OpenVPN rocks

It has to be said, OpenVPN rocks! Forget all those proprietary VPNs you have to buy client licenses for, or the compromised Windows PPTP VPN you might get if you have Windows Server. Besides many of those just wont work when you're in an Internet Cafe because people will either block the VPN traffic or worse still the router will only allow one VPN connection through dropping the current connection as new ones come along.

Instead I use OpenVPN based on tried and test SSL technology. If SSL is good enough for banking transactions then it should be good enough to access your home network remotely... Well it is for me.

Today I installed my third OpenVPN network and everything went great. My only beef is that the server side set up requires a bit more work than is really necessary for the 95% case, but once you know what you're doing its really just bashing commands in and editing some config files in obvious places.

I've been using OpenVPN in bridged mode because it avoids having to deal with adding routes between the VPN and your current network. Plus for the average home or small business use its just to difficult to explain why they can't browse their target network just like they were at home or in the office. Performance is not the big issue here, its all about simplicity.

Yes there are competing solutions - you can get a VPN router, all the standard consumer network manufacturers sell them: DLink, Netgear, LinkSys etc. However they are both extremely confusing for the average person to configure (so you might as well use OpenVPN which isn't really any harder) or require client licenses for each remote user (so you might as well use OpenVPN which is free). The only advantage of a router based system is you don't have to have a machine permanently on to access your home network. But then if only your router is powered on what use is remote access? (Except perhaps to do wake-on-lan type operations).

You could also use one of these web based remote access technologies that offer encrypted access e.g. GoToMyPC. While these have the advantage of no software install on the remote client (OpenVPN requires an admin install of software), just browser access. However these companies certainly charge for the privilege, often $20 per PC per month and up - quite a hefty fee if all you want is occasional access - but maybe justifiable to the average business traveller. However, if you are a business traveller don't you have your laptop with you? In which case why be limited by a web based interface? With OpenVPN you can get on your network, mount network drives, browse shared folders, printers, cut and paste, remote desktop to your machine and do anything the web based systems can do - all for nothing.

So as far as I'm concerned OpenVPN rocks! And guess what it works on Linux/BSD, Windows and Mac platforms. Plus there is a version for Windows Mobile devices in the works so I'll even be able to VPN in from my humble TMobile MDA device and talk directly to my LAN Sweet! (I expect I'll have to use non-bridge mode for that :-()