Tim Riker wrote:
Zane H. Healy wrote:
<snip>
Have you looked into using OpenBSD? I'm not 100% sure on the VPN
portions,
but I believe it supports everything you're looking for.
Zane
I was about to say the same. A Linux or *BSD box would do all this.
Nowhere in your list to you say push button installation etc.
Certianly a cheap rack mount server running a free OS would be the
most flexible and easiest to replace/upgrade later too.
I emailed Bruce the suggestion posted earlier about IPcop, rather than
openbsd as a
base.
It is as close to a "pushbutton" installation as you can get with a
firewall, and is now up
to snuff for doing vpn's. If you want to try to rig ipsec by hand, that
is fine, but it is a
huge pain. IPcop now supports all of his questions and I think by
dialogs from web
admin.
Also, the other issue with firewalls is that if you roll your own, you
don't have a firewall,
but that is a non topic for further discussion here.
apologies for the diversion to even post this, but IPcop is good enough
to recommend
over a manual firewall, and is audited and supported for security.
I'll shut up now on this.
Jim