Calm down...I don't know whether you make bold for readability or enphasizing your emotion but anyhow, IPSec is too damn complicated for something like SOHO and whatnot for sure, I've given up using Linux router for Ipsec due to sparse documentation (something understandable in a 5th year unix user...) and way too complex ipsec.conf and whatnot. And for the being of article, the author points out the point just fine.
I guess we're not the real security network experts, but OpenVPN has its place, IPSec has its place, so it's not like 'IPSec sucks completely' all the time... Choose what you want, both is said to have good security.
And I just wanted to say 1 thing to the topmost of this thread is even all OS you mentioned may have IPSec installed, you can't make a network to network router out of them. Windows client machines just don't work that way. And even if whatever OS with default IPSec does the job, you can't most likely out of Windows or Mac OS can touch any of the detail of the IPsec, unless you open up deep inside registry or something. So out of current condition, I agree OpenVPN is a good solution that is manageable to some good extent with decent security and cross platform.
Otherwise, it just seem like OpenVPN is never used anywhere.
Learn about Linux
Download Linux
Get Linux help
Re:Uninformed FUD
Posted by: Hideki on October 02, 2005 11:20 AMI guess we're not the real security network experts, but OpenVPN has its place, IPSec has its place, so it's not like 'IPSec sucks completely' all the time... Choose what you want, both is said to have good security.
And I just wanted to say 1 thing to the topmost of this thread is even all OS you mentioned may have IPSec installed, you can't make a network to network router out of them. Windows client machines just don't work that way. And even if whatever OS with default IPSec does the job, you can't most likely out of Windows or Mac OS can touch any of the detail of the IPsec, unless you open up deep inside registry or something. So out of current condition, I agree OpenVPN is a good solution that is manageable to some good extent with decent security and cross platform.
Otherwise, it just seem like OpenVPN is never used anywhere.
#