SoftEther VPN all-in-one solution and cross platform. On Monday, April 4, 2016, Gordon Messmer <gordon.messmer at gmail.com> wrote: > On 04/04/2016 12:11 PM, Jussi Hirvi wrote: > >> This made me google around a little, and I found some good info here. >> They, too, kind of recommend openvpn. >> >> http://www.howtogeek.com/211329/which-is-the-best-vpn-protocol-pptp-vs.-openvpn-vs.-l2tpipsec-vs.-sstp/ >> > > This is not good information. > > In brief: > > "There are some concerns that the NSA could have weakened the standard, > but no one knows for sure." > Pure FUD. There is no reason to believe this as related to IPSec that > does not apply to other protocols as well. There is, therefore, no reason > to write that other than bias. > > "Either way, this is a slower solution than OpenVPN. ... It’s a two-step > process." > OpenVPN tunnels traffic through a user space process, just like l2tp/ipsec > does, and in my experience offers no better performance. If throughput is > your main concern, use IPsec without l2tp. > > "because it can be configured to use AES encryption, is arguably more > trustworthy than L2TP/IPsec." > IPSec can also use AES as a cipher and provide PFS, for that matter. > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos > -- -------------------------- Cheers! Dodi