[ale] VPN Protocol Question

[Dragon]

IPSec is normally hardware point to point but its the highest most 
secure form of encryption due to the large number of encryption 
algorithm choices.
the other option is SSL encryption, but is less secure and needs an ssl 
certificate, even self signed works.

OpenVPN is a server type, pptp and l2tp are transport protocols, not 
encryption protocols.
pptp is old school gre tunneling, and also one of the least secure. the 
positive is its the most compatable.
l2tp or layer 2 tunneling protocol ( http://en.wikipedia.org/wiki/L2TP )
works over standard udp packet types and tend to work from behind most 
firewalls and nat devices for the client side with no additional 
configuration.

Since you say this will be on a pfSense box as an end point, you will 
probably have to set up OpenVpn on that system ( http://openvpn.net/ ).


Dragon



Andrew Grieser wrote:
> Hey all,
> 
> I'd like to be able to securely connect to my home network while at school or elsewhere, and be able to tunnel all network traffic from the client to the server (http, dns, ssh, etc).
> 
> While looking up VPN options, I see that there are three general options: IPSec, OpenVPN, and PPTP. After doing a bit of reading, I am still not sure which one I should be using. I'd appreciate it if someone could point me in the right direction.
> 
> Some details:
> The VPN server will be on a pfSense box that also does the following: router, firewall, DHCP server, and DNSmasq.
> The VPN server will have a "real" IP address (ie: no NAT), but as I client I expect to be on networks using NAT at least some of the time. If I am understanding the protocols, I believe this rules out IPSec. Is this true?
> 
> Andrew
>