Implementing VPN
Aleksandar Milivojevic
amilivojevic at pbl.ca
Wed Dec 22 14:57:11 UTC 2004
R. S. Patil wrote:
> When searched on google i got two three options like
> FreeS/WAN, StrongS/WAN, OpenS/WAN and Open VPN.
The *S/WANs are all IPSec implementations. 2.6 kernels has native
IPSec, so you really don't need them anymore. Unless you already have
infrastructure that uses them and/or are very familiar with them, I'd
just go with Linux native IPSec.
OpenVPN is user-land implementation. Another user-land implementation
is VTun.
Both (IPSec and user-land stuff) have advantages and disadvantages.
IPSec (in combination with auto-rekeying and x509 certificates) is
probably the best way to go, but you'll need to do some reading to
understand how it works. On the other hand user-land stuff like VTun is
very easy to understand and configure (you can get it up and running in
about 10 minutes, even if you are completely new to it). OpenVPN is
somewhere in the middle.
--
Aleksandar Milivojevic <amilivojevic at pbl.ca> Pollard Banknote Limited
Systems Administrator 1499 Buffalo Place
Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7
More information about the fedora-list
mailing list