Which VPN is right choice for me???
-
If your users only need to browse the web with the work public IP then SSH is the best solution. If the users need to access more than the web than you will need a VPN.
-
OpenVPN is probably the simplest, cross platform, VPN solution.
Use UDP with OpenVPN - you only use TCP when the client has to connect to the VPN server through a web cache (proxy server) - when they cannot connect direct. Using TCP can lead to major performance issues.
-
PPTP is easy to set up and is included in almost every desktop OS. It's much easier than OpenVPN and SSH (though SSH is an excellent choice if you're into scripting!). The drawbacks of PPTP are that it doesn't work if you have poor connection quality, and it doesn't work through Sprint's cellular service. It works fine with Verizon and AT&T.
-
PPTP is easy to set up and is included in almost every desktop OS. It's much easier than OpenVPN and SSH
In 2.0 openvpn is as easy to setup than pptp, atleast imho. but you're right about pptp that it is widely supported from out-of-box
-
Is OpenVPN a better solution than the L2TP? We are an all Mac shop and I see L2TP is "built-in" to Mac OS X.
What are the differences?
If I want to use OpenVPN, then do my clients need to download 3rd party code?
-
-
Touche!
I am looking for a relatively simple deployment. Since all my clients are using Apple, I figured L2TP since it is built into the OS.
I would prefer OpenVPN for overall "awesomeness" (mainly the quicker speed) – BUT, I can't seem to find a simple (and free) Mac OpenVPN Client (software) package which is easily installed by my "less technical" users.
Suggestions?
-
I've used TunnelBlick before and it, to me, seemed ok. I've never used Viscocity - not having a Mac I've little experience. The OpenVPN mailing list may be a better place to get feedback.
All of it probably depends on how much you can package/automate and how much the end user has to do.
-
Right, I want the end user experience to be simple download of .dmg (.exe equiv) and install, run, enter creds = WORKING VPN.
-
You can do that with OpenVPN's access server, but not with the open source version. It may be that L2TP is simpler for your users.
-
Viscosity works nicely and has the config export. It doesn't pre-package it into a dmg but it's easy to get the dmg + export to the user.
