{SPAM?} [Asterisk-Users] Asterisk VIA SSH Tunnels

Geoff Nordli geoffn at gnaa.net
Thu Oct 14 12:04:38 MST 2004


asterisk-users-bounces at lists.digium.com wrote:
> On Thu, 14 Oct 2004 07:13:04 -0700, Geoff Nordli
> <geoffn at gnaa.net> wrote:
>> OpenVPN runs on:  Linux, Windows 2000/XP and higher, OpenBSD,
>> FreeBSD, NetBSD, Mac OS X, and Solaris.
> 
> And how many routers and firewalls out there do support OpenVPN? Do
> Cisco routers support it? 
> 
> On the other hand, IPsec works on all the platforms you mentioned
> *plus* most routers/firewalls from Linksys toyz up to Cisco and
> Checkpoint etc etc etc. 
> 
> rgds
> benjk

No argument here.  If you want to do gateway to gateway then IPSEC is a
solid choice.  They pretty much run flawlessly.  The only thing I don't like
is the kernel modification required on the 2.4 kernel series to embed
Openswan/Freeswan into the kernel.  Just one more thing to worry about if
you need to upgrade the kernel.

Since the guy was talking about using an SSH session I assumed he was
looking at client to gateway options.  IPSEC is not a great option there.
An easier solution is to use something like PPTP, but sometimes GRE is not
supported on every firewall.  Plus PPTP requires modification to the ppp
kernel modules to support mschap-v2 -- this is also a pain.  So something
like OpenVPN is a good solution.

Geoff




More information about the asterisk-users mailing list