[AusNOG] VPN device

Eric Pinkerton Eric.Pinkerton at stratsec.net
Tue May 3 16:57:21 EST 2011


In Short - For remote access (I recommend clientless (SSL), much less support overhead, and port 443 is open from everywhere - useful if you have people connecting to other peoples networks)  If you are going down this road then it's impossible to overlook the Juniper SA series - easy enough to configure, reliable and very flexible.

If you are looking at Site to site VPN's then Cisco ASA 5520 series are again relatively easy to setup, reliable and flexible, and the gui is pretty helpful when setting up your tunnels if you don't happen to be a PIX veteran.  If you running point to point tunnels to other peoples kit (esp if they all have different vendor kit), then you will often end up blaming each other for it not coming up first time, at that point it is really helpful to be able to debug and diagnose why it isn't working and IMHO this isn't cisco's strongpoint (The info is all there it's just not that friendly).

If your trying to do this on the cheap, then I am told Vyatta.org is pretty good(open source), you can knock up a proof of concept in a VM or and old machine in an afternoon.  I can't vouch for it's simplicity though I haven't spent much time playing with it.

Eric

-----Original Message-----
From: Eric Pinkerton 
Sent: Tuesday, 3 May 2011 4:22 PM
To: 'Jacques Kosky'; ausnog at lists.ausnog.net
Subject: RE: [AusNOG] VPN device

Is it for Client Remote Access,  Point to point connections or both?

-----Original Message-----
From: ausnog-bounces at lists.ausnog.net [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Jacques Kosky
Sent: Tuesday, 3 May 2011 4:07 PM
To: ausnog at lists.ausnog.net
Subject: [AusNOG] VPN device

Hi Folks
Anyone out there have any recommendations/non recommendations for a vpn concentrator type device? We are looking at anything able to handle over a 100 connections at any one time.
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog
--
Message  protected by MailGuard: e-mail anti-virus, anti-spam and content filtering.http://www.mailguard.com.au/mg
Click here to report this message as spam:
https://login.mailguard.com.au/report/1CegEqKQAM/1uRFiyytgkcH3v5opKAn4o/0




More information about the AusNOG mailing list