Openswan or racoon
We have also the option of using racoon, but we face the same problem.
Looking forward to hearing from you.
3 Replies
What particular problems are you concerned with? I don't know what you mean by "we face the same problem."
IPSec requires a set of kernel modules to be loaded or built in, but outside of that you don't really need to do anything to the kernel; it's just daemon configuration like any other server after that.
I'm afraid I haven't used Openswan, so I'm probably not very useful with that particular setup.
@CybrMatt:
I use both Racoon for site-to-site tunneling and OpenVPN for road-warrior vpn (although I wouldn't discourage anyone from using OpenVPN for site-to-site either).
I've been using OpenVPN for road-warrior's for a while and I have noticed that the TAP Adapter v9 (installed by OpenVPN on a Windows client) has a 10MB/s Interface.
I've also found that on a 1Gbps LAN it maxes out the this 10MB's VPN link and doesn't go above this when transfering data.
Has anyone found a way to increase this TAP interface size?
Cheers,
Rich.