[olug] Firewall / VPN Devices

Rob Townley rob.townley at gmail.com
Wed Oct 7 22:10:49 UTC 2009 

On Wed, Oct 7, 2009 at 12:06 PM, Dave Rowe <dave at roweware.com> wrote:
> Dan Linder wrote:
>> On Wed, Oct 7, 2009 at 11:11,  <charles.bird at powerdnn.com> wrote:
>>> Ya, I've heard nothing but good things about pfsense, another company in omaha
>>> had 2yrs uptime on their pfsense boxes and had a lot of vpn traffic running
>>
>> I had to replace my home-brew ancient firewall recently and tried
>> pfSense.  It would have been great, except for the fact that the BSD
>> kernel can only handle one Microsoft VPN through it at once (the Linux
>> kernel can keep track of multiple VPN tunnels through it).
>>
>> I ended up going with Vyatta - it's Linux based so that meant my
>> work-related VPNs functioned, it has a GUI to make the initial
>> learning stage less steep, and it has a cli much like Cisco which I
>> cut my networking teeth on (they're just behind the eye-teeth..)
>>
>> Just my $0.02 worth...
>>
>> Dan
>>
>
> Yeah, looking at Untangle, it seems nice given the limited knowledge
> required to get up and running - but I'm curious about the Vyatta /
> pfSense experience.  My boss (and I) don't really want to spend a lot of
> time configuring, or really messing with the appliance that much.
> That's where Untangle seems to get a bit of a bigger win.  Though, my
> limited experience with Vyatta is simply some of the online video demos.
>
> Does pfSense / Vyatta have an interface for SSL VPN (via browser), a la,
> no local client install?  We have a couple users, who we'd rather be
> able to point to a URL, they login, and they're in, rather than having
> to configure a client, install it, and support it for them, etc.
>
> -Dave
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> https://lists.olug.org/mailman/listinfo/olug
>


If your VPN needs to have servers on behind more than one NAT, then
the p2p vpn stuff may be your only easy option.

tinc-vpn and hamachi are not web based like SSLExplorer, but _very_
easy to use.  The others below i have not tried, but NeoRouter and n2n
and p2pvpn look promising.  There are some Social Networking VPN apps
such as http://apps.facebook.com/ipoverfb/index.php  but i can't trust
em and find the whole idea intriguingly repulsive.

hamachi on Linux and Mac is command line only ltic, but still proven
to be very easy.
http://files.hamachi.cc/linux/README

More information about the OLUG mailing list