DaemonForums  

Go Back   DaemonForums > Miscellaneous > Off-Topic

Off-Topic Everything else.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 25th March 2009
nimnod's Avatar
nimnod nimnod is offline
New User
 
Join Date: Feb 2009
Posts: 7
Thanked 0 Times in 0 Posts
Default consider OpenVPN production-grade solution?

Hi,

Can OpenVPN be considered production-grade software even though it lacks IPSec?
Would this be enough to keep you from deploying a piece of hardware making use of OpenVPN in production env?
Reply With Quote
  #2   (View Single Post)  
Old 26th March 2009
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,894
Thanked 214 Times in 189 Posts
Default

OpenVPN does not use IPSec, as you've noted. This has advantages and disadvantages, but "production-grade" doesn't enter into the discussion.

OpenVPN uses SSL over UDP (or TCP). SSL is widely used to encrypt traffic between web browsers and "production-grade" web servers, and has been for many years.

A much better question, nimnod, is "can OpenVPN be integrated into VPNs that require IPSec as a peer?" The answer is, "No, not directly, the protocols are incompatible. But gateway routers can be architected that use both technologies, enabling an OpenVPN-protected subnet and an IPSec-protected subnet to route traffic to each other via the gateway."

IPSec technology, by the way, is no guarantee of "production-grade" in-and-of-itself. One example: it is very easy to incorrectly configure a network topology for IPSec. A topology that works, but that doesn't actually use IPSec. In that way, an admin may believe the network is using IPSec when it isn't actually in use at all.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Cannot set up OpenVPN guitarscn OpenBSD Security 8 5th October 2009 05:19 PM
Any Solution for Xorg high CPU usage in Ubuntu 9.04? Mantazz Other BSD and UNIX/UNIX-like 11 14th July 2009 06:10 AM
Which is the best solution from start bsd.mp? aleunix OpenBSD General 18 4th May 2009 06:33 PM
Solution: FreeBSD 7 and Sigmatel 9274D codec ronaldmcdonald9 FreeBSD General 0 19th July 2008 01:04 AM
production server upkeep question goku FreeBSD Installation and Upgrading 3 10th June 2008 02:37 AM


All times are GMT. The time now is 02:19 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick