16 Aug
2006
16 Aug
'06
4:02 p.m.
On 16/8/06 20:29, "Zane H. Healy" <healyzh at aracnet.com> wrote:
The best option in your price range is to ?roll your own?.
My company market a solution that ticks all your boxes, hence I know for a
cold hard fact that you can hack one together from off the shelf parts.
Ours consists of a SuperMicro case (with 200w PSU), ASRock socket AM2
motherboard, latest cheap Sempron64 CPU, 512MB DDR2 RAM, 40GB PATA HDD,
Intel PRO/100 VE NIC.
This should cost you no more than ?260. Gives you a box that?s way
over-specced for your requirements. None of our customers are particularly
large, but it happily handles 43 simultaneous VPN sessions at our largest
site. I?d expect it to handle well over 100.
As Zane said, BSD is the way to go. We use a customised version of m0n0wall
(http://www.m0n0.ch).
Alternatively (and getting marginally more on topic) we?ve used second hand
Sun Netra T100?s for the same application in the past running various BSD
flavours. If you?re lucky you?ll get one with Checkpoint FW-1
pre-installed. If you?re very lucky it?ll have the passwords with it! ;-)
-Austin.
> If
anyone knows of a good, solid VPN router, in the $400-$500 (max)
> range, with at least the following features I would appreciate
> hearing about it. I'm currently looking at Zyxel (the Zywall 5) and
> Multitech (RouteFinder 830).
>
> --Must support 1:1 NAT mapping.
> --Must support at least IPSec VPN with 3DES or AES encryption, and
> --the VPN client must be low-cost or included.
> --Preferably, should also support PPTP for when IPSec is blocked at
> --the originating end (I've seen it happen).
> --Must be RACK-MOUNTED, as in it has rack ears or brackets. This is
> --NOT negotiable.
> --The manufacturer must NOT, unlike Watchguard and Juniper Networks,
> --nickle-and-dime its users to death for extra features.
Have you looked into using OpenBSD? I'm not 100% sure on the VPN portions,
but I believe it supports everything you're looking for.
Zane