Small business VPN solution [closed]

I've been looking for a while but I'd like to to implement a vpn solution for anywhere from 1-5 employees at a time (possibly 10 in a year or so)

edit:

Basically I would like outside users to fire up a client or open a web page and be able to access things inside the company network (share drives / printers/ webapps /etc)

I've looked at Astaro Gateway but im not sure if that's the right tool for the job.

I know "best" is a subjective term so i would like to break it into to different suggestions

1) what is the cheapest solution given the criteria above

2) what solution will result in the least amount of headaches from the point of view of maintenance and learning curve.


Solution 1:

I recommend Astaro without reservation. It isn't free, but it is inexpensive. It uses the open source package OpenVPN for both IPSec and SSL VPN connectivity. The Astaro management interface is quite clear, and deploying the VPN is straight-forward. Plus, you get a very good firewall along with the VPN.

Q1 (Cheapest): Rolling your own is inexpensive if your time is considered free. If you are familiar with Linux, OpenVPN server is the "market leader". Windows can be a VPN server with no additional software on the server or on Windows clients, but I have never used it and would hesitate to because of my unwillingness to expose Windows to the internet.

Also, a similar question has an interesting answer .. flash the router with dd-wrt, an open source firmware that includes OpenVPN. Note that I recommended Astaro there as well!

Q2 (Least Headaches): Astaro is really easy to manage. I have also used Cisco and SonicWall VPNs and found them more difficult for the users and to administer. And, an Astaro appliance will be deployed and running in a tiny fraction of the time it will take to roll your own, or even to flash a router!

I think my opinion is clear!

Solution 2:

If you have skilled systems/network admins certainly OpenVPN can be the solution you are looking for. It will require the users to be provided with a certificate and a small client to be run on their clients.

One the certificates are created there is no maintenance needed during the product lifetime.

OpenVPN is free and well known, you could run a hardened, Linux box to host the server.

Don't forget the security aspects of having user connecting externally to your network.