On Tue, 2005-10-25 at 15:03 -0400, Neal Becker wrote: > Michael H. Warfield wrote: > > > > For larger VPNs with a lot of systems, certificate based OpenSWAN can > > be a lot easier to set up than OpenVPN, particularly if you have to set > > up OpenVPN in peer-to-peer mode where each connection requires > > configuring unique UDP endpoint ports. OpenVPN server mode can help > > with it's address pool technique and their coming out with some newer > > tricks for handing out and routing addresses in server mode that hasn't > > quite make it to release yet. But that doesn't help out much once you > > get away from a star topology. OpenVPN needs to impliment a > > server-to-server mode before they can really address that. > Have you looked at openvpn>2? I believe these comments are obsolete. Oh... I just noticed. You meant beyond OpenVPN v2 ( as in greater than [ >2 ] not greater than or equal to [ >=2 ] ). Sorry... Missed that. Current release is 2.0.2 with a 2.1 beta rattling around. Running that... Comments still applicable. They've still got a long way to go before they catch up to IPSec on the scalability front and a LLLOOONNNGGG way to got to catch up to IPSec on the performance front). But they are getting there. Mike -- Michael H. Warfield | (770) 985-6132 | mhw@xxxxxxxxxxxx /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
Attachment:
signature.asc
Description: This is a digitally signed message part
