From owner-freebsd-questions  Wed Nov 20 11:25: 2 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id A5A2637B401
	for <freebsd-questions@FreeBSD.ORG>; Wed, 20 Nov 2002 11:25:00 -0800 (PST)
Received: from cypress.adhesivemedia.com (cypress.adhesivemedia.com [207.202.159.72])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 22F4543E88
	for <freebsd-questions@FreeBSD.ORG>; Wed, 20 Nov 2002 11:25:00 -0800 (PST)
	(envelope-from philip@adhesivemedia.com)
Received: from cypress.adhesivemedia.com (localhost [127.0.0.1])
	by cypress.adhesivemedia.com (8.12.3/8.12.3) with ESMTP id gAKJOxFk017970;
	Wed, 20 Nov 2002 11:24:59 -0800 (PST)
	(envelope-from philip@adhesivemedia.com)
Received: from localhost (philip@localhost)
	by cypress.adhesivemedia.com (8.12.3/8.12.3/Submit) with ESMTP id gAKJOxCk017967;
	Wed, 20 Nov 2002 11:24:59 -0800 (PST)
X-Authentication-Warning: cypress.adhesivemedia.com: philip owned process doing -bs
Date: Wed, 20 Nov 2002 11:24:59 -0800 (PST)
From: Philip Hallstrom <philip@adhesivemedia.com>
To: Jim Durham <durham@jcdurham.com>
Cc: Bill Moran <wmoran@potentialtech.com>,
	<freebsd-questions@FreeBSD.ORG>
Subject: Re: VPN and roaming Windows 2K users
In-Reply-To: <200211201359.29955.durham@jcdurham.com>
Message-ID: <20021120112335.F16116-100000@cypress.adhesivemedia.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

[snip]

> > > I use racoon and IPSEC between offices with FreeBSD boxes on each end.
> >
> > Have you ever tried using vtun between the FreeBSD machines?  I've never
> > used racoon/IPsec between FreeBSD machines, but I was overjoyed at the
> > simplicity and workability of vtun.
> > Just curious if anyone has used both that could compare them.
>
> Yes, I used vtun for about a year. It worked fine as long as the network
> stayed up between here and the West Coast, but, when it went down for
> any length of time, which happens quite regularly in the middle of the night,
> it wouldn't reestablish. I find that IPSEC is more robust and you don't need
> to run PPP over it (although technically, you don't have to with vtun).
> IPSEC stays up and reestablishes itself.

I've never run ipsec, but have used vtun for about 3 years b/n 4 different
DSL/cablemodem setups and it re-establishes it's connections for me... at
least I've never had a problem with it...  from the man page:

       persist yes|keep|no
              persist mode.  If  yes,  the  client  will  try  to
              reconnect  to  the server after connection termina-
              tion.  If keep, the client will not remove and  re-
              add  the  tunXX  or tapXX device when reconnecting.
              If no, the client will exit (default).  This option
              is ignored by the server.

-philip


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message