Firewall Wizards mailing list archives
Re: VPN suggestions wanted
From: "Brian Loe" <knobdy () gmail com>
Date: Mon, 17 Sep 2007 13:10:50 -0500
I'd be interested in the redacted configs for my own learning experience - if I may? On 9/17/07, Josh Ward <jward () network-services uoregon edu> wrote:
tandernam wrote:I'm doing some work with a small company (about a dozen employees) that needs to make their remote access more reliable. I'm looking to set up a (new) VPN for them (the old one is a hack job). I'm looking for suggestions on a solution, something fairly simple to set up that I can just plug between their intranet and the interweb. Reliability is key. I'm mostly looking for a hardware solutions (just because I think it would be easier to set up and more reliable), but I'd be very interested to hear from anyone who is running a good small-scale (please don't start talking about radius servers...) software gateway. They're currently running NAT off their soho modem/router on a DSL. Suggestions and recommendations would be most appreciated.I have used Cisco 851 routers for deployments like this and they work *great*. I actually have something very similar to what you are describing at my house using an 851-wireless. The c851 is a full-blown IOS router (ok, not full blown, but all of the features that you care about for a small deployment). The 851 has a hardware crypto processor and the "ezvpn" stuff is really simple to set up and deploy. These boxes will act as a VPN concentrator (Cisco PC/MAC/Linux client) or as an EzVPN NEM (Network Extension Mode) concentrator. This means that if your client ever brings up a second office tying the two together is dead simple. The software support on the Cisco client is pretty good as well. Its easier to set up then the Juniper client and more full featured than SSL vpn clients. You can get 851's for ~$300 (plus $20/year maintenance), which makes them pretty affordable for someone looking for SOHO+ equipment. If you decide to go this route and you aren't Cisco savvy feel free to e-mail me and I'll share some redacted configs with you to help. -Josh -- Josh Ward <jward () network-services uoregon edu> Network Security Engineer - Network Services University of Oregon _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- VPN suggestions wanted tandernam (Sep 17)
- Re: VPN suggestions wanted Josh Ward (Sep 17)
- Re: VPN suggestions wanted Brian Loe (Sep 17)
- Re: VPN suggestions wanted Cassell, Damon Z. (Sep 17)
- Re: VPN suggestions wanted Brian Loe (Sep 17)
- Re: VPN suggestions wanted Aaron Smith (Sep 17)
- Re: VPN suggestions wanted Liam Jewell (Sep 18)
- Message not available
- Re: VPN suggestions wanted tandernam (Sep 22)
- Message not available
- Re: VPN suggestions wanted Josh Ward (Sep 17)
- Re: VPN suggestions wanted AMuse The Sane (Sep 21)