On Mon, Jun 05, 2006 at 01:14:15PM -0700, Spruell, Darren-Perot wrote: > From: [EMAIL PROTECTED] > > WEP is pretty much out, WPA isn't supported, IPSec is probably too > > complicated for the general public to get going, and that's about > > it. If I can't do it in OpenBSD, I may have to use a > > separate access > > point, but I'd rather keep it all in one box. > > > > Any suggestions here? > > OpenVPN is a fairly good choice for this. Strong crypto options, very > minimalistic configurations can be used on both the client and server side > of things, support for address pools, X.509 certificate authentication or > static keys, works with NAT, and clients avaiable for popular platforms.
Just another vote for OpenVPN, i use it here at home, and it works fine (well, except for the occasional iwi fatal firmware errors). It's pretty easy to set up, there are a few articles to be found in google on setting it up especially for this case (with and without authpf). Another option would be the newly added VPN features of OpenSSH. Of course that would require a version of OpenSSH with VPN support on your clients as well as your gateway. Regards, Jochem Kossen
