On 09/12/10 17:29, Steve Clark wrote: > On 12/09/2010 10:30 AM, David Sommerseth wrote: >> On 25/11/10 14:12, J.Witvliet at mindef.nl wrote: [...snip...] >> >>> Furthermore, openvpn is only compatible with openvpn, while using ipsec you might be able to connect to other boxes. >>> >> That is mostly true, except for those vendors adding their own >> proprietary extensions to their ipsec implementations ... thus making it >> a vendor lock-in again. >> >> > Hmm... We run ipsec, (using ipsec-tools on both Linux and FreeBSD), > to Cisco, Juniper, NetScreen and many others without problem. > What vendors are you talking about? I don't have personal hand-on experiences with ipsec issues. However, I would expect things to work flawlessly as long as you don't enable vendor specific features, or if you enable compatible features. <http://www.veiligmobiel.com/IPsecCompatibility.htm> And I believe it will be even more differences if you try to use a "tunnelled" setup versus a "transport" setup, where the tunnelled mode will act more a like a SSL based VPN. If I have understood it correctly. kind regards, David Sommerseth