[afnog] Re : Site-to-site VPN
Makan SIMAGA
makansimaga at yahoo.fr
Tue Dec 1 12:39:08 UTC 2009
Thanks Phil,
But openvpn is a SSL VPN or IPsec VPN?
Makan SIMAGA
________________________________
De : Phil Regnauld <regnauld at nsrc.org>
À : Makan SIMAGA <makansimaga at yahoo.fr>
Cc : afnog at afnog.org
Envoyé le : Mar 1 Décembre 2009, 12 h 24 min 32 s
Objet : Re: [afnog] Site-to-site VPN
Makan SIMAGA (makansimaga) writes:
> Hi,
>
> I want to connect two site with a VPN but I hesitate between IPcop with openvpn addon and a debian box with openvpn package.
Hi Makan,
It depends what you want to achieve. For the lowest overhead possible,
I'd suggest using something IPsec based, but OpenVPN works very well,
no matter what you run it on.
> Is it possible to authenticate my active directory domain users during their connexion?
If you mean AD/LDAP authentication for OpenVPN users, yes:
http://amigo4life.googlepages.com/openvpn
... but this is not "site-to-site"...
> What technology is the most appropriate in my case IPsec VPN or SSL VPN?
For the site-site part, I'd use OpenVPN or IPsec, and for the roaming
users, just use OpenVPN. We do this with certificates and our own CA
where I work, for Windows, Mac and Linux users. Works fine.
Cheers,
Phil
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://afnog.org/pipermail/afnog/attachments/20091201/5bb3bfc4/attachment.htm>
More information about the afnog
mailing list