I want to be able to remotely administer a RB450G in order to access the usermanager webgui, and be able to make adjustments to RouterOS with WinBox.

On Linux servers, I would use a OpenVPN tunnel or a ssh tunnel with some ssh port forwarding in order to achieve this. However, I read that the ssh package doesn't support tunneling.

Also, I don't have any experience regarding ease of setup, throughput and manageability of VPN-like remote access solutions on routerboard hardware.

Which option do you use, and why? What would you recommend using in this scenario?

I've done a basic pptp tunnel to my mum and dads rb. and added routes accordingly. its just for apple remote desktop when they have problems. i don't see why people say pptp is insecure though. unless you are a company doing vpn i guess it'll be alright. works for me .

i use pptp with a dynamic ip. i wrote a script to make a tune when the pptp fails and also when it connects. its only been 3 days and it hasn't dropped ( I'm visiting parents and fitted RB there as pptp client - rb493g at home and it only beeped/dropped when i purposely disabled connection to get it all the wife heard the apparent machine gun sound lol from the script) all is good - the keep alive is around 200bytes to keep the tunnel active. looking at the graphs it only peaks when i access the remote network so the 200 bytes thing seems valid to me. the link never has dropped, only once due to me thats why i say never. seems VERY stable.

Thank you for your reply but PPTP over the internet isn't secure and thus not suitable for my needs.

You can also do an SSH tunnel. PPTP is fine for remote management IMO ( we use it on around 400 units linked back to core routers).

Rather than PPTP simply choose a SSTP client instead.