iPad & VPN
I have an iPad and am looking at getting a Linode (I used to have one previously) for multiple uses.
What I would like to be able to do is setup a VPN on a Linode, to which the iPad could then connect to when I'm not in the UK or an a public network.
What I would like to know is if someone has has some experience of this and what VPN service they have used on their Linode.
If I remember correctly, I followed this tutorial (feel free to replace the "nano" commands with your editor of choice):
Originally cracked way back in 1999, with minor "fixes" over time that made it marginally "less cracked" but still not secure, and then recently totally cracked once again (via ChapCrack and other tools).
MS has no interest in maintaining MS-CHAPv2 and no security person worth there chops would even consider using it.
That said, security is always a tradeoff. How much is "good enough" depends on what you're protecting. You don't install a million dollar safe to protect a hundred thousand dollar ring.
OpenVPN is nice, but it doesn't solve the OP's problem, since it's not natively supported by iOS.
Valid options are:
Juniper JunOS Pulse (via app)
Cisco AnyConnect (via app)
The PPTP and L2TP options support RSA SecurID or CryptoCARD as an alternative to MS-CHAPv2
iOS does support third party (non-integrated) VPN solutions via an API, hence the two apps I listed. However, the API is undocumented, and only available to vendors on invitation. This is why there is no OpenVPN client despite it being technically possible without jailbreaking.
I've used VPN on iOS before (and android) L2TP/IPSec works well on the server side I use openswan. The downside is you're stuck to using set ports which are often blocked unless you pay to have VPN access in hotels/airports etc.
Using the VPN over a proxy (which seems to be supported by iOS) might mitigate that issue.
I would personally setup a VPN using OPEN VPN and not iPad settings… PPTP / L2TP are really insecure :
What if the vpn provides you with the IPSec security protocol, i heard it is more secure. Though it hampers speed a bit.
For the corporate firewall we're using at work it turned out that it was in practice impossible to set up an IPSec configuration which worked both for the IPSec config of a subsidiary, and for iOS and/or Android, at the same time, on the same firewall.
OpenVPN is a breeze simply because it's both very secure, easy to understand, and uncomplicated to set up. And if you're doing something wrong, you just get a non-working network, unlike with IPSec where you can unintentionally end up with a non-secured network without realizing it.