VPNs.

[Ken D'Ambrosio]

Hi, all.  Over the years, I've had to use various VPN solutions, none of
which were terribly satisfactory: PPTP isn't very secure, PPP-over-SSH
solutions have some inherent problems, IPSec, while VERY secure and
flexible, is almost TOO flexible: clients vary wildly in both how they are
configured, and what features they support, and setup can be a real PITA.

Then, there's OpenVPN.  (www.openvpn.net)  It's the coolest thing since
sliced bread.  It uses SSL as its encryption protocol, defaults to a given
port (1194), but you can use most any port (which is a handy way of
getting out of sites where, say, everything except port 80 is blocked --
it even has a way to traverse proxies!), runs -- both client and server --
on Linux, 'doze, even Mac OS-X, has all sorts of configuration options
(eg., ways to see subnets behind clients, ways to push routes, the ability
to push DNS configuration info, etc.), blah, blah, blah.  The config files
are nicely commented, the site has good documentation, it's a treat.  You
can even support multiple config files on a given client, allowing you
access to multiple VPNs simultaneously (just make sure their address
spaces don't step on each other).

It's nifty.  If you're looking for an inexpensive, functional, flexible --
and, yes, secure -- VPN solution, it's what you want, plain and simple. 
Installation can be a little intimidating, and probably isn't for the
newbie, but the docs really are very good.  They aren't perfect, but a
reasonably competent admin will be able to read between the lines in the
relatively few spots where that's needed.

All this, and I'm not even taking kickbacks.

-Ken

P.S.  Note that 1.6 -- the previous major release -- had several
limitations that kept it from being a good all-around solution.
Fortunately, I started using OpenVPN in the 1.9/2.x timeframe, and those
problems have been addressed.  If you've tried before and it didn't do
what you needed, look again.