[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: VPN solution(s) for Fedora Core



Florin Andrei wrote:
On Fri, 2004-05-21 at 08:52, Jason Tackaberry wrote:
I think the other main contender for VPN software in Fedora Core would
be Openswan.  OpenVPN is portable, comfortable (being in userspace),
flexible, and easy, but Openswan implements IPsec which is (mostly)
standardized across vendors, and that's certainly a strong selling
point, in spite of its complexity.

Openswan is good to keep around, just in case you need to talk to IPSec devices. But it's a pain in the butt; it's NAT-unfriendly, free and good Windows clients are lacking, interoperability is problematic, etc.


Eh?


OpenSWAN 2.1.2 works fine, interoperates fine with *most* IPSec clients, including WinXP, and supports NAT-T (a.k.a. IPSec over UDP), so there shouldn't be any problems.

I have been running OpenSWAN for a while now and the only problem I've had with it is its somewhat limited handling of aggressive mode (which FreeSWAN didn't implement due to its known security holes.)

-hpa



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]