Date: 2007dec24
Q. What's the best way to make a VPN?
A. I think the best hope for a VPN is not make a VPN (Virtual
Private Network) at all! Every organization needs to interact with
outside entities. At that point the VPN breaks down.
So use "Opportunistic Encryption" (OE). In other words, set up your
servers/clients to encrypt where the other side can also.
I have instructions for many services here:
http://www.davekb.com/search.php?target=TLS
Another good idea is adding KEY records in DNS
to support Freeswan's opportunistic encryption.
More info:
http://en.wikipedia.org/wiki/Opportunistic_encryption
Add a comment
Sign in to add a comment