In an attempt to get 2 customers VPN’ed both being non-Profits, I had the privilege of buying a Mac-Mini to replace the Mac G5 they had that already had L2TP/iPSec working already. You turn it on set a password or two, allow the traffic through the firewall and … well it is done (its a Mac- that is why people are obsessed with them) .
The other customer likes Macs now too but their server is a Windows Based one – so now we can start from anywhere. So after a few consultations – it seems PPTP is the easiest to set up and use by everyone, but even MS does not recommend and favours iPSec – it now provides it as a client option natively.
Other questions I had were – do I install it on the server? As an endpoint through a router? As the router? PfSense is a clear winner as a router or endpoint for the price (just buy it preinstalled on an appliance was geek inc’s advice. But I have another close associate that LOVES OpenVPN and has had clients on it for years running successfully. Here is my journey and some GREAT links (remember – that is what this blog is all about – links for you and I to refer to and use)
PPTP’s claim to fame – and I have confirmed this. It is easy to set up. Even on a Mac server, with a little googling you turn it on, allow the port through the router, setup OpenDirectory add some users, set permissions and it is done.
L2TP/iPSec? My router allows all the ports, the protocols on those ports etc. But do you think I could get it to work? No way. At my client – it was straight forward, but either at home my iSP says no or the router has bugs or something (however it has EVERY option available to man kind and each required protocol is there!) Watch out for NAT Translation on both ends (client and server ends).
OpenVPN – one port, one protocol and you can choose common ports that are normally open at coffee shops like port 80 for example.
I am going to now include some links and finish this article later …
Some links:
- PPTP vs L2TP/IPSec vs OpenVPN – iVPN’s opinion – I read this after it was all done. I list it first. I concur.
- Good artlce about subnets, masks etc. and how it works.
- Download tunnelblick – the suggested Mac Client for OpenVPN
- Configuring/Setup HOWTO for OpenVPN for Windows
- but it applies for Macs too – JUST FOLOW THIS AND YOU WILL BE DONE QUICKLY
- bridge vs routed OpenVPN … Tap or Tun – how to make the decision
- read it 3x throughout the setup process – it is short
- the links at the top – read those first.