| gabriel rosenkoetter on 11 Dec 2003 19:13:02 -0500 |
|
On Thu, Dec 11, 2003 at 02:38:01PM -0500, Jeff Abrahamson wrote: > Another suggestions (pardon my top quoting) is to use OpenVPN: > > http://openvpn.sourceforge.net/ > > Anyone have any experience? It looks quite good and unobtrusive, > except that everyone has to install extra software. Is there any reason not to just use existing, kernel-layer IPsec implementations? I mean, "VPN" means "stupid GUI interface atop questionably- implemented IPsec" in my world. I'd much rather just use the KAME implementation in my kernel, thanks. (Note that you're probably not running the right OS to use a KAME implementation, of course. But FreeSWAN almost works right.) Why, me, bitter about the poor implementations of crypto software that it's really just not hard to do right getting pushed at the general public? Nah... -- gabriel rosenkoetter gr@eclipsed.net Attachment:
pgpXlGKZgh6XF.pgp
|
|