[ previous ] [ next ] [ threads ]
 From:  Raffaele Sandrini <rasa at gmx dot ch>
 To:  m0n0wall dash dev at lists dot m0n0 dot ch
 Subject:  RE: [m0n0wall-dev] OpenVPN
 Date:  Wed, 09 Feb 2005 13:26:09 +0100
On Mit, 2005-02-09 at 20:14 +1000, Quark IT - Hilton Travis wrote:
> Thanks for the update - much appreciated.
> Were I to need to link 2 * m0n0wall sites, I'd probably (right now)
> still use IPSEC between these sites.  However, should I need to link a
> Windows user to a m0n0wall via a VPN, I'd tend to look at using the
> OpenVPN option - that's kinda where I stand with this right now.
> This may change - I've been known to change my standpoint before when
> presented with information that I was previously unaware of.  :)
> OpenVPN seems to be one of - if not the - best implementations of a
> **true** SSL VPN available today.  I'm definitely pro-OpenVPN's
> inclusion in m0n0wall.
Its probably the best open source implementation, wich implies that it
needs to be pushed over the closed, vendor dependent implementations.

While you probably have no advantage using OVPN for m0n0wall-m0n0wall
tunnels over IPSEC, you definitely have in almost every other situation,
where you would use IPSEC transport mode.

I looked at it some time ago and was came to it again through your mail,
i did a lot of testing yesterday on my Linux boxes here and i have to
admit, that at least version 2 of OVPN is a very cool peace of software.
It has almost every feature a road-warrior environment needs.

Raffaele Sandrini <rasa at gmx dot ch>