|
|
Hi, I've just started looking at OpenVPN a couple weeks ago. After reading all the great info available and looking over the mailing list archives some, I've got some questions and want to make sure I'm not missing anything. I have to figure out vpn access for a client that currently has about 50 road warriors. They might have 100 by the end of the year. At some point, moving to a dedicated vpn appliance or integrated firewall solution makes sense, but for now, they want to look into what else is available. Is OpenVPN going to work for this many clients? It looks like I'd need 50-100 tapx interfaces on the linux box (endpoint of the vpn). Is that going to kill the box? Adding an SSL accelerator card would be an option if the vpn works out ok. The clients are almost exclusively windows typically 2K or XP. What would the best way to go about this be? I believe I would need to use tap interfaces, for the Windows support. It also appears that I could use dhcp on the server to hand out address information. I could use certificates for each client to authenticate to the linux server. All traffic can go over udp (or tcp) port 5000. Is that all correct? The issue they've had with IPSec before has to do with hotel networks not letting the traffic through. Because OpenVPN is using a higher level protocol, this shouldn't be a problem. Comments and suggestions welcome, Thanks, Skeeter
|