[ale] VPN Protocol Question
dragon at atlantacon.org
Wed Apr 15 15:43:20 EDT 2009
IPSec is normally hardware point to point but its the highest most
secure form of encryption due to the large number of encryption
the other option is SSL encryption, but is less secure and needs an ssl
certificate, even self signed works.
OpenVPN is a server type, pptp and l2tp are transport protocols, not
pptp is old school gre tunneling, and also one of the least secure. the
positive is its the most compatable.
l2tp or layer 2 tunneling protocol ( http://en.wikipedia.org/wiki/L2TP )
works over standard udp packet types and tend to work from behind most
firewalls and nat devices for the client side with no additional
Since you say this will be on a pfSense box as an end point, you will
probably have to set up OpenVpn on that system ( http://openvpn.net/ ).
Andrew Grieser wrote:
> Hey all,
> I'd like to be able to securely connect to my home network while at school or elsewhere, and be able to tunnel all network traffic from the client to the server (http, dns, ssh, etc).
> While looking up VPN options, I see that there are three general options: IPSec, OpenVPN, and PPTP. After doing a bit of reading, I am still not sure which one I should be using. I'd appreciate it if someone could point me in the right direction.
> Some details:
> The VPN server will be on a pfSense box that also does the following: router, firewall, DHCP server, and DNSmasq.
> The VPN server will have a "real" IP address (ie: no NAT), but as I client I expect to be on networks using NAT at least some of the time. If I am understanding the protocols, I believe this rules out IPSec. Is this true?
More information about the Ale