[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Replicate through an VPN ?



Su Tam Nguyen wrote:
> 
> I want to use IPSec to authencicate all packets.

Like Howard I'd strongly recommend to set up StartTLS ext. op. or LDAPS.
You could use client certificates for stronger authentication.

> BTW, I use OpenVPN to implement the VPN.

OpenVPN does not implement IPsec. It uses SSL (or TLS) as cryptographic
protocol. So better use the built-in SSL/TLS feature of OpenLDAP.

Ciao, Michael.