Re: VPN/IPSEC tunnel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Does not agree,

"People" claim that openvpn is supposedly easier to configure, compared with *swan.

However, for a _very_ simple tunnel that migth be true, but most of the problems people encounter with ipsec are often related to either certificates, CA's, routing, or smartcards. And they will encouter likewise problems (but other syntax) when using openvpn.

When confronted with more complex network setup (mesh topology), scalability, or ipv6 your best (or even only) option remains ipsec.

Interoperability with existing vpn products? Forget openvpn!

Even for very simple hapsnap tunnels one might even consider the tunnel capabilities of openssh.....

Hw

----- Oorspronkelijk bericht -----
Van: users-bounces@xxxxxxxxxxxxxxxxxxxxxxx <users-bounces@xxxxxxxxxxxxxxxxxxxxxxx>
Aan: users@xxxxxxxxxxxxxxxxxxxxxxx <users@xxxxxxxxxxxxxxxxxxxxxxx>
Verzonden: Sat Dec 04 21:41:35 2010
Onderwerp: Re: VPN/IPSEC tunnel

On Sat, 04 Dec 2010 13:32:04 -0430
Patrick O'Callaghan <pocallaghan@xxxxxxxxx> wrote:

> On Sat, 2010-12-04 at 18:57 +0100, Luc MAIGNAN wrote:
> > Is openVPN can make IPSec tunnels or just SSL ?
> 
> I believe it's fully IPSec compliant. 

Nope. Openvpn uses it's own ssl based protocol. It cannot directly
interoperate with ipsec tunnels. ;) 

That said, if you have control over both endpoints, IMHO openvpn is a
vastly better choice than ipsec. 

kevin

______________________________________________________________________
Dit bericht kan informatie bevatten die niet voor u is bestemd. Indien u niet de geadresseerde bent of dit bericht abusievelijk aan u is toegezonden, wordt u verzocht dat aan de afzender te melden en het bericht te verwijderen. De Staat aanvaardt geen aansprakelijkheid voor schade, van welke aard ook, die verband houdt met risico's verbonden aan het elektronisch verzenden van berichten.

This message may contain information that is not intended for you. If you are not the addressee or if this message was sent to you by mistake, you are requested to inform the sender and delete the message. The State accepts no liability for damage of any kind resulting from the risks inherent in the electronic transmission of messages.
-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux