On 3/28/08, Jonathan Horne <[EMAIL PROTECTED]> wrote: > is one method better than the other for connecting to pfsense firewalls Don't know that one works better for pfSense than the other, but you might consider these points:
- OpenVPN is mostly in userspace and uses standard OpenSSL TLS libraries - IPsec is more typically implemented in kernel or hardware space, marginally increasing potential performance - IPSec is _very_ widely used if not understood; compatibility with other concentrators is higher. - Peter Gutmann seems to be of the opinion* that OpenVPN took the parts of IPSec that work well (ESP) and replaced those that don't (IKE) with something better (TLS handshake). *http://thread.gmane.org/gmane.comp.encryption.general/11204/focus=11239 --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
