[nSLUG] network over WAN

Stephen Gregory nslug at kernelpanic.ca
Mon Jan 14 13:34:36 AST 2008


On Mon, Jan 14, 2008 at 01:17:00PM -0400, Jeff Warnica wrote:
> 
> Googling around I think that the current "best of breed" is Openswan  
> (http://openswan.org/) .. Its IPSec,

Openswan is munumentally harder to setup then OpenVPN. There is lots
of documentation but many concepts are not explained, some of the
examples are wrong, and it is often unclear which of the many versions
of Openswan or Freeswan the documentation applies too. (I suspect that
when Openswan forked Freeswan they ran sed s/Free/Open/ on all of the
documentation.) Oddly the documentation is generally well written and
seems complete until you try to use it. Unless someone actually
requires IPSec then it is hard to recommend Openswan for anything.

-- 
sg



More information about the nSLUG mailing list