John wrote:
>> -----Original Message-----
>> From: centos-bounces@xxxxxxxxxx
>> [mailto:centos-bounces@xxxxxxxxxx] On Behalf Of Les Mikesell
>> Sent: Saturday, December 20, 2008 1:20 PM
>> To: CentOS mailing list
>> Subject: Re: regarding vpn server for 1500 clients
>>
>> Dhaval Thakar wrote:
>>
>>>> If you could use a lower CPU intensive crypt like
>>>>
>> blowfish, it would be easier.
>>
>>>> Are all these trading partners in different locations or
>>>>
>> are there semi large
>>
>>>> groups in the same locations?
>>>>
>>>>
>>> all these are end users.
>>> they connect software from home / offices.
>>>
>> Do they actually need a generic VPN? If they only run a few
>> applications you might be able to use https or similar ssl based
>> connections and avoid the routing/addressing/MTU issues. You
>> can still
>> use certificate based authentication in one or both
>> directions if you want.
>>
>> Also if the application(s) can be made to run over normal
>> https (i.e. a
>> web interface) you get the advantage of working though most existing
>> proxies and firewalls, plus on the host end you have the option of
>> scaling up with a load balancer that handles the ssl processing and
>> reverse-proxies to a pool of backend servers.
>>
> ---------
> Just out of my own curriosity have you gave the thought of using deadicated
> or virtual circuits for the VPN implimentation? Like Frame Relay or ATM? Are
> you passing off the connections to a secondairy network access server? Or
> how do you plan on rolling this out, configuration wise?
>
have you and FR or ATM rollout experience? Mine is 15 years old and it
was NOT for end user applications. Small offices was hard enough.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
