[olug] Firewall / VPN Devices
rob.townley at gmail.com
Wed Oct 7 22:10:49 UTC 2009
On Wed, Oct 7, 2009 at 12:06 PM, Dave Rowe <dave at roweware.com> wrote:
> Dan Linder wrote:
>> On Wed, Oct 7, 2009 at 11:11, <charles.bird at powerdnn.com> wrote:
>>> Ya, I've heard nothing but good things about pfsense, another company in omaha
>>> had 2yrs uptime on their pfsense boxes and had a lot of vpn traffic running
>> I had to replace my home-brew ancient firewall recently and tried
>> pfSense. It would have been great, except for the fact that the BSD
>> kernel can only handle one Microsoft VPN through it at once (the Linux
>> kernel can keep track of multiple VPN tunnels through it).
>> I ended up going with Vyatta - it's Linux based so that meant my
>> work-related VPNs functioned, it has a GUI to make the initial
>> learning stage less steep, and it has a cli much like Cisco which I
>> cut my networking teeth on (they're just behind the eye-teeth..)
>> Just my $0.02 worth...
> Yeah, looking at Untangle, it seems nice given the limited knowledge
> required to get up and running - but I'm curious about the Vyatta /
> pfSense experience. My boss (and I) don't really want to spend a lot of
> time configuring, or really messing with the appliance that much.
> That's where Untangle seems to get a bit of a bigger win. Though, my
> limited experience with Vyatta is simply some of the online video demos.
> Does pfSense / Vyatta have an interface for SSL VPN (via browser), a la,
> no local client install? We have a couple users, who we'd rather be
> able to point to a URL, they login, and they're in, rather than having
> to configure a client, install it, and support it for them, etc.
> OLUG mailing list
> OLUG at olug.org
If your VPN needs to have servers on behind more than one NAT, then
the p2p vpn stuff may be your only easy option.
tinc-vpn and hamachi are not web based like SSLExplorer, but _very_
easy to use. The others below i have not tried, but NeoRouter and n2n
and p2pvpn look promising. There are some Social Networking VPN apps
such as http://apps.facebook.com/ipoverfb/index.php but i can't trust
em and find the whole idea intriguingly repulsive.
hamachi on Linux and Mac is command line only ltic, but still proven
to be very easy.
More information about the OLUG