[afnog] Site-to-site VPN
Phil Regnauld
regnauld at nsrc.org
Tue Dec 1 12:24:32 UTC 2009
Makan SIMAGA (makansimaga) writes:
> Hi,
>
> I want to connect two site with a VPN but I hesitate between IPcop with openvpn addon and a debian box with openvpn package.
Hi Makan,
It depends what you want to achieve. For the lowest overhead possible,
I'd suggest using something IPsec based, but OpenVPN works very well,
no matter what you run it on.
> Is it possible to authenticate my active directory domain users during their connexion?
If you mean AD/LDAP authentication for OpenVPN users, yes:
http://amigo4life.googlepages.com/openvpn
... but this is not "site-to-site"...
> What technology is the most appropriate in my case IPsec VPN or SSL VPN?
For the site-site part, I'd use OpenVPN or IPsec, and for the roaming
users, just use OpenVPN. We do this with certificates and our own CA
where I work, for Windows, Mac and Linux users. Works fine.
Cheers,
Phil
More information about the afnog
mailing list