wuench
Senior Member
PFSenses VPN page gives a good explanation of VPN options. If you go with IPSec you can use the built in OS VPN client on Android, IPhone, Windows, etc. Pretty much any client will support IPSEC natively. OpenVPN is an SSL VPN and you need to load software on some clients (as mentioned, you do not need PFSense to run OpenVPN, that can be loaded on DDWRT or a Linux/Windows server).
https://www.pfsense.org/about-pfsense/features.html#vpn
One other thing to consider is access from a client perspective. SSL is pretty much going to be open outbound no matter where you are, a company, hotel, etc. They usually allow you to access HTTPS/SSL websites so port 443 is opened. It is more difficult to restrict, mostly you may just see your tunnel timeout a lot due to inactivity. IPSEC or SSH is not always opened outbound to the internet for security reasons and all they need to do is block the ports. I would say most companies of a reasonable size block IPSEC and many block SSH by default as well.
I really wish SSLExplorer/Adito hadn't gotten bought out, it was a really great solution as a free open source SSL VPN with a Java based client, no software to install. But unfortunately it is no longer maintained. OpenVPN is probably the best SSL VPN option available these days.
https://www.pfsense.org/about-pfsense/features.html#vpn
One other thing to consider is access from a client perspective. SSL is pretty much going to be open outbound no matter where you are, a company, hotel, etc. They usually allow you to access HTTPS/SSL websites so port 443 is opened. It is more difficult to restrict, mostly you may just see your tunnel timeout a lot due to inactivity. IPSEC or SSH is not always opened outbound to the internet for security reasons and all they need to do is block the ports. I would say most companies of a reasonable size block IPSEC and many block SSH by default as well.
I really wish SSLExplorer/Adito hadn't gotten bought out, it was a really great solution as a free open source SSL VPN with a Java based client, no software to install. But unfortunately it is no longer maintained. OpenVPN is probably the best SSL VPN option available these days.