RFC: Ipsec support in main

Ruben Laban r.laban at ism.nl
Tue Jan 5 08:15:07 UTC 2010


On Monday 04 January 2010 at 23:01 (CET), Mathias Gug wrote:
>  I wonder how popular are IPSEC-based
> VPNs nowadays?

Very. It's one of the very few VPN protocols that's has a lot of 
interoperability going for it. Linux, Cisco, Juniper, Windows, etc, all can 
speak IPsec. Also, IPsec implementation is mandatory for any IPv6 stack 
implementation. We currently use OpenVPN's SSL based VPNs for roadwarriors 
due to the ease of installation and the ability to run it over any TCP or UDP 
port. For our site-to-site VPNs (both within our own infrastructure and to 
customers) we use Openswan's IPsec based VPNs. These are more robust and the 
interoperability is rather important here. IPsec is IPsec, whereas SSL based 
implementations are all non-interoperable.
That being said, I don't care much about ipsec-tools or racoon. I wouldn't 
mind Openswan getting some more Debian/Ubuntu love.

-- 
Regards,

Ruben Laban
Systems and Network Administrator
ISM eCompany




More information about the ubuntu-server mailing list