+1, although I will admit to being a Cisco bigot along with Aaron. Shook -----Original Message----- From: Rohyans, Aaron [mailto:arohy...@dpsciences.com] Sent: Thursday, February 26, 2009 8:35 AM To: NT System Admin Issues Subject: RE: Site to Site VPN... What works?
Cisco ASA 5505 @ $350 each. The GUI is vastly improved (v6.5+) and makes administration a snap. It's a great little box for the price considering all you get: Firewall QoS (Basic LLQ) Routing (Static, EIGRP, OSPF, RIP) VPN Termination (Traditional IPSec and SSL) IPS (Basic 100 signatures) Failover (w/ the right licensing) VLANs (3 w/ base license) The list goes on... but I just thought I'd mention it. Almost all the features above are obtained with the *Base License*. Additional licensing is only required if you want more than 2 simultaneous SSL VPN connections, Failover support, 3+ VLAN support, etc. Hope this helps! Aaron T. Rohyans Senior Network Engineer CCIE #21945, CCSP, CCNA, CQS-Firewall, CQS-IDS, CQS-VPN, ISSP, CISP, JNCIA-ER DPSciences Corporation 7400 N. Shadeland Ave., Suite 245 Indianapolis, IN 46250 Office: (317) 348-0099 Fax: (317) 849-7134 arohy...@dpsciences.com http://www.dpsciences.com/ -----Original Message----- From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Wednesday, February 25, 2009 11:09 PM To: NT System Admin Issues Subject: Re: Site to Site VPN... What works? +1 on this. I've benchmarked the linksys WRT54G against other comparible models before, it it rated at the bottom of the list when depending on hardware encryption performance. I like it as a home routing device, but I dont recommend it for site-to-site when performance needs to be maximized. -- ME2 On Wed, Feb 25, 2009 at 10:14 PM, Phil Brutsche <p...@optimumdata.com> wrote: > I don't know if I would go that route, just on a basis of CPU "horsepower". > > Most of the options I listed have either hardware cryptographic > accelerators or enough horsepower to do it in software. > > The Linksys WRT54G(L) boxes have very, very weak CPUs and do not possess > the necessary hardware acceleration. > > Derek Lidbom wrote: >> If it were me, I would have to drop $100 on two Linksys WRT-54GLs and >> try: >> http://www.dd-wrt.com/wiki/index.php/OpenVPN_-_Site-to-Site_Bridged_VPN_ >> Between_Two_Routers >> >> I've had lots of luck with dd-wrt in other scenarios, and you could >> double your purchase and have redundant backups as easy and re-flashing >> an image (I'm assuming the VPN doesn't add complications with that). > > -- > > Phil Brutsche > p...@optimumdata.com > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~