On 08 Dec 15:47, Laurie Brown wrote:
Brett Parker wrote:
On 08 Dec 14:47, Mark Rogers wrote:
[SNIP]
- Setup a VPN between the mail server and the exchange server, and
deliver to the VPN address. This seems like the "best" option although I have no idea whether it is practical having never tried it. I'd assume OpenVPN as the best VPN solution? I also don't know how well it would scale if I want to then do this with lots of other sites?
That'd be the way that I'd go. They've then got a "static" ip on a private network to you (and yes, I'd set the vpn up to be static for that).
If you've got windows at one end, and linux at the other, using OpenVPN is probably your best bet.
I'd do the same: OpenVPN is goodness. Note too that Netgear DG834G or similar (some Linksys or Draytek models IIRC) support IPSEC VPN endpoints, so if you have an IPSEC endpoint-enabled modem/router at each end, you're sorted (but OpenVPN doesn't support IPSEC).
In either case, in the event of an outage you'll have changing IP addresses at the remote end, one of which will almost certainly be dynamic (3G), so you'll need to use dyndns or similar as well. Also, by using dyndns, you could dispense with the VPN, as your server will always be able to find the remote address.
It's even better than that, because you're also not likely to have an external IP at all on 3G, vodafone 3G sticks, in my experience, tend to throw you in to a nat'd 10.0.0.0/24 address space.