[ previous ] [ next ] [ threads ]
 From:  "Mitch \(WebCob\)" <mitch at webcob dot com>
 To:  "'Pieterjan Heyse'" <pieterjan dot heyse at scheppers dash wetteren dot be>, m0n0wall at lists dot m0n0 dot ch
 Subject:  RE: [m0n0wall] OpenVPN vs. IPSEC
 Date:  Fri, 28 Jan 2005 15:26:06 -0800
Hey there - didn't see anyone else take a crack at this so I will...

-----Original Message-----
From: Pieterjan Heyse [mailto:pieterjan dot heyse at scheppers dash wetteren dot be] 
Sent: January 28, 2005 5:06 AM
To: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] OpenVPN vs. IPSEC

Hi All,

I am building a wireless network between some schools and I'm using
m0n0wall as router. All the wireless parts will be encrypted. I was
wondering, since  1.2b3 built on Sun Dec 5 11:22:47 CET 2004 you can
use openVPN, too.

[Mitch says:] Open VPN requires a client - this client is built into mono,
so mono connections are no problem, but for mono to windows, you will need
the windows client.

What is more bandwidth efficient ? IPSEC or OpenVPN ?
I assume that the security is ok when using both systems ? Can openVPN
establish simple point to point tunnels, like IPSec (Raccoon) can ?

[Mitch says:] openvpn can establish more flexible tunnels - I don't know
about simpler ;--) the tunnels in openvpn can be configured to pass on a
variety of normal protocols I think (tcp / udp) and can traverse some
firewalls that ipsec won't. Also, a central openvpn router (hub and spoke
config) can manage inter-vpn traffic that can't be accomplished without a
lot more config on ipsec (which needs to establish a connection between each
spoke directly I think - at least on FreeBSD).

Hope that helps... and hope it's all accurate ;-)