Yes, I agree. And one more thing: With some encrypt setups of openvpn the data path is 'on hold' when openvpn recreates/renegotiates a new encryption. This means that you have a short interrupt (some milliseconds) when openvpn server a) establishes a new connection b) re-creates the encrypt-key (e.g. once per hour)
To avoid a) I setup one openvpn server instance for each (important) VPN connection. To reduce b) I increased the reneg cycle. Armin On Wed, 23 Aug 2006, Simon Woodhead wrote: > We've done this with OpenVPN and it works fine. I'd recommend that the VPN > server is not on the same box as Asterisk. Stick it on a firewall/gateway > box giving access to the network containing the Asterisk boxes behind it. > This way the Asterisk box(es) is seeing normal unencrypted traffic and the > VPN server(s) can be specified to meet the VPN requirement. > > On 8/23/06, Joseph <[EMAIL PROTECTED]> wrote: > > > > Is anybody making calls over VPN? If so what is the "penalty" as > > encryption is involved. > > I was planning to use VPN to register Sipura units to my local asterisk > > this way I don't have to deal with NAT issues. > > > > -- > > #Joseph > > _______________________________________________ > > --Bandwidth and Colocation provided by Easynews.com -- > > > > asterisk-users mailing list > > To UNSUBSCRIBE or update options visit: > > http://lists.digium.com/mailman/listinfo/asterisk-users > > > > _______________________________________________ --Bandwidth and Colocation provided by Easynews.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users