[00:29] *** Ehtyar has quit IRC (Quit: IRC is just multiplayer notepad)
[06:03] *** mh_e has quit IRC (Remote host closed the connection)
[07:12] *** Hien has quit IRC (Quit: leaving)
[07:12] *** Hien has joined #arpnetworks
[09:25] *** heavysixer has quit IRC (Read error: Connection reset by peer)
[09:46] *** HighJinx has quit IRC (Quit: Computer has gone to sleep.)
[10:06] *** HighJinx has joined #arpnetworks
[10:34] *** gcw|mbpro1 has quit IRC (Remote host closed the connection)
[11:10] *** heavysixer has joined #arpnetworks
[11:10] *** ChanServ sets mode: +o heavysixer
[11:33] *** heavysixer has quit IRC (Remote host closed the connection)
[12:09] *** heavysixer has joined #arpnetworks
[12:09] *** ChanServ sets mode: +o heavysixer
[12:26] *** heavysixer has quit IRC (Remote host closed the connection)
[13:57] *** heavysixer has joined #arpnetworks
[13:57] *** ChanServ sets mode: +o heavysixer
[16:18] *** garry97531 has joined #arpnetworks
[16:24] *** garry97531 has quit IRC (Quit: Page closed)
[17:52] *** heavysixer has quit IRC (Quit: heavysixer)
[18:04] * up_the_irons looks around
[18:04] * mhoran looks under
[18:29] *** heavysixer has joined #arpnetworks
[18:29] *** ChanServ sets mode: +o heavysixer
[18:34] *** gcw|mbpro1 has joined #arpnetworks
[18:38] *** gcw|mini1 has joined #arpnetworks
[18:40] *** gcw|mbpro1 has quit IRC (Ping timeout: 246 seconds)
[18:44] *** HighJinx has quit IRC (Quit: Computer has gone to sleep.)
[18:56] *** dj_goku has joined #arpnetworks
[18:56] *** dj_goku has quit IRC (Changing host)
[18:56] *** dj_goku has joined #arpnetworks
[18:59] <up_the_irons> channel poll: what VPN client do you guys like the best?  I happen to use OpenVPN a lot, but I'm on Linux.  What is decent on FreeBSD / OpenBSD?  How about the Windows users?  I'm researching VPN solutions b/c we are going to be giving dedicated server customers access to a new VPN (for IPMI cards)
[19:00] <milki> i use vpnc >.<
[19:00] <mhoran> OpenVPN.
[19:00] <up_the_irons> ah yes, I also liked vpnc when I had to connect to Rackspace's vpn
[19:00] <mhoran> I'd prefer not to have to use a reverse-engineered client. :)
[19:00] <up_the_irons> milki: OS?
[19:00] <up_the_irons> mhoran: OS?
[19:00] <milki> linuxes
[19:01] <mhoran> Linux.
[19:01] <up_the_irons> roger
[19:04] <jdoe> mhoran: spoken like someone who never tried to use the actual honest-to-god cisco linux client.
[19:04] <jdoe> vpnc was a godsend :P
[19:04] <milki> lol
[19:05] <jdoe> up_the_irons: openvpn is easy to setup, has clients for everything, and is probably secure. Downside is that it's slower than ipsec in most cases, since it's userland and usually won't have any hardware assist.
[19:05] <mhoran> jdoe: I worked at Cisco for six months.
[19:05] <jdoe> mhoran: can I blame you for it then?
[19:05] <milki> lol
[19:05] <mhoran> Nope. Just an intern. :p
[19:05] <up_the_irons> LOL
[19:05] <jdoe> up_the_irons: ipsec is faster, but (interesting fact) everything related to ipsec is entirely composed of hate.
[19:05] <evhan> up_the_irons: tightvnc here. Nothing fancy.
[19:05] <up_the_irons> jdoe: hahaha
[19:05] <jdoe> nat problems, incompatible implementations, it's... just a fucking nightmare.
[19:05] <jdoe> avoid ipsec like the plague.
[19:06] <milki> but ipsec is the future!
[19:06] <up_the_irons> jdoe: oh i know, i had to set up an ipsec vpn from a linux server to cisco 3000; not fun
[19:06] <jdoe> yeah.
[19:06] <jdoe> the lack of documentation is awesome.
[19:06] <jdoe> especially when you're dealing with (for example) the osx built-in client.
[19:06] <up_the_irons> and the 7 different implementations on linux
[19:06] <jdoe> yeah, I was trying to do osx -> strongswan at some point.
[19:07] <up_the_irons> ouch
[19:07] <jdoe> fuck ipsec, fuck raccoon, fuck... everything.
[19:07] <jdoe> haha.
[19:08] <jdoe> (all of this is IMNSHO, IANABBQ)
[19:08] <up_the_irons> OpenVPN's speed is good enough for me, I use it for all our internal stuff; works great.  But if I invest the time making an OpenVPN solution for customers, I wanna make sure the *BSD guys and Windows users are also covered.  OpenVPN on OS X also worked fine; i had a team of devs using it once
[19:08] <up_the_irons> IANABBQ?? ;)
[19:08] <jdoe> yeah, that's my feeling about openvpn too.
[19:09] <jdoe> good enough, and most importantly it ... just works. everywhere.
[19:09] <jdoe> tunnelblick is pretty good, though it takes a while to stabilize on new osx vers.
[19:10] <jdoe> it took a loooong time for them to get a non-beta build for lion.
[19:10] <up_the_irons> yeah tunnelblick is pretty neat
[19:11] <up_the_irons> I was also looking at SSL VPNs, which have the great advantage of no clients and only using port 443 (so hardly any firewalls block this), however, the great disadvantage of requiring Java or ActiveX, which just won't fly...
[19:11] <jdoe> openvpn is an ssl vpn :P
[19:11] <up_the_irons> jdoe: well, i mean, a browser based one
[19:12] <jdoe> ew.
[19:12] <up_the_irons> i know...
[19:13] <mhoran> OpenVPN is so easy to configure in GNOME 3. That is all. :)
[19:13] <mhoran> Actually, vpnc too, but you might as well run an open protocol instead of that.
[19:14] <up_the_irons> mhoran: yeah
[19:14] <up_the_irons> mhoran: does the configurator in GNOME 3 also generate the CSR, etc...  or is it just pre-shared keys?
[19:16] <mhoran> Does it all!
[19:17] <up_the_irons> wow nice
[19:19] <mhoran> http://matthoran.com/tmp/configurator.png
[19:19] <mhoran> And under Advanced you can set up the TLS auth and stuffs.
[19:20] <up_the_irons> nice!
[19:55] *** HighJinx has joined #arpnetworks
[19:56] *** HighJinx has quit IRC (Client Quit)
[20:07] *** heavysixer has quit IRC (Quit: heavysixer)
[20:20] *** HighJinx has joined #arpnetworks
[20:21] *** HighJinx has quit IRC (Client Quit)
[21:55] *** portertech has quit IRC (Ping timeout: 240 seconds)
[22:31] *** portertech has joined #arpnetworks
[23:58] *** HighJinx has joined #arpnetworks