Posted by: Anonymous Coward
on September 30, 2005 09:56 AM
OpenS/Wan really has it ways. But i believe that the it is far more complicated than openvpn to deploy. I'm not counting here it's portability, because you can only deploy ipsec (the real one) in posix-like operating system. The clients for windows, or they miss some feature, or they require you to wide open your ipsec implementation. If we talk about the pair L2TP/IPsec, the ipsec become a fair play, but it loose some of it's security (AH transformation), and only give you the ESP encapsulation. And i'm not even mentioning the fact tha openvpn need only 1 single port (TCP or UDP) and is NAT traversal by default.
Learn about Linux
Download Linux
Get Linux help
Re:OpenS/Wan : bad example !
Posted by: Anonymous Coward on September 30, 2005 09:56 AMit is far more complicated than openvpn to deploy. I'm not counting here it's portability, because you can only deploy ipsec (the real one) in posix-like operating system. The clients for windows, or they miss some feature, or they require you to wide open your ipsec implementation. If we talk about the pair L2TP/IPsec, the ipsec become a fair play, but it loose some of it's security (AH transformation), and only give you the ESP encapsulation. And i'm not even mentioning the fact tha openvpn need only 1 single port (TCP or UDP) and is NAT traversal by default.
#