[afnog] Re : Site-to-site VPN
AFAHOUNKO Danny
afahounko at gmail.com
Tue Dec 1 12:46:43 UTC 2009
can use SSL and pre-share keys ...
On 12/01/2009 12:39 PM, Makan SIMAGA wrote:
> Thanks Phil,
> But openvpn is a SSL VPN or IPsec VPN?
>
>
> Makan SIMAGA
>
>
>
>
> ________________________________
> De : Phil Regnauld<regnauld at nsrc.org>
> À : Makan SIMAGA<makansimaga at yahoo.fr>
> Cc : afnog at afnog.org
> Envoyé le : Mar 1 Décembre 2009, 12 h 24 min 32 s
> Objet : Re: [afnog] Site-to-site VPN
>
> Makan SIMAGA (makansimaga) writes:
>> Hi,
>>
>> I want to connect two site with a VPN but I hesitate between IPcop with openvpn addon and a debian box with openvpn package.
>
> Hi Makan,
>
> It depends what you want to achieve. For the lowest overhead possible,
> I'd suggest using something IPsec based, but OpenVPN works very well,
> no matter what you run it on.
>
>> Is it possible to authenticate my active directory domain users during their connexion?
>
> If you mean AD/LDAP authentication for OpenVPN users, yes:
>
> http://amigo4life.googlepages.com/openvpn
>
> ... but this is not "site-to-site"...
>
>> What technology is the most appropriate in my case IPsec VPN or SSL VPN?
>
>
> For the site-site part, I'd use OpenVPN or IPsec, and for the roaming
> users, just use OpenVPN. We do this with certificates and our own CA
> where I work, for Windows, Mac and Linux users. Works fine.
>
> Cheers,
> Phil
>
>
>
>
>
>
>
> _______________________________________________
> afnog mailing list
> http://afnog.org/mailman/listinfo/afnog
--
AFAHOUNKO Danny
Administrateur Réseaux & Système d'Information - CICA-RE
Red Hat Certified Engineer - RHCE
Gsm: +228 914.55.89 / +228 953.54.50
Tel: +228 223.62.62
More information about the afnog
mailing list