19 Apr
2013
19 Apr
'13
2:05 a.m.
Excellent explanation Marius.
So how does PPTP compare to openvpn?
I have tried to find a good explanation for the various VPN types,
hamachi, openvpn, pptp, etc.. haven't really found such yet.
19 Apr
19 Apr
5:15 a.m.
New subject: private tunnel?
On Fri, Apr 19, 2013 at 8:05 AM, <kb9mwr(a)gmail.com> wrote:
So how does PPTP compare to openvpn?
Technically PPTP uses an out-of-band connection to establish a GRE tunnel
with PPP inside on fixed port numbers, while OpenVPN
transports encapsulated packets and does signalling over a single port.
Presumably that makes OpenVPN more flexible. There are other pros/cons like
security and device support, but I don't think those are very relevant to
Ham stuff.
As an aside, I've been using Linux-based tunnels over a radio network
(albeit it is a IPv6 only Wifi mesh, not AX.25) for a while, first IPIP6 +
IPSec/Racoon and then I switched to TINC (in bridging mode) because of some
bugs I picked up with Linux IPSec policies.
TINC with UDP transport seems to work quite reliably even in the face of
lossy links, and the overhead is acceptable. Personally I find it easier to
configure TINC than OpenVPN (however, OpenVPN is perfectly good over UDP
also - except that it didn't work for me due to the lack of support for
IPv6 tunnel endpoints).
4:42 p.m.
New subject: private tunnel?
Also, most implementations of PPTP use MSCHAPv2 for password authentication
which has been crackable for years. Yet many people still use it because
it's easy and widely supported. It's definitely not recommended if you
want to assure protection for the password or the network being connected
to.
On Fri, Apr 19, 2013 at 2:15 AM, Simeon Miteff <simeon.miteff(a)gmail.com>wrote;wrote:
(Please trim inclusions from previous messages)
_______________________________________________
On Fri, Apr 19, 2013 at 8:05 AM, <kb9mwr(a)gmail.com> wrote:
So how does PPTP compare to openvpn?
Technically PPTP uses an out-of-band connection to establish a GRE tunnel
with PPP inside on fixed port numbers, while OpenVPN
transports encapsulated packets and does signalling over a single port.
Presumably that makes OpenVPN more flexible. There are other pros/cons like
security and device support, but I don't think those are very relevant to
Ham stuff.
As an aside, I've been using Linux-based tunnels over a radio network
(albeit it is a IPv6 only Wifi mesh, not AX.25) for a while, first IPIP6 +
IPSec/Racoon and then I switched to TINC (in bridging mode) because of some
bugs I picked up with Linux IPSec policies.
TINC with UDP transport seems to work quite reliably even in the face of
lossy links, and the overhead is acceptable. Personally I find it easier to
configure TINC than OpenVPN (however, OpenVPN is perfectly good over UDP
also - except that it didn't work for me due to the lack of support for
IPv6 tunnel endpoints).
_________________________________________
44Net mailing list
44Net(a)hamradio.ucsd.edu
http://hamradio.ucsd.edu/mailman/listinfo/44net
http://www.ampr.org/donate.html
4234
days inactive
4234
days old
2 comments
3 participants
participants (3)
-
Cory (NQ1E) -
kb9mwr@gmail.com -
Simeon Miteff