[CentOS] VPN suggestions centos 6, 7
gordon.messmer at gmail.com
Mon Apr 4 20:46:32 UTC 2016
On 04/04/2016 12:11 PM, Jussi Hirvi wrote:
> This made me google around a little, and I found some good info here.
> They, too, kind of recommend openvpn.
This is not good information.
"There are some concerns that the NSA could have weakened the standard,
but no one knows for sure."
Pure FUD. There is no reason to believe this as related to IPSec that
does not apply to other protocols as well. There is, therefore, no
reason to write that other than bias.
"Either way, this is a slower solution than OpenVPN. ... It’s a two-step
OpenVPN tunnels traffic through a user space process, just like
l2tp/ipsec does, and in my experience offers no better performance. If
throughput is your main concern, use IPsec without l2tp.
"because it can be configured to use AES encryption, is arguably more
trustworthy than L2TP/IPsec."
IPSec can also use AES as a cipher and provide PFS, for that matter.
More information about the CentOS