How is IPSec "not recommended solution nowdays"? I tend to use IPSec for site-to-site connections i.e. the ones that run 24/7 and only require two experienced people to set up (the admins at both endpoints). For host-to-site setups I prefer OpenVPN since explaining to endusers how to set up an ipsec connection is neigh impossible whereas with OpenVPN I can simply tell them to install the software and then unzip an archive into a directory and they are done. Regards, Dennis On 05.04.2016 09:07, Eero Volotinen wrote: > IPSec is not recommended solution nowdays. OpenVPN runs top of single udp > or tcp port, so it usually works on strictly firewalled places like in > hotels and so on. > > -- > Eero > > 2016-04-04 23:18 GMT+03:00 Gordon Messmer <gordon.messmer at gmail.com>: > >> On 04/04/2016 10:57 AM, david wrote: >> >>> I have seen discussions of OpenVPN, OpenSwan, LibreVPN, StrongSwan (and >>> probably others I haven't noted). I'd be interested in hearing from anyone >>> who wishes to comment about which to use, with the following requirements: >>> >> >> I recommend l2tp/ipsec. It's supported out of the box on a wide variety >> of client platforms, which means significantly less work to set up the >> clients. >> >> OpenVPN is a popular choice, and it's fine for most people. It's more >> work to set up than l2tp/ipsec, typically. We used it for quite a while at >> my previous employer, though ultimately dropped it because the Windows GUI >> requires admin rights to run, and we didn't want to continue giving admin >> rights to the users we supported. >> >> _______________________________________________ >> CentOS mailing list >> CentOS at centos.org >> https://lists.centos.org/mailman/listinfo/centos >> > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos >