From: Michael O H. <mic...@cs...> - 2015-02-26 16:51:12
|
> (And: don't mix "IPSEC" with "OpenVPN". OpenVPN does not use IPSEC, > as that's not synonym for "encrypt traffic" but a very specific crypto > suite. OpenVPN is "SSL VPN") Both IPSEC and SSL support multiple cipher suites. IPSEC is a layer 3 concept. SSL is a layer 5/6 concept. > I'm looking for encryption that's completely transparent to programs, will > work properly across multiple servers with IP multicast Then what you want is IPSEC. OpenVPN has it's advantages, but SSL vpn is designed primarily for remote access, where you want the granular control over user access. When you want to transparently connect two sites over the Internet you use IPSEC. Here is a good article from Cisco that spells out the differences : https://supportforums.cisco.com/document/113896/quick-overview-ipsec-and-ssl-vpn-technologies I'm not saying you *can't* do a site-to-site with OVPN since you most certainly can, just like you can use IPSEC for road-warriors .. but at least try to use the proper tool for the job unless there are technical restrictions that limit your choices. Regards, Michael Holstein Cleveland State University |