[Asterisk-Users] Re: VOIP security on an IAX connection.

Gregory Junker gregory.junker at dayark.com
Fri Nov 19 07:51:20 MST 2004


> Ditto.  There's another very clear advantage to OpenVPN over IPsec,
> and that's the fact that many firewalls are hard to run IPsec through,
> but OpenVPN, using a single ephemeral UDP link, will work just fine.

I believe that the original poster is not concerned with getting it 
through a Linksys router at home, and that he has a highi degree of 
control over which hardware is in the trunk path. I could be wrong, but 
that's what it sounded like to me.

I just tried to get it working last night, and I found it (OpenVPN) no 
easier as a VPN solution than OpenSWAN was, either in server setup and 
understanding, or client setup and use. My users and myself are running 
the XP SP2 and Win2K (updated) MS builtin client into the network 
through one of those hated Linksys routers, with no problems whatsoever. 
In the end, I decided that I'd rather stick with the open standards, 
than wait and hope that the OpenVPN proprietary software became a 
de-facto standard (isn't that what you all hated Microsoft for? But I 
digress...)

For a single point-to-point link, like the poster requested, with Linux 
on both ends, there is no reason I can tell to go a proprietary route 
when IPSec works just fine and comes with the 2.6 kernel (or can be 
fitted on a 2.4 kernel just fine).

Greg

Greg



More information about the asterisk-users mailing list