Recommendations for VPN end point appliances?

Hewitt Tech hewitt_tech at comcast.net
Tue Jun 15 09:37:01 EDT 2004


----- Original Message ----- 
From: <bscott at ntisys.com>
To: "Greater NH Linux User Group" <discuss at gnhlug.org>
Sent: Sunday, June 13, 2004 1:14 PM
Subject: Re: Recommendations for VPN end point appliances?


> On Fri, 11 Jun 2004, at 10:51pm, hewitt_tech at comcast.net wrote:
> > ... does anyone have any recommendations for VPN end point appliances.
>
>   Of all the appliances I've used, my favorite is NetScreen.  Outstanding
> features and performance at a competitive price.  Gotta love that SSH CLI.
>
>   SonicWall is okay.  They used to require a subscribe just to use
> certificates, but I believe that has changed.
>
>   I've had someone recommend SnapGear to me; it is apparently a
Linux-based
> appliance.  Haven't had a chance to actually look into it, though.
>
>   For maximum flexibility, there is always the possibility of an SBC
running
> Linux out of flash.
>
> > I ordered a pair of BEFSX41 LinkSys routers ...
>
>   My experience with LinkSys VPN boxes is that they are flakey and have an
> abysmal feature set.  They tend to need to be rebooted on a regular basis.
> No support for public key crypto (come on', shared secrets went out in the
> 1980s).  Their firewall/filtering settings are a joke.
>
>   I frequently recommend LinkSys NAT boxes for SOHO use, but IMO, they
just
> don't cut it for VPN use.
>

These will be the last Linksys VPN boxes I buy based on my experience trying
to configure them. It took me a couple of hours just to get the two boxes to
talk to each other. They have remained connected for 24 hours or so but the
setup was very painful. Worse, they don't speak the same VPN protocols that
Windows expects and configuring a Windows system to talk to them is even
more convoluted. None of the documentation you need to set these end points
up comes with them so you need to find the setup info on Google or at the
Linksys web site. They may have solved some of their stability problems with
the latest firmware but it looks like these products have been out there for
more than a year. The Windows <-> BEFSX41 connection setup runs to 19 pages!

-Alex

> -- 
> Ben Scott <bscott at ntisys.com>
> | The opinions expressed in this message are those of the author and do  |
> | not represent the views or policy of any other person or organization. |
> | All information is provided without warranty of any kind.              |
>
> _______________________________________________
> gnhlug-discuss mailing list
> gnhlug-discuss at mail.gnhlug.org
> http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
>




More information about the gnhlug-discuss mailing list