Menu
▾
▴
Re: [Openvpn-users] Network World wants to interview OpenVPN users
|
From: Michel B. <mb...@er...> - 2005-03-28 18:46:00
|
James Yonan wrote on 03/25/05 23:45: > Network World is doing another article on open source VPNs, and they wo= uld=20 > like to talk with more OpenVPN users who are using it in a variety of=20 > configurations. >=20 > It would be nice to hear from some of you who are using OpenVPN in=20 > a production context and/or who are pushing the limits of scalability. Hi, We're a public organisation deploying last-mile WiFi to extend a=20 broadband cable network. That combination (broadband + wifi) allow us to=20 connect isolated sites, and especially, isolated companies. The network=20 addressing is completly RFC1918 (some kind of intranet), so there is no=20 direct access to the Internet for the people linked by us, and people's=20 flows get NATed (don't ask why, this is a complex situation mainly=20 driven by legal/political issues). So we use a combination of IPsec=20 (connected LANs are using Ciscos) and OpenVPN for remote users (i.e. not=20 linked by us) to reach their home-LANs. The IPsec-OpenVPN plug is handled by a "VPN concentrator" under Linux=20 2.6.x (native IPsec stack + kame tools) and OpenVPN 2.0-rcX (p2p & tun=20 mode). OpenVPN is really great in the roadwarrior context. Those who played=20 with IPsec know what it takes to handle client mobility with=20 IPsec+Windows... We are also planning to use OpenVPN (tap mode) to give user access to a=20 network simulator which mimics the aformentioned broadband network,=20 where each broadband head-end is linked to a separate VLAN. Offering=20 remote access will allow end-users and IT companies to test their setups=20 before commiting to a real broadband deployment (which involves getting=20 the coax cable inside buildings, and all the nuts and bolts). But this=20 is only a project for now. And last but not least, we're thinking of DMVPN-like setups with OpenVPN=20 (in short, automatically full meshing openvpn networks). In all cases, we're not pushing (we won't push) the limits of=20 scalability at all, but OpenVPN is put at work somewhat out of the usual=20 tracks. If you're interested, I can give a deeper description of our setup &=20 usage (for first case), or of our intentions (latter cases). Bye, M --=20 Michel Blanc - Syst=E8mes/R=E9seaux Erasme Erasme/CG69/Saint Cl=E9ment les Places/FR69930 T +33-474706840 <mb...@er...> http://reseau.erasme.org FA67 4EDA D648 9E50 BFA4 3F29 FDF5 4971 24B3 5C22 |
