Hi,
I would like to discuss some suggestions about VPN to multiple road
warriors.
So far we're using OpenVPN, but I want to change that or at maybe offer
L2TP/IPsec in addition to OpenVPN.
Playing around with npppd was straight forward and I was quite impressed
with it. Good job.
EAP-TLS would also be a very nice feature to have.
What I'm wondering is what you guys do to setup the ipsec path of the
tunnel.
One option is to use a unique pre-shared key for all clients. But this
is probably insecure since
it opens MITM attacks. Isn't it?
Best option would be is to use a PKI infrastructure for your clients.
Isn't that a pain in the ass for users (user registration, key
deliveries etc).
How do you guys manage this for best user experience and compatibility
with most OSes?
thanks
Giannis
