[AusNOG] Client VPN Solutions

Brad Peczka brad at bradpeczka.com
Tue Sep 29 01:06:16 EST 2020


I’ll also throw a vote in for Palo Alto - the GlobalProtect client is a solid product, as is the rest of the box.

They’re not cheap, but pricing can be whittled down to and will get competitive if you’ve got a good reseller and do the usual buy x years of maintenance/subscriptions in advance.

Note also that you don’t need the GlobalProtect license to enable client VPN – but it does provide some nifty features that may, or may not, be useful to you. https://docs.paloaltonetworks.com/globalprotect/9-1/globalprotect-admin/globalprotect-overview/about-globalprotect-licenses.html

Regards,
-Brad.

From: AusNOG <ausnog-bounces at lists.ausnog.net> On Behalf Of DaZZa
Sent: Monday, 28 September 2020 12:56 PM
To: John Cenile <jcenile1983 at gmail.com>
Cc: <ausnog at lists.ausnog.net> <ausnog at lists.ausnog.net>
Subject: Re: [AusNOG] Client VPN Solutions

Depends on your budget.

I run Palo Alto's at my edge - and they do all of the above. And you can make them work with Linux too.

Expensive as hell, and they're firewalls with added features, not just VPN devices, but they're worth the money for mine.

D

On Mon, 28 Sep 2020, 2:38 pm John Cenile, <jcenile1983 at gmail.com<mailto:jcenile1983 at gmail.com>> wrote:
G'day Noggers,

I was hoping to get some recommendations on VPN solutions people out there are using.

Currently we're using a Cisco ASA with the AnyConnect client, however we have found it to be quite limiting in some of the things we want to do (such as built in multifactor, restricting resources to groups, and the throughput of the device itself).

Our main requirements are:

  *   Self hosted / on-premise appliance
  *   Multifactor support (preferably Google Authenticator)
  *   Windows, Mac, and iPhone clients

I'm also looking at the Fortinet FortiClient software, but it looks very similar to AnyConnect, so I don't have high hopes for it. I'm also looking into the Business OpenVPN product.

Any other suggestions / recommendations would be great.

John Cenile
Github<https://github.com/john30>
Twitter<https://twitter.com/cenilejohn>
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20200928/a85f16c1/attachment.html>


More information about the AusNOG mailing list