Dave's Brain

Browse - Tech Opinion - What's the best way to make a VPN?

Date: 2007dec24
Updated: 2012feb29

Q.  What's the best way to make a VPN?

A.  I think the best hope for a VPN is not make a VPN (Virtual
Private Network) at all!  Every organization needs to interact with
outside entities.  At that point the VPN breaks down.
So use "Opportunistic Encryption" (OE).  In other words, set up your
servers/clients to encrypt where the other side can also.

I have instructions for many services here:
http://www.davekb.com/search.php?target=TLS

Another good idea is adding KEY records in DNS
to support Freeswan's opportunistic encryption. 

I suggest installing EFF's https-everywhere plugin for your browser:
https://www.eff.org/https-everywhere/

More info:
http://en.wikipedia.org/wiki/Opportunistic_encryption

Add a comment

Sign in to add a comment
Copyright © 2008-2017, dave - Code samples on Dave's Brain is licensed under the Creative Commons Attribution 2.5 License. However other material, including English text has all rights reserved.