[nycbug-talk] VPN/Integrated Router Appliances

Charles Sprickman spork at bway.net
Mon Oct 16 15:04:20 EDT 2006


On Sun, 15 Oct 2006, Hans Zaunere wrote:

> Hi,
>
> We're looking to deploy a [small] office integrated router to provide the
> following primary functionality:

Hans,

I would suggest running this by the PFSense support list: 
support at pfsense.com.  Most of what you want can be done with PFSense 
(which just had their first non-beta release), but I've never touched any 
of the VPN stuff.  However folks on the list are in an excellent position 
to let you know whether your wish list fits with their product.

Charles

> -- remote/field user VPN access without having to install VPN clients on
> their laptops/desktops; most remote users are Windows XP based
>
> -- wireless connectivity for the office space; wireless access can be open,
> but only authorized users should have the benefit of being in the "internal"
> network - the rest just have generic internet access
>
> -- wireless connectivity, however, could be provided by a separate device
> (which is already in place) so it's not critical to be an all in one product
>
> -- IP NAT for VPN or generic wireless users
>
> -- internal authoritative DNS server to provide internal server naming for
> development servers, etc; company internet facing authoritative DNS is
> handled elsewhere
>
> -- authorized VPN users have access to development servers on local and
> remote networks
>
> -- authorized VPN users have access to SMB/Windows network routing to a
> remote/local Samba/Windows file
>
>
> Now I realize I could build up a server with the firewall rules,
> functionality, etc., but I'm really looking towards an out-of-box solution.
> Some type of pre-configured appliance with HTTPS administration.  I've
> looked at several different options, including:
>
> -- wireless integrated routers from vendors such as Linksys, D-Link, etc.,
> such as the Linksys WRVS4400N or RV016, or the D-Link DFL-CPG31
>
> -- alternative firmwares for above routers
>
> -- combining a BSD installment with a hardware appliance, such as Soekris
> with m0n0wall
>
>
> Commercial or free solutions are ok, although from what I've seen above,
> they all seem to fall short in some way, especially in providing a full DNS
> server for the VPN users.  Any feedback/thoughts/experiences are
> appreciated.
>
> H
>
> _______________________________________________
> % NYC*BUG talk mailing list
> http://lists.nycbug.org/mailman/listinfo/talk
> %Be sure to check out our Jobs and NYCBUG-announce lists
> %We meet the first Wednesday of the month
>



More information about the talk mailing list