Re: SSL VPN

• Previous message: Dean De Beer: "RE: wireless internal vs external"
• In reply to: Edmond Chow: "RE: SSL VPN"
• Next in thread: stefan.sulistyo_at_accenture.com: "RE: SSL VPN"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 18 Jul 2005 12:53:21 -0300
To: Security Basics <security-basics@securityfocus.com>

On 7/13/05, Edmond Chow <echow@videotron.ca> wrote:
>
> Hello List:
>
> I've been tasked with implementing an SSL VPN solution in our corporate
> network and I was wondering if any of you had any recommendations and
> experiences (good or bad) with the various vendors. I thought of looking at
> OpenVPN but wanted some guidance on this product versus some other products
> on the market.
>
> Thanks in advance.
>
> Regards,
>
> Ed

 Edmond, a long time ago I've used VTUN, which was quite good. But
today, VTUN development has almost stopped (totally? -
04.06.2003 Released VTun 2.6), which by itself is not a good sign.
 Now, regarding OpenVPN, it is much easier to deploy than IPSec and
the same security may be achieved.
 I'm now using OpenVPN in more than 100 tunnels and have had no problems so far.
 Oh, one of the advantages is that OpenVPN has client/server also for
Windows, differently from many other implementations.
 Recently I've been to the Free Software International Forum, where I
had the opportunity to attend a talk given by Mario Bonilla (from
Uruguay), also stating that OpenVPN was the best option (he compared
it to ipsec, vtun, pptp, etc) nowadays.
 
 If you have any questions please reply, as I could be saying much
more about it.
 
 Regards,
 
 --
Eduardo Bacchi Kienetz
LPI Certified - Level 1 & 2
http://www.noticiaslinux.com.br/eduardo/

• Previous message: Dean De Beer: "RE: wireless internal vs external"
• In reply to: Edmond Chow: "RE: SSL VPN"
• Next in thread: stefan.sulistyo_at_accenture.com: "RE: SSL VPN"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Implementing VPN ... IPSec, so you really don't need them anymore. ... OpenVPN is user-land implementation. ... On the other hand user-land stuff like VTun is ... (Fedora) Re: VPN, NAT and LDAP or FTP ... > I read information about Super FreeS/WAN, CIPE, OpenVPN and so ... OpenVPN!= vtun ... ... have relatively static IP's and stateful firewalls, ... the single UDP port to the internal VPN host. ... (comp.os.linux.networking) Re: VPN, NAT and LDAP or FTP ... > I read information about Super FreeS/WAN, CIPE, OpenVPN and so ... OpenVPN!= vtun ... ... have relatively static IP's and stateful firewalls, ... the single UDP port to the internal VPN host. ... (comp.os.linux.security) Re: a bit OT - VPN+Windows ... One of the nice things about this solution is you can customize the OpenVPN GUI. ... There are various IPSEC solutions but you run into a client issue in a lot of cases for the Windows side. ... i used VPN's many times but always with unix on both sides and used vtun which works great. ... (freebsd-questions) vtun vs openvpn ... Reading info on their web sites it sounds like vtun does the same thing as openvpn ... ... (freebsd-net)