View Single Post
  #2   (View Single Post)  
Old 26th March 2009
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
Join Date: May 2008
Location: USA
Posts: 7,471

OpenVPN does not use IPSec, as you've noted. This has advantages and disadvantages, but "production-grade" doesn't enter into the discussion.

OpenVPN uses SSL over UDP (or TCP). SSL is widely used to encrypt traffic between web browsers and "production-grade" web servers, and has been for many years.

A much better question, nimnod, is "can OpenVPN be integrated into VPNs that require IPSec as a peer?" The answer is, "No, not directly, the protocols are incompatible. But gateway routers can be architected that use both technologies, enabling an OpenVPN-protected subnet and an IPSec-protected subnet to route traffic to each other via the gateway."

IPSec technology, by the way, is no guarantee of "production-grade" in-and-of-itself. One example: it is very easy to incorrectly configure a network topology for IPSec. A topology that works, but that doesn't actually use IPSec. In that way, an admin may believe the network is using IPSec when it isn't actually in use at all.
Reply With Quote