We use Barracuda's SSLVPN. It is based off the old sslExplorer open source product, and does the Java-based install of their vpn client. In many ways, I think this is similar to the Sonicwall SSLVPN.
The barracuda didn't have any per-user license fees. This was a major factor in our choice of VPN solutions. --Matt Ross Ephrata School District ----- Original Message ----- From: Bill Humphries [mailto:[email protected]] To: NT System Admin Issues [mailto:[email protected]] Sent: Tue, 29 Jan 2013 10:55:59 -0800 Subject: Re: Favorite VPN solution? > Have you looked at any of the sslvpn options. I use a sonicwall sslvpn and > like it a lot. Has clients for mac and linux as well as windows. > > Bill > > -----Original Message----- > From: Tim Evans > Sent: Tuesday, January 29, 2013 12:47 PM > To: NT System Admin Issues > Subject: RE: Favorite VPN solution? > > I was looking at OpenVPN, but it looks to me like it won't work in our > environment. We have multiple subnets on our internal network, and it looks > like the OpenVPN client needs admin rights on the endpoint to update routes. > > Our users don't have admin rights and that's not something I'm looking to > change. Have you found a workaround for this or is it not an issue in your > environment? > > > ...Tim > > > -----Original Message----- > From: Ben Scott [mailto:[email protected]] > Sent: Tuesday, January 29, 2013 8:53 AM > To: NT System Admin Issues > Subject: Re: Favorite VPN solution? > > On Tue, Jan 29, 2013 at 7:46 AM, Tom Miller <[email protected]> wrote: > > The clients work fine, but I'm wondering if there are other solutions > > out there. > > We're using OpenVPN because (1) it's based on extremely well-tested code, > (2) it's light-weight, and (3) it's free. > > The main UI is extremely limited. Basically an on/off indication. > That can be disconcerting to users. OTOH, the log is quite detailed and > useful. > > It provides no PKI management infrastructure of its own. We use OpenSSL. > I'm told Windows Certificate Services also work. > > OpenVPN has nothing in the way of sophisticated management facilities. > Just text config files and text log files. We only have one > site/policy/config, so it's no problem for us, but in a larger environment > with many differing policies that could get burdensome. > > > Thoughts? Anyone using clientless VPN with a PIX? > > "clientless" VPNs just mean they dynamically install/run the client via a > Java applet/ActiveX control. > > Deciding whether or not this is a good idea is left as an exercise to the > reader, but I note that allowing such things in general is a common security > > problem. > > -- Ben > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
