[CentOS] Choosing VPN Server

Ross S. W. Walker rwalker at medallion.com
Thu Sep 20 18:52:41 UTC 2007


John R Pierce wrote:
> 
> Ross S. W. Walker wrote:
> > Wei Yu wrote:
> >   
> >> Does openvpn support IPsec well?
> >> I want the server to work cooperation with a Microsoft ISA 
> >> Server inside the intranet with site-to-site vpn mode.
> >> For that reason I want the server has good compatibility 
> with windows.
> >>     
> >
> > You don't need IPSec for Windows ISA server compatibility...
> 
> 
> it does if the Windows ISA machine is the VPN server as he said.

OpenVPN has a Windows version and if the OP wanted to run it on the
ISA itself, he is welcome to, though not recommended as it decreases
the hardness of the ISA server.

OpenVPN server would probably virtualize well as the Internet
connection will end up being the limiting bandwidth factor and
Internet connectivity is always susceptible to wild latencies, so
a little VM added latency surely wouldn't go noticed.

> frankly, for business site to site VPN, I generally recommend tossing 
> ALL software and OS implementations in favor of Jupiter Netscreen or 
> another router based implementation.

I have to agree here, for site-to-site VPNs it is better with hardware
accelerated devices on fixed IP addresses doing IPSec.

-Ross

______________________________________________________________________
This e-mail, and any attachments thereto, is intended only for use by
the addressee(s) named herein and may contain legally privileged
and/or confidential information. If you are not the intended recipient
of this e-mail, you are hereby notified that any dissemination,
distribution or copying of this e-mail, and any attachments thereto,
is strictly prohibited. If you have received this e-mail in error,
please immediately notify the sender and permanently delete the
original and any copy or printout thereof.




More information about the CentOS mailing list