RFC: Ipsec support in main
Ruben Laban
r.laban at ism.nl
Tue Jan 5 08:15:07 UTC 2010
On Monday 04 January 2010 at 23:01 (CET), Mathias Gug wrote:
> I wonder how popular are IPSEC-based
> VPNs nowadays?
Very. It's one of the very few VPN protocols that's has a lot of
interoperability going for it. Linux, Cisco, Juniper, Windows, etc, all can
speak IPsec. Also, IPsec implementation is mandatory for any IPv6 stack
implementation. We currently use OpenVPN's SSL based VPNs for roadwarriors
due to the ease of installation and the ability to run it over any TCP or UDP
port. For our site-to-site VPNs (both within our own infrastructure and to
customers) we use Openswan's IPsec based VPNs. These are more robust and the
interoperability is rather important here. IPsec is IPsec, whereas SSL based
implementations are all non-interoperable.
That being said, I don't care much about ipsec-tools or racoon. I wouldn't
mind Openswan getting some more Debian/Ubuntu love.
--
Regards,
Ruben Laban
Systems and Network Administrator
ISM eCompany
More information about the ubuntu-server
mailing list