[AusNOG] Client VPN Solutions

J. Hellenthal jhellenthal at dataix.net
Mon Sep 28 21:33:21 EST 2020


I might recommend OpenVPN AS. They are license centric on seats but 3 seats come with the free appliance and fairly straight forward interface all while offering HA configuration so you may have many appliances as a fallback plus google authenticator and at least one other I don’t recall off hand. LDAP auth is also there.

If anything give the free appliance a run through in a VM you might be happy you did.

Good luck 

https://openvpn.net/vpn-server/

-- 
 J. Hellenthal

The fact that there's a highway to Hell but only a stairway to Heaven says a lot about anticipated traffic volume.

> On Sep 28, 2020, at 03:09, Dmitry Konchanin <dmitry.konchanin at dtsanz.com> wrote:
> 
> 
> Forticlient can do multifactor to some extend. There are pretty expensive "branded" token based option, built-in email-to-sms and ability to use basically any time of MFA via Radius. And no any additional costs/licenses, all comes with  a box. (except tokens).
> 
> It's still probably less flexible than dedicated VPN devices (like Pulse), but if it fits requirements then for sure price effective. 
> 
> Kind regards, 
> Dmitry Konchanin 
>   
> 
> On 28/09/2020 5:37 pm, John Cenile wrote:
>> G'day Noggers,
>> 
>> I was hoping to get some recommendations on VPN solutions people out there are using.
>> 
>> Currently we're using a Cisco ASA with the AnyConnect client, however we have found it to be quite limiting in some of the things we want to do (such as built in multifactor, restricting resources to groups, and the throughput of the device itself).
>> 
>> Our main requirements are:
>> Self hosted / on-premise appliance
>> Multifactor support (preferably Google Authenticator)
>> Windows, Mac, and iPhone clients
>> 
>> I'm also looking at the Fortinet FortiClient software, but it looks very similar to AnyConnect, so I don't have high hopes for it. I'm also looking into the Business OpenVPN product.
>> 
>> Any other suggestions / recommendations would be great.
>> 
>> John Cenile
>> Github
>> Twitter
>> 
>> 
>> _______________________________________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20200928/d4e9016d/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4386 bytes
Desc: not available
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20200928/d4e9016d/attachment.bin>


More information about the AusNOG mailing list