[geeks] firewall/vpn
Mike Meredith
mike at blackhairy.demon.co.uk
Wed May 5 14:51:07 CDT 2004
On Wed, 5 May 2004 15:18:11 -0400, Kurt Huhn wrote:
> On Wed, 05 May 2004 13:31:42 -0400
> Caleb Shay wrote:
>
> > At work we have a sudden need for firewall/vpn for one of our
> > locations. We've got 2 machines and 5 IP addresses that need to be
> > accounted for (via port-forwarding for services or whatever) and it
> > needs to support router to router VPN connections via either pptp or
> > ipsec. Oh, and the budget is <=$500, anybody have any
> > recommendations? Rack mountable prefered.
> >
>
>
> I'm probably going to get fried for this, but my money would be on an
> OpenBSD box.
Why? It sounds like a perfectly suitable solution to me. My own firewall
is going to be OpenBSD on a Magnia as soon as I can find the time. And
you've got a better chance of getting something rack-mountable.
> I tried the same thing with a Netscreen, and Netscreen's engineers
> failed to be able to provide that same functionality - for
> significantly more money. Suffice to say, Netscreen's DMZ capability,
> at least on their lower-end stuff, is insufficient.
It doesn't sound like DMZ capabilities are an absolute requirement, so
that might not matter. If it doesn't a PIX501 might also fit the
requirement and has the advantage that the VPN encryption will have some
acceleration behind it (or am I mistaken about that?).
More information about the geeks
mailing list