nanog mailing list archives
Re: VPN recommendations?
From: Dave Taht <dave.taht () gmail com>
Date: Thu, 10 Feb 2022 10:25:06 -0800
tailscale On Thu, Feb 10, 2022 at 10:24 AM Mark Wiater <mark.wiater () greybeam com> wrote:
pfsense and opnsense both do fine with natted ipsec in the environmnets i've tested. Isn't there an openvpn appliance too? On 2/10/2022 1:17 PM, Shawn L via NANOG wrote: Meraki MX series? I don't like the way they do their licensing (your license runs out, the box is a paper-weight) but they do really well at establishing site-to-site VPNs in some pretty challenging scenarios. Dynamic IPs and NATs don't really cause them a problem. Some CGNats do (AT&T I'm looking at you). Shawn -----Original Message----- From: "Keith Stokes" <keiths () salonbiz com> Sent: Thursday, February 10, 2022 1:11pm To: "William Herrin" <bill () herrin us> Cc: "nanog () nanog org" <nanog () nanog org> Subject: Re: VPN recommendations? Pfsense on Netgate appliances? I’ve used several of them, while not for this exact purpose they have done the roles but maybe not the amount of VPN traffic. -- Keith Stokes SalonBiz, Inc On Feb 10, 2022, at 12:02 PM, William Herrin <bill () herrin us> wrote: Hi folks, Do you have any recommendations for VPN appliances? Specifically: I need to build a site to site VPNs at speeds between 100mpbs and 1 gbit where all but one of the sites are behind an IPv4 NAT gateway with dynamic public IP addresses. Normally I'd throw OpenVPN on a couple of Linux boxes and be happy but my customer insists on a network appliance. Site to site VPNs using IPSec and static IP addresses on the plaintext side are a dime a dozen but traversing NAT and dynamic IP addresses (and automatically re-establishing when the service goes out and comes back up with different addresses) is a hard requirement. Thanks in advance, Bill Herrin -- William Herrin bill () herrin us https://bill.herrin.us/
-- I tried to build a better future, a few times: https://wayforward.archive.org/?site=https%3A%2F%2Fwww.icei.org Dave Täht CEO, TekLibre, LLC
Current thread:
- Re: VPN recommendations?, (continued)
- Re: VPN recommendations? William Herrin (Feb 10)
- Re: VPN recommendations? Ander Punnar (Feb 10)
- Re: VPN recommendations? Mike Hammett (Feb 11)
- Re: VPN recommendations? Valdis Klētnieks (Feb 10)
- RE: VPN recommendations? David Andrzejewski (Feb 10)
- Re: VPN recommendations? Dave Taht (Feb 10)
- Re: VPN recommendations? Mark Tinka (Feb 10)
- Re: VPN recommendations? Shawn L via NANOG (Feb 10)
- Re: VPN recommendations? Mark Wiater (Feb 10)
- Re: VPN recommendations? Dave Taht (Feb 10)
- Re: VPN recommendations? Phineas Walton (Feb 10)
- Re: VPN recommendations? William Herrin (Feb 10)
- Re: VPN recommendations? William Herrin (Feb 10)
- Re: VPN recommendations? Mark Wiater (Feb 10)