On Tue, Jan 27, 2009 at 2:45 PM, Chris Buechler <[email protected]> wrote: > On Tue, Jan 27, 2009 at 2:41 PM, Nick Smith <[email protected]> wrote: >> On Tue, Jan 27, 2009 at 1:39 PM, Chris Buechler <[email protected]> wrote: >>> On Mon, Jan 26, 2009 at 10:37 AM, Nick Smith <[email protected]> wrote: >>>> I have one site with a Netgear FVS124G firewall that the documentation >>>> mentions it has >>>> PKI support. >>> >>> PKI isn't the same as OpenVPN, I'm sure the Netgear doesn't support >>> OpenVPN. It should be possible to connect it using IPsec. >>> >> From what ive read, openvpn is alot better than ipsec, but i could >> have it wrong. >> > > Depends on the needs of your environment. For interoperability with > other firewalls, IPsec is the best because it's going to be the only > thing that will work. > >> I guess ill have to look into redoing my vpn setup and use ipsec >> instead of openvpn. >> > > You can use OpenVPN for your remote access users and IPsec for site to site. > it took me a while to get it going, but it does work well now that its going.
I am using it in conjunction with backuppc to backup remote servers over the internet, gives me access to the entire lan and i dont have to hassle with installing remote client software on the individual servers, just connect the 2 firewalls for site to site and your good to go. openvpn does have a client install, i guess in a worst case senerio i would just end up installing that on the servers to connect to the vpn. do they both have the same bandwidth throughput? that would probably be the only reason i would look at switching is if ipsec transferred faster than openvpn. these are embedded pfsense installs, so im also looking at the least overhead possible. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
