OpenVPN Support Forum

hello, as I read, it is possible create a layer 3 tunnel with openSSH, wich is the difference between this and an TUN with openVPN?

thanks. Regards

when you do it with openssh you create a socks proxy which you can reach via (normally) 127.0.0.1.
when you do it with openvpn you create a fully functional tunnel, which you can route some subnets or all internet connections over. you are also able to tunnel entire lans over it. With openvpn you get a virtual interface, with the option to tunnel ethernet (tap) OR ip traffic (tun) over. You can run openvpn over UDP, which has a huge advantage over socks when you wish to tunnel TCP traffic over it (see: http://sites.inka.de/~bigred/devel/tcp-tcp.html (from openvpn manual)).
If your only desire is to tunnel your web browser through a secure host, use whatever makes you happy... but when your needs grow openvpn does WAY more than socks can.

You may enjoy reading: http://openvpn.net/index.php/open-sourc ... -principal

Basically, with openvpn you handle what you contact over the vpn with routing... with an ssh-tunnel you handle it on the application level by configuring your application to use the socks proxy.