Tech Opinion - What's the best way to make a VPN?
Q. What's the best way to make a VPN?
A. I think the best hope for a VPN is not make a VPN (Virtual
Private Network) at all! Every organization needs to interact with
outside entities. At that point the VPN breaks down.
So use "Opportunistic Encryption" (OE). In other words, set up your
servers/clients to encrypt where the other side can also.
I have instructions for many services here:
Another good idea is adding KEY records in DNS
to support Freeswan's opportunistic encryption.
I suggest installing EFF's https-everywhere plugin for your browser: