|
||||||||
On Mon, Dec 22, 2008 at 2:53 PM, Quark IT - Hilton Travis <Hilton at quarkit dot com dot au> wrote: > G'day Michael, > > M0n0wall had previously included the OpenVPN code, however it was > removed (from memory) because of stability issues. Weird, I know, > because OpenVPN is used by a lot of others without issue, such as the > DD-WRT guys in their replacement OS for the Linksys WRT-series (and > others) router devices. > It was related to how m0n0wall works with OPT interfaces, it created problems. Don't remember specifically, but it created bugs. No one was interested in fixing it. I agree, that's the best option for SSL VPN. Though OpenVPN isn't what most people are after when they say "SSL VPN". Yes, it does use SSL, but most have had the marketing term "SSL VPN", or "clientless VPN" (utter garbage, there is no such thing) shoved down their throat by commercial vendors' marketing departments to mean something completely different. There are a couple open source SSL VPN with web based client distribution options (more technically correct description than "SSL VPN" or "clientless VPN", but it sure doesn't have a nice ring, eh?). But, they all require Java, which screams bloat and maintenance headaches. Java in and of itself is significantly bigger than all of m0n0wall, so I wouldn't expect to ever see that. Besides, you probably really don't want a SSL VPN with web based client distribution (ahem). Discussion of why here: http://www.mail-archive.com/support at pfsense dot com/msg13595.html -Chris |