9 Dec
2011
9 Dec
'11
12:20 a.m.
hannah commodore <hannah@tinfoilhat.net> wrote:
I'd say l2tp/IPSec is the better choice.
You could try it with strongswan, which, as I recall, supports it. If you need IKEv1 aggressive mode, then Openswan is the best choice. Strongswan developers decided not to support IKEv1 aggressive mode, for security reasons: http://wiki.strongswan.org/projects/strongswan/wiki/FAQ If your client device supports IKEv2, then it seems that would be the best solution (with either Strongswan or Openswan - the former supports more protocols). Big disclaimer: I'm not well informed about IPSec; experts on the list are welcome to correct the above comments.