Re: VPN over slow Internet connections

[Steven Bellovin <smb () cs columbia edu>]

On Apr 21, 2011, at 4:31 32PM, Phil Regnauld wrote:

> Steven Bellovin (smb) writes:
> > I should note: IPsec, being datagram-based, will also work well.  PPTP,
> > which runs over TCP as far as I know, will suffer all of the ills I just
> > outlined.
>
>       PPTP uses 1723/tcp for control, but the tunneled traffic is GRE,
>       so that would work fine as well.

Ah, thanks for the correction.
> > If you do it correctly, a VPN is actually better: you can assign a
> > static internal IP address to each certificate.  If the modem connection
> > drops, when you reconnect the applications will still have the same
> > IP address, so their connections won't be interrupted.
>
>       Absolutely, that's the case with OpenVPN, if you assign static IPs to
>       each profile.  PPtP can do this as well, for instance using MPD.
>       Very big advantage in fact.

Yup, I've done this myself with OpenVPN.


                --Steve Bellovin, https://www.cs.columbia.edu/~smb