Supported VPN deployments
The following table shows the VPN deployment options that are supported by the Vyatta router.
Solution Type | Ease of Configurability | Requires Public Key Infrastructure | Configurable/Routable Interface | Bridgeable | Interoperability with Third-Party Solutions | Comments |
---|---|---|---|---|---|---|
IPsec (pre-shared keys) | Moderate | No | No | No | Very common | |
IPsec (RSA digital signatures) | Moderate | No | No | No | Very common | |
Elaborate | Very good | No | No | No | Common | Provides a very secure but more involved configuration. |
VTI | Similar to underlying IPsec | No | Yes | No | Common | Adds an interface that can be configured, routed, or both to an IPsec solution and operates with a variety of third-party equipment. |
GRE over IPsec | Similar to underlying IPsec | No | Yes | Yes | Common | Adds an interface that can be configured, routed, or both to an IPsec solution and operates with a variety of third-party equipment. |
DMVPN | Adds some complexity to underlying IPsec | No | Yes | No | Common | Provides the ability to easily scale a hub-and-spoke multipoint GRE over IPsec solution. This solution limits the number of subnets required, reduces the configuration complexity at the hub, and reduces traffic at the hub by providing dynamic spoke-to-spoke tunnels. |
OpenVPN (pre-shared secret) | Easy | No | Yes | Yes | Uncommon | Provides a highly flexible and resilient VPN protocol, which is recommended for Vyatta router to Vyatta router VPN connectivity. |
OpenVPN (TLS) | Elaborate | Yes | Yes | Yes | Uncommon |
Solution Type | Ease of Configurability | Requires Public Key Infrastructure | Configurable/Routable Interface | Bridgeable | Interoperability with Third-Party Solutions | Comments |
---|---|---|---|---|---|---|
RA (L2TP / IPsec – pre-shared keys) | Easy | No | N/A | No | Very common | Provides an easy way to configure Windows clients to connect remotely. |
RA (L2TP / IPsec – X.509 certificates) | Elaborate | Yes | N/A | No | Common | Provides a more involved way to configure Windows clients to connect remotely. |
OpenVPN (TLS) | Elaborate | Yes | N/A | No | Uncommon | Provides a more involved way to configure Windows clients to connect remotely. |