Open VPN vs IPsec Vpn
-
Do you use OpenVPN with UDP or TCP ? You should use UDP!
Perhaps try to change the encryption algorithm. -
hi Nachfalke Thanks for the reply
Yes i use TCP. (will change to UDP and see the effect)
in open VPN i'm using (peer to peer sharedkey)
thanks
kalu -
TCP is a bit "heavy" protocol in vpn use, with it's ack's and resending missing data
-
The problem of TCP in OpenVPN is, that you use TCP for the OpenVPN tunnel itself and in most cases a second time TCP for the traffic in the tunnel. so there is "double TCP" and then you have the double of overhead like Metu69salemi said in his post.
-
Thanks guys.
but i still have one question.
what features are unavailable if i don't use TCP and use UDP.
mainly i'm confused where to use TCP and where to use UDP.
thanks in advance
kalu -
There is no difference in "features" depending OpenVPN. The only difference while using OpenVPN is the speed enhancement with UDP.
If you like to know the differences between UDP and TCP use google or wikipedia.
-
Thanks Nachtfalke
:) -
If you want to use the VPN tunnel via an http/https proxy you must use TCP.
–> http://openvpn.net/index.php/open-source/documentation/howto.html#http -
If you want to use the VPN tunnel via an http/https proxy you must use TCP.
–> http://openvpn.net/index.php/open-source/documentation/howto.html#httpShame on me!
That was new information for me. Thanks! -
nice piece of information Nachtfalke thanks
i didn't knew that either
kalu -
Well it's rare that you need to use OpenVPN via an http/https proxy ^^"
For roadwarriors which have to go regularly into environments where security is very tight, i have a second instance of our normal openVPN server (UDP 1194) with the same keys/certs providing access on TCP 443.
This usually allows them to reach our main-office.
But this is more of a failover if the normal server isn't reachable.
