Date: Sun, 19 Nov 2017 21:24:26 +0700 From: Eugene Grosbein <eugen@grosbein.net> To: Miroslav Lachman <000.fbsd@quip.cz>, "Muenz, Michael" <m.muenz@spam-fetish.org>, freebsd-net@freebsd.org Subject: Re: OpenVPN vs IPSec Message-ID: <5A11941A.6040400@grosbein.net> In-Reply-To: <5A11882D.1050700@quip.cz> References: <20171118165842.GA73810@admin.sibptus.transneft.ru> <b96b449e-3dc1-6e75-e803-e6d6abefe88e@spam-fetish.org> <20171119120832.GA82727@admin.sibptus.transneft.ru> <d92dff62-3baf-a22d-bfac-5a668b276259@spam-fetish.org> <5A11882D.1050700@quip.cz>
next in thread | previous in thread | raw e-mail | index | archive | help
19.11.2017 20:33, Miroslav Lachman wrote: > I have opposite experience. One customer needs IPSec and setting > and debugging was a pain because we don't have access to the other end. > On the other hand customers with OpenVPN works in a minute. > Just send or receive openvpn.conf, set some variables in rc.conf and VPN is up and running. You was pretty lucky, too. Because OpenVPN may be incompatible with its own previous version. Debugging IPSec connection may be pain because one has not been taught to understand IKE daemon logs, or does not know how IKE works at all, but access to the other end's config is not needed generally to see why it does not pass through.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5A11941A.6040400>