[CentOS] VPN suggestions centos 6, 7

Eero Volotinen eero.volotinen at iki.fi
Tue Apr 5 15:57:54 UTC 2016 

Well. IPSec might work with site-to-site connections, but usually
roadwarrior mode users experience (a lot of) problems.

They might be related to hotels that only allow https, http and dns
protocols or broken nat implementations and so on.



--
Eero

2016-04-05 18:52 GMT+03:00 Dennis Jacobfeuerborn <dennisml at conversis.de>:

> How is IPSec "not recommended solution nowdays"?
>
> I tend to use IPSec for site-to-site connections i.e. the ones that run
> 24/7 and only require two experienced people to set up (the admins at
> both endpoints).
> For host-to-site setups I prefer OpenVPN since explaining to endusers
> how to set up an ipsec connection is neigh impossible whereas with
> OpenVPN I can simply tell them to install the software and then unzip an
> archive into a directory and they are done.
>
> Regards,
>   Dennis
>
> On 05.04.2016 09:07, Eero Volotinen wrote:
> > IPSec is not recommended solution nowdays. OpenVPN runs top of single udp
> > or tcp port, so it usually works on strictly firewalled places like in
> > hotels and so on.
> >
> > --
> > Eero
> >
> > 2016-04-04 23:18 GMT+03:00 Gordon Messmer <gordon.messmer at gmail.com>:
> >
> >> On 04/04/2016 10:57 AM, david wrote:
> >>
> >>> I have seen discussions of OpenVPN, OpenSwan, LibreVPN, StrongSwan (and
> >>> probably others I haven't noted).  I'd be interested in hearing from
> anyone
> >>> who wishes to comment about which to use, with the following
> requirements:
> >>>
> >>
> >> I recommend l2tp/ipsec.  It's supported out of the box on a wide variety
> >> of client platforms, which means significantly less work to set up the
> >> clients.
> >>
> >> OpenVPN is a popular choice, and it's fine for most people.  It's more
> >> work to set up than l2tp/ipsec, typically.  We used it for quite a
> while at
> >> my previous employer, though ultimately dropped it because the Windows
> GUI
> >> requires admin rights to run, and we didn't want to continue giving
> admin
> >> rights to the users we supported.
> >>
> >> _______________________________________________
> >> CentOS mailing list
> >> CentOS at centos.org
> >> https://lists.centos.org/mailman/listinfo/centos
> >>
> > _______________________________________________
> > CentOS mailing list
> > CentOS at centos.org
> > https://lists.centos.org/mailman/listinfo/centos
> >
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos
>

More information about the CentOS mailing list