VPN and IPtables
James Knott
james.knott-bJEeYj9oJeDQT0dZR+AlfA at public.gmane.org
Wed Sep 15 20:40:41 UTC 2004
Lennart Sorensen wrote:
> On Wed, Sep 15, 2004 at 04:27:39PM -0400, James Knott wrote:
>
>>Lennart Sorensen wrote:
>>
>>>The key exchange and data go over those protocols, the encrypted data is
>>>transfered over udp on port 500. This allows transfering udp traffic
>>>over ipsec without forcing reliable transmission, while tcp already
>>>handles retries if the udp tunnel drops anything. This is part of what
>>>makes ipsec better than an ssh tunnel or something, since that forces
>>>udp traffic to go over a reliable tunnel which isn't really what you
>>>want for udp data.
>>
>>I use OpenVPN for my VPN. It uses UDP packets, though it can also use TCP.
>
>
> Is OpenVPN ipsec based or something else?
It's based on SSL. You can find more info here:
http://openvpn.sourceforge.net/
--
The Toronto Linux Users Group. Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
More information about the Legacy
mailing list