OpenVPN –-- IPSec
-
This is more of a discussion thread, not a question.
But is it just me or does OpenVPN crush IPSec? Having implemented both in the past month or two, it's kind of sick how much faster and more reliable OpenVPN is. Am I missing something awesome about IPSec, or is it really just the inferior technology?
I would like to hear of other's experiences with the two of them, as well.
-
I have encountered the same experience and I think this is more a question of two different generations of technology.
-
Of course.
But the main "problem" with OpenVPN on pfSense right now is, that you cannot filter the virtual interface. -
What do you mean by "filtering"?
-
Incoming traffic through the tunnel with openvpn is always passed so you better trust the other end of the tunnel at it will have full access to your network. For ipsec you can filter traffic that runs through the tunnel like for example only allowing rdp to a special host.
-
Is OpenVPN filtering on the development road map for the openvpn guys?
-
This is not a concern of the OpenVPN devs, but of the person that implements that on pfSense.
http://devwiki.pfsense.org/OpenVPNWishlist
-
We'll see that feature sooner or later and I would guess it will be sooner than later ;)
