[geeks] firewall/vpn
Kurt Huhn
kurt at k-huhn.com
Wed May 5 14:18:11 CDT 2004
On Wed, 05 May 2004 13:31:42 -0400
Caleb Shay wrote:
> At work we have a sudden need for firewall/vpn for one of our
> locations. We've got 2 machines and 5 IP addresses that need to be
> accounted for (via port-forwarding for services or whatever) and it
> needs to support router to router VPN connections via either pptp or
> ipsec. Oh, and the budget is <=$500, anybody have any
> recommendations? Rack mountable prefered.
>
I'm probably going to get fried for this, but my money would be on an
OpenBSD box. I just setup an OpenBSD firewall with two seperate NAT'd
LANS, a bridged DMZ, and port forwarding and filtering all around.
I tried the same thing with a Netscreen, and Netscreen's engineers
failed to be able to provide that same functionality - for significantly
more money. Suffice to say, Netscreen's DMZ capability, at least on
their lower-end stuff, is insufficient.
OpenBSD supports IPSec, and setup is easy and simple. No more difficult
than, say, OS X.
--
Kurt "I believe that pipe smoking contributes to a
kurt at k-huhn.com somewhat calm and objective judgement in all
human affairs."
-- Albert Einstein
More information about the geeks
mailing list