Re: Wireless VPN from WRT54GL?

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MM\Dazed_75 at <-
MMMAlan Dayley at ->
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Kurt Granroth
Date:  
To: Main PLUG discussion list
Subject: Re: Wireless VPN from WRT54GL?
Alan Dayley wrote:
[big snip]
> Comments and Questions about the above:
>
> 1. Running the VPN in the access point seems the least likely to
> complicate or disturb the wired network.

I agree. I had this exact scenario setup for awhile with OpenVPN *but*
with a Linux 'server' rather than a WRT. However, I've got a WRT54g and
I'm in middle-planning stage of setting that up just as you describe.

> 2. What firmware distribution is best for running a VPN (ipsec or other)
> in the wireless router?

It used to be all about OpenWRT but lately, all the buzz seems to be
around DD-WRT. I see article after article about setting up this and
that with DD-WRT but only rarely do you see such articles for other
firmware upgrades.

I think this is because DD-WRT ships with so much by default (including
OpenVPN) and has some nice web screens for configuring quite a bit of it.

> 3. What client VPN software, especially for the Windows users, is
> recommended? OpenVPN (http://openvpn.se/) looks good but needs to work
> with whatever VPN server is in the access point.

Yeah, definitely OpenVPN. Simple (relatively speaking) to setup, comes
with DD-WRT, and has clients for everything under the sun.

> 4. Any other tips?

Have you done performance testing with a simple peer-to-peer OpenVPN
setup over wireless and are you satisfied with the performance? I ask
because when I first set things up before, I wanted it configured so
that the *only* way you could get on the wireless network is through
OpenVPN. That is, no easily crackable WEP or WPA connections. What I
found, though, was that the added encryption layer over wireless, unless
the signal strength was top-notch, was actually pretty noticeable. I
eventually turned if off for "normal" laptop use (email, web browsing,
etc) since anything I care about in that realm is already encrypted at a
client layer. I still have it for those cases where it's a pain to
tunnel protocols through stunnel or ssh (like AppleShare or RDP).

Kurt

---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

This message was posted to the following mailing lists:
Plug Discuss
Mailing List Info | Nearby Messages		<-Re: Wireless VPN from WRT54GL?Re: Wireless VPN from WRT54GL?->
Some Mailing List Archive administrated by UnconfiguredLurker (version 2.3)