end user to enterprise vpn appliances

[Adam Molaver <adam () molaver org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I am in the formative stages of identifying options for a customer in the
way of VPN appliance devices for their staff to connect into their office.
 The initial thought was using Cisco's 3005 concentrator for such
connectivity, but we'd like to explore the options.  To complicate
matters, the clients are all Windows 2000, so the client software must
support this (Cisco just released their W2K support for these devices I
hear), and they are have W2K AD running, so it would be extremely nice to
use the AD for authentication.

This customer happens to have a Pix (515) doing two site-to-site VPN's,
one of which will go away RSN.  My thought was we could run Steel Belted
RADIUS internally authenticating to W2K AD, with PPTP enabled on the 515. 
Using ACL's on the internal VLAN router, I could restrict VPN clients to
certain boxes, even certain services on those boxes...  I know the
arguments about why not to use VPN's, but for clarity's sake, I'd like to
avoid that discussion.  

What are the other options for VPN appliance in a small environment (less
than 30 concurrent users).  I'm not sure the 515 is really up to the task
for this many, but not having used one for client-to-site VPN's before,
I'm unsure..  

ahm

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBOrp9ynj0lfay8J5TEQIM8QCcDnStTz9VTTep3oru5smE7w303JsAoMAY
mpyC7Sgk4oVh917icffXMI/N
=wgLa
-----END PGP SIGNATURE-----
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards