong with openvpn?

epochwolf
  • 639
  • 3
  • 11
  • 16
  • 1
    You may find this other Q helpful: http://serverfault.com/questions/2422/how-can-i-create-a-non-ssh-vpn-on-debian-linux – Leon Sodhi May 01 '09 at 19:57

6 Answers6

13

OpenVPN is great. The client is not built into the OS though but I guess you can work that out. And its activly maintained so you can be sure that it will continue to work on all three OSs. If you could please add the problems you are having with openVPN? We have set up our VPN so we can do printing at home or remote connect to all our servers without them having to have any ports open to the public.

Thomaschaaf
  • 3,092
  • 5
  • 30
  • 24
  • +1 for just using OpenVPN. It's by *far* and away the easiest and most powerful VPN system I've used. IPSec is a configuration and interoperability nightmare. – womble May 01 '09 at 08:57
  • It's idd very good VPN software... but when configuring inside an OpenVZ container, it can take some time to figure out how to route the traffic, but hey, in the end, it works like a charm! – Sander Versluys May 01 '09 at 09:05
  • @epochwolf: you probably want to buy a book about openVPN.. There are great book about it out there.. – Thomaschaaf May 01 '09 at 10:43
  • Please comment why you don't like my decison – Thomaschaaf May 01 '09 at 17:54
  • There's also an OpenVPN GUI you can use under windows to manage configs/connections. – Scott May 05 '09 at 12:55
  • We use the OpenVPN GUI. It works great. We created a custom installer with the Nullsoft Installer to create our default config and to launch the certificate generator with certain default values. – palehorse Jun 16 '09 at 21:31
3

Windows and OS X have built in support for L2TP/IPsec, for which there are many server daemons available.

Sophie Alpert
  • 1,639
  • 1
  • 13
  • 16
  • The problems I've had with L2TP/IPsec is that frequently laptops end up behind random routers that don't pass L2TP. – pjc50 Jul 24 '09 at 09:46
1

If you choose OpenVPN, server and user settings etc handling might be a bit of hassle. So you might be interested to use one of these as the main OpenVPN server base:

raspi
  • 811
  • 1
  • 9
  • 21
1

You'll probably want to look into PPTP. Windows and Linux both have servers for it and just about every OS has a native client (most phones and other devices too).

Gary Richardson
  • 1,827
  • 3
  • 20
  • 21
  • PPTP is not a secure protocol, so be sure you balance the pros and cons befor you decide on PPTP. – Astra May 01 '09 at 18:31
0

Did any of you read the original post? He is already using openvpn. I'd suggest you check out pptp and give the security concerns some consideration.

  • It's like when someone asks how to setup a telnet daemon and everyone responds, "use ssh!" OpenVPN really is one of the best solutions out there for this and supports Linux, BSD, OSX, and Windows clients with little setup. The fact that it's not working is sorta strange and people naturally are trying to fix the problem rather than move to a less capable system. I've tried most of them and vastly prefer OpenVPN. – kashani Jun 15 '09 at 05:00
0

I'll say the same thing here that I said for How can I create a non-ssh VPN on debian/linux? :

xl2tpd is in Debian. It's a server for L2TP IPSec VPN. Windows supports L2TP natively. Alternatively, you can use OpenSwan (also in Debian) to set up IPSec.

I know you want to focus on built-in clients, but take a look at OpenVPN just the same. It's cross-platform and easy to set up and deploy. It's also extremely secure and flexible at the same time. I tried to set up xl2tpd and went with OpenVPN instead.

Community
  • 1
Magus
  • 911
  • 6
  • 7