Ok, decision is done. IPSec is the loser...

>But this one is really well written. Just walk through the examples given, trying them between any two machines, and you'll be an expert in no time.

Well, maybe you forgot that I got the first prize for the worst install of an Empeg in 2003. Also some hours of reading didn't make me feel better in IPSec (an I can tell about me that I'm not really the worst in networking). Anyway, it didn't make me happy.

Then, after maybe 4 hours of reading and brainstorming I decided to try out OpenVPN and this got me smiling just as soon as you can open the vi editor... It took me 0.32 seconds to understand OpenVPN for a bad quick and dirty but working solution.

I use debian so I don't want to comile all the stuff again:

apt-get install openvpn
openvpn --genkey --secret static.key
vi server.conf

Put this in:

dev tun
ifconfig 10.8.0.1 10.8.0.2
secret static.key

Save and copy the staic.key to the client machine.
Then, on the client machine:

apt-get install openvpn
vi client.conf

Put in:

remote server.rowi.net
dev tun
ifconfig 10.8.0.2 10.8.0.1
secret static.key

Save and:

openvpn client.conf

That's it! If the kernel has a TUN device (which almost should be), everything works and you can ping and pong from 10.8.0.1 to .2.

Just wanted to let you know. Comments welcome. Maybe I'll switch to IPSec but OpenVPN worked smarter.

Rolf