Tech Opinion - What's the best way to make a VPN?
Date: 2007dec24 Updated: 2012feb29 Q. What's the best way to make a VPN? A. I think the best hope for a VPN is not make a VPN (Virtual Private Network) at all! Every organization needs to interact with outside entities. At that point the VPN breaks down. So use "Opportunistic Encryption" (OE). In other words, set up your servers/clients to encrypt where the other side can also. I have instructions for many services here: http://www.davekb.com/search.php?target=TLS Another good idea is adding KEY records in DNS to support Freeswan's opportunistic encryption. I suggest installing EFF's https-everywhere plugin for your browser: https://www.eff.org/https-everywhere/ More info: http://en.wikipedia.org/wiki/Opportunistic_encryption