Hi, On Wed, Aug 14, 2019 at 08:52:28AM -0500, Aaron Gould wrote: > Perhaps I should just look at better remote access vpn solutions. > > I've heard Palo Alto are good.
When testing, give some extra attention to double-stack behaviour. While we're generally quite happy with Fortigate's SSL-VPN thingie, their "double-stack" sucks big time - basically, it's two single-stack VPN solutions bolted together. You connect over v4, you can only reach v4 resources. You connect over v6, you can only reach v6 resources. Their support says "well, it is what is is, but you can open a feature request" and our AM says "we do not see the business case"... So: test this before buying. You'll need v6 and v4/v6 interop one day. gert -- "If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress Gert Doering - Munich, Germany g...@greenie.muc.de _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp