VPN - Which way to go?
Predrag Punosevac
punosevac at math.arizona.edu
Thu Mar 6 01:30:33 UTC 2008
Alphons "Fonz" van Werven wrote:
> John Nielsen wrote:
>
>> I think OpenVPN is great and use it regularly, but as far as I know it
>> only interoperates with OpenVPN, and I'd be surprised if your university
>> were using it.
>
> Well, it seems like OpenVPN works for the Linux guys here... But anyway,
> I'll go ask around about the exact setup.
>
I do not know if you guys received my original message so I will repeat.
IPsec is part of IPv6 security enchantment which is back ported to IPv4.
OpenVPN is open source project released
under GPL license which is not fully compliant VPN protocol (not
compliant with IPsec) but easy to configure. Unless all of your client
machines use OpenVPN you will be in big troubles.
Cisco VPN is a joke and there is published algorithm how to brake into
it. If you do not believe me follow the link
http://www.unix-ag.uni-kl.de/~massar/bin/cisco-decode
All above being said Cisco 3000 is very popular and it looks good in the
eyes of management.
I am not an expert in Internet security but it seems to me that IPsec is
way to go if you are serious about VPN.
Cheers,
Predrag
P. S. Make no mistake. OpenVPN has nothing to do with OpenBSD project.
As a matter of fact OpenBSD
guys highly favor IPsec over OpenVPN.
> Thanks,
>
> Alphons
>
More information about the freebsd-questions
mailing list