Jeffrey West
Level 1 (38 points)
Mac OS X

Q: Best VPN Server

I've been using the VPN server via Server 5.1. However, I've recently purchased an EdgeRouter POE, and I'm considering changing to its VPN. Can anyone offer Pros/Cons for one versus the other?

 

Thanks,

Jeff

Mac mini, OS X Server, null

Posted on May 2, 2016 4:45 PM

Close
Jeffrey West

Q: Best VPN Server

  • All replies
  • Helpful answers

  • by John Lockwood,

    John Lockwood John Lockwood May 3, 2016 3:26 AM in response to Jeffrey West
    Level 6 (9,349 points)
    Servers Enterprise
    May 3, 2016 3:26 AM in response to Jeffrey West

    I have no experience using the EdgeRouter and it took quite some digging to even determine it did VPN at all. It seems mainly focused on being an Ethernet to Ethernet router. However as stated I did eventually find a reference suggesting it can do the following VPN protocols.

     

    • IPSec Site-to-Site and Remote Access
    • OpenVPN Site‐to‐Site and Remote Access
    • PPTP Remote Access
    • L2TP Remote Access
    • PPTP Client

     

    Without downloading and reading the entire manual I do not know any more about its VPN capabilities.

     

    I can say that I have given up on Apple's own VPN server as it only supports L2TP and PPTP both of which these days are considered weak from a security point of view and neither of which can be used for VPN on Demand setups. I now use a Linux server running StrongSwan5 which can do

     

    • IKEv2 Site-to-Site and Remote Access
    • IPSec Site-to-Site and Remote Access

     

    Both being capable of doing VPN on Demand.

     

    IKEv2 is considered the most secure VPN solution currently. IKEv2 is supported using the built-in VPN client in El Capitan and iOS 9.

     

    StrongSwan5 does work with the built-in Apple VPN client and StrongSwan5 supports using SSL certificates, it also supports forcing all traffic via the VPN connection - a common requirement of corporate VPN setups.