Hey there - didn't see anyone else take a crack at this so I will...
From: Pieterjan Heyse [mailto:pieterjan dot heyse at scheppers dash wetteren dot be]
Sent: January 28, 2005 5:06 AM
To: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] OpenVPN vs. IPSEC
I am building a wireless network between some schools and I'm using
m0n0wall as router. All the wireless parts will be encrypted. I was
wondering, since 1.2b3 built on Sun Dec 5 11:22:47 CET 2004 you can
use openVPN, too.
[Mitch says:] Open VPN requires a client - this client is built into mono,
so mono connections are no problem, but for mono to windows, you will need
the windows client.
What is more bandwidth efficient ? IPSEC or OpenVPN ?
I assume that the security is ok when using both systems ? Can openVPN
establish simple point to point tunnels, like IPSec (Raccoon) can ?
[Mitch says:] openvpn can establish more flexible tunnels - I don't know
about simpler ;--) the tunnels in openvpn can be configured to pass on a
variety of normal protocols I think (tcp / udp) and can traverse some
firewalls that ipsec won't. Also, a central openvpn router (hub and spoke
config) can manage inter-vpn traffic that can't be accomplished without a
lot more config on ipsec (which needs to establish a connection between each
spoke directly I think - at least on FreeBSD).
Hope that helps... and hope it's all accurate ;-)